ekuk.xyz - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 5 HTTP transactions. The main IP is 136.243.176.154, located in Eitensheim, Germany and belongs to HETZNER-AS, DE. The main domain is ekuk.xyz.
TLS certificate: Issued by R3 on January 4th 2024. Valid for: 3 months.

This is the only time ekuk.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.55.4.52 162.55.4.52	24940 (HETZNER-AS) (HETZNER-AS)
5	136.243.176.154 136.243.176.154	24940 (HETZNER-AS) (HETZNER-AS)
5	1

1 162.55.4.52 (Bergen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.52.4.55.162.clients.your-server.de

v113316.pi6p.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 136.243.176.154 (Eitensheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.154.176.243.136.clients.your-server.de

ekuk.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ekuk.xyz ekuk.xyz	236 KB
1	pi6p.com 1 redirects v113316.pi6p.com	728 B
5	2

	Domain	Requested by
5	ekuk.xyz	ekuk.xyz
1	v113316.pi6p.com	1 redirects
5	2

This site contains no links.

Subject Issuer	Validity	Valid
ekuk.xyz R3	`2024-01-04` - `2024-04-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ekuk.xyz/?l=swip-winmoney&v=2&brand=Desktop&model=Desktop&domain=v113316.pi6p.com&lpkey=1759087301af760026&clickid=9e94fpmhooj17dz1ea&var=1064&browser_name=Chrome&country_code=DE
Frame ID: 9252BA3BF985EC712F9BC1E0D342A120
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Win Money

Page URL History Show full URLs

https://v113316.pi6p.com/go.php?ad=zudhojtth33tynm2snjc HTTP 302
https://ekuk.xyz/?l=swip-winmoney&v=2&brand=Desktop&model=Desktop&domain=v113316.pi6p.com&lpk... Page URL

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

236 kB
Transfer

238 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://v113316.pi6p.com/go.php?ad=zudhojtth33tynm2snjc HTTP 302
https://ekuk.xyz/?l=swip-winmoney&v=2&brand=Desktop&model=Desktop&domain=v113316.pi6p.com&lpkey=1759087301af760026&clickid=9e94fpmhooj17dz1ea&var=1064&browser_name=Chrome&country_code=DE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ekuk.xyz/ Redirect Chain https://v113316.pi6p.com/go.php?ad=zudhojtth33tynm2snjc https://ekuk.xyz/?l=swip-winmoney&v=2&brand=Desktop&model=Desktop&domain=v113316.pi6p.com&lpkey=1759087301af760026&clickid=9e94fpmhooj17dz1ea&var=1064&browser_name=Chrome&country_code=DE	4 KB 1 KB	54ms 11ms	Document text/html	136.243.176.154 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ekuk.xyz/?l=swip-winmoney&v=2&brand=Desktop&model=Desktop&domain=v113316.pi6p.com&lpkey=1759087301af760026&clickid=9e94fpmhooj17dz1ea&var=1064&browser_name=Chrome&country_code=DE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.176.154 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.154.176.243.136.clients.your-server.de Software nginx/1.18.0 / Resource Hash `e520895de231dbf60a37b84490b8a3b8f8542913560b32b1729668c70b00a787` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 15 Feb 2024 17:15:26 GMT server nginx/1.18.0 vary Accept-Encoding Redirect headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Thu, 15 Feb 2024 17:15:26 GMT Location https://ekuk.xyz/?l=swip-winmoney&v=2&brand=Desktop&model=Desktop&domain=v113316.pi6p.com&lpkey=1759087301af760026&clickid=9e94fpmhooj17dz1ea&var=1064&browser_name=Chrome&country_code=DE Referrer-Policy no-referrer Server nginx/1.24.0 Strict-Transport-Security max-age=31536000 Transfer-Encoding chunked
GET H2	200	p1.png ekuk.xyz/swip/winmoney/files/	79 KB 79 KB	22ms 22ms	Image image/png	136.243.176.154 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ekuk.xyz/swip/winmoney/files/p1.png Requested by Host: ekuk.xyz URL: https://ekuk.xyz/?l=swip-winmoney&v=2&brand=Desktop&model=Desktop&domain=v113316.pi6p.com&lpkey=1759087301af760026&clickid=9e94fpmhooj17dz1ea&var=1064&browser_name=Chrome&country_code=DE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.176.154 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.154.176.243.136.clients.your-server.de Software nginx/1.18.0 / Resource Hash `be07f31cd75bf6f6406bed168198dfa11b400e0803f9eff8a0bc4ac716d11da0` Request headers accept-language de-DE,de;q=0.9 Referer https://ekuk.xyz/?l=swip-winmoney&v=2&brand=Desktop&model=Desktop&domain=v113316.pi6p.com&lpkey=1759087301af760026&clickid=9e94fpmhooj17dz1ea&var=1064&browser_name=Chrome&country_code=DE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Thu, 15 Feb 2024 17:15:26 GMT last-modified Mon, 28 Nov 2022 12:25:08 GMT server nginx/1.18.0 accept-ranges bytes etag "6384a8a4-13c85" content-length 81029 content-type image/png
GET H2	200	background.png ekuk.xyz/swip/winmoney/files/	690 B 815 B	32ms 32ms	Image image/png	136.243.176.154 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ekuk.xyz/swip/winmoney/files/background.png Requested by Host: ekuk.xyz URL: https://ekuk.xyz/?l=swip-winmoney&v=2&brand=Desktop&model=Desktop&domain=v113316.pi6p.com&lpkey=1759087301af760026&clickid=9e94fpmhooj17dz1ea&var=1064&browser_name=Chrome&country_code=DE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.176.154 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.154.176.243.136.clients.your-server.de Software nginx/1.18.0 / Resource Hash `37254c64d955725748a4ab9b8970d9a71a2faeb45097278fd984b17b680a0f33` Request headers accept-language de-DE,de;q=0.9 Referer https://ekuk.xyz/?l=swip-winmoney&v=2&brand=Desktop&model=Desktop&domain=v113316.pi6p.com&lpkey=1759087301af760026&clickid=9e94fpmhooj17dz1ea&var=1064&browser_name=Chrome&country_code=DE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Thu, 15 Feb 2024 17:15:26 GMT last-modified Fri, 09 Jul 2021 05:50:31 GMT server nginx/1.18.0 accept-ranges bytes etag "60e7e3a7-2b2" content-length 690 content-type image/png
GET H2	200	Proxima-Nova-Bold.ttf ekuk.xyz/swip/winmoney/files/	127 KB 127 KB	32ms 32ms	Font application/octet-stream	136.243.176.154 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ekuk.xyz/swip/winmoney/files/Proxima-Nova-Bold.ttf Requested by Host: ekuk.xyz URL: https://ekuk.xyz/?l=swip-winmoney&v=2&brand=Desktop&model=Desktop&domain=v113316.pi6p.com&lpkey=1759087301af760026&clickid=9e94fpmhooj17dz1ea&var=1064&browser_name=Chrome&country_code=DE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.176.154 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.154.176.243.136.clients.your-server.de Software nginx/1.18.0 / Resource Hash `39e0dce737565d70585bf93aef16d09b558f3da1e28521fdb9bfc737063e3fab` Request headers Referer https://ekuk.xyz/?l=swip-winmoney&v=2&brand=Desktop&model=Desktop&domain=v113316.pi6p.com&lpkey=1759087301af760026&clickid=9e94fpmhooj17dz1ea&var=1064&browser_name=Chrome&country_code=DE Origin https://ekuk.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Thu, 15 Feb 2024 17:15:26 GMT last-modified Fri, 09 Jul 2021 05:50:30 GMT server nginx/1.18.0 accept-ranges bytes etag "60e7e3a6-1fa14" content-length 129556 content-type application/octet-stream
GET H2	200	Proxima-Nova-Alt-Light.ttf ekuk.xyz/swip/winmoney/files/	28 KB 28 KB	32ms 32ms	Font application/octet-stream	136.243.176.154 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ekuk.xyz/swip/winmoney/files/Proxima-Nova-Alt-Light.ttf Requested by Host: ekuk.xyz URL: https://ekuk.xyz/?l=swip-winmoney&v=2&brand=Desktop&model=Desktop&domain=v113316.pi6p.com&lpkey=1759087301af760026&clickid=9e94fpmhooj17dz1ea&var=1064&browser_name=Chrome&country_code=DE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.176.154 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.154.176.243.136.clients.your-server.de Software nginx/1.18.0 / Resource Hash `f3816c98d4d53d56d95d6205bf496b778cb5e0d5427b5526c989b93a7003c78e` Request headers Referer https://ekuk.xyz/?l=swip-winmoney&v=2&brand=Desktop&model=Desktop&domain=v113316.pi6p.com&lpkey=1759087301af760026&clickid=9e94fpmhooj17dz1ea&var=1064&browser_name=Chrome&country_code=DE Origin https://ekuk.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Thu, 15 Feb 2024 17:15:26 GMT last-modified Fri, 09 Jul 2021 05:50:30 GMT server nginx/1.18.0 accept-ranges bytes etag "60e7e3a6-6e84" content-length 28292 content-type application/octet-stream

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			v113316.pi6p.com/	1970-01-20 18:28:23	Name: uclick Value: pmhooj17dz
			v113316.pi6p.com/	1970-01-20 18:28:23	Name: uclickhash Value: pmhooj17dz-pmhooj17dz-2tj6-8pik-b7bg-ojzwdz-hexr0-1417c3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ekuk.xyz
v113316.pi6p.com
136.243.176.154
162.55.4.52
37254c64d955725748a4ab9b8970d9a71a2faeb45097278fd984b17b680a0f33
39e0dce737565d70585bf93aef16d09b558f3da1e28521fdb9bfc737063e3fab
be07f31cd75bf6f6406bed168198dfa11b400e0803f9eff8a0bc4ac716d11da0
e520895de231dbf60a37b84490b8a3b8f8542913560b32b1729668c70b00a787
f3816c98d4d53d56d95d6205bf496b778cb5e0d5427b5526c989b93a7003c78e

ekuk.xyz Open in urlscan Pro 136.243.176.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

236 kBTransfer

238 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

ekuk.xyz Open in urlscan Pro
136.243.176.154 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

236 kB
Transfer

238 kB
Size

2
Cookies

5 HTTP transactions
0 data transactions