Report - assenhard.web.app/

Report Overview

Submitted URL
assenhard.web.app/
IP
199.36.158.100
ASN
#54113 FASTLY
Submitted
2023-05-26 08:01:03
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
20
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
assenhard.web.app	unknown	2019-01-08	2023-02-23	2023-05-15	824 B	1.5 kB	199.36.158.100
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-25	350 B	712 B	142.250.74.131
ruberembo.temp.swtest.ru	unknown	unknown	No data	No data	483 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-26 08:00:45	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:45	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)
2023-05-26 08:00:46	medium	Client IP	Internal IP	ET INFO Commonly Abused Domain Service Domain in DNS Lookup (temp .swtest .ru)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2023-02-23	medium	assenhard.web.app/
2023-02-23	medium	assenhard.web.app/

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-26	medium	assenhard.web.app/
2023-05-26	medium	assenhard.web.app/
2023-05-26	medium	ruberembo.temp.swtest.ru/

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-05-26	medium	assenhard.web.app
2023-05-26	medium	assenhard.web.app

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (4)

URL IP Response Size

assenhard.web.app/

199.36.158.100

108 B

URL
assenhard.web.app/
IP
199.36.158.100:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
108 B (108 bytes)
Hash
6d3ef5fdb56d1f246654d5fe446b296c
3fdbc2d6f381613ff96b9c7e1036041e43ae36ac
6f1f559cf617435f14ced4d7fb9de8263afe299d8b92fb9b92670e2ebf5a0ff1

Detections

Analyzer	Verdict	Alert
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: assenhard.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "f52e8f151b06d7f2241588e5f08f2abce87125602a7659c9118c094123a9e84c-br"
last-modified: Mon, 04 Jan 2021 17:09:04 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 26 May 2023 08:00:45 GMT
x-served-by: cache-bma1641-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685088046.673191,VS0,VE212
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 108
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4int/wrllXI_-LL8

142.250.74.131

472 B

URL
ocsp.pki.goog/s/gts1d4int/wrllXI_-LL8
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
565043679872a7d0de71382b0781a40c
6dffa954788da27932a0ddb78157c7b45a6f09b2
ff9bd56aefc1f064e5c774544d1c1a89f9f55c01d2fc14957085da241d0f3db3

HTTP Headers

POST /s/gts1d4int/wrllXI_-LL8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 08:00:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

assenhard.web.app/

199.36.158.100

108 B

URL
assenhard.web.app/
IP
199.36.158.100:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
108 B (108 bytes)
Hash
6d3ef5fdb56d1f246654d5fe446b296c
3fdbc2d6f381613ff96b9c7e1036041e43ae36ac
6f1f559cf617435f14ced4d7fb9de8263afe299d8b92fb9b92670e2ebf5a0ff1

Detections

Analyzer	Verdict	Alert
phishtank	Other
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: assenhard.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "f52e8f151b06d7f2241588e5f08f2abce87125602a7659c9118c094123a9e84c-br"
last-modified: Mon, 04 Jan 2021 17:09:04 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 26 May 2023 08:00:48 GMT
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1685088049.660549,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 108
X-Firefox-Spdy: h2

ruberembo.temp.swtest.ru/

0.0.0.0

0 B

URL User Request GET
ruberembo.temp.swtest.ru/
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: ruberembo.temp.swtest.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (4)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers