Report Overview
Visitedpublic
2026-02-14 00:18:03
Submit Tags
URL
cyrusfinance.pro/
Finishing URL
www.cyrusfinance.pro/
IP / ASN
216.150.1.129
Title
CyrusFinance
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
3
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
cyrusfinance.pro 1 alert(s) on this Host | unknown | unknown | 2026-02-13 | 2026-02-13 | 485 B | 182 kB | 216.150.16.129 |  |
www.cyrusfinance.pro 126 alert(s) on this Host | unknown | unknown | 2026-02-13 | 2026-02-13 | 60 kB | 8.9 MB | 216.150.16.1 |  |
Vercel (PaaS)
Vercel is a cloud platform for static frontends and serverless functions.C3.js (JavaScript libraries)
D3 based reusable chart libraryRelated reports
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | www.cyrusfinance.pro/_next/static/chunks/app/(cabinet)/layout-ef422ee513ee5b40.js?dpl=dpl_7sre1tTUAz1sEe6Tmwbt3k8Gdv23 | malware | Detects file containing Telegram Bot API |
| Hagezi Threat Feed | www.cyrusfinance.pro | malicious | Sinkholed |
| Hagezi Threat Feed | cyrusfinance.pro | malicious | Sinkholed |
Telegram Bot detected (1)
URL
www.cyrusfinance.pro/_next/static/chunks/app/(cabinet)/layout-ef422ee513ee5b40.js?dpl=dpl_7sre1tTUAz1sEe6Tmwbt3k8Gdv23
IP / ASN
216.150.16.1
Token
8531569075:AAGnX5yQh-Y-514NTEUAVEoRq143QL5v4hY
Bot Overview
User ID8531569075
Usernamecyrus_deposits_bot
First NameCyrus Somos Estafadores
Last NameN/A
Chat Info
Chat ID-1003584163353
Chat Typesupergroup
TitleCyrus Finance Deposits
User Count3
Admins2
Pending Msgs1
JavaScript (42)
No JavaScripts
HTTP Transactions (125)
| URL | IP | Response | Size |
|---|