Report Overview
Visitedpublic
2026-05-19 00:44:13
Tags
Submit Tags
URL
vara.yiteni.com
Finishing URL
vara.yiteni.com/
IP / ASN
45.140.205.214
Title
Variational — $VAR Rewards Allocation Proposal
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
2
Threat Detection Systems
1
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
ipapi.co | 7936 | 2016-04-19 | 2017-01-31 | 2026-05-13 | 431 B | 2.5 kB |  104.26.9.44 |  |
cdn.prod.website-files.com | 20159 | 2019-01-23 | 2023-11-01 | 2026-05-18 | 614 B | 119 kB | 104.18.160.117 |  |
api.telegram.org | 206724 | 2003-12-15 | 2015-06-25 | 2026-05-17 | 1.1 kB | 745 B |  149.154.166.110 |  |
pulse.walletconnect.org | 247907 | 2018-03-26 | 2023-10-09 | 2026-05-13 | 577 B | 251 B | 172.66.157.155 | |
variationals.com | unknown | 2026-05-17 | 2026-05-19 | 2026-05-19 | 437 B | 2.2 kB | 172.67.221.228 | |
cca-lite.coinbase.com | 2742073 | 2011-07-02 | 2023-08-12 | 2026-05-18 | 1.0 kB | 2.3 kB | 104.18.35.15 | |
vara.yiteni.com 2 alert(s) on this Host | unknown | 2013-05-21 | 2026-05-19 | 2026-05-19 | 4.8 kB | 8.6 MB | 45.140.205.214 |  |
Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Amazon Web Services (PaaS)
Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.Nginx:1.30.1 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Nginx:1.24.0 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Ubuntu (Operating systems)
Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | Client IP | 149.154.166.110 | ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI) | |
| low | Client IP | 149.154.166.110 | ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI) |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | vara.yiteni.com/visitors.js | malware | Detects file containing Telegram Bot API |
JavaScript (4)
No JavaScripts
HTTP Transactions (19)
| URL | IP | Response | Size |
|---|