Report - inv2023.firebaseapp.com/

Report Overview

Visited public
2023-11-28 01:39:19
Tags
URL
inv2023.firebaseapp.com/
Finishing URL
ipfs.io/ipfs/bafkreihe7lumsu4yioatgwpep6y2luw2jenmrrmmhyuwlj5nwikhmavogy
IP / ASN
199.36.158.100
#54113 FASTLY
Title
410 Gone

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
inv2023.firebaseapp.com	unknown	unknown	No data	No data	490 B	726 B	199.36.158.100
ipfs.io	41400	2014-05-16	2015-09-09 06:41:36	2023-11-27 01:57:53	581 B	7.3 kB	209.94.90.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-28 01:39:06	medium	Client IP	Internal IP	ET INFO Peer-to-Peer File Sharing Service Domain in DNS Lookup (ipfs .io)
2023-11-28 01:39:06	medium	Client IP	Internal IP	ET INFO Peer-to-Peer File Sharing Service Domain in DNS Lookup (ipfs .io)
2023-11-28 01:39:06	medium	Client IP	209.94.90.1	ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2023-03-31	medium	inv2023.firebaseapp.com/	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-28	medium	inv2023.firebaseapp.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

inv2023.firebaseapp.com/

199.36.158.100

104 B

URL
inv2023.firebaseapp.com/
IP
199.36.158.100:0
ASN
#54113 FASTLY

File type
HTML document, ASCII text
Size
104 B (104 bytes)
Hash
caaeb4eeb7d6cac71302b001c5b3128c
cf027391e8095fb38c6a594bd4dda8bfb8876482
8e314a6318c5b697e43f653e888e87dabaf3efe2859b12c61c04a74786133f53

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: inv2023.firebaseapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "c77b03c3202d16e9f3cc1b301d07cae2204523c60f61a7541336fcc29612dc19-br"
last-modified: Mon, 03 Apr 2023 08:05:57 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 01:39:02 GMT
x-served-by: cache-bma1666-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701135542.227848,VS0,VE107
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 104
X-Firefox-Spdy: h2

ipfs.io/ipfs/bafkreihe7lumsu4yioatgwpep6y2luw2jenmrrmmhyuwlj5nwikhmavogy

209.94.90.1

410 Gone

6.7 kB

URL User Request GET HTTP/2
ipfs.io/ipfs/bafkreihe7lumsu4yioatgwpep6y2luw2jenmrrmmhyuwlj5nwikhmavogy
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Certificate
IssuerLet's Encrypt
Subjectdweb.link
Fingerprint8B:0B:A0:28:A6:81:DF:E9:49:F0:E9:A3:20:69:C6:07:BE:D6:16:2C
ValidityMon, 20 Nov 2023 14:59:23 GMT - Sun, 18 Feb 2024 14:59:22 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (1632)
Size
6.7 kB (6672 bytes)
Hash
f2ce39c9881b4a12aff800f6713c69d1
0f047ecc756d17f61d81da4b3bede1d80575bfe1
86f21e29947180f7b68e81b82992f786fc08b694ac4c714352f072768788f150

HTTP Headers

GET /ipfs/bafkreihe7lumsu4yioatgwpep6y2luw2jenmrrmmhyuwlj5nwikhmavogy HTTP/1.1
Host: ipfs.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inv2023.firebaseapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 410 Gone
server: openresty
date: Tue, 28 Nov 2023 01:39:02 GMT
content-type: text/html
content-length: 6672
etag: "650c2b70-1a10"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
x-ipfs-lb-pop: gateway-bank1-fr2
x-bfid: d5cdd4feaedcd66aef62097b2b7f1576
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (2)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers