autolycus.ug
Open in
urlscan Pro
80.87.192.180
Public Scan
Submission Tags: c2 malware blackrock Search All
Submission: On September 27 via api from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on September 25th 2020. Valid for: 3 months.
This is the only time autolycus.ug was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 12 | 80.87.192.180 80.87.192.180 | 29182 (THEFIRST-AS) (THEFIRST-AS) | |
4 | 2606:4700::68... 2606:4700::6811:4e6b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:2a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST) | |
18 | 5 |
ASN29182 (THEFIRST-AS, RU)
PTR: e9658544844.fvds.ru
autolycus.ug |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
autolycus.ug
1 redirects
autolycus.ug |
177 KB |
4 |
cloudflare.com
cdnjs.cloudflare.com |
38 KB |
1 |
aspnetcdn.com
ajax.aspnetcdn.com |
26 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
14 KB |
1 |
jquery.com
code.jquery.com |
29 KB |
18 | 5 |
Domain | Requested by | |
---|---|---|
12 | autolycus.ug |
1 redirects
autolycus.ug
|
4 | cdnjs.cloudflare.com |
autolycus.ug
|
1 | ajax.aspnetcdn.com |
autolycus.ug
|
1 | maxcdn.bootstrapcdn.com |
autolycus.ug
|
1 | code.jquery.com |
autolycus.ug
|
18 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
autolycus.ug Let's Encrypt Authority X3 |
2020-09-25 - 2020-12-24 |
3 months | crt.sh |
cdnjs.cloudflare.com DigiCert ECC Secure Server CA |
2020-08-12 - 2022-08-17 |
2 years | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
*.vo.msecnd.net Microsoft IT TLS CA 2 |
2020-03-18 - 2022-03-18 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://autolycus.ug/admin/login
Frame ID: 6FFE106BB5B58B8CC28E06234E917731
Requests: 18 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- https://autolycus.ug/api/getTotal HTTP 307
- https://autolycus.ug/admin/login
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
login
autolycus.ug/admin/ |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
autolycus.ug/assets/css/ |
223 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
autolycus.ug/assets/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.css
autolycus.ug/assets/css/font-awesome/css/ |
74 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.datetimepicker.css
autolycus.ug/assets/js/datepicker/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vis.min.css
cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/ |
23 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.1.1.min.js
code.jquery.com/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.1.0/js/ |
49 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.datetimepicker.js
autolycus.ug/assets/js/datepicker/ |
68 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-table.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.11.0/ |
52 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ |
50 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.dataTables.min.js
ajax.aspnetcdn.com/ajax/jquery.dataTables/1.9.0/ |
68 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
charts.js
autolycus.ug/assets/js/ |
50 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chart.js
autolycus.ug/assets/js/ |
393 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
progress.js
autolycus.ug/assets/js/ |
710 B 745 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
autolycus.ug/assets/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
autolycus.ug/admin/ Redirect Chain
|
6 KB 3 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery object| bootstrap function| Popper function| moment function| Chart function| Color function| explode function| JsonToTable function| PostSend function| getUrlUp function| countersHeader1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
autolycus.ug/ | Name: ci_session Value: b349c29eefa23d787c2f4a4b0cbfcadaaa894918 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.aspnetcdn.com
autolycus.ug
cdnjs.cloudflare.com
code.jquery.com
maxcdn.bootstrapcdn.com
152.199.19.160
2001:4de0:ac19::1:b:2a
2001:4de0:ac19::1:b:3a
2606:4700::6811:4e6b
80.87.192.180
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
07f79b6448a867fe963d2bc2973c436c79aabbe501922416a4a09b1e9646f7d5
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0efc4801277a95b0ea82fe31234d450293bc69fc00bfaba79d72cbf01e282963
268abb32c7c135246885999bc45105c533a3b053718f1fb0d9387d5516f39fe8
4006b8be879a1662405df1c1467bd2d33bb293521e67a2f77abfa8b722c7dfcb
618b0ff32fc0b808d5c781a57377aeb7de6c2d2c1027d683ca3c7726b9becbc4
61c9a375eeb97392dd99be70a5e7c26853ec357efbedbb97296ccdda15d15802
7971cbcb2548fafe97d706df83d341d39216a8ea98e04f75f399c76607832218
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8aae7280627bd36d4f8bb1f94be40051708f51f681cdfa9ea656e0fca944b2c8
b46c21e5deaf150a74072103f16cf73b59b2a46226433a9c49485298abd56c8e
b873c140721e95472273c3c1608e5c6a3e3e62df3b98e96f2296e088555b3e53
d4de71f05bba509011e216b44d5cc43d3ff304ccb6453c7a9c2bc2f01171d17f
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
f65e288817a6a4d3500971eaa19df72b6251efd3a2ee251a692eb4e0fb0ee14c
f7e7f3be64ea7ad544582a6881a62b056bec3be8c5c47583cb4c43ce503dfe6d