returnhex.com
Open in
urlscan Pro
208.123.116.222
Public Scan
Submission Tags: @phishunt_io
Submission: On June 17 via api from DE — Scanned from DE
Summary
This is the only time returnhex.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 208.123.116.222 208.123.116.222 | 395092 (SHOCK-1) (SHOCK-1) | |
4 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 192.0.77.17 192.0.77.17 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
15 | 5 |
ASN395092 (SHOCK-1, US)
PTR: nj-s1.dedicatedpanel.net
returnhex.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
returnhex.com
returnhex.com |
160 KB |
4 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 246 |
97 KB |
1 |
cldup.com
cldup.com — Cisco Umbrella Rank: 191423 |
6 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 793 |
14 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 686 |
24 KB |
15 | 5 |
Domain | Requested by | |
---|---|---|
8 | returnhex.com |
returnhex.com
|
4 | cdnjs.cloudflare.com |
returnhex.com
cdnjs.cloudflare.com |
1 | cldup.com |
returnhex.com
|
1 | maxcdn.bootstrapcdn.com |
returnhex.com
|
1 | code.jquery.com |
returnhex.com
|
15 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
steamcommunity.com |
github.com |
getbootstrap.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
*.cldup.com Sectigo RSA Domain Validation Secure Server CA |
2022-05-22 - 2023-06-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://returnhex.com/
Frame ID: DE05CB5292B10BCC733F2512B825886A
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
HighscoresDetected technologies
Chart.js (JavaScript Graphics) ExpandDetected patterns
- /Chart(?:\.bundle)?(?:\.min)?\.js
particles.js (JavaScript Graphics) Expand
Detected patterns
- <div id="particles-js">
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Popper (Miscellaneous) Expand
Detected patterns
- /popper\.js/([0-9.]+)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Steam
Search URL Search Domain Scan URL
Title: Github
Search URL Search Domain Scan URL
Title: Bootstrap
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
returnhex.com/ |
35 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
returnhex.com/content/css/ |
199 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.css
returnhex.com/content/ |
379 B 528 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
returnhex.com/content/js/ |
145 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/ |
57 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
returnhex.com/ |
125 B 369 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ |
48 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Chart.js
returnhex.com/content/js/chartjs/ |
387 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6Ptkwu_qA.js
cldup.com/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.js
returnhex.com/ |
2 KB 883 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.jpg
returnhex.com/content/images/ |
708 B 708 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/ |
78 KB 78 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation number| uidEvent object| bootstrap function| $ function| jQuery function| Popper function| Color function| Chart function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS object| GlobalHistory_Bank object| GlobalHistory_Players object| GlobalHistory_top10 object| canvas number| heightRatio0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
cldup.com
code.jquery.com
maxcdn.bootstrapcdn.com
returnhex.com
192.0.77.17
2001:4de0:ac18::1:a:3b
208.123.116.222
2606:4700::6811:190e
2606:4700::6812:bcf
02a452513d20180c559e1d91cb343fc9ecdf86670f4330b62fc71eda25ccc582
1b29068935aa0ade9896336fca0ca047f97b656d207426d0d94cc05cfa442de9
34df65277ef2ec41156607f6be465fddc430cec59cd2fe48a83575e2e09c3ac2
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
4c3e8276a03b75d40fdbc5b40e665022127cbbd1722b6de06839ca69f664b7af
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
b533cd80ae678d5b7863e7ec19f811f94b7dbaf1c08aeaf10eb58fc3653ccea0
b76ffbb2665f82b493e054b50d3d1bb3f2a8b4233be1795ca9937956eef196bc
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e884ad4507ab05c8584b0e89d8659339618e9c346b59799a1b4afa9c2c0de6ce
f2ecfc99b9bc67ce1e6d69a538535032ecea15e200073d27157ea53842a54f68
f6d53344fdd13d90a921978c5afd533ce1399e7f2bc4ae5db4cd0031378a7b69
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6