Report Overview
Visitedpublic
2026-03-07 00:53:00
Tags
Submit Tags
URL
xn--pump-eza.fun
Finishing URL
xn--pump-eza.fun/live/9BB6NFEcjBCtnNLFko2FqVQBq8HHM13kCyYcdQbgpump
IP / ASN
172.67.141.80
Title
pump
Suspicious - Anti-debugging code
Detections
urlquery
2
Network Intrusion Detection
10
Threat Detection Systems
11
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
public-api.birdeye.so | 5262007 | 2021-11-17 | 2024-01-06 | 2026-03-03 | 3.8 kB | 2.7 kB | 104.20.24.29 |    |
imagedelivery.net | 15876 | 2021-04-09 | 2021-09-20 | 2026-03-04 | 525 B | 424 B | 104.18.2.36 | |
pump.mypinata.cloud | 1441738 | 2020-01-28 | 2024-04-12 | 2026-02-28 | 1.1 kB | 1.7 kB | 0.0.0.0 | |
corsproxy.io | 175528 | 2022-01-30 | 2016-05-19 | 2026-03-04 | 13 kB | 20 kB | 104.26.7.163 | |
2w16dg.vercel.app | unknown | 2020-01-28 | 2026-03-07 | 2026-03-07 | 2.2 kB | 2.9 MB |  64.29.17.195 |  |
frontend-api.pump.fun | 1853078 | 2023-09-19 | 2024-06-06 | 2026-03-03 | 12 kB | 168 kB | 172.64.153.234 | |
mainnet.helius-rpc.com | 1872545 | 2023-04-06 | 2023-04-11 | 2026-03-04 | 1.2 kB | 2.5 kB | 104.18.36.169 | |
api.codetabs.com | 3131649 | 2016-09-07 | 2018-11-13 | 2026-03-06 | 25 kB | 30 kB | 104.21.58.226 | |
api.dicebear.com | 868285 | 2013-06-21 | 2021-11-13 | 2026-03-03 | 5.0 kB | 78 kB |  194.242.11.186 |  |
xn--pump-eza.fun 1 alert(s) on this Host | unknown | 2026-02-27 | 2026-03-07 | 2026-03-07 | 7.1 kB | 1.4 MB | 104.21.87.43 | |
cloudflare-dns.com 1 alert(s) on this Host | 112 | 2018-03-28 | 2015-04-09 | 2026-03-02 | 511 B | 513 B | 104.16.249.249 | |
ipfs.io 1 alert(s) on this Host | 19271 | 2014-05-16 | 2015-09-09 | 2026-03-06 | 494 B | 1.1 kB | 209.94.90.1 |  |
api.allorigins.win | 1896907 | 2019-03-05 | 2019-03-27 | 2026-03-01 | 1.7 kB | 2.1 kB | 188.114.97.1 | |
pub-14c1504681d2427684ac1f489338d075.r2.dev 8 alert(s) on this Host | unknown | 2022-08-23 | 2026-02-25 | 2026-03-04 | 3.8 kB | 4.8 MB | 104.18.50.34 | |
thingproxy.freeboard.io | 6634612 | 2013-11-19 | 2014-10-08 | 2026-03-01 | 12 kB | 0 B | 0.0.0.0 | |
raw.githubusercontent.com | 22021 | 2014-02-06 | 2014-03-01 | 2026-03-04 | 531 B | 33 kB | 185.199.110.133 |    |
api.dexscreener.com | 2085659 | 2021-06-11 | 2022-05-19 | 2026-02-28 | 10 kB | 937 kB | 104.18.38.143 | |
Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Express (Web frameworks, Web servers)
Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.Node.js (Programming languages)
Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.Vercel (PaaS)
Vercel is a cloud platform for static frontends and serverless functions.Cloudflare Bot Management (Security)
Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.Bunny (CDN)
IPFS (Network storage)
IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.GitHub Pages (PaaS)
GitHub Pages is a static site hosting service.Fastly (CDN)
Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video & streaming services.Varnish (Caching)
Varnish is a reverse caching proxy.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| Private YARA rules | 2w16dg.vercel.app/demo.php?id=699d00a2c3f30de9582805e6&parent_url=xn--pump-eza.fun%2Flive%2F9BB6NFEcjBCtnNLFko2FqVQBq8HHM13kCyYcdQbgpump | audit | Hunting_JS_WebAssembly |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| DigiCert UltraDNS | cloudflare-dns.com | malicious | Sinkholed |
| DigiCert UltraDNS | ipfs.io | malicious | Sinkholed |
JavaScript (5)
No JavaScripts
HTTP Transactions (188)
| URL | IP | Response | Size |
|---|