Report Overview
Visitedpublic
2026-03-17 15:50:42
Tags
Submit Tags
URL
pumpbacks.xyz/
Finishing URL
pumpbacks.xyz/
IP / ASN
87.120.84.245
Title
Pump.fun Cashback - Get 30% Back on Your Losses
Detections
urlquery
0
Network Intrusion Detection
7
Threat Detection Systems
11
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
verify-modal-7619.vercel.app | unknown | unknown | No data | No data | 4.4 kB | 2.9 MB |  64.29.17.195 |  |
cashbackspump.fun 1 alert(s) on this Host | unknown | 2026-03-10 | 2026-03-17 | 2026-03-17 | 453 B | 590 B |  188.114.97.1 |  |
pub-14c1504681d2427684ac1f489338d075.r2.dev 8 alert(s) on this Host | unknown | 2022-08-23 | 2026-02-25 | 2026-03-12 | 4.0 kB | 41 MB | 104.18.54.45 | |
pumpbacks.xyz | unknown | 2026-03-16 | 2026-03-17 | 2026-03-17 | 3.9 kB | 198 kB | 87.120.84.245 |      |
cloudflare-dns.com 1 alert(s) on this Host | 112 | 2018-03-28 | 2015-04-09 | 2026-03-16 | 505 B | 524 B | 104.16.248.249 | |
Vercel (PaaS)
Vercel is a cloud platform for static frontends and serverless functions.Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Nginx:1.18.0 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Ubuntu (Operating systems)
Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.Nuxt.js (JavaScript frameworks, Web frameworks, Web servers, Static site generator)
Nuxt is a Vue framework for developing modern web applications.Node.js (Programming languages)
Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.Vue.js (JavaScript frameworks)
Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | Client IP | 104.16.248.249 | ET INFO Observed Cloudflare DNS over HTTPS Domain (cloudflare-dns .com in TLS SNI) | |
| low | Client IP | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.54.45 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| Private YARA rules | verify-modal-7619.vercel.app/solana?id=69b7e132cd9a2a4b1a14424c&bundle=1 | audit | Hunting_JS_WebAssembly |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| DNS4EU | cashbackspump.fun | malicious | Sinkholed |
| DigiCert UltraDNS | cloudflare-dns.com | malicious | Sinkholed |
JavaScript (6)
No JavaScripts
HTTP Transactions (27)
| URL | IP | Response | Size |
|---|