urlscan.io logo urlscan.io
SecurityTrails logo

anubiscode.fun Open in urlscan Pro
2a00:f940:2:2:1:1:0:84  Public Scan

Go To Rescan Add Verdict Report
URL: https://anubiscode.fun/index.php
Submission Tags: c2 malware anubisstealer Search All
Submission: On August 25 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 2a00:f940:2:2:1:1:0:84, located in Russian Federation and belongs to AS-REG, RU. The main domain is anubiscode.fun.
TLS certificate: Issued by GlobalSign RSA DV SSL CA 2018 on April 20th 2020. Valid for: a year.
This is the only time anubiscode.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2a00:f940:2:2... 197695 (AS-REG)
1 2a00:1450:400... 15169 (GOOGLE)
7 3
Apex Domain
Subdomains		 Transfer
5 anubiscode.fun
anubiscode.fun
1 MB
1 googleapis.com
ajax.googleapis.com
33 KB
0 demosthenes.info Failed
demosthenes.info Failed
7 3
Domain Requested by
5 anubiscode.fun anubiscode.fun
1 ajax.googleapis.com anubiscode.fun
0 demosthenes.info Failed anubiscode.fun
7 3

This site contains no links.

Subject Issuer Validity Valid
www.anubiscode.fun
GlobalSign RSA DV SSL CA 2018		 2020-04-20 -
2021-04-21		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://anubiscode.fun/index.php
Frame ID: 4233B46D79B1B577F67215C18C341355
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

7
Requests

86 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1059 kB
Transfer

1126 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
anubiscode.fun/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://anubiscode.fun/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:84 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx / PHP/5.5.38
Resource Hash
6b182ef24892dbed90774accbe3e3fadbf96aaca2b858f6b643f155833bd1f1f

Request headers

:method
GET
:authority
anubiscode.fun
:scheme
https
:path
/index.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Tue, 25 Aug 2020 11:48:06 GMT
content-type
text/html
vary
Accept-Encoding
x-powered-by
PHP/5.5.38
content-encoding
gzip
style.css
anubiscode.fun/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://anubiscode.fun/css/style.css
Requested by
Host: anubiscode.fun
URL: https://anubiscode.fun/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:84 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
fb6c94e441fdb123286112686f698062cee8f37d4ac68092a1add86f160375c9

Request headers

Referer
https://anubiscode.fun/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 25 Aug 2020 11:48:07 GMT
content-encoding
gzip
last-modified
Fri, 05 Jun 2020 11:09:46 GMT
server
nginx
etag
W/"5eda27fa-102e"
vary
Accept-Encoding
content-type
text/css
status
200
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: anubiscode.fun
URL: https://anubiscode.fun/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://anubiscode.fun/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 09:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96253
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Aug 2021 09:03:53 GMT
funcs.js
anubiscode.fun/js/ 		167 B
296 B 		Script
General
Check archive.org
Download Go to
Full URL
https://anubiscode.fun/js/funcs.js
Requested by
Host: anubiscode.fun
URL: https://anubiscode.fun/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:84 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
3a7223e2d52b75d4ea04dff3324a2cc42da8032eda459322c71f6c219b5dbccf

Request headers

Referer
https://anubiscode.fun/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 25 Aug 2020 11:48:07 GMT
last-modified
Fri, 05 Jun 2020 11:09:48 GMT
server
nginx
etag
"5eda27fc-a7"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
167
anubis.png
anubiscode.fun/ 		1022 KB
1023 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://anubiscode.fun/anubis.png
Requested by
Host: anubiscode.fun
URL: https://anubiscode.fun/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:84 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
2afb6f8098ade349c733beb7e04a7c11f116a93b0bae3f101f41df4eeb94341e

Request headers

Referer
https://anubiscode.fun/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 25 Aug 2020 11:48:07 GMT
last-modified
Mon, 08 Jun 2020 21:14:09 GMT
server
nginx
etag
"5edeaa21-ff696"
content-type
image/png
status
200
accept-ranges
bytes
content-length
1046166
polina.jpg
demosthenes.info/assets/images/ 		0
0
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
3.mp4
anubiscode.fun/vids/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://anubiscode.fun/vids/3.mp4
Requested by
Host: anubiscode.fun
URL: https://anubiscode.fun/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:84 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://anubiscode.fun/index.php
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

status
404
date
Tue, 25 Aug 2020 11:48:07 GMT
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
demosthenes.info
URL
https://demosthenes.info/assets/images/polina.jpg

Verdicts & Comments Add Verdict or Comment

4 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| err

0 Cookies