Report Overview
Visitedpublic
2026-05-29 10:52:30
Submit Tags
URL
securewebapps.azurewebsites.net
Finishing URL
securewebapps.azurewebsites.net/
IP / ASN
20.215.12.4
Title
Enter Password
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
3
Threat Detection Systems
2
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
aadcdn.msauth.net | 5248 | 2018-10-25 | 2018-11-19 | 2026-05-27 | 516 B | 1.3 kB |  13.107.246.53 |  |
api.ip2location.io | 1376782 | 2017-07-26 | 2023-03-31 | 2026-05-29 | 517 B | 714 B |  172.67.73.142 |  |
ipapi.co | 7936 | 2016-04-19 | 2017-01-31 | 2026-05-27 | 463 B | 2.5 kB | 172.67.69.226 | |
api.telegram.org | 206724 | 2003-12-15 | 2015-06-25 | 2026-05-24 | 1.2 kB | 745 B |  149.154.166.110 |  |
securewebapps.azurewebsites.net 3 alert(s) on this Host | unknown | 2012-01-24 | 2026-05-29 | 2026-05-29 | 500 B | 80 kB | 20.215.12.4 | |
upload.wikimedia.org | 4329 | 2003-03-16 | 2012-05-21 | 2026-05-25 | 487 B | 1.6 kB | 185.15.59.240 |  |
Azure (PaaS)
Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.Azure Front Door (Load balancers)
Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Nginx:1.30.1 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Nginx:1.28.1 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Apache Traffic Server:9.2.13 (Web servers)
Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | Client IP | 20.215.12.4 | ET INFO Abused Hosting Domain (azurewebsites .net) in TLS SNI | |
| low | Client IP | 149.154.166.110 | ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI) | |
| low | Client IP | 149.154.166.110 | ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI) |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | securewebapps.azurewebsites.net/ | malware | Detects file containing Telegram Bot API |
| DNS4EU | securewebapps.azurewebsites.net | malicious | Sinkholed |
Telegram Bot detected (1)
URL
securewebapps.azurewebsites.net/
IP / ASN
20.215.12.4
Token
8914737363:AAEpglBgoo6tZuww93eFqCgGX4GxlCYtiBo
Bot Overview
User ID8914737363
UsernameHOTFAMSMAY2K26_bot
First NameHOTFAMSMAY2K26_bot
Last NameN/A
Chat Info
Chat IDN/A
Chat TypeN/A
TitleN/A
User Count0
Admins0
Pending Msgs6
JavaScript (1)
No JavaScripts
HTTP Transactions (7)
| URL | IP | Response | Size |
|---|