Report Overview
Visitedpublic
2026-03-22 19:49:49
Tags
Submit Tags
URL
terminalcashback.xyz
Finishing URL
terminalcashback.xyz/
IP / ASN
104.21.44.108
Title
Pump fun x Padre | Official Partnership Program
Detections
urlquery
0
Network Intrusion Detection
7
Threat Detection Systems
10
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
pub-14c1504681d2427684ac1f489338d075.r2.dev 8 alert(s) on this Host | unknown | 2022-08-23 | 2026-02-25 | 2026-03-20 | 4.2 kB | 41 MB | 104.18.50.34 |  |
auth-auth-7741.vercel.app 1 alert(s) on this Host | unknown | unknown | 2026-03-22 | 2026-03-22 | 4.4 kB | 1.0 MB |  64.29.17.195 |  |
cdn.jsdelivr.net | 1678 | 2012-05-16 | 2012-09-30 | 2026-03-15 | 447 B | 77 kB | 151.101.129.229 | |
unpkg.com | 1093 | 2016-01-06 | 2016-01-07 | 2026-03-15 | 859 B | 154 kB | 104.18.1.22 |  |
cdn.tailwindcss.com | 117330 | 2017-07-20 | 2018-07-09 | 2026-03-16 | 832 B | 816 kB | 104.26.2.143 | |
cloudflare-dns.com 1 alert(s) on this Host | 112 | 2018-03-28 | 2015-04-09 | 2026-03-16 | 519 B | 521 B | 104.16.248.249 | |
terminalcashback.xyz | unknown | 2026-03-20 | 2026-03-22 | 2026-03-22 | 1.3 kB | 78 kB | 104.21.44.108 |    |
Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Vercel (PaaS)
Vercel is a cloud platform for static frontends and serverless functions.Fly.io (PaaS)
Fly is a platform for running full stack apps and databases.Unpkg (CDN)
Unpkg is a content delivery network for everything on npm.Tailwind CSS (UI frameworks)
Tailwind is a utility-first CSS framework.jsDelivr (CDN)
JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | Client IP | 104.16.248.249 | ET INFO Observed Cloudflare DNS over HTTPS Domain (cloudflare-dns .com in TLS SNI) | |
| low | Client IP | 104.18.50.34 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.50.34 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.50.34 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.50.34 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.50.34 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI | |
| low | Client IP | 104.18.50.34 | ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| Private YARA rules | auth-auth-7741.vercel.app/solana?id=69afcbf5d52f72e0618b388f&bundle=1 | audit | Hunting_JS_WebAssembly |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-mobile.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| Nextron YARA rules | pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-desktop.gif | malware | Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type |
| DigiCert UltraDNS | cloudflare-dns.com | malicious | Sinkholed |
JavaScript (8)
No JavaScripts
HTTP Transactions (25)
| URL | IP | Response | Size |
|---|