ekuk.xyz
Open in
urlscan Pro
136.243.176.154
Public Scan
Effective URL: https://ekuk.xyz/?l=age-21years&v=1&brand=Samsung&model=Galaxy%20A20&domain=v112323.pi6p.com&lpkey=17fa08cc487e07...
Submission: On February 21 via api from GB — Scanned from NL
Summary
TLS certificate: Issued by R3 on January 4th 2024. Valid for: 3 months.
This is the only time ekuk.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 185.155.184.32 185.155.184.32 | 6898 (AS-6898 C...) (AS-6898 C41.CH SAGL - LUGANO Data Center) | |
1 2 | 185.155.186.25 185.155.186.25 | 203639 (TEKNOLOGY) (TEKNOLOGY) | |
1 | 67.212.184.147 67.212.184.147 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
1 1 | 162.55.4.52 162.55.4.52 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 136.243.176.154 136.243.176.154 | 24940 (HETZNER-AS) (HETZNER-AS) | |
9 | 6 |
ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH)
mybigwinningzone.life |
ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
take.betdealfor4.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.52.4.55.162.clients.your-server.de
v112323.pi6p.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.154.176.243.136.clients.your-server.de
ekuk.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
multi365payments.com
1 redirects
multi365payments.com |
11 KB |
2 |
ekuk.xyz
ekuk.xyz |
39 KB |
2 |
theydayssay.live
1 redirects
a06khqp.theydayssay.live |
4 KB |
1 |
pi6p.com
1 redirects
v112323.pi6p.com |
822 B |
1 |
betdealfor4.com
take.betdealfor4.com |
3 KB |
1 |
mybigwinningzone.life
mybigwinningzone.life |
60 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48 |
1 KB |
9 | 7 |
Domain | Requested by | |
---|---|---|
4 | multi365payments.com |
1 redirects
multi365payments.com
|
2 | ekuk.xyz |
take.betdealfor4.com
ekuk.xyz |
2 | a06khqp.theydayssay.live |
1 redirects
mybigwinningzone.life
|
1 | v112323.pi6p.com | 1 redirects |
1 | take.betdealfor4.com |
a06khqp.theydayssay.live
|
1 | mybigwinningzone.life |
multi365payments.com
|
1 | fonts.googleapis.com |
multi365payments.com
|
9 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
v112323.pi6p.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
multi365payments.com GTS CA 1P5 |
2024-02-21 - 2024-05-21 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
mybigwinningzone.life R3 |
2024-02-04 - 2024-05-04 |
3 months | crt.sh |
theydayssay.live R3 |
2024-02-20 - 2024-05-20 |
3 months | crt.sh |
take.betdealfor4.com R3 |
2024-02-14 - 2024-05-14 |
3 months | crt.sh |
ekuk.xyz R3 |
2024-01-04 - 2024-04-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ekuk.xyz/?l=age-21years&v=1&brand=Samsung&model=Galaxy%20A20&domain=v112323.pi6p.com&lpkey=17fa08cc487e073f78&clickid=71047pmuo8p37fe4dc&var=65&browser_name=Chrome%20Mobile&country_code=NL&uclick=pmuo8p37fe&uclickhash=pmuo8p37fe-pmuo8p37fe-zw-qex9-9r15-ci2t6o-ciktwj-148ccc
Frame ID: 02EEA65B4DC4AB4C7D5EEDE155704E2A
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
Online Survey(1) Are you 21 years old or older?Page URL History Show full URLs
-
http://multi365payments.com/
HTTP 301
https://multi365payments.com/ Page URL
- https://mybigwinningzone.life/?u=pqhk60a&o=3awgwfu Page URL
- https://a06khqp.theydayssay.live/rreuprvf/?u=pqhk60a&o=3awgwfu&f=1&sid=t8~jkonnzuhipmjr1guttz1uqwt&fp=v9h8hH%... Page URL
-
https://a06khqp.theydayssay.live/web/?sid=t8~jkonnzuhipmjr1guttz1uqwt
HTTP 302
https://take.betdealfor4.com/?utm_medium=7c546697f77c362f087bd230a385a22a47b9f7ab&utm_campaign=m&cid=4558... Page URL
-
https://v112323.pi6p.com/go.php?ad=ocgtcj3bzo889m83kud1&sid=M7337867778881224738&pub=1314&pid=1314-5e...
HTTP 302
https://ekuk.xyz/?l=age-21years&v=1&brand=Samsung&model=Galaxy%20A20&domain=v112323.pi6p.com&... Page URL
Detected technologies
Polyfill (JavaScript Libraries) ExpandDetected patterns
- /polyfill\.min\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: YES
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://multi365payments.com/
HTTP 301
https://multi365payments.com/ Page URL
- https://mybigwinningzone.life/?u=pqhk60a&o=3awgwfu Page URL
- https://a06khqp.theydayssay.live/rreuprvf/?u=pqhk60a&o=3awgwfu&f=1&sid=t8~jkonnzuhipmjr1guttz1uqwt&fp=v9h8hH%2BKLPuoXYvnkfnsOg%3D%3D Page URL
-
https://a06khqp.theydayssay.live/web/?sid=t8~jkonnzuhipmjr1guttz1uqwt
HTTP 302
https://take.betdealfor4.com/?utm_medium=7c546697f77c362f087bd230a385a22a47b9f7ab&utm_campaign=m&cid=455875d1-bafe-4faa-9386-962c745e3f1b Page URL
-
https://v112323.pi6p.com/go.php?ad=ocgtcj3bzo889m83kud1&sid=M7337867778881224738&pub=1314&pid=1314-5ecd6faz&c=0&app=unknown&br=Chrome+Mobile&os=[[os]]&d=Samsung+SM-A205U&ca=NL+WiFi&a=0
HTTP 302
https://ekuk.xyz/?l=age-21years&v=1&brand=Samsung&model=Galaxy%20A20&domain=v112323.pi6p.com&lpkey=17fa08cc487e073f78&clickid=71047pmuo8p37fe4dc&var=65&browser_name=Chrome%20Mobile&country_code=NL&uclick=pmuo8p37fe&uclickhash=pmuo8p37fe-pmuo8p37fe-zw-qex9-9r15-ci2t6o-ciktwj-148ccc Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://multi365payments.com/ HTTP 301
- https://multi365payments.com/
- https://a06khqp.theydayssay.live/web/?sid=t8~jkonnzuhipmjr1guttz1uqwt HTTP 302
- https://take.betdealfor4.com/?utm_medium=7c546697f77c362f087bd230a385a22a47b9f7ab&utm_campaign=m&cid=455875d1-bafe-4faa-9386-962c745e3f1b
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
multi365payments.com/ Redirect Chain
|
22 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
multi365payments.com/ |
1 KB 1013 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
PATCH H3 |
polyfill.min.js
multi365payments.com/ |
225 B 771 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
mybigwinningzone.life/ |
60 KB 60 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
a06khqp.theydayssay.live/rreuprvf/ |
3 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
take.betdealfor4.com/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
ekuk.xyz/ Redirect Chain
|
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading2.gif
ekuk.xyz/age/21years/files/ |
36 KB 36 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| getURLParameter string| cta string| curr_hr string| under string| back8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
multi365payments.com/ | Name: smdtm Value: S3J5ZHJldCUyMEp1bGVrYWdlJTIwTWVkJTIwRGFkbGVyJTIwT2clMjBWYWxuJUMzJUI4ZGRlcg== |
|
mybigwinningzone.life/ | Name: sid Value: t8~jkonnzuhipmjr1guttz1uqwt |
|
mybigwinningzone.life/ | Name: p1 Value: https://theydayssay.live/rreuprvf/ |
|
mybigwinningzone.life/ | Name: s1 Value: mv8m8qvtbwlqj6z2 |
|
a06khqp.theydayssay.live/ | Name: IsNotUniqueMainNew Value: true |
|
a06khqp.theydayssay.live/ | Name: cookie1 Value: true |
|
v112323.pi6p.com/ | Name: uclick Value: pmuo8p37fe |
|
v112323.pi6p.com/ | Name: uclickhash Value: pmuo8p37fe-pmuo8p37fe-zw-qex9-9r15-ci2t6o-ciktwj-148ccc |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' http: https: data: blob: 'unsafe-inline' |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a06khqp.theydayssay.live
ekuk.xyz
fonts.googleapis.com
multi365payments.com
mybigwinningzone.life
take.betdealfor4.com
v112323.pi6p.com
136.243.176.154
162.55.4.52
185.155.184.32
185.155.186.25
2a00:1450:4001:81c::200a
2a06:98c1:3120::3
2a06:98c1:3121::3
67.212.184.147
10e779c5452a5aa0af0e68709b0c44a3b1e03dd97302af94ed245f2f52d5227b
2c983bdfdb5a8ed91c19f573675ec6518cfd552c6c21cfbc18eb5137f3fc171b
3dfebea695e74f95113339686c6167ecd8e05afb20d69e3fd74d2acc8689e39b
6d776e4af60b537328333746ce30e0fbd0d09ba69f39a65e487b55bc28b0b3af
884a77c6352be0bf89dec1134193e2cc589718e42c518b97f3354d9a9734225d
ab8e9e8c4243418d10ba838d19a931ac08fb71a822714d21cca7bdcfb7aabb0e
f803cc0359d25884471d2c82bf5d46a3ef25044e15a53b80d3e449141e461aa6