receita-federal.homeip.net

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 3 HTTP transactions. The main IP is 35.198.3.78, located in São Paulo, Brazil and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is receita-federal.homeip.net.

This is the only time receita-federal.homeip.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete Demonstrativo_de_Pendencias.zip 9 MB

Size: 9 MB (9189490 bytes, 100% done)

Downloaded from: http://receita3.is-with-theband.com/Demonstrativo_de_Pendencias.zip

Domain & IP information

	IP Address	AS Autonomous System
1 3	35.198.3.78 35.198.3.78	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:20:... 2606:4700:20::681a:2c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2

3 35.198.3.78 (São Paulo, Brazil) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.3.198.35.bc.googleusercontent.com

receita-federal.homeip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
receita2.issmarterthanyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
receita3.is-with-theband.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:2c7 (United States)

ASN13335 (CLOUDFLARENET, US)

revistaoeste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	is-with-theband.com receita3.is-with-theband.com
1	issmarterthanyou.com 1 redirects receita2.issmarterthanyou.com	286 B
1	revistaoeste.com revistaoeste.com — Cisco Umbrella Rank: 635902	29 KB
1	homeip.net receita-federal.homeip.net	688 B
3	4

	Domain	Requested by
1	receita3.is-with-theband.com
1	receita2.issmarterthanyou.com	1 redirects
1	revistaoeste.com	receita-federal.homeip.net
1	receita-federal.homeip.net
3	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-05` - `2023-06-04`	a year	crt.sh

This page contains 1 frames:

Frame: http://receita3.is-with-theband.com/Demonstrativo_de_Pendencias.zip
Frame ID: 5849FEF0FFD2B2CED6B9713DBF5C8F05
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

3
Requests

33 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

29 kB
Transfer

29 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://receita2.issmarterthanyou.com/5E%2028%205B%205E_5E128%205B%205E_5E%2028%205B%205E_5E128%205B%205E_5E%2028%205B%205E_5E128%205B%205E_/ HTTP 302
http://receita3.is-with-theband.com/Demonstrativo_de_Pendencias.zip

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index2.html Show response receita-federal.homeip.net/	623 B 688 B	794ms 207ms	Document text/html	35.198.3.78 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL http://receita-federal.homeip.net/index2.html Protocol HTTP/1.1 Server 35.198.3.78 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 78.3.198.35.bc.googleusercontent.com Software Apache/2.4.29 (Ubuntu) / Resource Hash `61a36bb8513ca5686281d42f2fb0efbd39f71b596e7baaf85cb1deb3510cbf84` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Encoding gzip Content-Length 351 Content-Type text/html Date Fri, 24 Jun 2022 11:00:43 GMT ETag "26f-5e20cd9d15089-gzip" Keep-Alive timeout=5, max=100 Last-Modified Wed, 22 Jun 2022 17:41:45 GMT Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding
GET H2	200	imposto-de-renda-2022-e1645736117639.jpg revistaoeste.com/wp-content/uploads/2022/02/	28 KB 29 KB	81ms 26ms	Image image/webp	2606:4700:20::681a:2c7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://revistaoeste.com/wp-content/uploads/2022/02/imposto-de-renda-2022-e1645736117639.jpg Requested by Host: receita-federal.homeip.net URL: http://receita-federal.homeip.net/index2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2c7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `021e36fb254abb1a844d64a563e431e52f469d3bd33145a3b6665cc638b47630` Request headers accept-language de-DE,de;q=0.9 Referer http://receita-federal.homeip.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 11:00:43 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 15552 cf-polished qual=85, origFmt=jpeg, origSize=49292 content-disposition inline; filename="imposto-de-renda-2022-e1645736117639.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 28692 last-modified Thu, 24 Feb 2022 20:55:17 GMT server cloudflare etag "6217f0b5-c08c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ludcKjvtlhiYKzZOaaDTOlNqbi1nmMs3yqTxGWXKsMZ%2B6LKzFw4pkHHnzdktRl%2FjAOzDI0S6KXfPAGX1maNYDB6icmYUpPILUPnF2bd%2F22AxZpP%2BhTpJusVjewDIBR1Gj6tYoHEwiJ8OIsv2Am4%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000, public accept-ranges bytes cf-ray 7204f61dd91f83ba-MXP cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	Demonstrativo_de_Pendencias.zip receita3.is-with-theband.com/ Redirect Chain http://receita2.issmarterthanyou.com/5E%2028%205B%205E_5E128%205B%205E_5E%2028%205B%205E_5E128%205B%205E_5E%2028%205B%205E_5E128%205B%205E_/ http://receita3.is-with-theband.com/Demonstrativo_de_Pendencias.zip	0 0	451ms 207ms	Document application/zip	35.198.3.78 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL http://receita3.is-with-theband.com/Demonstrativo_de_Pendencias.zip Protocol HTTP/1.1 Server 35.198.3.78 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 78.3.198.35.bc.googleusercontent.com Software Apache/2.4.29 (Ubuntu) / Resource Hash Request headers Referer http://receita-federal.homeip.net/index2.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 9189490 Content-Type application/zip Date Fri, 24 Jun 2022 11:00:46 GMT ETag "8c3872-5e22263c6cbd0" Keep-Alive timeout=5, max=100 Last-Modified Thu, 23 Jun 2022 19:23:34 GMT Server Apache/2.4.29 (Ubuntu) Redirect headers Connection Keep-Alive Content-Length 83 Content-Type text/html; charset=UTF-8 Date Fri, 24 Jun 2022 11:00:45 GMT Keep-Alive timeout=5, max=100 Location http://receita3.is-with-theband.com/Demonstrativo_de_Pendencias.zip Server Apache/2.4.29 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

receita-federal.homeip.net
receita2.issmarterthanyou.com
receita3.is-with-theband.com
revistaoeste.com
2606:4700:20::681a:2c7
35.198.3.78
021e36fb254abb1a844d64a563e431e52f469d3bd33145a3b6665cc638b47630
61a36bb8513ca5686281d42f2fb0efbd39f71b596e7baaf85cb1deb3510cbf84

receita-federal.homeip.net Open in urlscan Pro 35.198.3.78 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

3 Requests

33 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

2 IPs

2 Countries

29 kBTransfer

29 kBSize

0 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Indicators

receita-federal.homeip.net Open in urlscan Pro
35.198.3.78 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

33 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

29 kB
Transfer

29 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions