urlscan.io logo urlscan.io
SecurityTrails logo

20.203.172.126 Open in urlscan Pro
20.203.172.126  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://factura357436948222.z5.web.core.windows.net/
Effective URL: http://20.203.172.126/index.html
Submission: On December 16 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 2 domains to perform 7 HTTP transactions. The main IP is 20.203.172.126, located in Zurich, Switzerland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 20.203.172.126.
This is the only time 20.203.172.126 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

factura-emission-0058346369863468456.zip 5 MB application/zip
MIME: Zip archive data, at least v2.0 to extract
Size: 5 MB (4903401 bytes, 100% done)
Downloaded from: https://bancoltaucardcartoes.blob.core.windows.net/$web/factura-emission-0058346369863468456.zip

Domain & IP information

IP Address AS Autonomous System
1 20.60.153.36 8075 (MICROSOFT...)
2 2600:9000:211... 16509 (AMAZON-02)
1 20.38.105.193 8075 (MICROSOFT...)
1 4.196.192.96 8075 (MICROSOFT...)
1 20.203.172.126 8075 (MICROSOFT...)
1 20.150.111.4 8075 (MICROSOFT...)
7 6
1    20.60.153.36 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
factura357436948222.z5.web.core.windows.net
2    2600:9000:211e:7200:1:cde5:7345:88c1 (United States)

ASN16509 (AMAZON-02, US)
thumbs.gfycat.com
1    20.38.105.193 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
facturaonline.z21.web.core.windows.net
1    4.196.192.96 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
4.196.192.96
1    20.203.172.126 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
20.203.172.126
1    20.150.111.4 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bancoltaucardcartoes.blob.core.windows.net
Domain Requested by
2 thumbs.gfycat.com factura357436948222.z5.web.core.windows.net
facturaonline.z21.web.core.windows.net
1 bancoltaucardcartoes.blob.core.windows.net 20.203.172.126
1 facturaonline.z21.web.core.windows.net factura357436948222.z5.web.core.windows.net
1 factura357436948222.z5.web.core.windows.net
7 4

This site contains no links.

Subject Issuer Validity Valid
*.web.core.windows.net
Microsoft Azure TLS Issuing CA 01		 2022-10-27 -
2023-10-22		 a year crt.sh
gfycat.com
Amazon		 2022-04-19 -
2023-05-17		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-09-25 -
2023-09-25		 a year crt.sh

This page contains 1 frames:

Frame: https://bancoltaucardcartoes.blob.core.windows.net/$web/factura-emission-0058346369863468456.zip
Frame ID: A541F8F87761E69DD2E536E8301AFC31
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://factura357436948222.z5.web.core.windows.net/ Page URL
  2. https://facturaonline.z21.web.core.windows.net/ Page URL
  3. http://4.196.192.96/ Page URL
  4. http://20.203.172.126/index.html Page URL

Page Statistics

7
Requests

71 %
HTTPS

17 %
IPv6

2
Domains

4
Subdomains

6
IPs

4
Countries

2074 kB
Transfer

2068 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://factura357436948222.z5.web.core.windows.net/ Page URL
  2. https://facturaonline.z21.web.core.windows.net/ Page URL
  3. http://4.196.192.96/ Page URL
  4. http://20.203.172.126/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
factura357436948222.z5.web.core.windows.net/ 		420 B
790 B 		Document
General
Check archive.org
Download Go to
Full URL
https://factura357436948222.z5.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.153.36 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
420
Content-MD5
iW7HZAhET0/t3rE8xt/DHA==
Content-Type
text/html
Date
Fri, 16 Dec 2022 08:15:48 GMT
ETag
"0x8DADE3A6976BD88"
Last-Modified
Thu, 15 Dec 2022 01:19:28 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
03dea737-a01e-00b3-4526-113a2c000000
x-ms-version
2018-03-28
SoupyLazyGnatcatcher-size_restricted.gif
thumbs.gfycat.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbs.gfycat.com/SoupyLazyGnatcatcher-size_restricted.gif
Requested by
Host: factura357436948222.z5.web.core.windows.net
URL: https://factura357436948222.z5.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7200:1:cde5:7345:88c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://factura357436948222.z5.web.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 20:23:15 GMT
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
last-modified
Tue, 11 May 2021 17:50:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
42755
etag
"8fe895eb6f356c2838322eaf2bc08170"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=946707779, public
accept-ranges
bytes
content-length
1058060
x-amz-cf-id
12alffNlOcOg3HJDnpAgPBhF4BmasbXg0mBMDIff8RBm5fDIETy9zA==
/
facturaonline.z21.web.core.windows.net/ 		426 B
796 B 		Document
General
Check archive.org
Download Go to
Full URL
https://facturaonline.z21.web.core.windows.net/
Requested by
Host: factura357436948222.z5.web.core.windows.net
URL: https://factura357436948222.z5.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.105.193 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://factura357436948222.z5.web.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
426
Content-MD5
IFklYQW6imQU2dfNawSPEQ==
Content-Type
text/html
Date
Fri, 16 Dec 2022 08:15:48 GMT
ETag
"0x8DADEDA3DD27109"
Last-Modified
Thu, 15 Dec 2022 20:23:34 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
7947415e-501e-0026-3826-11c1d2000000
x-ms-version
2018-03-28
SoupyLazyGnatcatcher-size_restricted.gif
thumbs.gfycat.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbs.gfycat.com/SoupyLazyGnatcatcher-size_restricted.gif
Requested by
Host: facturaonline.z21.web.core.windows.net
URL: https://facturaonline.z21.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7200:1:cde5:7345:88c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://facturaonline.z21.web.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 20:23:15 GMT
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
last-modified
Tue, 11 May 2021 17:50:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
42755
etag
"8fe895eb6f356c2838322eaf2bc08170"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=946707779, public
accept-ranges
bytes
content-length
1058060
x-amz-cf-id
CmH4aHMSulHv_Zr9k8PCLfzNV8wxdnOB_sGquARQgjBotmekZDtAtg==
/
4.196.192.96/ 		272 B
581 B 		Document
General
Check archive.org
Download Go to
Full URL
http://4.196.192.96/
Requested by
Host: facturaonline.z21.web.core.windows.net
URL: https://facturaonline.z21.web.core.windows.net/
Protocol
HTTP/1.1
Server
4.196.192.96 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.6 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
272
Content-Type
text/html
Date
Fri, 16 Dec 2022 08:15:50 GMT
ETag
"110-5efdc77249832"
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 15 Dec 2022 11:50:54 GMT
Server
Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.6
Primary Request index.html
20.203.172.126/ 		709 B
1003 B 		Document
General
Check archive.org
Download Go to
Full URL
http://20.203.172.126/index.html
Requested by
Host: 4.196.192.96
URL: http://4.196.192.96/
Protocol
HTTP/1.1
Server
20.203.172.126 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
HFS 2.3m /
Resource Hash
8ff2fec56b5687f85a40051d3f5ddf4c56923313f9013b30ea54cfa05bfc6a6c

Request headers

Referer
http://4.196.192.96/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Accept-Ranges
bytes
Content-Disposition
filename="index.html";
Content-Length
709
Content-Type
text/html
ETag
F4C0172B979465F38BD8DC4C0ADA4DFA
Last-Modified
Fri, 16 Dec 2022 03:28:45 GMT
Server
HFS 2.3m
factura-emission-0058346369863468456.zip
bancoltaucardcartoes.blob.core.windows.net/$web/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bancoltaucardcartoes.blob.core.windows.net/$web/factura-emission-0058346369863468456.zip
Requested by
Host: 20.203.172.126
URL: http://20.203.172.126/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.111.4 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
http://20.203.172.126/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Content-Length
4903401
Content-MD5
X28WliquRmzXpCe6RUPHjg==
Content-Type
application/x-zip-compressed
Date
Fri, 16 Dec 2022 08:15:51 GMT
ETag
0x8DADF153692536A
Last-Modified
Fri, 16 Dec 2022 03:25:42 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
405a2fd8-c01e-0040-1826-117ebb000000
x-ms-version
2009-09-19

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| urls number| random

1 Cookies

Domain/Path Name / Value
20.203.172.126/ Name: HFS_SID_
Value: 0.415534398052841