az-update-pg230101.h2o.dev Open in urlscan Pro
20.241.128.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://az-update-pg230101.h2o.dev/
Submission: On July 19 via automatic, source certstream-suspicious (July 19th 2023, 11:58:30 am UTC) — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 20.241.128.11, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is az-update-pg230101.h2o.dev.
TLS certificate: Issued by R3 on July 19th 2023. Valid for: 3 months.

This is the only time az-update-pg230101.h2o.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	20.241.128.11 20.241.128.11	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
8	3

6 20.241.128.11 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

az-update-pg230101.h2o.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	h2o.dev az-update-pg230101.h2o.dev	2 MB
1	gstatic.com fonts.gstatic.com	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	1 KB
8	3

	Domain	Requested by
6	az-update-pg230101.h2o.dev	az-update-pg230101.h2o.dev
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	az-update-pg230101.h2o.dev
8	3

This site contains no links.

Subject Issuer	Validity	Valid
az-update-pg230101.h2o.dev R3	`2023-07-19` - `2023-10-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://az-update-pg230101.h2o.dev/
Frame ID: 49672073DD30DD6386A8B4BFC544C8D1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

H2O AI Cloud

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1628 kB
Transfer

1643 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
az-update-pg230101.h2o.dev/ 898 B
1 KB 411ms
122ms Document
text/html 20.241.128.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://az-update-pg230101.h2o.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.241.128.11 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5ddcaf152c5c3acce63429169399dae910f5901a8003166e0d7087681403e06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-length: 898
content-type: text/html; charset=utf-8
date: Wed, 19 Jul 2023 11:58:24 GMT
last-modified: Wed, 11 Jan 2023 16:30:08 GMT
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 156ms
49ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:100,200,300,400,500,600,700,800,900&display=swap

Requested by

Host: az-update-pg230101.h2o.dev
URL: https://az-update-pg230101.h2o.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a021e5ef7022a556c759cca4e248f10383d65a1cd4df600dae57ea37ca481073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://az-update-pg230101.h2o.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jul 2023 11:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 11:47:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jul 2023 11:58:24 GMT

GET
H2 200 main.f77eed44.js Show response
az-update-pg230101.h2o.dev/static/js/ 2 MB
2 MB 126ms
122ms Script
text/javascript 20.241.128.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://az-update-pg230101.h2o.dev/static/js/main.f77eed44.js

Requested by

Host: az-update-pg230101.h2o.dev
URL: https://az-update-pg230101.h2o.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.241.128.11 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b8ad0a12a13c84e37ff8a123ad17dfc5e0c920a7e4e6f29214a019426ee919ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://az-update-pg230101.h2o.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:58:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 11 Jan 2023 16:30:08 GMT
accept-ranges: bytes
content-length: 1584641
vary: Origin
content-type: text/javascript; charset=utf-8

GET
H2 200 main.2478bcd8.css
az-update-pg230101.h2o.dev/static/css/ 398 B
582 B 365ms
361ms Stylesheet
text/css 20.241.128.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://az-update-pg230101.h2o.dev/static/css/main.2478bcd8.css

Requested by

Host: az-update-pg230101.h2o.dev
URL: https://az-update-pg230101.h2o.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.241.128.11 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

31ed993c3311c8ec121356df98a9974c2e2e7e32d0a4608f90c4a0177240a2e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://az-update-pg230101.h2o.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:58:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 11 Jan 2023 16:30:08 GMT
accept-ranges: bytes
content-length: 398
vary: Origin
content-type: text/css; charset=utf-8

POST
H2 200 GetCloudPlatformDiscovery Show response
az-update-pg230101.h2o.dev/twirp/ai.h2o.cloud.appstore.v1.PlatformService/ 180 B
308 B 121ms
121ms Fetch
application/json 20.241.128.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://az-update-pg230101.h2o.dev/twirp/ai.h2o.cloud.appstore.v1.PlatformService/GetCloudPlatformDiscovery

Requested by

Host: az-update-pg230101.h2o.dev
URL: https://az-update-pg230101.h2o.dev/static/js/main.f77eed44.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.241.128.11 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e8b20623f27f38a8256aa8c32deae8a49d1e47ae46ba843c3527283a1e82edd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://az-update-pg230101.h2o.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 19 Jul 2023 11:58:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 180
vary: Origin
content-type: application/json

GET
H2 200 e9d2510637cdf145557a.worker.js
az-update-pg230101.h2o.dev/ 29 KB
30 KB 121ms
121ms Other
text/javascript 20.241.128.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://az-update-pg230101.h2o.dev/e9d2510637cdf145557a.worker.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.241.128.11 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8393f20b52baf7b6c2d240b92f8e8686887494b6ed6db299fd1b5f3dbf02cfbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://az-update-pg230101.h2o.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:58:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 11 Jan 2023 16:30:08 GMT
accept-ranges: bytes
content-length: 30179
vary: Origin
content-type: text/javascript; charset=utf-8

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 129ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:100,200,300,400,500,600,700,800,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://az-update-pg230101.h2o.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:10:17 GMT
x-content-type-options: nosniff
age: 13689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 08:10:17 GMT

GET
H2 200 fabric-icons-a13498cf.woff
az-update-pg230101.h2o.dev/fonts/ 7 KB
7 KB 121ms
121ms Font
application/font-woff 20.241.128.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://az-update-pg230101.h2o.dev/fonts/fabric-icons-a13498cf.woff

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.241.128.11 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5fb021a252f67d48091b70eec3c59dcdbe72bf00b38f4e7d9287e029e9a794b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://az-update-pg230101.h2o.dev/
Origin: https://az-update-pg230101.h2o.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:58:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 11 Jan 2023 16:30:08 GMT
accept-ranges: bytes
content-length: 6784
vary: Origin
content-type: application/font-woff

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az-update-pg230101.h2o.dev
fonts.googleapis.com
fonts.gstatic.com
20.241.128.11
2a00:1450:4001:806::2003
2a00:1450:4001:813::200a
31ed993c3311c8ec121356df98a9974c2e2e7e32d0a4608f90c4a0177240a2e2
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
5ddcaf152c5c3acce63429169399dae910f5901a8003166e0d7087681403e06a
5fb021a252f67d48091b70eec3c59dcdbe72bf00b38f4e7d9287e029e9a794b4
8393f20b52baf7b6c2d240b92f8e8686887494b6ed6db299fd1b5f3dbf02cfbc
a021e5ef7022a556c759cca4e248f10383d65a1cd4df600dae57ea37ca481073
b8ad0a12a13c84e37ff8a123ad17dfc5e0c920a7e4e6f29214a019426ee919ae
e8b20623f27f38a8256aa8c32deae8a49d1e47ae46ba843c3527283a1e82edd5

az-update-pg230101.h2o.dev Open in urlscan Pro 20.241.128.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

1628 kBTransfer

1643 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

az-update-pg230101.h2o.dev Open in urlscan Pro
20.241.128.11 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1628 kB
Transfer

1643 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions