analyticsfantasticv1.azurewebsites.net Open in urlscan Pro
20.50.2.4 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://semioticon.com/taii/
Effective URL:
https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Submission: On August 09 via manual (August 9th 2021, 11:28:02 am UTC) from IN

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 20.50.2.4, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is analyticsfantasticv1.azurewebsites.net.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 28th 2020. Valid for: a year.

This is the only time analyticsfantasticv1.azurewebsites.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Chunghwa Post (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1	216.251.32.98 216.251.32.98	14116 (INFB-AS) (INFB-AS)
2 13	20.50.2.4 20.50.2.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	2

1 216.251.32.98 (United States)

ASN14116 (INFB-AS, US)
PTR: hosting.megawebservers.com

semioticon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 20.50.2.4 (Amsterdam, Netherlands) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

analyticsfantasticv1.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	azurewebsites.net 2 redirects analyticsfantasticv1.azurewebsites.net	104 KB
1	semioticon.com semioticon.com	197 B
12	2

	Domain	Requested by
13	analyticsfantasticv1.azurewebsites.net	2 redirects semioticon.com analyticsfantasticv1.azurewebsites.net
1	semioticon.com
12	2

This site contains no links.

Subject Issuer	Validity	Valid
semioticon.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-11` - `2022-06-18`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 01	`2020-09-28` - `2021-09-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Frame ID: 571197A22C03E53310DA8A5848BF5EF7
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://semioticon.com/taii/ Page URL
https://analyticsfantasticv1.azurewebsites.net//chan HTTP 301
https://analyticsfantasticv1.azurewebsites.net/chan/ HTTP 302
https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

104 kB
Transfer

204 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://semioticon.com/taii/ Page URL
https://analyticsfantasticv1.azurewebsites.net//chan HTTP 301
https://analyticsfantasticv1.azurewebsites.net/chan/ HTTP 302
https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
semioticon.com/taii/ 88 B
197 B 495ms
223ms Document
text/html 216.251.32.98
INFB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://semioticon.com/taii/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.251.32.98 , United States, ASN14116 (INFB-AS, US),

Reverse DNS

hosting.megawebservers.com

Software

Resource Hash

ff4b0a2c13f9cb4bc7f864c09089c5d136f23b1721cd41047afdfda06f38825b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: semioticon.com
:scheme: https
:path: /taii/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 11:27:40 GMT
content-type: text/html; charset=UTF-8
content-length: 88
strict-transport-security: max-age=15768000

GET
H/1.1

200
OK

Primary Request

Cookie set SSLAuthUI.html Show response
analyticsfantasticv1.azurewebsites.net/chan/
Redirect Chain

https://analyticsfantasticv1.azurewebsites.net//chan
https://analyticsfantasticv1.azurewebsites.net/chan/
https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html

10 KB
5 KB

18ms
18ms

Document
text/html

20.50.2.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Requested by: Host: semioticon.com
URL: https://semioticon.com/taii/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.4 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 85b27b1e98f1735920b9b6d7e5303fcab2a562f41f448eb511e385190a5e865a

Request headers

Host: analyticsfantasticv1.azurewebsites.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://semioticon.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://semioticon.com/taii/

Response headers

Content-Length: 4017
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 07 Aug 2021 05:42:46 GMT
Accept-Ranges: bytes
ETag: "6f11d7c4f8bd71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Set-Cookie: ARRAffinity=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6;Path=/;HttpOnly;Secure;Domain=analyticsfantasticv1.azurewebsites.net ARRAffinitySameSite=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6;Path=/;HttpOnly;SameSite=None;Secure;Domain=analyticsfantasticv1.azurewebsites.net
Date: Mon, 09 Aug 2021 11:27:42 GMT

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: SSLAuthUI.html
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/7.4.15 ASP.NET
Date: Mon, 09 Aug 2021 11:27:42 GMT
Content-Length: 0

GET
H/1.1 200
OK bootstrap.css
analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI_fichiers/ 118 KB
27 KB 31ms
31ms Stylesheet
text/css 20.50.2.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI_fichiers/bootstrap.css
Requested by: Host: analyticsfantasticv1.azurewebsites.net
URL: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.4 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: analyticsfantasticv1.azurewebsites.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Cookie: ARRAffinity=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6; ARRAffinitySameSite=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6
Connection: keep-alive
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:27:42 GMT
Content-Encoding: gzip
ETag: "ba99cd4f8bd71:0"
Last-Modified: Sat, 07 Aug 2021 05:42:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 27676

GET
H/1.1 200
OK style.css
analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI_fichiers/ 9 KB
3 KB 59ms
19ms Stylesheet
text/css 20.50.2.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI_fichiers/style.css
Requested by: Host: analyticsfantasticv1.azurewebsites.net
URL: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.4 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a21e37f28e0471522fcbb0e6860b66a60a582246c4be912dc912b339c35f2ce0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: analyticsfantasticv1.azurewebsites.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Cookie: ARRAffinity=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6; ARRAffinitySameSite=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6
Connection: keep-alive
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:27:42 GMT
Content-Encoding: gzip
ETag: "5b9219d4f8bd71:0"
Last-Modified: Sat, 07 Aug 2021 05:42:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3055

GET
H/1.1 200
OK CTBC_W.jpg
analyticsfantasticv1.azurewebsites.net/chan/img/ 42 KB
43 KB 84ms
39ms Image
image/jpeg 20.50.2.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticsfantasticv1.azurewebsites.net/chan/img/CTBC_W.jpg
Requested by: Host: analyticsfantasticv1.azurewebsites.net
URL: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.4 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 14832827e45f20f385f3584cb5c84441eb00df1be5aeb33882a5b4ab510ae2ed

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: analyticsfantasticv1.azurewebsites.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Cookie: ARRAffinity=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6; ARRAffinitySameSite=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6
Connection: keep-alive
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:27:42 GMT
Last-Modified: Sat, 07 Aug 2021 05:42:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "9742f0c4f8bd71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 43378

GET
H/1.1 200
OK cardtype_ss.png
analyticsfantasticv1.azurewebsites.net/chan/img/ 7 KB
8 KB 75ms
26ms Image
image/png 20.50.2.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticsfantasticv1.azurewebsites.net/chan/img/cardtype_ss.png
Requested by: Host: analyticsfantasticv1.azurewebsites.net
URL: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.4 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a5ca115514cbfc52924374b62761d7f0d1f8e510d08b32905f75b66b3a37b1e1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: analyticsfantasticv1.azurewebsites.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Cookie: ARRAffinity=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6; ARRAffinitySameSite=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6
Connection: keep-alive
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:27:42 GMT
Last-Modified: Sat, 07 Aug 2021 05:42:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "c324eac4f8bd71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7613

GET
H/1.1 200
OK card.png
analyticsfantasticv1.azurewebsites.net/chan/img/ 399 B
645 B 85ms
35ms Image
image/png 20.50.2.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticsfantasticv1.azurewebsites.net/chan/img/card.png
Requested by: Host: analyticsfantasticv1.azurewebsites.net
URL: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.4 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 39459e2db25db3f30b853a7b510629f766994c88eb2af780e77d4ffa71287ee0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: analyticsfantasticv1.azurewebsites.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Cookie: ARRAffinity=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6; ARRAffinitySameSite=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6
Connection: keep-alive
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:27:42 GMT
Last-Modified: Sat, 07 Aug 2021 05:42:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "c91e5c4f8bd71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 399

GET
H/1.1 200
OK Exclamation.png
analyticsfantasticv1.azurewebsites.net/chan/img/ 481 B
728 B 74ms
24ms Image
image/png 20.50.2.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticsfantasticv1.azurewebsites.net/chan/img/Exclamation.png
Requested by: Host: analyticsfantasticv1.azurewebsites.net
URL: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.4 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f35b4d8168065dde839d4ebb2bb3747b2734acdf3c85e0c28a163daa97c76d39

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: analyticsfantasticv1.azurewebsites.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Cookie: ARRAffinity=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6; ARRAffinitySameSite=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6
Connection: keep-alive
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:27:42 GMT
Last-Modified: Sat, 07 Aug 2021 05:42:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "a489f2c4f8bd71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 481

GET
H/1.1 200
OK 3D_VISA.png
analyticsfantasticv1.azurewebsites.net/chan/img/ 4 KB
4 KB 34ms
19ms Image
image/png 20.50.2.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticsfantasticv1.azurewebsites.net/chan/img/3D_VISA.png
Requested by: Host: analyticsfantasticv1.azurewebsites.net
URL: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.4 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1818f0c2ef6a363e915bd4c6c2c2cbeef0fcf60ff2da3e79cfe0d1c3bc9ff86b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: analyticsfantasticv1.azurewebsites.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Cookie: ARRAffinity=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6; ARRAffinitySameSite=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6
Connection: keep-alive
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:27:43 GMT
Last-Modified: Sat, 07 Aug 2021 05:42:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "6ecde4c4f8bd71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4101

GET
H/1.1 200
OK 3D_MASTER.png
analyticsfantasticv1.azurewebsites.net/chan/img/ 3 KB
3 KB 26ms
25ms Image
image/png 20.50.2.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticsfantasticv1.azurewebsites.net/chan/img/3D_MASTER.png
Requested by: Host: analyticsfantasticv1.azurewebsites.net
URL: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.4 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 203dffbf9fb647ad3576ebc57c4005c1a0cb07cc740a911585b6ba70c8d20892

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: analyticsfantasticv1.azurewebsites.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Cookie: ARRAffinity=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6; ARRAffinitySameSite=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6
Connection: keep-alive
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:27:42 GMT
Last-Modified: Sat, 07 Aug 2021 05:42:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "c546e3c4f8bd71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3098

GET
H/1.1 200
OK 3D_JCB.png
analyticsfantasticv1.azurewebsites.net/chan/img/ 3 KB
3 KB 19ms
18ms Image
image/png 20.50.2.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticsfantasticv1.azurewebsites.net/chan/img/3D_JCB.png
Requested by: Host: analyticsfantasticv1.azurewebsites.net
URL: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.4 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eacf2b196015c40a02cf7849c614daaca5205159d7ac234ad90ea47fbb714041

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: analyticsfantasticv1.azurewebsites.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Cookie: ARRAffinity=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6; ARRAffinitySameSite=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6
Connection: keep-alive
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:27:43 GMT
Last-Modified: Sat, 07 Aug 2021 05:42:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "25c2e1c4f8bd71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3042

GET
H/1.1 200
OK twca_ssl.png
analyticsfantasticv1.azurewebsites.net/chan/img/ 6 KB
6 KB 19ms
18ms Image
image/png 20.50.2.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticsfantasticv1.azurewebsites.net/chan/img/twca_ssl.png
Requested by: Host: analyticsfantasticv1.azurewebsites.net
URL: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.4 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4a1d51361e6bfabde052f3b64166d7ab532241e0c634162ccd6220c76759642a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: analyticsfantasticv1.azurewebsites.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
Cookie: ARRAffinity=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6; ARRAffinitySameSite=c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6
Connection: keep-alive
Referer: https://analyticsfantasticv1.azurewebsites.net/chan/SSLAuthUI.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 11:27:42 GMT
Last-Modified: Sat, 07 Aug 2021 05:42:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "701afec4f8bd71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5949

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Chunghwa Post (Transportation)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.analyticsfantasticv1.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6
			.analyticsfantasticv1.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinity Value: c5a7757e69685973957f147f7f547fda25aa575bf0a4b54c17c0da5eb7f451e6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analyticsfantasticv1.azurewebsites.net
semioticon.com
20.50.2.4
216.251.32.98
14832827e45f20f385f3584cb5c84441eb00df1be5aeb33882a5b4ab510ae2ed
1818f0c2ef6a363e915bd4c6c2c2cbeef0fcf60ff2da3e79cfe0d1c3bc9ff86b
203dffbf9fb647ad3576ebc57c4005c1a0cb07cc740a911585b6ba70c8d20892
39459e2db25db3f30b853a7b510629f766994c88eb2af780e77d4ffa71287ee0
4a1d51361e6bfabde052f3b64166d7ab532241e0c634162ccd6220c76759642a
85b27b1e98f1735920b9b6d7e5303fcab2a562f41f448eb511e385190a5e865a
a21e37f28e0471522fcbb0e6860b66a60a582246c4be912dc912b339c35f2ce0
a5ca115514cbfc52924374b62761d7f0d1f8e510d08b32905f75b66b3a37b1e1
eacf2b196015c40a02cf7849c614daaca5205159d7ac234ad90ea47fbb714041
f35b4d8168065dde839d4ebb2bb3747b2734acdf3c85e0c28a163daa97c76d39
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
ff4b0a2c13f9cb4bc7f864c09089c5d136f23b1721cd41047afdfda06f38825b

analyticsfantasticv1.azurewebsites.net Open in urlscan Pro 20.50.2.4 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

104 kBTransfer

204 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

analyticsfantasticv1.azurewebsites.net Open in urlscan Pro
20.50.2.4 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

104 kB
Transfer

204 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!