www.apartuk.info
203.161.63.201 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
http://www.apartuk.info/hpum/index.php?account=w4naf290 1mo old
Submission Tags: c2 malware xloader Search All
Submission: On May 12 via api (May 12th 2026, 1:16:31 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 203.161.63.201, located in United States and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is www.apartuk.info. 1mo old

This is the only time www.apartuk.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
11	203.161.63.201 203.161.63.201		22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap)
11	1

11 203.161.63.201 (United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: unhive-french.vpsrdns.web-hosting.com

www.apartuk.info 1mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
11	apartuk.info www.apartuk.info 1mo old	664 KB
11	1

	Domain	Requested by
11	www.apartuk.info	www.apartuk.info
11	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.apartuk.info/hpum/index.php?account=w4naf290
Frame ID: 0C63D9645AA9DE80820B4D21E5BAACF8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XL - Login

Page URL History Show full URLs

http://www.apartuk.info/hpum/index.php?account=w4naf290 HTTP 307
https://www.apartuk.info/hpum/index.php?account=w4naf290 HTTP 307
http://www.apartuk.info/hpum/index.php?account=w4naf290 Page URL

Detected technologies

PHP (Programming languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery
/jquery(?:-(\d+\.\d+\.\d+))[/.-]

Page Statistics

11
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

664 kB
Transfer

1724 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.apartuk.info/hpum/index.php?account=w4naf290 HTTP 307
https://www.apartuk.info/hpum/index.php?account=w4naf290 HTTP 307
http://www.apartuk.info/hpum/index.php?account=w4naf290 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.php Show response www.apartuk.info/hpum/ Redirect Chain http://www.apartuk.info/hpum/index.php?account=w4naf290 https://www.apartuk.info/hpum/index.php?account=w4naf290 http://www.apartuk.info/hpum/index.php?account=w4naf290	2 KB 1 KB	167ms 155ms	Document text/html	203.161.63.201 Namecheap
General Check archive.org Download Go to Full URL http://www.apartuk.info/hpum/index.php?account=w4naf290 Protocol HTTP/1.1 Server 203.161.63.201 , United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS unhive-french.vpsrdns.web-hosting.com Software Apache / Resource Hash `47c119ed0457e71c30927d83c281f3baf1d447cb9161d212ceddd9421b7b0e38` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 821 Content-Type text/html Date Tue, 12 May 2026 13:16:33 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache Vary Accept-Encoding Redirect headers Location http://www.apartuk.info/hpum/index.php?account=w4naf290 Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	main.css www.apartuk.info/hpum/w4naf290/css/	339 KB 63 KB	161ms 161ms	Stylesheet text/css	203.161.63.201 Namecheap
General Check archive.org Download Go to Full URL http://www.apartuk.info/hpum/w4naf290/css/main.css?v=6.5b Requested by Host: www.apartuk.info URL: http://www.apartuk.info/hpum/index.php?account=w4naf290 Protocol HTTP/1.1 Server 203.161.63.201 , United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS unhive-french.vpsrdns.web-hosting.com Software Apache / Resource Hash `d3ab365717f16c747ec0a8751ad8c6726e5634e00085b859f20367fbc2571b74` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36 Referer http://www.apartuk.info/hpum/index.php?account=w4naf290 Response headers Transfer-Encoding chunked Content-Encoding gzip Connection Keep-Alive Keep-Alive timeout=5, max=99 Date Tue, 12 May 2026 13:16:33 GMT Content-Type text/css Vary Accept-Encoding Server Apache
GET H/1.1	200 OK	style.css www.apartuk.info/hpum/w4naf290/css/	918 B 651 B	307ms 154ms	Stylesheet text/css	203.161.63.201 Namecheap
General Check archive.org Download Go to Full URL http://www.apartuk.info/hpum/w4naf290/css/style.css?v=6.5b Requested by Host: www.apartuk.info URL: http://www.apartuk.info/hpum/index.php?account=w4naf290 Protocol HTTP/1.1 Server 203.161.63.201 , United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS unhive-french.vpsrdns.web-hosting.com Software Apache / Resource Hash `29d851a17a9ac8766be7c295660540b20f7616aefeb61c0d5a5f655809c3f213` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36 Referer http://www.apartuk.info/hpum/index.php?account=w4naf290 Response headers Content-Encoding gzip Connection Keep-Alive Content-Length 431 Keep-Alive timeout=5, max=100 Date Tue, 12 May 2026 13:16:33 GMT Content-Type text/css Vary Accept-Encoding Server Apache
GET H/1.1	200 OK	jquery-3.4.1.min.js Show response www.apartuk.info/hpum/w4naf290/js/	86 KB 30 KB	311ms 159ms	Script text/javascript	203.161.63.201 Namecheap
General Check archive.org Download Go to Full URL http://www.apartuk.info/hpum/w4naf290/js/jquery-3.4.1.min.js Requested by Host: www.apartuk.info URL: http://www.apartuk.info/hpum/index.php?account=w4naf290 Protocol HTTP/1.1 Server 203.161.63.201 , United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS unhive-french.vpsrdns.web-hosting.com Software Apache / Resource Hash `4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36 Referer http://www.apartuk.info/hpum/index.php?account=w4naf290 Response headers Content-Encoding gzip Connection Keep-Alive Content-Length 30675 Keep-Alive timeout=5, max=100 Date Tue, 12 May 2026 13:16:33 GMT Content-Type text/javascript Vary Accept-Encoding Server Apache
GET H/1.1	200 OK	main.js Show response www.apartuk.info/hpum/w4naf290/js/	1007 KB 287 KB	317ms 164ms	Script text/javascript	203.161.63.201 Namecheap
General Check archive.org Download Go to Full URL http://www.apartuk.info/hpum/w4naf290/js/main.js?v=6.5b Requested by Host: www.apartuk.info URL: http://www.apartuk.info/hpum/index.php?account=w4naf290 Protocol HTTP/1.1 Server 203.161.63.201 , United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS unhive-french.vpsrdns.web-hosting.com Software Apache / Resource Hash `37578824056ce0112473faf1bcddf0f6cf3fc8fd0abe9b87e9fd8d2ca17b7614` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36 Referer http://www.apartuk.info/hpum/index.php?account=w4naf290 Response headers Transfer-Encoding chunked Content-Encoding gzip Connection Keep-Alive Keep-Alive timeout=5, max=100 Date Tue, 12 May 2026 13:16:33 GMT Content-Type text/javascript Vary Accept-Encoding Server Apache
GET H/1.1	200 OK	jsCheck.js Show response www.apartuk.info/hpum/w4naf290/js/	10 KB 2 KB	309ms 155ms	Script text/javascript	203.161.63.201 Namecheap
General Check archive.org Download Go to Full URL http://www.apartuk.info/hpum/w4naf290/js/jsCheck.js?v=6.5b Requested by Host: www.apartuk.info URL: http://www.apartuk.info/hpum/index.php?account=w4naf290 Protocol HTTP/1.1 Server 203.161.63.201 , United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS unhive-french.vpsrdns.web-hosting.com Software Apache / Resource Hash `062135932889fc469090f6f96ea5c97a841f023e8d32e8e1780d228f0be2eb42` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36 Referer http://www.apartuk.info/hpum/index.php?account=w4naf290 Response headers Content-Encoding gzip Connection Keep-Alive Content-Length 2122 Keep-Alive timeout=5, max=100 Date Tue, 12 May 2026 13:16:33 GMT Content-Type text/javascript Vary Accept-Encoding Server Apache
GET H/1.1	200 OK	xl.png www.apartuk.info/hpum/w4naf290/img/	12 KB 12 KB	154ms 154ms	Image image/png	203.161.63.201 Namecheap
General Check archive.org Download Go to Show image Full URL http://www.apartuk.info/hpum/w4naf290/img/xl.png Requested by Host: www.apartuk.info URL: http://www.apartuk.info/hpum/index.php?account=w4naf290 Protocol HTTP/1.1 Server 203.161.63.201 , United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS unhive-french.vpsrdns.web-hosting.com Software Apache / Resource Hash `06e2d4c6d2c92e489e551c3ec9ddd29dd3679736ba27f802a50d3fbf5abf732d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36 Referer http://www.apartuk.info/hpum/index.php?account=w4naf290 Response headers Keep-Alive timeout=5, max=98 Content-Length 11924 Date Tue, 12 May 2026 13:16:33 GMT Content-Type image/png Server Apache Connection Keep-Alive
GET H/1.1	200 OK	fa-solid-900.woff2 www.apartuk.info/hpum/w4naf290/fonts/	77 KB 78 KB	154ms 154ms	Font font/woff2	203.161.63.201 Namecheap
General Check archive.org Download Go to Full URL http://www.apartuk.info/hpum/w4naf290/fonts/fa-solid-900.woff2 Requested by Host: www.apartuk.info URL: http://www.apartuk.info/hpum/w4naf290/css/main.css?v=6.5b Protocol HTTP/1.1 Server 203.161.63.201 , United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS unhive-french.vpsrdns.web-hosting.com Software Apache / Resource Hash `3135d8dcdc19a876e23e693a53d9fc3ad45bb0b9ba4abb34e118e54bdec71c6b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36 Origin http://www.apartuk.info Referer http://www.apartuk.info/hpum/w4naf290/css/main.css?v=6.5b Response headers Keep-Alive timeout=5, max=99 Content-Length 79212 Date Tue, 12 May 2026 13:16:34 GMT Content-Type font/woff2 Server Apache Connection Keep-Alive
GET H/1.1	200 OK	favicon.ico www.apartuk.info/hpum/w4naf290/img/misc/	91 KB 91 KB	159ms 158ms	Other image/vnd.microsoft.icon	203.161.63.201 Namecheap
General Check archive.org Download Go to Full URL http://www.apartuk.info/hpum/w4naf290/img/misc/favicon.ico Protocol HTTP/1.1 Server 203.161.63.201 , United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS unhive-french.vpsrdns.web-hosting.com Software Apache / Resource Hash `205679dec05cf6a7b2903caab9407432eba27341c71161dd1f036a04f02db618` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36 Referer http://www.apartuk.info/hpum/index.php?account=w4naf290 Response headers Keep-Alive timeout=5, max=98 Content-Length 93062 Date Tue, 12 May 2026 13:16:34 GMT Content-Type image/vnd.microsoft.icon Server Apache Connection Keep-Alive
GET H/1.1	200 OK	favicon.ico www.apartuk.info/hpum/w4naf290/img/misc/	91 KB 91 KB	155ms 155ms	Other image/vnd.microsoft.icon	203.161.63.201 Namecheap
General Check archive.org Download Go to Full URL http://www.apartuk.info/hpum/w4naf290/img/misc/favicon.ico Protocol HTTP/1.1 Server 203.161.63.201 , United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS unhive-french.vpsrdns.web-hosting.com Software Apache / Resource Hash `205679dec05cf6a7b2903caab9407432eba27341c71161dd1f036a04f02db618` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36 Referer http://www.apartuk.info/hpum/index.php?account=w4naf290 Response headers Keep-Alive timeout=5, max=97 Content-Length 93062 Date Tue, 12 May 2026 13:16:34 GMT Content-Type image/vnd.microsoft.icon Server Apache Connection Keep-Alive
GET H/1.1	200 OK	favicon.png www.apartuk.info/hpum/w4naf290/img/misc/	9 KB 9 KB	157ms 157ms	Other image/png	203.161.63.201 Namecheap
General Check archive.org Download Go to Full URL http://www.apartuk.info/hpum/w4naf290/img/misc/favicon.png Protocol HTTP/1.1 Server 203.161.63.201 , United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS unhive-french.vpsrdns.web-hosting.com Software Apache / Resource Hash `fc025770914a5c4a49436efaf5cea925a4677adb24172305bb13553a8b8647cf` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36 Referer http://www.apartuk.info/hpum/index.php?account=w4naf290 Response headers Keep-Alive timeout=5, max=96 Content-Length 8859 Date Tue, 12 May 2026 13:16:34 GMT Content-Type image/png Server Apache Connection Keep-Alive

Verdicts & Comments Add Verdict or Comment

27 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.apartuk.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1lq5cdvur890m488058dpcoq9a

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: http://www.apartuk.info/hpum/index.php?account=w4naf290 Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.apartuk.info
203.161.63.201
062135932889fc469090f6f96ea5c97a841f023e8d32e8e1780d228f0be2eb42
06e2d4c6d2c92e489e551c3ec9ddd29dd3679736ba27f802a50d3fbf5abf732d
205679dec05cf6a7b2903caab9407432eba27341c71161dd1f036a04f02db618
29d851a17a9ac8766be7c295660540b20f7616aefeb61c0d5a5f655809c3f213
3135d8dcdc19a876e23e693a53d9fc3ad45bb0b9ba4abb34e118e54bdec71c6b
37578824056ce0112473faf1bcddf0f6cf3fc8fd0abe9b87e9fd8d2ca17b7614
47c119ed0457e71c30927d83c281f3baf1d447cb9161d212ceddd9421b7b0e38
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
d3ab365717f16c747ec0a8751ad8c6726e5634e00085b859f20367fbc2571b74
fc025770914a5c4a49436efaf5cea925a4677adb24172305bb13553a8b8647cf

www.apartuk.info 203.161.63.201 Public Scan Open in urlscan Pro

Internal

Effective Hostname

Submitted URL

Effective IP

Summary

urlscan.io Verdict: No classification

Domain & IP information

IP Lookup

ASN Lookup

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

664 kBTransfer

1724 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Window variables

1 Cookies

1 Console Messages

Indicators

www.apartuk.info
203.161.63.201 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

664 kB
Transfer

1724 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions