Report Overview
Visitedpublic
2026-03-07 01:30:38
Submit Tags
URL
blur-world.xyz
Finishing URL
blur-world.xyz/
IP / ASN
104.21.51.115
Title
Airdrop Claim
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
1
Threat Detection Systems
3
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
fonts.googleapis.com | 313 | 2005-01-25 | 2012-05-23 | 2026-03-01 | 481 B | 16 kB |  142.251.142.234 | |
pulse.walletconnect.org | 247907 | 2018-03-26 | 2023-10-09 | 2026-03-04 | 575 B | 251 B | 172.66.157.155 |  |
fonts.gstatic.com | unknown | 2008-02-11 | 2014-04-02 | 2026-03-01 | 3.3 kB | 296 kB | 142.251.142.227 | |
cca-lite.coinbase.com | 2742073 | 2011-07-02 | 2023-08-12 | 2026-03-06 | 997 B | 2.5 kB | 172.64.152.241 | |
cdn.tailwindcss.com | 117330 | 2017-07-20 | 2018-07-09 | 2026-03-02 | 820 B | 816 kB | 104.26.3.143 |  |
blur-world.xyz 4 alert(s) on this Host | unknown | unknown | No data | No data | 3.8 kB | 8.6 MB | 172.67.179.132 |   |
api.ceooflidare.icu 6 alert(s) on this Host | unknown | 2025-12-14 | 2026-01-19 | 2026-03-07 | 1.5 kB | 4.1 kB |  158.94.210.9 |     |
Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Vercel (PaaS)
Vercel is a cloud platform for static frontends and serverless functions.Vue.js (JavaScript frameworks)
Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.Tailwind CSS (UI frameworks)
Tailwind is a utility-first CSS framework.Ubuntu (Operating systems)
Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.Express (Web frameworks, Web servers)
Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.Node.js (Programming languages)
Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.Nginx:1.18.0 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| medium | Client IP | 158.94.210.9 | ET INFO Suspicious Domain (*.icu) in TLS SNI |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | blur-world.xyz/ | malware | Detects file containing Telegram Bot API |
| OpenDNS | api.ceooflidare.icu | phishing | Phishing Block |
| DNS4EU | api.ceooflidare.icu | malicious | Sinkholed |
Telegram Bot detected (1)
URL
blur-world.xyz/
IP / ASN
172.67.179.132
Token
8720547580:AAHsdBAD9gkV5I--cIcqa8O3GqFS-WEk23E
Bot Overview
User ID8720547580
UsernameVisitdhehjebot
First NameVisit
Last NameN/A
Chat Info
Chat ID-1002631734661
Chat Typesupergroup
TitleFullWork
User Count16
Admins4
Pending Msgs1
JavaScript (4)
No JavaScripts
HTTP Transactions (24)
| URL | IP | Response | Size |
|---|