Report Overview
Visitedpublic
2026-03-03 12:32:06
Submit Tags
URL
j3.appwrite.network
Finishing URL
j3.appwrite.network/
IP / ASN
151.101.195.52
Title
Sign~in to view
Phishing - Generic phishing
Suspicious - Suspicious Javascript code
Detections
urlquery
3
Network Intrusion Detection
1
Threat Detection Systems
6
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
stackpath.bootstrapcdn.com | 21970 | 2012-05-25 | 2018-04-05 | 2026-03-02 | 454 B | 52 kB |  104.18.11.207 |  |
j3.appwrite.network 11 alert(s) on this Host | unknown | 2022-06-28 | 2026-03-01 | 2026-03-01 | 933 B | 910 kB | 151.101.131.52 |  |
code.jquery.com | 4915 | 2005-12-10 | 2012-05-21 | 2026-03-01 | 466 B | 70 kB | 151.101.2.137 |  |
onedriveverification.surge.sh 2 alert(s) on this Host | unknown | 2014-07-25 | 2025-12-03 | 2026-02-24 | 432 B | 2.1 kB | 138.197.235.123 | |
cdnjs.cloudflare.com | 1222 | 2009-02-17 | 2012-05-23 | 2026-03-01 | 940 B | 108 kB | 104.17.24.14 | |
api.ipify.org | 8166 | 2014-01-05 | 2014-10-06 | 2026-03-02 | 494 B | 271 B | 172.67.74.152 | |
maxcdn.bootstrapcdn.com | 6807 | 2012-05-25 | 2014-06-18 | 2026-03-02 | 485 B | 50 kB | 104.18.10.207 | |
ajax.googleapis.com | 3691 | 2005-01-25 | 2012-05-22 | 2026-03-01 | 448 B | 87 kB | 142.250.178.106 |
Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Varnish (Caching)
Varnish is a reverse caching proxy.Nginx (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | Client IP | 172.67.74.152 | ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | onedriveverification.surge.sh/jquerys.js | malware | Detects file containing Telegram Bot API |
| OpenDNS | j3.appwrite.network | phishing | Phishing Block |
| DNS4EU | j3.appwrite.network | malicious | Sinkholed |
| Cloudflare DNS | j3.appwrite.network | malicious | Sinkholed |
| DigiCert UltraDNS | j3.appwrite.network | malicious | Sinkholed |
| Quad9 DNS | j3.appwrite.network | malicious | Sinkholed |
Telegram Bot detected (1)
URL
onedriveverification.surge.sh/jquerys.js
IP / ASN
138.197.235.123
Token
6325385158:AAG4eh9wxrfOMa93s45iS_klK0ddr1-XUrI
Bot Overview
User ID6325385158
UsernameJustinwelltoolsBot
First NameJustinwellBOT
Last NameN/A
Chat Info
Chat ID6507855198
Chat Typeprivate
TitleN/A
User Count2
Admins0
Pending Msgs0
JavaScript (13)
| HASH | FROM | Size | First Seen | Last Seen | |
|---|---|---|---|---|---|
| a84485f93ee733a8b7e88a61f89ecbdf | DocumentWrite | 272 kB | 2026-03-01 | 2026-03-03 | |
Introduced by DocumentWrite First Seen 2026-03-01 Last Seen 2026-03-03 Times Seen 4 Size 272 kB (272535 bytes) MD5 a84485f93ee733a8b7e88a61f89ecbdf SHA1 b0493da47b85ae226ea7e27628c512e41ef59910 Loading... | |||||
| 9b2ce05bcab758355b5d07aabe8f61d4 | DocumentWrite | 91 kB | 2026-03-01 | 2026-03-03 | |
Introduced by DocumentWrite First Seen 2026-03-01 Last Seen 2026-03-03 Times Seen 4 Size 91 kB (90811 bytes) MD5 9b2ce05bcab758355b5d07aabe8f61d4 SHA1 8b0736a9f13023cdeb8440e397bff23291f0461c Loading... | |||||
HTTP Transactions (10)
| URL | IP | Response | Size |
|---|