Report Overview
Visitedpublic
2026-04-25 03:06:52
Submit Tags
URL
evaa.zanggu.net
Finishing URL
evaa.zanggu.net/
IP / ASN
45.140.205.214
#35830 BTT Group Finance Ltd
Title
EVAA — Ecosystem Allocation

Suspicious - Suspicious Javascript code

Detections

urlquery
2
Network Intrusion Detection
2
Threat Detection Systems
1

Host Summary

HostRankRegisteredFirst SeenLast Seen
ipapi.co
79362016-04-192017-01-312026-04-22
evaa.zanggu.net
unknown2014-05-062026-04-252026-04-25
fonts.gstatic.com
unknown2008-02-112014-04-022026-04-19
api.telegram.org
2067242003-12-152015-06-252026-04-18
fonts.googleapis.com
3132005-01-252012-05-232026-04-19

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
lowClient IP
149.154.166.110
ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)
lowClient IP
149.154.166.110
ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)
Threat Detection Systems
Detection SystemIndicatorVerdictAlert
YARAhub by abuse.chevaa.zanggu.net/visitors.jsmalware
Detects file containing Telegram Bot API

Telegram Bot detected (1)

URL
evaa.zanggu.net/visitors.js
IP / ASN
45.140.205.214
#35830 BTT Group Finance Ltd
Token
8720547580:AAHsdBAD9gkV5I--cIcqa8O3GqFS-WEk23E
Bot Overview
User ID8720547580
UsernameVisitdhehjebot
First NameVisit
Last NameN/A
Chat Info
Chat ID-1002631734661
Chat Typesupergroup
TitleWork
User Count15
Admins3
Pending Msgs0

JavaScript (2)

HTTP Transactions (12)

URLIPResponseSize