URL: https://user.tellhex.com/
Submission: On February 22 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 185.73.114.207, located in Rasht, Iran, Islamic Republic Of and belongs to NRP-NETWORK, IR. The main domain is user.tellhex.com.
TLS certificate: Issued by R3 on February 22nd 2022. Valid for: 3 months.
This is the only time user.tellhex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 185.73.114.207 58262 (NRP-NETWORK)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.18.115.97 13335 (CLOUDFLAR...)
8 3
Apex Domain
Subdomains
Transfer
5 tellhex.com
user.tellhex.com
486 KB
2 icanhazip.com
ipv4.icanhazip.com — Cisco Umbrella Rank: 12849
741 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
8 3
Domain Requested by
5 user.tellhex.com user.tellhex.com
2 ipv4.icanhazip.com user.tellhex.com
1 fonts.googleapis.com user.tellhex.com
8 3

This site contains no links.

Subject Issuer Validity Valid
user.tellhex.com
R3
2022-02-22 -
2022-05-23
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-07 -
2022-06-06
a year crt.sh

This page contains 1 frames:

Primary Page: https://user.tellhex.com/
Frame ID: 3FCA00C49D7A94B8C8CBD79BA6C9240E
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Tell Hex

Detected technologies

Overall confidence: 100%
Detected patterns
  • zip\.co

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

487 kB
Transfer

1609 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
user.tellhex.com/
2 KB
2 KB
Document
General
Full URL
https://user.tellhex.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.73.114.207 Rasht, Iran, Islamic Republic Of, ASN58262 (NRP-NETWORK, IR),
Reverse DNS
185-73-114-207.nrp.co
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
45ce0705eb2b0614fa0f6fab6f8a0ce1980aae38f5d4cac0071b402a81bd4ad1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
last-modified
Mon, 21 Feb 2022 20:51:21 GMT
accept-ranges
bytes
etag
"a1cd5dc86427d81:0"
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
date
Tue, 22 Feb 2022 07:40:38 GMT
content-length
1696
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700,200
Requested by
Host: user.tellhex.com
URL: https://user.tellhex.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e454dfdb7ccf904670365f1628a22e172d02726e6070c839ab8360df61c3ad49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.tellhex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 22 Feb 2022 06:33:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 22 Feb 2022 07:40:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Feb 2022 07:40:39 GMT
main.22699be9.js
user.tellhex.com/static/js/
992 KB
279 KB
Script
General
Full URL
https://user.tellhex.com/static/js/main.22699be9.js
Requested by
Host: user.tellhex.com
URL: https://user.tellhex.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.73.114.207 Rasht, Iran, Islamic Republic Of, ASN58262 (NRP-NETWORK, IR),
Reverse DNS
185-73-114-207.nrp.co
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6c5391ca512007b6a05e85014ed1abc5597d4a4e302415d9eb49169a4f8f9e4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.tellhex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 07:40:38 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 20:51:21 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"80ead0c76427d81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
285004
main.2d334f5c.css
user.tellhex.com/static/css/
485 KB
80 KB
Stylesheet
General
Full URL
https://user.tellhex.com/static/css/main.2d334f5c.css
Requested by
Host: user.tellhex.com
URL: https://user.tellhex.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.73.114.207 Rasht, Iran, Islamic Republic Of, ASN58262 (NRP-NETWORK, IR),
Reverse DNS
185-73-114-207.nrp.co
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
580771ae2ee74ed9810bf0ded43f71d7f4df3ff961b4968c6574b112735713c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.tellhex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 07:40:38 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 20:51:21 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"80ead0c76427d81:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
81742
/
ipv4.icanhazip.com/
16 B
473 B
XHR
General
Full URL
https://ipv4.icanhazip.com/
Requested by
Host: user.tellhex.com
URL: https://user.tellhex.com/static/js/main.22699be9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.115.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47532323a6bd93a21b81daf87ce0547225de86c0d2083460e20a93753e866ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.tellhex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 07:40:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
6e16914c58c5694b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16
6wiht.d3e7762fdaaf29a2d7f9.png
user.tellhex.com/static/media/
45 KB
45 KB
Image
General
Full URL
https://user.tellhex.com/static/media/6wiht.d3e7762fdaaf29a2d7f9.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.73.114.207 Rasht, Iran, Islamic Republic Of, ASN58262 (NRP-NETWORK, IR),
Reverse DNS
185-73-114-207.nrp.co
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b2663479b12fcdc59114eea9b5e4dac981adf28af6f97e469211e9e035c44e2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.tellhex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 07:40:38 GMT
last-modified
Mon, 21 Feb 2022 20:51:21 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"b7263c86427d81:0"
content-type
image/png
accept-ranges
bytes
content-length
45887
back.02cfd056a04d5497ec7f.png
user.tellhex.com/static/media/
80 KB
80 KB
Image
General
Full URL
https://user.tellhex.com/static/media/back.02cfd056a04d5497ec7f.png
Requested by
Host: user.tellhex.com
URL: https://user.tellhex.com/static/css/main.2d334f5c.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.73.114.207 Rasht, Iran, Islamic Republic Of, ASN58262 (NRP-NETWORK, IR),
Reverse DNS
185-73-114-207.nrp.co
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f46988fffd1f6389c194024cc1fdb1073cf789156fdfe626060c60a0271d9e7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.tellhex.com/static/css/main.2d334f5c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 07:40:38 GMT
last-modified
Mon, 21 Feb 2022 20:51:21 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"34f95bc86427d81:0"
content-type
image/png
accept-ranges
bytes
content-length
82186
/
ipv4.icanhazip.com/
16 B
268 B
XHR
General
Full URL
https://ipv4.icanhazip.com/
Requested by
Host: user.tellhex.com
URL: https://user.tellhex.com/static/js/main.22699be9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.115.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47532323a6bd93a21b81daf87ce0547225de86c0d2083460e20a93753e866ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.tellhex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 07:40:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
6e16914c791e694b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| regeneratorRuntime

0 Cookies