urlscan.io logo urlscan.io
SecurityTrails logo

invoice.stuff-4-sale.us Open in urlscan Pro
5.35.32.29  Public Scan

Go To Rescan Add Verdict Report
URL: http://invoice.stuff-4-sale.us/
Submission: On September 18 via manual from DK — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 5.35.32.29, located in Netherlands and belongs to VDSINA-NL, RU. The main domain is invoice.stuff-4-sale.us.
This is the only time invoice.stuff-4-sale.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete Id.inv.bpoh3082ZMOY.zip 3 MB
Size: 3 MB (3581826 bytes, 0% done)
Downloaded from: https://ucb5baa9194dadfe89517a69c5e4.dl.dropboxusercontent.com/cd/0/get/CD9g_Y1kBvf2AcV15ZSzOqeLMhn5njxWwNslTHsJKl4dyH74kCVJ4tL0OAyGXmOkjdh9bmHOO2csBPsm4rquK5Ch9agYZYPoTCHkJRKj_iqs8D2YwnJTwgjMPCwKJi5ol2tyKGB_jYq0fyPBqxFUN9ZV/file?dl=1#

Domain & IP information

IP Address AS Autonomous System
2 5.35.32.29 207651 (VDSINA-NL)
2 2 2620:100:6019... 19679 (DROPBOX)
1 2620:100:6019... ()
3 2
Apex Domain
Subdomains		 Transfer
2 dropbox.com
www.dropbox.com — Cisco Umbrella Rank: 2865
3 KB
2 stuff-4-sale.us
invoice.stuff-4-sale.us
162 KB
1 dropboxusercontent.com
ucb5baa9194dadfe89517a69c5e4.dl.dropboxusercontent.com
3 3
Domain Requested by
2 www.dropbox.com 2 redirects
2 invoice.stuff-4-sale.us invoice.stuff-4-sale.us
1 ucb5baa9194dadfe89517a69c5e4.dl.dropboxusercontent.com
3 3

This site contains no links.

Subject Issuer Validity Valid
dl.dropbox.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-14 -
2024-03-16		 a year crt.sh

This page contains 1 frames:

Frame: https://ucb5baa9194dadfe89517a69c5e4.dl.dropboxusercontent.com/cd/0/get/CD9g_Y1kBvf2AcV15ZSzOqeLMhn5njxWwNslTHsJKl4dyH74kCVJ4tL0OAyGXmOkjdh9bmHOO2csBPsm4rquK5Ch9agYZYPoTCHkJRKj_iqs8D2YwnJTwgjMPCwKJi5ol2tyKGB_jYq0fyPBqxFUN9ZV/file?dl=1
Frame ID: C559FB055BE8D5415FE40174F3C4EBB2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Buffalo - 18/09/2023 04:19:11

Page Statistics

3
Requests

33 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

162 kB
Transfer

162 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www.dropbox.com/scl/fi/fj9pg033viw5e0kkmy3mw/Id.inv.bpoh3082ZMOY.zip?rlkey=o9rivhyuq67n7f8m12goc8aj1&dl=1 HTTP 302
  • https://www.dropbox.com/e/scl/fi/fj9pg033viw5e0kkmy3mw/Id.inv.bpoh3082ZMOY.zip?rlkey=o9rivhyuq67n7f8m12goc8aj1&dl=1 HTTP 302
  • https://ucb5baa9194dadfe89517a69c5e4.dl.dropboxusercontent.com/cd/0/get/CD9g_Y1kBvf2AcV15ZSzOqeLMhn5njxWwNslTHsJKl4dyH74kCVJ4tL0OAyGXmOkjdh9bmHOO2csBPsm4rquK5Ch9agYZYPoTCHkJRKj_iqs8D2YwnJTwgjMPCwKJi5ol2tyKGB_jYq0fyPBqxFUN9ZV/file?dl=1

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
invoice.stuff-4-sale.us/ 		980 B
867 B 		Document
General
Check archive.org
Download Go to
Full URL
http://invoice.stuff-4-sale.us/
Protocol
HTTP/1.1
Server
5.35.32.29 , Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS
v2108739.hosted-by-vdsina.ru
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3840fff61d545f55eb430371f24c8113bf7d85e25f5aeefcd86356b851ac01f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
484
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Sep 2023 07:19:11 GMT
Keep-Alive
timeout=5, max=100
Refresh
2; URL=https://www.dropbox.com/scl/fi/fj9pg033viw5e0kkmy3mw/Id.inv.bpoh3082ZMOY.zip?rlkey=o9rivhyuq67n7f8m12goc8aj1&dl=1
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
pdf.png
invoice.stuff-4-sale.us/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://invoice.stuff-4-sale.us/pdf.png
Requested by
Host: invoice.stuff-4-sale.us
URL: http://invoice.stuff-4-sale.us/
Protocol
HTTP/1.1
Server
5.35.32.29 , Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS
v2108739.hosted-by-vdsina.ru
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
acfd78cb7c13332286ce42a942d6c48b640269059232035cb33da9676ccdd574

Request headers

accept-language
en-US,en;q=0.9
Referer
http://invoice.stuff-4-sale.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 07:19:13 GMT
Last-Modified
Tue, 29 Aug 2023 15:19:26 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"283a7-60411561d9b80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
164775
file
ucb5baa9194dadfe89517a69c5e4.dl.dropboxusercontent.com/cd/0/get/CD9g_Y1kBvf2AcV15ZSzOqeLMhn5njxWwNslTHsJKl4dyH74kCVJ4tL0OAyGXmOkjdh9bmHOO2csBPsm4rquK5Ch9agYZYPoTCHkJRKj_iqs8D2YwnJTwgjMPCwKJi5ol2tyK...
Redirect Chain
  • https://www.dropbox.com/scl/fi/fj9pg033viw5e0kkmy3mw/Id.inv.bpoh3082ZMOY.zip?rlkey=o9rivhyuq67n7f8m12goc8aj1&dl=1
  • https://www.dropbox.com/e/scl/fi/fj9pg033viw5e0kkmy3mw/Id.inv.bpoh3082ZMOY.zip?rlkey=o9rivhyuq67n7f8m12goc8aj1&dl=1
  • https://ucb5baa9194dadfe89517a69c5e4.dl.dropboxusercontent.com/cd/0/get/CD9g_Y1kBvf2AcV15ZSzOqeLMhn5njxWwNslTHsJKl4dyH74kCVJ4tL0OAyGXmOkjdh9bmHOO2csBPsm4rquK5Ch9agYZYPoTCHkJRKj_iqs8D2YwnJTwgjMPCwKJ...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ucb5baa9194dadfe89517a69c5e4.dl.dropboxusercontent.com/cd/0/get/CD9g_Y1kBvf2AcV15ZSzOqeLMhn5njxWwNslTHsJKl4dyH74kCVJ4tL0OAyGXmOkjdh9bmHOO2csBPsm4rquK5Ch9agYZYPoTCHkJRKj_iqs8D2YwnJTwgjMPCwKJi5ol2tyKGB_jYq0fyPBqxFUN9ZV/file?dl=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:100:6019:15::a27d:40f -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy sandbox
X-Content-Type-Options nosniff

Request headers

Referer
http://invoice.stuff-4-sale.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-encoding
identity,gzip
accept-ranges
bytes
cache-control
max-age=60
content-disposition
attachment; filename="Id.inv.bpoh3082ZMOY.zip"; filename*=UTF-8''Id.inv.bpoh3082ZMOY.zip
content-length
3581826
content-security-policy
sandbox
content-type
application/binary
date
Mon, 18 Sep 2023 07:19:17 GMT
etag
1694728478761504d
pragma
public
referrer-policy
no-referrer
server
envoy
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
x-content-security-policy
sandbox
x-content-type-options
nosniff
x-dropbox-request-id
362d00725745493099b15335d1424e7e
x-dropbox-response-origin
far_remote
x-robots-tag
noindex, nofollow, noimageindex
x-server-response-time
549
x-webkit-csp
sandbox

Redirect headers

cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; default-src 'none' ; frame-ancestors 'self' https://*.dropbox.com ; connect-src https://* ws://127.0.0.1:*/ws wss://docsend-uppy-companion.herokuapp.com/ wss://dsimports.dropbox.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; worker-src https://www.dropbox.com/static/serviceworker/ blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; font-src https://* data: ; img-src https://* data: blob: ; media-src https://* blob: ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-hqnL/P8qcyFiIQwVlf4iAtXCsAA=' ; base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-hqnL/P8qcyFiIQwVlf4iAtXCsAA=' 'nonce-+QWl2Inux4DvM3Z9TMpe8L03RSE='
content-type
text/html; charset=utf-8
date
Mon, 18 Sep 2023 07:19:17 GMT
location
https://ucb5baa9194dadfe89517a69c5e4.dl.dropboxusercontent.com/cd/0/get/CD9g_Y1kBvf2AcV15ZSzOqeLMhn5njxWwNslTHsJKl4dyH74kCVJ4tL0OAyGXmOkjdh9bmHOO2csBPsm4rquK5Ch9agYZYPoTCHkJRKj_iqs8D2YwnJTwgjMPCwKJi5ol2tyKGB_jYq0fyPBqxFUN9ZV/file?dl=1#
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dropbox-request-id
1e4fed6f71ee4104ac8f5f589ba6f620
x-dropbox-response-origin
far_remote
x-permitted-cross-domain-policies
none
x-robots-tag
noindex, nofollow, noimageindex
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
www.dropbox.com/ Name: gvc
Value: MzAzOTkxMzQxNTc0ODQxMzE4Mjg3NzA2NjYzODg2NzUzODQzMzIz
.dropbox.com/ Name: t
Value: p3mfXByAegH_JCrEu1gRkBTi
www.dropbox.com/ Name: __Host-js_csrf
Value: p3mfXByAegH_JCrEu1gRkBTi
www.dropbox.com/ Name: __Host-ss
Value: 6GM_Rj0uM0
.dropbox.com/ Name: locale
Value: en