halo.189115.xyz Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://halo.189115.xyz/
Submission: On June 25 via api (June 25th 2024, 6:44:58 am UTC) from US — Scanned from NL

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 15 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is halo.189115.xyz.
TLS certificate: Issued by E1 on May 15th 2024. Valid for: 3 months.

This is the only time halo.189115.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	124.222.17.131 124.222.17.131	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	4

13 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

halo.189115.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.222.17.131 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

ai.tianli0.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	189115.xyz 1 redirects halo.189115.xyz	1 MB
2	tianli0.top ai.tianli0.top	10 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1073	7 KB
15	3

	Domain	Requested by
13	halo.189115.xyz	1 redirects halo.189115.xyz static.cloudflareinsights.com
2	ai.tianli0.top	halo.189115.xyz
1	static.cloudflareinsights.com	halo.189115.xyz
15	3

This site contains links to these domains. Also see Links.

Domain
halo.run
beian.miit.gov.cn

Subject Issuer	Validity	Valid
189115.xyz E1	`2024-05-15` - `2024-08-13`	3 months	crt.sh
*.tianli0.top JoySSL Domain Secure Server CA	`2024-04-27` - `2024-07-26`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://halo.189115.xyz/
Frame ID: 84EE97B38B92AF4721FE419D29055519
Requests: 17 HTTP requests in this frame

Frame: https://halo.189115.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Frame ID: 61FDF67D5898AAFD3403752C74060362
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

小独随记

Detected technologies

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 75%
Detected patterns

<[^>]+[^\w-]x-data[^\w-][^<]+

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

15
Requests

93 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1097 kB
Transfer

1398 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://halo.run/
Title: Halo

Search URL Search Domain Scan URL

URL: https://beian.miit.gov.cn/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://halo.189115.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://halo.189115.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

15 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
halo.189115.xyz/ 19 KB
6 KB 556ms
486ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://halo.189115.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

517c9814efafe3c093a8581389eed5bc454cd1ab7f2c782f3c57a94e46170b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8992fdca3eb39719-AMS
content-encoding: br
content-language: en-US
content-type: text/html
date: Tue, 25 Jun 2024 06:44:51 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TSi5w%2BODTqXSsNG%2Bdn%2B1KRCy0%2BViRsTo88F9pBSzlmTyJafrOQsfxB9hhfxLQLYlk1WV1vAY9BBvmD%2F8rM1mZzgPRumm3zL1TG6lVncwB33DjObdX1rPV7U2s3x3kKwyy44%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 style.css
halo.189115.xyz/themes/theme-earth/assets/dist/ 110 KB
23 KB 552ms
550ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://halo.189115.xyz/themes/theme-earth/assets/dist/style.css?v=1.8.0

Requested by

Host: halo.189115.xyz
URL: https://halo.189115.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28e5ba25b87dcfae29f8051b5ac31df358390705d987484c78ed7ebba5692fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://halo.189115.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 06:44:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 24 Jun 2024 21:50:05 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iaUinoJqcUtbMkk%2FGPreB45VBNuLDooJMRDDinpKgO911elWWKA0AVFoME20lTBDV%2FYdbkWRIQrjw3rKqDJP3m4vb8NOpO9nT92ScDn%2BO6ahXw8xgHTC%2FYMG4UiyQw%2B3wEo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8992fdcd4abc9719-AMS
priority: u=0,i=?0

GET
H3 200 main.iife.js Show response
halo.189115.xyz/themes/theme-earth/assets/dist/ 60 KB
24 KB 632ms
630ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://halo.189115.xyz/themes/theme-earth/assets/dist/main.iife.js?v=1.8.0

Requested by

Host: halo.189115.xyz
URL: https://halo.189115.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94f0fd5972ba754cf246196ad06164f0ea85bd69b2e92c41fbae2e42329df517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://halo.189115.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 06:44:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 24 Jun 2024 21:50:05 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2FwRYr0FL8oxlWWsO4AC4gj2jr%2BXrpmr0DYOy98H7vtlKfQ7G%2BnuuELXASRTr%2F%2Fu%2BrzD64qrxX%2BNSLcLnkFfQdGkR9x3%2Ff%2FkHs%2BfF319MaCyT8rvGIUja%2F7a%2FJdlP%2Bjn1%2BI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8992fdcd5abe9719-AMS
priority: u=1,i=?0

GET
H2 200 postChatUser_summary.min.css
ai.tianli0.top/static/public/ 8 KB
2 KB 1643ms
200ms Stylesheet
text/css 124.222.17.131
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.tianli0.top/static/public/postChatUser_summary.min.css
Requested by: Host: halo.189115.xyz
URL: https://halo.189115.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 124.222.17.131 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx /
Resource Hash: bac7e3286b63ad6259b28a270aa24d274bc22a8def77826567d979d11b68720b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://halo.189115.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 06:44:52 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2024 22:13:44 GMT
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: text/css; charset=utf-8
cache-control: max-age=60
expires: Tue, 25 Jun 2024 06:45:52 GMT

GET
H2 200 postChatUser_summary.min.js Show response
ai.tianli0.top/static/public/ 18 KB
8 KB 1643ms
201ms Script
text/javascript 124.222.17.131
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.tianli0.top/static/public/postChatUser_summary.min.js
Requested by: Host: halo.189115.xyz
URL: https://halo.189115.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 124.222.17.131 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx /
Resource Hash: c5f3b18c633d60bea9c66cd4bf8ead8cafcd6393d1eb4a5056aafda3ef832c1e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://halo.189115.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 06:44:52 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2024 22:13:44 GMT
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=60
expires: Tue, 25 Jun 2024 06:45:52 GMT

GET
H3 200 comment-widget.iife.js Show response
halo.189115.xyz/plugins/PluginCommentWidget/assets/static/ 182 KB
56 KB 705ms
704ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://halo.189115.xyz/plugins/PluginCommentWidget/assets/static/comment-widget.iife.js?version=2.2.0

Requested by

Host: halo.189115.xyz
URL: https://halo.189115.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deb637bbc2fe450614a185d26747166b24ebd9fb27a647cac98330bdc6aa1324

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://halo.189115.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 06:44:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 24 Jun 2024 22:24:02 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDwNBBKLd%2FAKuDMCRkq1iNJARziscxV9ArMYRqwhO1vNH6gGG00rjSwY%2BD5CyGgVCuo65BkTQSagce89z7HK1eUdLEeHAu4Guc1I57v91AXJIQ1rAOR2qJ49dmqCKO685Q8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8992fdcd5abf9719-AMS
priority: u=1,i=?0

GET
H3 200 style.css
halo.189115.xyz/plugins/PluginCommentWidget/assets/static/ 3 KB
979 B 461ms
460ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://halo.189115.xyz/plugins/PluginCommentWidget/assets/static/style.css?version=2.2.0

Requested by

Host: halo.189115.xyz
URL: https://halo.189115.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f46673fff1bc9454abc4d16d9b54621394ad7198bf66ff5703733dcb6664d232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://halo.189115.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 06:44:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 24 Jun 2024 22:24:02 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CFmpo1Su2z%2FsxPdZdXK2%2BpvX7hiFSG%2FUpcwWcRagJtmP%2F7A%2BPNPB6bxHAkapysoIKSMquLEg03Pnjr8Mhc2TXv0CsLWb%2Bq74f0A502%2FFMaZ%2B6yji0krXL1VWZqfZN23UrK0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8992fdcd5ac19719-AMS
priority: u=0,i=?0

GET
H3 200 default-avatar.svg
halo.189115.xyz/themes/theme-earth/assets/images/ 4 KB
2 KB 380ms
379ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halo.189115.xyz/themes/theme-earth/assets/images/default-avatar.svg

Requested by

Host: halo.189115.xyz
URL: https://halo.189115.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8ba90b3f5f6a2c92c2039cdd723a6240b360562cdf00d64d33e854d1616cb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://halo.189115.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 06:44:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 24 Jun 2024 21:50:05 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZutOHawtKKKjjMj6m8Z3Tl0QS0QYxgsVw8fYv7UX92Fe7QJ7RTcyCku%2F%2FMPp560DGyUCqmKi2m8Sxep3JqX3g4kqIbfCFFfjxWlYZsA0y9mOYWNrI%2FmIP77NvNo7Zg%2FecgU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8992fdcd5ac29719-AMS
priority: u=2,i

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 91ms
55ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: halo.189115.xyz
URL: https://halo.189115.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://halo.189115.xyz/
Origin: https://halo.189115.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 06:44:53 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8992fdd7dfe4b790-AMS

GET
H3 200 default-avatar.svg
halo.189115.xyz/themes/theme-earth/assets/images/ 4 KB
0 0ms
0ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halo.189115.xyz/themes/theme-earth/assets/images/default-avatar.svg

Requested by

Host: halo.189115.xyz
URL: https://halo.189115.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8ba90b3f5f6a2c92c2039cdd723a6240b360562cdf00d64d33e854d1616cb86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://halo.189115.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 06:44:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 24 Jun 2024 21:50:05 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZutOHawtKKKjjMj6m8Z3Tl0QS0QYxgsVw8fYv7UX92Fe7QJ7RTcyCku%2F%2FMPp560DGyUCqmKi2m8Sxep3JqX3g4kqIbfCFFfjxWlYZsA0y9mOYWNrI%2FmIP77NvNo7Zg%2FecgU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8992fdcd5ac29719-AMS
priority: u=2,i

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea21e81c3fbf40534aa70662ee74a54780de445ac07dbc97715e9052154cf621

Request headers

Referer
Origin: https://halo.189115.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 608ffabd8bdcb217ae2b4cfaa6fa8f6bdbba4d54.jpeg
halo.189115.xyz/upload/ 963 KB
964 KB 608ms
607ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halo.189115.xyz/upload/608ffabd8bdcb217ae2b4cfaa6fa8f6bdbba4d54.jpeg

Requested by

Host: halo.189115.xyz
URL: https://halo.189115.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4839394bea0fd32437a9a19e3b93effa7d28c65bc4fd3742ec545eabf84b1ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://halo.189115.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 06:44:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 986056
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 24 Jun 2024 22:12:59 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tdKG9O3DuUymyIxMjiEf1qAHW%2FCaBCqrUmCFnnZw525WfqlpR7lQt10dLcOFU40GAfgXbwpgJlF3FgDoNvcdJe6KN8V8OiWU%2BUHlPE%2F40tj72m10JDacwpqylvai2vmoOgc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8992fdd9182c9719-AMS
priority: u=3,i

GET
DATA 200
OK truncated
/ 245 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ddcc791eb66a034b3fd9b8aa0c1a210305d375a93ee6aba3cea6cf837a39735

Request headers

Referer
Origin: https://halo.189115.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 398 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4cc68c8ac9c379546fb8c9055d0b9ac855923dab0e9ab2359c0fe87566fc553

Request headers

Referer
Origin: https://halo.189115.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 189 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8959fe7ec5a2e8274c70ff404b9b50ce87c166ecaeb39e8d9be12732a631f8a

Request headers

Referer
Origin: https://halo.189115.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

main.js Show response
halo.189115.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/ Frame 61FD
Redirect Chain

https://halo.189115.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://halo.189115.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

8 KB
4 KB

23ms
23ms

Script
application/javascript

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://halo.189115.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

Requested by

Host: halo.189115.xyz
URL: https://halo.189115.xyz/

Protocol

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7cd26136742cbbed89751913a4556574f5232a5630f06a660bf53c48963459

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 25 Jun 2024 06:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GBrscKnCoxKDf1arUJHo%2F0iVw%2F0%2FiAwVEWZcpC%2BzPJGqdZAH46PqrUKi4O0HicsFOmqhF3aXLxR9Bn0rnn4BU9JAAKV6l6sy8BDxRl7DjVF8dKfRJiU1y8OM6kqvZZEMk%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8992fdd998af9719-AMS
priority: u=3,i=?0

Redirect headers

date: Tue, 25 Jun 2024 06:44:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9XmnMCOUJ8C6%2BISrAtNRFTXrhyhACwlWd4Fg2f60vX4TE02vrMiwtfuahBOAO4F9yOQsJ6JC%2Bal7BG1MBAWHZhSU4Au%2FIJZq8iLCrgahM4lklZtLdaFNMtnaSLV19UsvYSg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
cache-control: max-age=300, public
cf-ray: 8992fdd978899719-AMS
content-length: 0
priority: u=3,i=?0

POST
H3 200 8992fdca3eb39719 Show response
halo.189115.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 61FD 0
673 B 41ms
40ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://halo.189115.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/8992fdca3eb39719
Requested by: Host: halo.189115.xyz
URL: https://halo.189115.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 25 Jun 2024 06:44:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKCoRhOO6W8UTA3%2F2BV8rbvfwBErIuDbm0ONz9TgR6ZEo6MvmK5KHzJ%2B89xv%2BiYMu5m2sJt4r1UJsn2%2FZcjtkl%2FB7k8xoXRSdMBXsb7RP6Puybj9xGPmWb0ZmkU%2F0ZhbiXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8992fdda497f9719-AMS
content-length: 0
priority: u=1,i

POST
H3 204 rum Show response
halo.189115.xyz/cdn-cgi/ 0
142 B 21ms
21ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://halo.189115.xyz/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://halo.189115.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 25 Jun 2024 06:44:54 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://halo.189115.xyz
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8992fde078189719-AMS

GET
H3 404 favicon.ico
halo.189115.xyz/ 220 B
782 B 363ms
363ms Other
application/problem+json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://halo.189115.xyz/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f6b8722db544146d7b71a18bd147b4450a223a41da952a6dd7c95ba952698a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://halo.189115.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 06:44:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 220
x-xss-protection: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: application/problem+json
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cpJc6Z1KF3TasoEiQcZGeOisyUluieEOla2ink9JwwJGeqpFmH6FP2ohbhKgZFAMVAX7GgbPVoxp%2BSY2bHx8aVLH4J5zXXeEMlzzbY%2Fy0n4hZWkQKHxUSjPnsJReIUWyEdw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8992fde0882c9719-AMS
priority: u=1,i
expires: 0

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			halo.189115.xyz/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 7a9b010b-0c02-4ef4-b85f-a6cf85f83b27
			.189115.xyz/	1970-01-21 06:20:33	Name: cf_clearance Value: xxt4yzg0_YXjuKQUeevtgsYv1d3HHkkvuQuk1o3v6vU-1719297893-1.0.1.1-uCryjNTOgSUFnNTdDrGOPsOml5negORubhbU8TTAX27J8CTiCv96P9662ihlll_zezTHWaYxTPvSp172aPbz0Q

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://halo.189115.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ai.tianli0.top
halo.189115.xyz
static.cloudflareinsights.com
124.222.17.131
188.114.97.3
2606:4700::6810:4f49
1f6b8722db544146d7b71a18bd147b4450a223a41da952a6dd7c95ba952698a4
28e5ba25b87dcfae29f8051b5ac31df358390705d987484c78ed7ebba5692fa4
3ddcc791eb66a034b3fd9b8aa0c1a210305d375a93ee6aba3cea6cf837a39735
517c9814efafe3c093a8581389eed5bc454cd1ab7f2c782f3c57a94e46170b75
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
94f0fd5972ba754cf246196ad06164f0ea85bd69b2e92c41fbae2e42329df517
a4839394bea0fd32437a9a19e3b93effa7d28c65bc4fd3742ec545eabf84b1ef
b4cc68c8ac9c379546fb8c9055d0b9ac855923dab0e9ab2359c0fe87566fc553
bac7e3286b63ad6259b28a270aa24d274bc22a8def77826567d979d11b68720b
c5f3b18c633d60bea9c66cd4bf8ead8cafcd6393d1eb4a5056aafda3ef832c1e
c8959fe7ec5a2e8274c70ff404b9b50ce87c166ecaeb39e8d9be12732a631f8a
deb637bbc2fe450614a185d26747166b24ebd9fb27a647cac98330bdc6aa1324
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ba90b3f5f6a2c92c2039cdd723a6240b360562cdf00d64d33e854d1616cb86
ea21e81c3fbf40534aa70662ee74a54780de445ac07dbc97715e9052154cf621
f46673fff1bc9454abc4d16d9b54621394ad7198bf66ff5703733dcb6664d232
fa7cd26136742cbbed89751913a4556574f5232a5630f06a660bf53c48963459

halo.189115.xyz Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

1097 kBTransfer

1398 kBSize

2 Cookies

2 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

halo.189115.xyz Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1097 kB
Transfer

1398 kB
Size

2
Cookies

15 HTTP transactions
4 data transactions