Report Overview
Visitedpublic
2026-03-09 13:53:41
Tags
Submit Tags
URL
waronusd1.isolana.org/
Finishing URL
waronusd1.isolana.org/
IP / ASN
35.157.26.135
Title
$WAR Token Migration | From Bonk to Pump.fun
Suspicious - Anti-debugging code
Detections
urlquery
2
Network Intrusion Detection
7
Threat Detection Systems
10
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
waronusd1.isolana.org 1 alert(s) on this Host | unknown | unknown | No data | No data | 1.4 kB | 74 kB | 63.176.8.218 |  |
pub-14c1504681d2427684ac1f489338d075.r2.dev 8 alert(s) on this Host | unknown | 2022-08-23 | 2026-02-25 | 2026-03-04 | 3.8 kB | 41 MB |  104.18.54.45 |  |
qalzeq.vercel.app | unknown | unknown | No data | No data | 2.2 kB | 2.9 MB |  216.198.79.3 |  |
cloudflare-dns.com 1 alert(s) on this Host | 112 | 2018-03-28 | 2015-04-09 | 2026-03-02 | 521 B | 513 B | 104.16.249.249 | |
Netlify (PaaS, CDN)
Netlify providers hosting and server-less backend services for web applications and static websites.Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Vercel (PaaS)
Vercel is a cloud platform for static frontends and serverless functions.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | Client IP | 104.16.249.249 | ET INFO Observed Cloudflare DNS over HTTPS Domain (cloudflare-dns .com in TLS SNI) | |
| low | Client IP | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| Private YARA rules | qalzeq.vercel.app/demo.php?id=698deaa2058e4d55b36e7f31&parent_url=waronusd1.isolana.org%2F | audit | Hunting_JS_WebAssembly |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| DigiCert UltraDNS | cloudflare-dns.com | malicious | Sinkholed |
JavaScript (5)
No JavaScripts
HTTP Transactions (16)
| URL | IP | Response | Size |
|---|