allocation-jup.trading Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://allocation-jup.trading/
Effective URL:
https://allocation-jup.trading/
Submission: On March 30 via api (March 30th 2024, 11:43:12 pm UTC) from US — Scanned from NL

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 22 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is allocation-jup.trading.
TLS certificate: Issued by GTS CA 1P5 on March 3rd 2024. Valid for: 3 months.

This is the only time allocation-jup.trading was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 9	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.89.20 104.16.89.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
6	172.64.144.197 172.64.144.197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
22	7

9 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

allocation-jup.trading	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
userstatics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.144.197 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

station.jup.ag	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	allocation-jup.trading 1 redirects allocation-jup.trading	330 KB
6	jup.ag station.jup.ag	2 MB
1	userstatics.com userstatics.com — Cisco Umbrella Rank: 153582	706 B
1	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 234	20 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	16 KB
0	ontopothers.com Failed ontopothers.com Failed
22	8

	Domain	Requested by
8	allocation-jup.trading	1 redirects allocation-jup.trading
6	station.jup.ag	allocation-jup.trading
1	userstatics.com	allocation-jup.trading
1	fonts.gstatic.com	allocation-jup.trading
1	fonts.googleapis.com	allocation-jup.trading
1	cdnjs.cloudflare.com	allocation-jup.trading
1	cdn.jsdelivr.net	allocation-jup.trading
0	ontopothers.com Failed	cdn.jsdelivr.net
22	8

This site contains no links.

Subject Issuer	Validity	Valid
allocation-jup.trading GTS CA 1P5	`2024-03-03` - `2024-06-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
jup.ag GTS CA 1P5	`2024-03-14` - `2024-06-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
userstatics.com E1	`2024-03-28` - `2024-06-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://allocation-jup.trading/
Frame ID: 33C11ADEB19147F86C23774EF4E196DA
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jupiter Exchange

Page URL History Show full URLs

http://allocation-jup.trading/ HTTP 307
https://allocation-jup.trading/ Page URL
https://allocation-jup.trading/cdn-cgi/phish-bypass?atok=NmpPsUUX25OPByk335EgoOG_M5p0yVLweNr2zHQIdUw-171184... HTTP 301
https://allocation-jup.trading/ Page URL

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

22
Requests

82 %
HTTPS

33 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

2339 kB
Transfer

3597 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://allocation-jup.trading/ HTTP 307
https://allocation-jup.trading/ Page URL
https://allocation-jup.trading/cdn-cgi/phish-bypass?atok=NmpPsUUX25OPByk335EgoOG_M5p0yVLweNr2zHQIdUw-1711842182-0.0.1.1-%2F HTTP 301
https://allocation-jup.trading/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://allocation-jup.trading/ HTTP 307
https://allocation-jup.trading/

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
allocation-jup.trading/
Redirect Chain

http://allocation-jup.trading/
https://allocation-jup.trading/

4 KB
2 KB

90ms
18ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allocation-jup.trading/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef4dac2e0488f612692b6ffa41019a686ba0f20a2a0574c2dc444eb69349327a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cf-ray: 86cbf5a9cb45b761-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 30 Mar 2024 23:43:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EFgWAlZeHZDZuMjuRBrEs%2FPzZ0XWclKjUPJNoxUBUSr%2Bcin5C1Kc6G%2F7b4dOOR2WmN18xG1y1xujkvHqFrMVH3C3f9%2Ftm7UQNih9biVL7g0DJ2AcwZK0dWAdREKPtYcAQkcADHwvmbkU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Location: https://allocation-jup.trading/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 cf.errors.css
allocation-jup.trading/cdn-cgi/styles/ 24 KB
5 KB 15ms
15ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allocation-jup.trading/cdn-cgi/styles/cf.errors.css

Requested by

Host: allocation-jup.trading
URL: https://allocation-jup.trading/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 23:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
server: cloudflare
etag: W/"65fd6d96-5e44"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 86cbf5a9eb55b761-AMS
expires: Sun, 31 Mar 2024 01:43:02 GMT

GET
H3 200 icon-exclamation.png
allocation-jup.trading/cdn-cgi/images/ 452 B
635 B 15ms
15ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allocation-jup.trading/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: allocation-jup.trading
URL: https://allocation-jup.trading/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/cdn-cgi/styles/cf.errors.css
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 23:43:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
server: cloudflare
etag: "65fd6d96-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 86cbf5aa0b64b761-AMS
content-length: 452
expires: Sun, 31 Mar 2024 01:43:02 GMT

GET
H3

200

Primary Request / Show response
allocation-jup.trading/
Redirect Chain

https://allocation-jup.trading/cdn-cgi/phish-bypass?atok=NmpPsUUX25OPByk335EgoOG_M5p0yVLweNr2zHQIdUw-1711842182-0.0.1.1-%2F
https://allocation-jup.trading/

105 KB
15 KB

45ms
45ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allocation-jup.trading/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a39927ef0456c0a4d6de5725a292c0cca598a70c6f7b3fd2c9e025a232f0ed1

Request headers

Referer: https://allocation-jup.trading/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86cbf5c96ac1b761-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 30 Mar 2024 23:43:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZXMdpZ4Myr3jV9N5g1ZizYAH%2Bcpz2CORMP%2FJaBNa3II0GuHgRHGcwV6oMPKG6iLePjxI9v%2BZdZyyOQEmy45nDDaWEbzezRHzStPKXHiC4KrrKbeJwoWX590aoiw8xlcJv9dqRTFCfC6m"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: private, no-cache
cf-ray: 86cbf5c95ab8b761-AMS
content-length: 167
content-type: text/html
date: Sat, 30 Mar 2024 23:43:07 GMT
location: https://allocation-jup.trading/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 axios.min.js Show response
cdn.jsdelivr.net/npm/axios/dist/ 41 KB
16 KB 52ms
33ms Script
application/javascript 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js

Requested by

Host: allocation-jup.trading
URL: https://allocation-jup.trading/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 23:43:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 24949
x-jsd-version: 1.6.8
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220107-FRA, cache-lga21926-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"a209-1jEH0JEv2zh1MNXOLVEsko1z0SI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2BRz1jAfJ7%2Fn92VYRIV7X2Fl0H8WevaP6YNIkVFJ1UV%2BlIhRMX2S82HJoVtiYDcz7w7opKqBt9kT1yKv2qufuH4kj2qJPyDoMUKbs2OAjzKdRQeyOkFtP4e3GaaHhNNnD78%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 86cbf5c9dc1fb76a-AMS

GET
H3 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/ 59 KB
20 KB 51ms
31ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js

Requested by

Host: allocation-jup.trading
URL: https://allocation-jup.trading/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 23:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 796307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19621
last-modified: Tue, 24 Oct 2023 23:03:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65384d58-4ca5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3edp46I%2Fj308aL9%2BRqOpt1hNL%2BUeSK%2B3GcmpB5bZg0Hy7zsgh9VZiaiuphNl3rMHKnBslhXjedgUkvs8Z%2BFfCEu7LRw4ynX89JDtiDgEOLaJ%2Bbr8rAfxLw6tiTp4pKsvIOaxA0Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86cbf5c9df9796ec-AMS
expires: Thu, 20 Mar 2025 23:43:07 GMT

GET
H3 200 solana.js Show response
allocation-jup.trading/ 799 KB
165 KB 96ms
95ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allocation-jup.trading/solana.js
Requested by: Host: allocation-jup.trading
URL: https://allocation-jup.trading/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b41044c8ed8f9794940019de4d174e298485d530bc315f3e9f433c02d4ba114

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 23:43:07 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 03 Jan 2024 20:14:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c7cbf-18cd0f67d00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dDhPaZczoB8ptvd%2FGLTZyitlP2iaZFalQQHo6wXsmZka8%2B4SoXWse16BiyRBTq86odMtRIOX8n3tJXIMyhJnIn7%2FHUfhRHevMfpioyD26iYNGZ1U14%2BYX5v6xneiQ3LIdoI0X6pvVnIt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 86cbf5c9bb03b761-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 spl.js Show response
allocation-jup.trading/ 434 KB
111 KB 141ms
140ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allocation-jup.trading/spl.js
Requested by: Host: allocation-jup.trading
URL: https://allocation-jup.trading/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3a0120670fe2200a0605c73cf2bbb1c93c159c2abea70ca7f209237e5092c41

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 23:43:07 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 03 Jan 2024 20:14:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6c887-18cd0f680e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dKzua%2By27K1yRjFHmJTIytxcAZ%2F5irwXnDF0wRJ3PKIK%2F5cB8qc%2B3WZi49HvyfBNHRwW4GKjPD5OLWCgSeC%2BlQpAtb5pypA9A8vyEcCqIz3KqHAsLv1JYRv9F3HvSx4GsYTbLZPPZoiJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 86cbf5c9bb06b761-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 node.js Show response
allocation-jup.trading/ 140 KB
32 KB 70ms
70ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allocation-jup.trading/node.js
Requested by: Host: allocation-jup.trading
URL: https://allocation-jup.trading/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b0a7986b59b241eff462678720eb499b16192b0e986e79e59e6ac4febfb27d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 23:43:08 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 04 Jan 2024 18:10:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"230cf-18cd5abcf80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=euUWrpewPleSzcc2rjpw6Wtl9j0T6oE5Z%2FP%2Fw0hTBEnd3UAhKK1SzjJiQM56Kx5Jr80gAoaFEdyKlq1wBax8WY%2FYid1xxFnxIWGKiUxqLjUfzaZArXrRltegKvX25%2BgFVuUIzE3lOiZQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 86cbf5caebaeb761-AMS
alt-svc: h3=":443"; ma=86400

GET styles.22a62466.css
allocation-jup.trading/assets/css/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 19 KB
1 KB 83ms
29ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@200;300;400;500;600;700;800;900&display=swap

Requested by

Host: allocation-jup.trading
URL: https://allocation-jup.trading/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d16969705619b51577b01b002ba5d7ad97ecf4407773bc635eee8b8348377d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 30 Mar 2024 23:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 30 Mar 2024 23:15:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Mar 2024 23:43:07 GMT

GET
H3 200 header-bg.png
station.jup.ag/img/home/ 1 MB
1 MB 267ms
209ms Image
image/png 172.64.144.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://station.jup.ag/img/home/header-bg.png

Requested by

Host: allocation-jup.trading
URL: https://allocation-jup.trading/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.144.197 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17f4a2d31e75e94fdf54b49430b513f0aed065ee71e6271d3e37c8785eea65f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 23:43:08 GMT
strict-transport-security: max-age=63072000
cf-cache-status: MISS
content-disposition: inline; filename="header-bg.png"
alt-svc: h3=":443"; ma=86400
content-length: 1540532
x-vercel-id: iad1::lshrk-1711842187991-421f2c8446e7
server: cloudflare
etag: "cbc0bdf49239ed271824ddce1268a41c"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 86cbf5ca2cf6b90e-AMS

GET
H3 200 cat.png
station.jup.ag/img/home/ 6 KB
6 KB 281ms
223ms Image
image/png 172.64.144.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://station.jup.ag/img/home/cat.png

Requested by

Host: allocation-jup.trading
URL: https://allocation-jup.trading/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.144.197 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b1b034937479f3848cc39f105e839cb938eda916a2fe1a81ec5c8655b526747

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 23:43:08 GMT
strict-transport-security: max-age=63072000
cf-cache-status: MISS
content-disposition: inline; filename="cat.png"
alt-svc: h3=":443"; ma=86400
content-length: 5661
x-vercel-id: iad1::mjv67-1711842187987-5c1136bf6ddb
server: cloudflare
etag: "49f2341794253be728856e2e3ea4b5e2"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 86cbf5ca2cf7b90e-AMS

GET
H3 200 footer-bg.png
station.jup.ag/img/home/ 108 KB
108 KB 205ms
205ms Image
image/png 172.64.144.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://station.jup.ag/img/home/footer-bg.png

Requested by

Host: allocation-jup.trading
URL: https://allocation-jup.trading/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.144.197 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60ed867073a59dfbdf8cb0c3aeabdc704ae3bf984d77f63945d5a5c9cd323a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 23:43:08 GMT
strict-transport-security: max-age=63072000
cf-cache-status: MISS
content-disposition: inline; filename="footer-bg.png"
alt-svc: h3=":443"; ma=86400
content-length: 110781
x-vercel-id: iad1::wbks5-1711842188098-82115ea8589a
server: cloudflare
etag: "047860eefb16ce7653b076f76c23239e"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 86cbf5caedb9b90e-AMS

GET
H3 200 jupiter-logo.svg
station.jup.ag/img/ 4 KB
2 KB 155ms
154ms Image
image/svg+xml 172.64.144.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://station.jup.ag/img/jupiter-logo.svg

Requested by

Host: allocation-jup.trading
URL: https://allocation-jup.trading/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.144.197 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98fc2d77c2ff33788eec5f25f11907f0d226e8c8fb9e7a2a76337bbf8fb3dbee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 23:43:08 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
x-vercel-id: iad1::67rzm-1711842188060-037345edf82e
server: cloudflare
etag: W/"936603642feec1c9717c7439b23c24cc"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="jupiter-logo.svg"
cf-ray: 86cbf5caedbbb90e-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 header-bg-mobile.png
station.jup.ag/img/home/ 300 KB
300 KB 236ms
235ms Image
image/png 172.64.144.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://station.jup.ag/img/home/header-bg-mobile.png

Requested by

Host: allocation-jup.trading
URL: https://allocation-jup.trading/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.144.197 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d309755246092f35398f8f81c2f10408e6b68b27613a8934f8b5fd652d0340d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 23:43:08 GMT
strict-transport-security: max-age=63072000
cf-cache-status: MISS
content-disposition: inline; filename="header-bg-mobile.png"
alt-svc: h3=":443"; ma=86400
content-length: 306942
x-vercel-id: iad1::tcfnh-1711842188109-9b02f95e595b
server: cloudflare
etag: "0b2731ad5f53df14420b3b7849ce326c"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 86cbf5caedbab90e-AMS

GET styles.22a62466.css
allocation-jup.trading/assets/css/ 0
0

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 67ms
20ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: allocation-jup.trading
URL: https://allocation-jup.trading/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
Origin: https://allocation-jup.trading
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 15:53:06 GMT
x-content-type-options: nosniff
age: 28202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Mar 2025 15:53:06 GMT

POST nigger
ontopothers.com/ 0
0

OPTIONS nigger
ontopothers.com/ 0
0

GET
H3 200 favicon.ico
station.jup.ag/img/ 4 KB
4 KB 169ms
169ms Other
image/vnd.microsoft.icon 172.64.144.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://station.jup.ag/img/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.144.197 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0c51de1c0a94ff4e6777e6e637ae471f6d07b290983e3fb347a44b94ce82b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 23:43:08 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
x-vercel-id: iad1::5k5bq-1711842188409-6cec100b22fe
server: cloudflare
etag: W/"a31b6f44f1e2fcd89e841951de157c07"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="favicon.ico"
cf-ray: 86cbf5cd0fa0b90e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.js Show response
userstatics.com/get/ 133 B
706 B 84ms
37ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userstatics.com/get/script.js?referrer=https://allocation-jup.trading/
Requested by: Host: allocation-jup.trading
URL: https://allocation-jup.trading/spl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://allocation-jup.trading/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 23:43:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://allocation-jup.trading
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jWbtfZGm%2BE9jNdGVjlzpdU1ud%2Bpx1SI%2BOnK721XkA0grAvE8iKchdPfCEr7b4tqXDlGd9UJXK%2F0S6Dk1g3uwVTvuWwDXAcsUni09WqWQ7HbqOsrSmrw87w2rr0fu31r7rXk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 86cbf5d16d9f0e14-AMS
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: allocation-jup.trading
URL: https://allocation-jup.trading/assets/css/styles.22a62466.css

Domain: allocation-jup.trading
URL: https://allocation-jup.trading/assets/css/styles.22a62466.css

Domain: ontopothers.com
URL: https://ontopothers.com/nigger

Domain: ontopothers.com
URL: https://ontopothers.com/nigger

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.allocation-jup.trading/	1970-01-20 19:32:08	Name: __cf_mw_byp Value: NmpPsUUX25OPByk335EgoOG_M5p0yVLweNr2zHQIdUw-1711842182-0.0.1.1-/
			allocation-jup.trading/	1970-01-20 19:31:21	Name: PHPREFS Value: full

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://allocation-jup.trading/ Message: Refused to apply style from 'https://allocation-jup.trading/assets/css/styles.22a62466.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://allocation-jup.trading/ Message: Refused to apply style from 'https://allocation-jup.trading/assets/css/styles.22a62466.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://ontopothers.com/nigger Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allocation-jup.trading
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
ontopothers.com
station.jup.ag
userstatics.com
allocation-jup.trading
ontopothers.com
104.16.89.20
104.17.24.14
172.64.144.197
188.114.96.3
2a00:1450:4001:800::2003
2a00:1450:4001:81d::200a
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
17f4a2d31e75e94fdf54b49430b513f0aed065ee71e6271d3e37c8785eea65f2
29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304
34b0a7986b59b241eff462678720eb499b16192b0e986e79e59e6ac4febfb27d
4b1b034937479f3848cc39f105e839cb938eda916a2fe1a81ec5c8655b526747
60ed867073a59dfbdf8cb0c3aeabdc704ae3bf984d77f63945d5a5c9cd323a4b
6a39927ef0456c0a4d6de5725a292c0cca598a70c6f7b3fd2c9e025a232f0ed1
6b41044c8ed8f9794940019de4d174e298485d530bc315f3e9f433c02d4ba114
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
98fc2d77c2ff33788eec5f25f11907f0d226e8c8fb9e7a2a76337bbf8fb3dbee
a0c51de1c0a94ff4e6777e6e637ae471f6d07b290983e3fb347a44b94ce82b5f
d16969705619b51577b01b002ba5d7ad97ecf4407773bc635eee8b8348377d84
d309755246092f35398f8f81c2f10408e6b68b27613a8934f8b5fd652d0340d6
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
ef4dac2e0488f612692b6ffa41019a686ba0f20a2a0574c2dc444eb69349327a
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f3a0120670fe2200a0605c73cf2bbb1c93c159c2abea70ca7f209237e5092c41

allocation-jup.trading Open in urlscan Pro 188.114.96.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

82 %HTTPS

33 %IPv6

8 Domains

8 Subdomains

7 IPs

4 Countries

2339 kBTransfer

3597 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

67 JavaScript Global Variables

2 Cookies

3 Console Messages

Security Headers

Indicators

allocation-jup.trading Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

82 %
HTTPS

33 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

2339 kB
Transfer

3597 kB
Size

2
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!