urlscan.io logo urlscan.io
SecurityTrails logo

halestormrocks.vip Open in urlscan Pro
20.49.97.2  Public Scan

Go To Rescan Add Verdict Report
URL: https://halestormrocks.vip/
Submission: On September 30 via api from BE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 20.49.97.2, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is halestormrocks.vip.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on September 20th 2024. Valid for: 6 months.
This is the only time halestormrocks.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 20.49.97.2 8075 (MICROSOFT...)
1 172.217.197.95 15169 (GOOGLE)
2 20.150.16.129 8075 (MICROSOFT...)
1 72.21.81.200 15133 (EDGECAST)
3 74.125.192.94 15169 (GOOGLE)
2 52.179.73.39 8075 (MICROSOFT...)
20 6
11    20.49.97.2 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
halestormrocks.vip
1    172.217.197.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f95.1e100.net
fonts.googleapis.com
2    20.150.16.129 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
actcorecomeswithmusic.z9.web.core.windows.net
1    72.21.81.200 (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
3    74.125.192.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f94.1e100.net
fonts.gstatic.com
2    52.179.73.39 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
11 halestormrocks.vip
halestormrocks.vip
1 MB
3 gstatic.com
fonts.gstatic.com
49 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 788
200 B
2 windows.net
actcorecomeswithmusic.z9.web.core.windows.net
565 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 3516
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
20 6
Domain Requested by
11 halestormrocks.vip halestormrocks.vip
az416426.vo.msecnd.net
3 fonts.gstatic.com fonts.googleapis.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 actcorecomeswithmusic.z9.web.core.windows.net halestormrocks.vip
1 az416426.vo.msecnd.net halestormrocks.vip
1 fonts.googleapis.com halestormrocks.vip
20 6
Subject Issuer Validity Valid
halestormrocks.vip
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-09-20 -
2025-03-20		 6 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.web.core.windows.net
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-17 -
2025-06-12		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-09-16 -
2025-09-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://halestormrocks.vip/
Frame ID: 0595BB182E9152D9852860AC722358B2
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Halestorm | VIP Tickets

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1885 kB
Transfer

2047 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
halestormrocks.vip/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://halestormrocks.vip/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e017fc2ea08a7e5bae0934caf85e6881a86244d73ba3cbe1f592f901cd2ec437

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
public
Content-Encoding
gzip
Content-Length
2858
Content-Type
text/html
Date
Mon, 30 Sep 2024 03:33:36 GMT
ETag
"1DB0B8C0E408D00"
Expires
Tue, 01 Oct 2024 00:22:25 GMT
Last-Modified
Fri, 20 Sep 2024 18:36:50 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,400;0,700;0,900;1,400&display=swap
Requested by
Host: halestormrocks.vip
URL: https://halestormrocks.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.197.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f95.1e100.net
Software
ESF /
Resource Hash
43e801c5468a8efa6b27c12371f74c35a882c1c738dcd4086350dd77d5a0691a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://halestormrocks.vip/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 03:33:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 03:33:36 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Sep 2024 03:33:36 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style.css
halestormrocks.vip/css/ 		24 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://halestormrocks.vip/css/style.css
Requested by
Host: halestormrocks.vip
URL: https://halestormrocks.vip/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
17d91d6f9cbc8563a0b1238f9a03bf3c6b7fb95dae57a218a2c99b3cef9af02f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://halestormrocks.vip/

Response headers

X-Powered-By
ASP.NET
Cache-Control
max-age=300
Content-Encoding
gzip
ETag
"e915335687bdb1:0"
Accept-Ranges
bytes
Content-Length
7710
Date
Mon, 30 Sep 2024 03:33:36 GMT
Content-Type
text/css
Last-Modified
Fri, 20 Sep 2024 18:03:03 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
logo.png
halestormrocks.vip/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halestormrocks.vip/img/logo.png
Requested by
Host: halestormrocks.vip
URL: https://halestormrocks.vip/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9a986af0baeec851f9d4d2cc7b386e8265f5572c796e8241963684287db1b841

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://halestormrocks.vip/

Response headers

Cache-Control
max-age=300
ETag
"52e8c65687bdb1:0"
Accept-Ranges
bytes
Content-Length
8720
Date
Mon, 30 Sep 2024 03:33:36 GMT
Content-Type
image/png
Last-Modified
Fri, 20 Sep 2024 18:03:04 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ajax-loader.gif
halestormrocks.vip/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halestormrocks.vip/img/ajax-loader.gif
Requested by
Host: halestormrocks.vip
URL: https://halestormrocks.vip/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6bb94f3a69669fba548dbba9a87dee259698b2bf339f3ed430e35a8a8ab49811

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://halestormrocks.vip/

Response headers

Cache-Control
max-age=300
ETag
"bd64415687bdb1:0"
Accept-Ranges
bytes
Content-Length
10819
Date
Mon, 30 Sep 2024 03:33:36 GMT
Content-Type
image/gif
Last-Modified
Fri, 20 Sep 2024 18:03:03 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
insiders.png
halestormrocks.vip/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halestormrocks.vip/img/insiders.png
Requested by
Host: halestormrocks.vip
URL: https://halestormrocks.vip/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
378b89253804ffb2c3b2a0f634a7cf5f28e1d652ea5140209775cd0ee8f91b48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://halestormrocks.vip/

Response headers

Cache-Control
max-age=300
ETag
"16d4d25687bdb1:0"
Accept-Ranges
bytes
Content-Length
7211
Date
Mon, 30 Sep 2024 03:33:36 GMT
Content-Type
image/png
Last-Modified
Fri, 20 Sep 2024 18:03:04 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
lib.FLY.min.js
actcorecomeswithmusic.z9.web.core.windows.net/fly/ 		278 KB
278 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://actcorecomeswithmusic.z9.web.core.windows.net/fly/lib.FLY.min.js?v=00229
Requested by
Host: halestormrocks.vip
URL: https://halestormrocks.vip/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.16.129 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1ea9ed2667a5977fdbb10e0ba967b225a5e0f0c5783fb259c11fd087095db8b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://halestormrocks.vip/

Response headers

Content-MD5
7HmvpxMqMDCL1nQeEULEUA==
x-ms-version
2018-03-28
ETag
"0x8DBE789A1D47124"
x-ms-request-id
1c8e7b8f-e01e-00a0-06e9-121523000000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
284477
Date
Mon, 30 Sep 2024 03:33:36 GMT
Content-Type
text/javascript
Last-Modified
Fri, 17 Nov 2023 16:24:11 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
FLY.min.js
actcorecomeswithmusic.z9.web.core.windows.net/fly/ 		286 KB
287 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://actcorecomeswithmusic.z9.web.core.windows.net/fly/FLY.min.js?v=00229
Requested by
Host: halestormrocks.vip
URL: https://halestormrocks.vip/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.16.129 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a2669057a3aa79753a1c3e28a43bac862d8fcbbab9838d7c8007a4bef4fe2f40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://halestormrocks.vip/

Response headers

Content-MD5
swarVg2LoNaB3cYJNCvptw==
x-ms-version
2018-03-28
ETag
"0x8DCBB9AB6E2D9CC"
x-ms-request-id
f6c01f67-201e-0029-4fe9-12aff6000000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
293229
Date
Mon, 30 Sep 2024 03:33:36 GMT
Content-Type
text/javascript
Last-Modified
Tue, 13 Aug 2024 13:20:34 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: halestormrocks.vip
URL: https://halestormrocks.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (chd/0730) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://halestormrocks.vip/

Response headers

content-md5
HdY95yzx9wIyQkVEGES+Ew==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8D8E461DA1A5889
age
1666
x-ms-version
2009-09-19
expires
Mon, 30 Sep 2024 04:03:37 GMT
x-cache
HIT
date
Mon, 30 Sep 2024 03:33:37 GMT
content-type
application/x-javascript
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
vary
Accept-Encoding
cache-control
public, max-age=1800
x-ms-meta-lastmodified
2020-10-01 19:31:04
x-ms-request-id
79d186dd-d01e-00b3-13e5-126072000000
access-control-allow-origin
*
content-length
22495
x-ms-blob-type
BlockBlob
server
ECAcc (chd/0730)
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,400;0,700;0,900;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://halestormrocks.vip
Referer
https://fonts.googleapis.com/

Response headers

age
501843
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 08:09:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 08:09:34 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
Halestorm
halestormrocks.vip/api/liveevents/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://halestormrocks.vip/api/liveevents/Halestorm?dataFormat=jsonld
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ARR/3.0, ASP.NET
Resource Hash
7d7f630decff08d478987c2550c19222eb59100d4445cdb8fb4a3f4f4741750a

Request headers

Request-Id
|0JcGN.MaXUL
Referer
https://halestormrocks.vip/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*

Response headers

Cache-Control
public,max-age=1800
Content-Encoding
gzip
Request-Context
appId=cid-v1:713b3955-4187-48ac-8967-50d09f9372b9
Content-Length
1286
Date
Mon, 30 Sep 2024 03:33:37 GMT
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
Server
Kestrel
X-Powered-By
ARR/3.0, ASP.NET
templates.html
halestormrocks.vip/templates/V-6/ 		54 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://halestormrocks.vip/templates/V-6/templates.html
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ce53a9ee7e19bb0525ce379aeb864d161c009f0992823d520fccae59645e5ccd

Request headers

Request-Id
|0JcGN.UC5EB
Referer
https://halestormrocks.vip/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*

Response headers

X-Powered-By
ASP.NET
Cache-Control
public
X-AspNet-Version
4.0.30319
Content-Encoding
gzip
ETag
"1DB0B8BC3267A00"
Expires
Mon, 30 Sep 2024 14:26:34 GMT
Accept-Ranges
bytes
Content-Length
14315
Date
Mon, 30 Sep 2024 03:33:36 GMT
Content-Type
text/html
Last-Modified
Fri, 20 Sep 2024 18:34:44 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
favicon.png
halestormrocks.vip/img/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://halestormrocks.vip/img/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8ec32ebea784389a1e34b2b9d143368b4ec0015262a12a15149ccdca55bcdbff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://halestormrocks.vip/

Response headers

Cache-Control
max-age=300
ETag
"f411905687bdb1:0"
Accept-Ranges
bytes
Content-Length
3556
Date
Mon, 30 Sep 2024 03:33:36 GMT
Content-Type
image/png
Last-Modified
Fri, 20 Sep 2024 18:03:03 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.39 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://halestormrocks.vip
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Mon, 30 Sep 2024 03:33:36 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.39 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
004143303912531ebb2e29731864db464fe1638008a337c78268ffecfb583982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://halestormrocks.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Mon, 30 Sep 2024 03:33:36 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
Countries
halestormrocks.vip/api/locale/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://halestormrocks.vip/api/locale/Countries
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ARR/3.0, ASP.NET
Resource Hash
0710019584490ce6b69010c5f76bf99fdb1da53dd5898d273adff67e0a57a9da

Request headers

Request-Id
|0JcGN.hGiFJ
Referer
https://halestormrocks.vip/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

Cache-Control
public,max-age=2592000
Content-Encoding
gzip
Request-Context
appId=cid-v1:713b3955-4187-48ac-8967-50d09f9372b9
Content-Length
3080
Date
Mon, 30 Sep 2024 03:33:36 GMT
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
Server
Kestrel
X-Powered-By
ARR/3.0, ASP.NET
Halestorm
halestormrocks.vip/api/liveevents/ 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://halestormrocks.vip/api/liveevents/Halestorm
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel / ARR/3.0, ASP.NET
Resource Hash
98ebf5da9f554b436bacfebd3566dab8e08ecea10678f067d4b55b28c70a4697

Request headers

Request-Id
|0JcGN.s2FtH
Referer
https://halestormrocks.vip/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

Content-Encoding
gzip
Request-Context
appId=cid-v1:713b3955-4187-48ac-8967-50d09f9372b9
Content-Length
1983
Date
Mon, 30 Sep 2024 03:33:37 GMT
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
Server
Kestrel
X-Powered-By
ARR/3.0, ASP.NET
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,400;0,700;0,900;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://halestormrocks.vip
Referer
https://fonts.googleapis.com/

Response headers

age
399282
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 12:38:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 12:38:55 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,400;0,700;0,900;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://halestormrocks.vip
Referer
https://fonts.googleapis.com/

Response headers

age
429107
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 04:21:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 04:21:50 GMT
last-modified
Thu, 01 Aug 2024 20:41:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12456
x-xss-protection
0
server
sffe
HALE_TICKETS.gif
halestormrocks.vip/img/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halestormrocks.vip/img/HALE_TICKETS.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d8c1a99a912f93dca342247cce379aaa0a9c87b9061ab27d74af7307bb9e633

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://halestormrocks.vip/

Response headers

Cache-Control
max-age=300
ETag
"3196155787bdb1:0"
Accept-Ranges
bytes
Content-Length
1211934
Date
Mon, 30 Sep 2024 03:33:37 GMT
Content-Type
image/gif
Last-Modified
Fri, 20 Sep 2024 18:03:04 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| appInsights object| LEAP object| AI object| Microsoft function| __extends function| _endsWith object| Handlebars function| jecookie function| $ function| jQuery function| JQClass function| _ object| Backbone object| jQuery11240006298302521536847 function| moment function| Headroom function| LEAPModules function| isAmexCard function| isValidCardType function| fullCurrencyFormat

4 Cookies

Domain/Path Name / Value
.halestormrocks.vip/ Name: ARRAffinity
Value: 99668c0bd88db1f1e34c95ff3b1aff77ce28838e3996eecb6f865ae3eb547bec
.halestormrocks.vip/ Name: ARRAffinitySameSite
Value: 99668c0bd88db1f1e34c95ff3b1aff77ce28838e3996eecb6f865ae3eb547bec
halestormrocks.vip/ Name: ai_user
Value: HjdFy|2024-09-30T03:33:37.096Z
halestormrocks.vip/ Name: ai_session
Value: l6wnY|1727667217401.2|1727667217401.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actcorecomeswithmusic.z9.web.core.windows.net
az416426.vo.msecnd.net
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
halestormrocks.vip
172.217.197.95
20.150.16.129
20.49.97.2
52.179.73.39
72.21.81.200
74.125.192.94
004143303912531ebb2e29731864db464fe1638008a337c78268ffecfb583982
0710019584490ce6b69010c5f76bf99fdb1da53dd5898d273adff67e0a57a9da
17d91d6f9cbc8563a0b1238f9a03bf3c6b7fb95dae57a218a2c99b3cef9af02f
1ea9ed2667a5977fdbb10e0ba967b225a5e0f0c5783fb259c11fd087095db8b6
378b89253804ffb2c3b2a0f634a7cf5f28e1d652ea5140209775cd0ee8f91b48
3d8c1a99a912f93dca342247cce379aaa0a9c87b9061ab27d74af7307bb9e633
43e801c5468a8efa6b27c12371f74c35a882c1c738dcd4086350dd77d5a0691a
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
6bb94f3a69669fba548dbba9a87dee259698b2bf339f3ed430e35a8a8ab49811
7d7f630decff08d478987c2550c19222eb59100d4445cdb8fb4a3f4f4741750a
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8ec32ebea784389a1e34b2b9d143368b4ec0015262a12a15149ccdca55bcdbff
98ebf5da9f554b436bacfebd3566dab8e08ecea10678f067d4b55b28c70a4697
9a986af0baeec851f9d4d2cc7b386e8265f5572c796e8241963684287db1b841
a2669057a3aa79753a1c3e28a43bac862d8fcbbab9838d7c8007a4bef4fe2f40
ce53a9ee7e19bb0525ce379aeb864d161c009f0992823d520fccae59645e5ccd
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e017fc2ea08a7e5bae0934caf85e6881a86244d73ba3cbe1f592f901cd2ec437