ch-redirect.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 91.92.249.233, located in Netherlands and belongs to LIMENET, US. The main domain is ch-redirect.com.
TLS certificate: Issued by R3 on May 15th 2024. Valid for: 3 months.

This is the only time ch-redirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	91.92.249.233 91.92.249.233	394711 (LIMENET) (LIMENET)
1	172.67.68.2 172.67.68.2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2

2 91.92.249.233 (Netherlands)

ASN394711 (LIMENET, US)

ch-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.68.2 (United States)

ASN13335 (CLOUDFLARENET, US)

api.cryptapi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	ch-redirect.com ch-redirect.com	2 KB
1	cryptapi.io api.cryptapi.io	695 B
3	2

	Domain	Requested by
2	ch-redirect.com
1	api.cryptapi.io	ch-redirect.com
3	2

This site contains no links.

Subject Issuer	Validity	Valid
ch-redirect.com R3	`2024-05-15` - `2024-08-13`	3 months	crt.sh
cryptapi.io GTS CA 1P5	`2024-04-15` - `2024-07-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ch-redirect.com/
Frame ID: 15E82EEC1F81F34FEFAF525E72E24DC1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CryptAPI Payment Test

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2 kB
Transfer

5 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ch-redirect.com/ 4 KB
1 KB 516ms
88ms Document
text/html 91.92.249.233
LIMENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-redirect.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.92.249.233 , Netherlands, ASN394711 (LIMENET, US),
Reverse DNS
Software: nginx / PHP/8.2.19 PleskLin
Resource Hash: 94751def66ef4c7a3478a2fe8e2ada1f18e823126a3b9c8a649bf78a0e89484b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 20 May 2024 07:01:08 GMT
server: nginx
x-powered-by: PHP/8.2.19 PleskLin

GET
H3 200 / Show response
api.cryptapi.io/eth/create/ 273 B
695 B 776ms
704ms Fetch
application/json 172.67.68.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cryptapi.io/eth/create/?callback=https%3A%2F%2Fch-redirect.com%2Findex.php%3Fid%3D7sz7dzf7h&address=0xE3A48AD59B3263B81D4f2Ad95864753547735c95

Requested by

Host: ch-redirect.com
URL: https://ch-redirect.com/

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.67.68.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d142a57cfb77fdbbcbaca1e2d800372b6936d3f13f58ab9edfb2480ae2ab51

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ch-redirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 07:01:09 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-frame-options: SAMEORIGIN
vary: origin
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KvO6Bo2WI3kQTFGJuwtAALlaij9mEx74nDyGamSm0%2BRZ31zEjE0URRnh8GZuIeuNHKla8HKG%2F%2BNg1VLkQChSQ%2BYTl22C0jNKwC5ov4RzFtbvZ7H5pVobSJA7VPwEy%2F1ECQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 886a7429aa1e68e5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 404 favicon.ico
ch-redirect.com/ 808 B
501 B 61ms
60ms Other
text/html 91.92.249.233
LIMENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-redirect.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.92.249.233 , Netherlands, ASN394711 (LIMENET, US),
Reverse DNS
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ch-redirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 07:01:08 GMT
content-encoding: br
last-modified: Wed, 15 May 2024 01:47:03 GMT
server: nginx
etag: W/"328-618744b9163d3"
content-type: text/html

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ch-redirect.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cryptapi.io
ch-redirect.com
172.67.68.2
91.92.249.233
64d142a57cfb77fdbbcbaca1e2d800372b6936d3f13f58ab9edfb2480ae2ab51
94751def66ef4c7a3478a2fe8e2ada1f18e823126a3b9c8a649bf78a0e89484b
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

ch-redirect.com Open in urlscan Pro 91.92.249.233 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

2 kBTransfer

5 kBSize

0 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

ch-redirect.com Open in urlscan Pro
91.92.249.233 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2 kB
Transfer

5 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions