czhostreturn.com Open in urlscan Pro
198.54.115.80 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://czhostreturn.com/
Effective URL:
https://czhostreturn.com/
Submission: On September 30 via manual (September 30th 2021, 8:24:56 pm UTC) from ID — Scanned from DE

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 22 HTTP transactions. The main IP is 198.54.115.80, located in United States and belongs to NAMECHEAP-NET, US. The main domain is czhostreturn.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 30th 2021. Valid for: a year.

This is the only time czhostreturn.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 20	198.54.115.80 198.54.115.80	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	151.101.16.193 151.101.16.193	54113 (FASTLY) (FASTLY)
2	162.159.153.4 162.159.153.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	4

20 198.54.115.80 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server205-2.web-hosting.com

czhostreturn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.16.193 (London, United Kingdom)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.153.4 (None, )

ASN13335 (CLOUDFLARENET, US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	czhostreturn.com 1 redirects czhostreturn.com	767 KB
2	medium.com glyph.medium.com	40 KB
1	imgur.com i.imgur.com	5 KB
22	3

	Domain	Requested by
20	czhostreturn.com	1 redirects czhostreturn.com
2	glyph.medium.com	czhostreturn.com
1	i.imgur.com	czhostreturn.com
22	3

This site contains links to these domains. Also see Links.

Domain
medium.com

Subject Issuer	Validity	Valid
czhostreturn.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-30` - `2022-09-30`	a year	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2021-09-01` - `2021-11-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://czhostreturn.com/
Frame ID: C7909AA33D39230EB53BE14184AE6106
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

G i v e a w a y

Page URL History Show full URLs

http://czhostreturn.com/ HTTP 301
https://czhostreturn.com/ Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

855 kB
Transfer

1560 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/
Title: Ivan on Tech

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://czhostreturn.com/ HTTP 301
https://czhostreturn.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
czhostreturn.com/
Redirect Chain

http://czhostreturn.com/
https://czhostreturn.com/

198 KB
15 KB

635ms
210ms

Document
text/html

198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 8275daa1654ae2eed6c325ea31a0e9ea0754ac99c7aa1e160f58aefdfecff2d8

Request headers

:method: GET
:authority: czhostreturn.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
last-modified: Thu, 30 Sep 2021 16:08:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15263
date: Thu, 30 Sep 2021 20:24:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

Redirect headers

keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 30 Sep 2021 20:24:48 GMT
server: LiteSpeed
location: https://czhostreturn.com/
x-turbo-charged-by: LiteSpeed

GET
H2 200 jquery-3.4.1.min.js Show response
czhostreturn.com/ 86 KB
30 KB 214ms
214ms Script
application/javascript 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://czhostreturn.com/jquery-3.4.1.min.js
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Request headers

:path: /jquery-3.4.1.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:49 GMT
content-encoding: br
last-modified: Thu, 30 Sep 2021 16:08:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30045
expires: Thu, 07 Oct 2021 20:24:49 GMT

GET
H2 200 m2.css
czhostreturn.com/ 64 KB
43 KB 215ms
214ms Stylesheet
text/css 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://czhostreturn.com/m2.css
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 29e89f00341d65ffbab6fdfce78f7e42a1daf4bda2e3615ad9466e2ce47760ef

Request headers

:path: /m2.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:49 GMT
content-encoding: br
last-modified: Thu, 30 Sep 2021 16:08:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 44020
expires: Thu, 07 Oct 2021 20:24:49 GMT

GET
H2 200 main-branding-base.css
czhostreturn.com/ 510 KB
60 KB 871ms
871ms Stylesheet
text/css 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://czhostreturn.com/main-branding-base.css
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: be9a62a389ef14e5aa7c9c7ef9f7bec271ecce1f86aa8f0cdcc9a5e3acf7948e

Request headers

:path: /main-branding-base.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:49 GMT
content-encoding: br
last-modified: Thu, 30 Sep 2021 16:08:50 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 60823
expires: Thu, 07 Oct 2021 20:24:49 GMT

GET
H2 200 jm7KAML.jpg
i.imgur.com/ 4 KB
5 KB 444ms
86ms Image
image/jpeg 151.101.16.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/jm7KAML.jpg

Requested by

Host: czhostreturn.com
URL: https://czhostreturn.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.16.193 London, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d67c5a8ee643afd7d72a64565e4fe971cabc807d40c2d3e03f3716df6b2a2892

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
x-content-type-options: nosniff
age: 1854413
x-cache: HIT, HIT
content-length: 4466
x-served-by: cache-bwi5139-BWI, cache-lcy19280-LCY
last-modified: Sun, 22 Aug 2021 08:54:19 GMT
server: cat factory 1.0
x-timer: S1633033491.764876,VS0,VE1
etag: "8f692e3c1adc91d8754f7a84b38370de"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 404 1UATD6Vui-5Xa4Vb2QAOtbg_002.png
czhostreturn.com/index_files/ 1 KB
1 KB 220ms
220ms Image
text/html 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/index_files/1UATD6Vui-5Xa4Vb2QAOtbg_002.png
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

:path: /index_files/1UATD6Vui-5Xa4Vb2QAOtbg_002.png
pragma: no-cache
origin: https://czhostreturn.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://czhostreturn.com/
Origin: https://czhostreturn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 20:24:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 DkYyJZY.png
czhostreturn.com/pics/ 384 KB
385 KB 224ms
222ms Image
image/png 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/pics/DkYyJZY.png
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: dee77ffcad983fc3e3999725db259c6b4a417b5c4c147417d725defc1acd82b0

Request headers

:path: /pics/DkYyJZY.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
last-modified: Thu, 30 Sep 2021 16:09:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 393435
expires: Thu, 07 Oct 2021 20:24:50 GMT

GET
H2 200 jm7KAML.jpg
czhostreturn.com/pics/ 4 KB
5 KB 224ms
222ms Image
image/jpeg 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/pics/jm7KAML.jpg
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: d67c5a8ee643afd7d72a64565e4fe971cabc807d40c2d3e03f3716df6b2a2892

Request headers

:path: /pics/jm7KAML.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
last-modified: Thu, 30 Sep 2021 16:09:13 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4466
expires: Thu, 07 Oct 2021 20:24:50 GMT

GET
H2 200 1_tIWs8Qk_H0ANcEVDFGLsg.png
czhostreturn.com/pics/ 4 KB
5 KB 665ms
663ms Image
image/png 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/pics/1_tIWs8Qk_H0ANcEVDFGLsg.png
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: a214e8a9da8a7b9eeab2eaf27bd569cfdf5bf41fc7d3cbf09c93b20238ceaa87

Request headers

:path: /pics/1_tIWs8Qk_H0ANcEVDFGLsg.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
last-modified: Thu, 30 Sep 2021 16:09:03 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4580
expires: Thu, 07 Oct 2021 20:24:50 GMT

GET
H2 200 1mdJWWVTfTd7LMbR1pZvZ0A.jpeg
czhostreturn.com/pics/ 15 KB
15 KB 664ms
661ms Image
image/jpeg 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/pics/1mdJWWVTfTd7LMbR1pZvZ0A.jpeg
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 31ce12605ac90c6218f74f3f8365f923d69269345b0cb46e32b4feb868143428

Request headers

:path: /pics/1mdJWWVTfTd7LMbR1pZvZ0A.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
last-modified: Thu, 30 Sep 2021 16:09:00 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 15599
expires: Thu, 07 Oct 2021 20:24:50 GMT

GET
H2 200 A6IoYeG.jpg
czhostreturn.com/pics/ 6 KB
7 KB 665ms
663ms Image
image/jpeg 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/pics/A6IoYeG.jpg
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: f9d10459c0e3e0b29ebdae9a54c33abc5b95071d43006fb6b17cbf7608036173

Request headers

:path: /pics/A6IoYeG.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
last-modified: Thu, 30 Sep 2021 16:09:05 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6569
expires: Thu, 07 Oct 2021 20:24:50 GMT

GET
H2 200 Q17tvth.jpg
czhostreturn.com/pics/ 26 KB
27 KB 665ms
663ms Image
image/jpeg 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/pics/Q17tvth.jpg
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 192deab6eb15e32c419703d2a68b4ca9bab75064ed8f4fccf8c47532f49f76ed

Request headers

:path: /pics/Q17tvth.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
last-modified: Thu, 30 Sep 2021 16:09:15 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 26974
expires: Thu, 07 Oct 2021 20:24:50 GMT

GET
H2 200 FunaGWr.jpg
czhostreturn.com/pics/ 23 KB
23 KB 666ms
664ms Image
image/jpeg 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/pics/FunaGWr.jpg
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7bcbf7d9791a9c3e41fb24f12ce2d62dc14382253da80cd711768bd56c401010

Request headers

:path: /pics/FunaGWr.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
last-modified: Thu, 30 Sep 2021 16:09:11 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 23394
expires: Thu, 07 Oct 2021 20:24:50 GMT

GET
H2 200 asaaas.png
czhostreturn.com/pics/ 9 KB
10 KB 663ms
662ms Image
image/png 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/pics/asaaas.png
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: fa98238b98383829699b89aa8d4b2835dd6856dc85e3d7525ac22b0b12d07e69

Request headers

:path: /pics/asaaas.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
last-modified: Thu, 30 Sep 2021 16:09:06 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 9581
expires: Thu, 07 Oct 2021 20:24:50 GMT

GET
H2 200 euK1IXD.jpg
czhostreturn.com/pics/ 46 KB
46 KB 664ms
662ms Image
image/jpeg 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/pics/euK1IXD.jpg
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 9a95edd9042d95e5133733747e2db47e462c3ec506fab9c4085f69dd3bf8485a

Request headers

:path: /pics/euK1IXD.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
last-modified: Thu, 30 Sep 2021 16:09:10 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 46894
expires: Thu, 07 Oct 2021 20:24:50 GMT

GET
H2 200 CXamoqi.jpg
czhostreturn.com/pics/ 31 KB
31 KB 884ms
882ms Image
image/jpeg 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/pics/CXamoqi.jpg
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2d1196c31e454364bf96cc774bfd0da0e0fca248b334e2084d5f27fbc489d12d

Request headers

:path: /pics/CXamoqi.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
last-modified: Thu, 30 Sep 2021 16:09:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 31406
expires: Thu, 07 Oct 2021 20:24:50 GMT

GET
H2 200 xxxx.jpg
czhostreturn.com/pics/ 3 KB
4 KB 883ms
882ms Image
image/jpeg 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/pics/xxxx.jpg
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 8c3c5f2623afaaa4ad6af8048c6e37fa1a4ead58a7a00c5d0b680f09b6850eab

Request headers

:path: /pics/xxxx.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
last-modified: Thu, 30 Sep 2021 16:09:16 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3381
expires: Thu, 07 Oct 2021 20:24:50 GMT

GET
H2 200 ooMbvAu.jpg
czhostreturn.com/pics/ 23 KB
23 KB 884ms
883ms Image
image/jpeg 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/pics/ooMbvAu.jpg
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: eb990de9ff843be30c4fb0a4f6eab5653a7da4eb53ee9d3881fab2bd581e69c0

Request headers

:path: /pics/ooMbvAu.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
last-modified: Thu, 30 Sep 2021 16:09:14 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 23536
expires: Thu, 07 Oct 2021 20:24:50 GMT

GET
H2 200 G23hU1w.jpg
czhostreturn.com/pics/ 11 KB
11 KB 883ms
882ms Image
image/jpeg 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/pics/G23hU1w.jpg
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 72db85387fd3f100e39c3d991f3579340ab74cc78490efc6e564b6053936b2e5

Request headers

:path: /pics/G23hU1w.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
last-modified: Thu, 30 Sep 2021 16:09:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 10752
expires: Thu, 07 Oct 2021 20:24:50 GMT

GET
H2 200 GEwnzri.jpg
czhostreturn.com/pics/ 28 KB
28 KB 884ms
883ms Image
image/jpeg 198.54.115.80
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://czhostreturn.com/pics/GEwnzri.jpg
Requested by: Host: czhostreturn.com
URL: https://czhostreturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.80 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server205-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: e1dcf10c94027fc9946bc9aaa7eb98cdec4d81b9c0693e2ab2959746f1043075

Request headers

:path: /pics/GEwnzri.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: czhostreturn.com
referer: https://czhostreturn.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://czhostreturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:50 GMT
last-modified: Thu, 30 Sep 2021 16:09:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 28578
expires: Thu, 07 Oct 2021 20:24:50 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1de21730854ea4db035a81914cb0bd57aa74d715af6f89b46a2d002917ca1ed

Request headers

Referer
Origin: https://czhostreturn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1

Request headers

Referer
Origin: https://czhostreturn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H2 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 24 KB
25 KB 450ms
113ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: czhostreturn.com
URL: https://czhostreturn.com/m2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://czhostreturn.com/
Origin: https://czhostreturn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1532940
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 69702d56b9474303-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 30 Sep 2022 20:24:51 GMT

GET
H2 200 charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
16 KB 429ms
103ms Font
application/font-woff 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff

Requested by

Host: czhostreturn.com
URL: https://czhostreturn.com/m2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://czhostreturn.com/
Origin: https://czhostreturn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 20:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16585130
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 69702d56b9494303-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 30 Sep 2022 20:24:51 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9df080944a29084bf6f88ccc49b1f3a0cee1aed655c640ca433871a6af398

Request headers

Referer
Origin: https://czhostreturn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: font/opentype

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://czhostreturn.com/index_files/1UATD6Vui-5Xa4Vb2QAOtbg_002.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

czhostreturn.com
glyph.medium.com
i.imgur.com
151.101.16.193
162.159.153.4
198.54.115.80
192deab6eb15e32c419703d2a68b4ca9bab75064ed8f4fccf8c47532f49f76ed
29e89f00341d65ffbab6fdfce78f7e42a1daf4bda2e3615ad9466e2ce47760ef
2d1196c31e454364bf96cc774bfd0da0e0fca248b334e2084d5f27fbc489d12d
31ce12605ac90c6218f74f3f8365f923d69269345b0cb46e32b4feb868143428
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
72db85387fd3f100e39c3d991f3579340ab74cc78490efc6e564b6053936b2e5
7bcbf7d9791a9c3e41fb24f12ce2d62dc14382253da80cd711768bd56c401010
8275daa1654ae2eed6c325ea31a0e9ea0754ac99c7aa1e160f58aefdfecff2d8
8c3c5f2623afaaa4ad6af8048c6e37fa1a4ead58a7a00c5d0b680f09b6850eab
99a9df080944a29084bf6f88ccc49b1f3a0cee1aed655c640ca433871a6af398
9a95edd9042d95e5133733747e2db47e462c3ec506fab9c4085f69dd3bf8485a
a214e8a9da8a7b9eeab2eaf27bd569cfdf5bf41fc7d3cbf09c93b20238ceaa87
be9a62a389ef14e5aa7c9c7ef9f7bec271ecce1f86aa8f0cdcc9a5e3acf7948e
d1de21730854ea4db035a81914cb0bd57aa74d715af6f89b46a2d002917ca1ed
d67c5a8ee643afd7d72a64565e4fe971cabc807d40c2d3e03f3716df6b2a2892
dee77ffcad983fc3e3999725db259c6b4a417b5c4c147417d725defc1acd82b0
e1dcf10c94027fc9946bc9aaa7eb98cdec4d81b9c0693e2ab2959746f1043075
e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715
eb990de9ff843be30c4fb0a4f6eab5653a7da4eb53ee9d3881fab2bd581e69c0
f9d10459c0e3e0b29ebdae9a54c33abc5b95071d43006fb6b17cbf7608036173
fa98238b98383829699b89aa8d4b2835dd6856dc85e3d7525ac22b0b12d07e69
ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1

czhostreturn.com Open in urlscan Pro 198.54.115.80 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

855 kBTransfer

1560 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

1 Console Messages

czhostreturn.com Open in urlscan Pro
198.54.115.80 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

855 kB
Transfer

1560 kB
Size

0
Cookies

22 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!