urlscan.io logo urlscan.io
SecurityTrails logo

receita3-gov.endofinternet.net Open in urlscan Pro
35.198.3.78  Public Scan

Go To Rescan Add Verdict Report
URL: http://receita3-gov.endofinternet.net/
Submission Tags: falconsandbox
Submission: On July 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 3 HTTP transactions. The main IP is 35.198.3.78, located in São Paulo, Brazil and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is receita3-gov.endofinternet.net.
This is the only time receita3-gov.endofinternet.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete Rastreio-SEDEX.zip 3 MB
Size: 3 MB (2698148 bytes, 15% done)
Downloaded from: http://correios3.servebbs.com/Rastreio-SEDEX.zip

Domain & IP information

IP Address AS Autonomous System
1 3 35.198.3.78 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2
Apex Domain
Subdomains		 Transfer
1 servebbs.com
correios3.servebbs.com
1 servebbs.net
correios2.servebbs.net
267 B
1 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 10341
61 KB
1 endofinternet.net
receita3-gov.endofinternet.net
729 B
3 4
Domain Requested by
1 correios3.servebbs.com
1 correios2.servebbs.net 1 redirects
1 1.bp.blogspot.com receita3-gov.endofinternet.net
1 receita3-gov.endofinternet.net
3 4

This site contains no links.

Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 1 frames:

Frame: http://correios3.servebbs.com/Rastreio-SEDEX.zip
Frame ID: 1D8839253E4FD6A952C3E35AEC6763DD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

3
Requests

33 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

61 kB
Transfer

61 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://correios2.servebbs.net/idgsdgsyuifgsuio98489f489f498f489f4g5fsdssds/ HTTP 302
  • http://correios3.servebbs.com/Rastreio-SEDEX.zip

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
receita3-gov.endofinternet.net/ 		628 B
729 B 		Document
General
Check archive.org
Download Go to
Full URL
http://receita3-gov.endofinternet.net/
Protocol
HTTP/1.1
Server
35.198.3.78 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.3.198.35.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
300a46a11c3f2b1a87fed7e66e553d81e6d55aa69571c8425d68935e4ecfff61

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
392
Content-Type
text/html
Date
Wed, 13 Jul 2022 12:48:06 GMT
ETag
"274-5e31f936444d1-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Wed, 06 Jul 2022 09:27:19 GMT
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
correios-pac-sedex.jpg
1.bp.blogspot.com/-sCS10CsF8yE/Wp8C6ph2ZoI/AAAAAAAAK6U/_Z094Qb_UPAPZkVETJXnsggtYzSHDYh-wCLcBGAs/s1600/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-sCS10CsF8yE/Wp8C6ph2ZoI/AAAAAAAAK6U/_Z094Qb_UPAPZkVETJXnsggtYzSHDYh-wCLcBGAs/s1600/correios-pac-sedex.jpg
Requested by
Host: receita3-gov.endofinternet.net
URL: http://receita3-gov.endofinternet.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bcdbe4d8c769401a5228e46b532727d66be788c753c2a2739f0159e52cb2b982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://receita3-gov.endofinternet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 12:38:05 GMT
x-content-type-options
nosniff
age
601
content-disposition
inline;filename="correios-pac-sedex.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61655
x-xss-protection
0
server
fife
etag
"v2ba6"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 12 Jul 2022 11:31:58 GMT
Rastreio-SEDEX.zip
correios3.servebbs.com/
Redirect Chain
  • http://correios2.servebbs.net/idgsdgsyuifgsuio98489f489f498f489f4g5fsdssds/
  • http://correios3.servebbs.com/Rastreio-SEDEX.zip
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://correios3.servebbs.com/Rastreio-SEDEX.zip
Protocol
HTTP/1.1
Server
35.198.3.78 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.3.198.35.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://receita3-gov.endofinternet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
2698148
Content-Type
application/zip
Date
Wed, 13 Jul 2022 12:48:09 GMT
ETag
"292ba4-5e34a8b643b66"
Keep-Alive
timeout=5, max=100
Last-Modified
Fri, 08 Jul 2022 12:43:09 GMT
Server
Apache/2.4.29 (Ubuntu)

Redirect headers

Connection
Keep-Alive
Content-Length
83
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 12:48:08 GMT
Keep-Alive
timeout=5, max=100
Location
http://correios3.servebbs.com/Rastreio-SEDEX.zip
Server
Apache/2.4.29 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
correios2.servebbs.net
correios3.servebbs.com
receita3-gov.endofinternet.net
2a00:1450:4001:810::2001
35.198.3.78
300a46a11c3f2b1a87fed7e66e553d81e6d55aa69571c8425d68935e4ecfff61
bcdbe4d8c769401a5228e46b532727d66be788c753c2a2739f0159e52cb2b982