www.coronakeyreplacement.com Open in urlscan Pro
192.254.232.239 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coronakeyreplacement.com/
Effective URL:
http://www.coronakeyreplacement.com/
Submission: On May 30 via api (May 30th 2020, 11:35:14 pm UTC) from BE

Summary HTTP 18 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 192.254.232.239, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.coronakeyreplacement.com.

This is the only time www.coronakeyreplacement.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	192.254.232.239 192.254.232.239	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
2 8	104.16.83.55 104.16.83.55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	8

7 192.254.232.239 (Houston, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-232-239.unifiedlayer.com

coronakeyreplacement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.coronakeyreplacement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.16.83.55 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

v2.zopim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (United States)

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	zopim.com 2 redirects v2.zopim.com	271 KB
7	coronakeyreplacement.com 1 redirects coronakeyreplacement.com www.coronakeyreplacement.com	146 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	72 KB
2	zdassets.com static.zdassets.com ekr.zdassets.com	8 KB
1	gstatic.com fonts.gstatic.com	18 KB
1	googleapis.com fonts.googleapis.com	556 B
18	6

	Domain	Requested by
8	v2.zopim.com	2 redirects www.coronakeyreplacement.com v2.zopim.com
6	www.coronakeyreplacement.com	www.coronakeyreplacement.com
2	maxcdn.bootstrapcdn.com	www.coronakeyreplacement.com
1	ekr.zdassets.com	static.zdassets.com
1	static.zdassets.com	www.coronakeyreplacement.com
1	fonts.gstatic.com	www.coronakeyreplacement.com
1	fonts.googleapis.com	www.coronakeyreplacement.com
1	coronakeyreplacement.com	1 redirects
18	8

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.zdassets.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-25` - `2021-05-31`	2 years	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.zopim.com COMODO RSA Domain Validation Secure Server CA	`2017-12-06` - `2020-12-29`	3 years	crt.sh

This page contains 2 frames:

Primary Page: http://www.coronakeyreplacement.com/
Frame ID: 792FBC0ED00EC11EC79562657773263D
Requests: 14 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5233BCF089D36DCE35DEA37FE74B27AE
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://coronakeyreplacement.com/ HTTP 301
http://www.coronakeyreplacement.com/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

18
Requests

67 %
HTTPS

43 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

527 kB
Transfer

1381 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coronakeyreplacement.com/ HTTP 301
http://www.coronakeyreplacement.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://v2.zopim.com/?3bhXuUUEJOcVXtEPndpVWbeF0lzUcQ6c HTTP 302
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 11

https://v2.zopim.com/w?3bhXuUUEJOcVXtEPndpVWbeF0lzUcQ6c HTTP 302
https://v2.zopim.com/bin/v/widget_v2.328.js

18 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.coronakeyreplacement.com/
Redirect Chain

http://coronakeyreplacement.com/
http://www.coronakeyreplacement.com/

43 KB
16 KB

399ms
374ms

Document
text/html

192.254.232.239
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.coronakeyreplacement.com/
Protocol: HTTP/1.1
Server: 192.254.232.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-232-239.unifiedlayer.com
Software: Apache /
Resource Hash: 241b820e1c0b311944d814aaf5753e3135bea898475bc9e0815d6ff1a52f557a

Request headers

Host: www.coronakeyreplacement.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 30 May 2020 23:34:47 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 30 May 2020 20:34:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 29 Jun 2020 23:34:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15816
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Sat, 30 May 2020 23:34:46 GMT
Server: Apache
Location: http://www.coronakeyreplacement.com/
Cache-Control: max-age=2592000
Expires: Mon, 29 Jun 2020 23:34:46 GMT
Content-Length: 244
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 css
fonts.googleapis.com/ 1 KB
556 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis&display=swap

Requested by

Host: www.coronakeyreplacement.com
URL: http://www.coronakeyreplacement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a98a2ad635be968f66057511a4e713a1fa5970e7de0829564d022484bfe24786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.coronakeyreplacement.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 May 2020 23:34:47 GMT
server: ESF
date: Sat, 30 May 2020 23:34:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 May 2020 23:34:47 GMT

GET
H/1.1 200
OK logo.png
www.coronakeyreplacement.com/images/ 4 KB
4 KB 384ms
366ms Image
image/png 192.254.232.239
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.coronakeyreplacement.com/images/logo.png
Requested by: Host: www.coronakeyreplacement.com
URL: http://www.coronakeyreplacement.com/
Protocol: HTTP/1.1
Server: 192.254.232.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-232-239.unifiedlayer.com
Software: Apache /
Resource Hash: b97222a2defabec4251485e984b099fc52673f6007bb97d34869cf3199179008

Request headers

Referer: http://www.coronakeyreplacement.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 30 May 2020 23:34:47 GMT
Last-Modified: Tue, 28 Apr 2020 02:06:41 GMT
Server: Apache
Upgrade: h2,h2c
Cache-Control: max-age=2592000
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=75
Content-Length: 3747
Expires: Mon, 29 Jun 2020 23:34:47 GMT

GET
H/1.1 200
OK mobilekeyreplacement.png
www.coronakeyreplacement.com/images/ 51 KB
51 KB 375ms
357ms Image
image/png 192.254.232.239
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.coronakeyreplacement.com/images/mobilekeyreplacement.png
Requested by: Host: www.coronakeyreplacement.com
URL: http://www.coronakeyreplacement.com/
Protocol: HTTP/1.1
Server: 192.254.232.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-232-239.unifiedlayer.com
Software: Apache /
Resource Hash: 20d873079c4f891b718219395d4f6155e9997bc34625063481919f40f73a5f89

Request headers

Referer: http://www.coronakeyreplacement.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 30 May 2020 23:34:47 GMT
Last-Modified: Tue, 28 Apr 2020 02:05:54 GMT
Server: Apache
Upgrade: h2,h2c
Cache-Control: max-age=2592000
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=75
Content-Length: 52292
Expires: Mon, 29 Jun 2020 23:34:47 GMT

GET
H/1.1 200
OK stuffing.bmp
www.coronakeyreplacement.com/images/ 75 B
413 B 394ms
376ms Image
image/bmp 192.254.232.239
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.coronakeyreplacement.com/images/stuffing.bmp
Requested by: Host: www.coronakeyreplacement.com
URL: http://www.coronakeyreplacement.com/
Protocol: HTTP/1.1
Server: 192.254.232.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-232-239.unifiedlayer.com
Software: Apache /
Resource Hash: a901afae7bdb66678f08a39b32f8a46da9864c8a64fabc0e77a7f12b93df12ba

Request headers

Referer: http://www.coronakeyreplacement.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 30 May 2020 23:34:47 GMT
Last-Modified: Tue, 28 Apr 2020 02:05:58 GMT
Server: Apache
Upgrade: h2,h2c
Cache-Control: max-age=2592000
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/bmp
Keep-Alive: timeout=5, max=75
Content-Length: 75
Expires: Mon, 29 Jun 2020 23:34:47 GMT

GET
H/1.1 200
OK cloaking.php
www.coronakeyreplacement.com/ 570 B
894 B 1185ms
1167ms Image
text/html 192.254.232.239
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.coronakeyreplacement.com/cloaking.php?file=captcha.php
Requested by: Host: www.coronakeyreplacement.com
URL: http://www.coronakeyreplacement.com/
Protocol: HTTP/1.1
Server: 192.254.232.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-232-239.unifiedlayer.com
Software: Apache /
Resource Hash: 27fd1dcf0fc60ffd7be309fdc2eef2b542c8766bd48e113e0671d63cf795bb8c

Request headers

Referer: http://www.coronakeyreplacement.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 30 May 2020 23:34:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=75
Content-Length: 593
Expires: Mon, 29 Jun 2020 23:34:48 GMT

GET
H/1.1 200
OK allimages.jpg
www.coronakeyreplacement.com/images/ 73 KB
74 KB 378ms
361ms Image
image/jpeg 192.254.232.239
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.coronakeyreplacement.com/images/allimages.jpg
Requested by: Host: www.coronakeyreplacement.com
URL: http://www.coronakeyreplacement.com/
Protocol: HTTP/1.1
Server: 192.254.232.239 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-232-239.unifiedlayer.com
Software: Apache /
Resource Hash: fb7aaa8491585752b1a0f7a4e202868a3a590941ea452043079199e8014a9227

Request headers

Referer: http://www.coronakeyreplacement.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 30 May 2020 23:34:47 GMT
Last-Modified: Tue, 28 Apr 2020 02:05:45 GMT
Server: Apache
Upgrade: h2,h2c
Cache-Control: max-age=2592000
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=75
Content-Length: 74951
Expires: Mon, 29 Jun 2020 23:34:47 GMT

GET
H2 200 HhyJU5sn9vOmLxNkIwRSjTVNWLEJN7Ml2xMCbKsUPqjm.woff
fonts.gstatic.com/s/dosis/v17/ 18 KB
18 KB 6ms
6ms Font
font/woff 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v17/HhyJU5sn9vOmLxNkIwRSjTVNWLEJN7Ml2xMCbKsUPqjm.woff

Requested by

Host: www.coronakeyreplacement.com
URL: http://www.coronakeyreplacement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eecd62ff64dc7f28eb3cb05691c3d017cbbc65a066b5b0943597688ad14372c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Dosis&display=swap
Origin: http://www.coronakeyreplacement.com

Response headers

date: Fri, 15 May 2020 19:34:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Feb 2020 23:24:14 GMT
server: sffe
age: 1310436
status: 200
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18216
x-xss-protection: 0
expires: Sat, 15 May 2021 19:34:11 GMT

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/
Redirect Chain

http://v2.zopim.com/?3bhXuUUEJOcVXtEPndpVWbeF0lzUcQ6c
https://static.zdassets.com/ekr/asset_composer.js

24 KB
7 KB

103ms
39ms

Script
application/javascript

104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: www.coronakeyreplacement.com
URL: http://www.coronakeyreplacement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://www.coronakeyreplacement.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 23:34:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 10
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: EA48D62ECED92DA1
x-amz-id-2: jHritq4TWI2D4647L4a8RVYBwYh5j+nnBOMV5dZ+SlgkNFN8Sz8F+58+OC53Xgw3PbP8QCHU1/s=
last-modified: Tue, 10 Mar 2020 23:13:51 GMT
server: cloudflare
etag: W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: sY6Zq5SXmxNkbgD1V_h8h9T.ZhWYQwC3
cf-request-id: 03098931220000ee443434a200000001
cf-ray: 59bc449509e6ee44-CDG

Redirect headers

Date: Sat, 30 May 2020 23:34:47 GMT
CF-Cache-Status: EXPIRED
Server: cloudflare
ETag: "5ed1cc49-0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Location: https://static.zdassets.com/ekr/asset_composer.js
Cache-Control: max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
Connection: keep-alive
CF-RAY: 59bc44943ff3ee2b-CDG
Content-Length: 0
cf-request-id: 03098930a60000ee2b3c351200000001
Expires: Sun, 31 May 2020 03:34:47 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
6 KB 33ms
16ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: www.coronakeyreplacement.com
URL: http://www.coronakeyreplacement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.coronakeyreplacement.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 23:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6241

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
65 KB 73ms
56ms Font
font/woff2 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: www.coronakeyreplacement.com
URL: http://www.coronakeyreplacement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin: http://www.coronakeyreplacement.com

Response headers

date: Sat, 30 May 2020 23:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 66632

GET
H2 200 3bhXuUUEJOcVXtEPndpVWbeF0lzUcQ6c Show response
ekr.zdassets.com/compose/zopim_chat/ 194 B
663 B 790ms
729ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/zopim_chat/3bhXuUUEJOcVXtEPndpVWbeF0lzUcQ6c

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aa2101390eac7626d1b94f8ace222f88f9bbfa8895841d6f792c65e4d23132

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://www.coronakeyreplacement.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 23:34:48 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
status: 200, 200 OK
strict-transport-security: max-age=0
cf-request-id: 030989318d0000047267be7200000001
x-request-id: 77f404ee-a93a-4b2b-89de-8bee4f61a35d
x-runtime: 0.003726
server: cloudflare
etag: W/"76aa2101390eac7626d1b94f8ace222f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 59bc4495acad0472-CDG

GET
H2

200

widget_v2.328.js Show response
v2.zopim.com/bin/v/
Redirect Chain

https://v2.zopim.com/w?3bhXuUUEJOcVXtEPndpVWbeF0lzUcQ6c
https://v2.zopim.com/bin/v/widget_v2.328.js

1 MB
244 KB

34ms
34ms

Script
application/javascript

104.16.83.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.zopim.com/bin/v/widget_v2.328.js
Requested by: Host: www.coronakeyreplacement.com
URL: http://www.coronakeyreplacement.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.83.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7007e974cc09dc7b55dc201b699961187d507ac94f82025437e43160b514dfc4

Request headers

Referer: http://www.coronakeyreplacement.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 23:34:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 27 May 2020 08:02:39 GMT
server: cloudflare
age: 313570
etag: W/"5ece1e9f-102db5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=315360000
cf-ray: 59bc449afbbd086f-CDG
cf-request-id: 03098934d60000086f3683d200000001
expires: Tue, 28 May 2030 23:34:48 GMT

Redirect headers

date: Sat, 30 May 2020 23:34:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: "5ed1cc49-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 302
content-type: application/octet-stream
location: https://v2.zopim.com/bin/v/widget_v2.328.js
cache-control: max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray: 59bc449aab54086f-CDG
content-length: 0
cf-request-id: 03098934a70000086f3683a200000001
expires: Sun, 31 May 2020 03:34:48 GMT

GET
DATA 200
OK truncated
/ Frame 5233 13 KB
13 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.coronakeyreplacement.com/
Origin: http://www.coronakeyreplacement.com

Response headers

Content-Type: application/font-woff

GET
H2 200 avatar_simple_visitor.png
v2.zopim.com/widget/images/ Frame 5233 638 B
760 B 38ms
37ms Image
image/png 104.16.83.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2.zopim.com/widget/images/avatar_simple_visitor.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.83.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59b0b341f2377d03855e6151484cc22019c58f997a11577715121d710fd2386c

Request headers

Referer: http://www.coronakeyreplacement.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 23:35:04 GMT
cf-cache-status: HIT
age: 319436
cf-polished: origSize=1922
status: 200
content-length: 638
cf-request-id: 03098972000000086f36882200000001
last-modified: Thu, 02 Mar 2017 11:22:19 GMT
server: cloudflare
etag: "58b8006b-782"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Sat, 06 Jun 2020 23:35:04 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 59bc44fccb0b086f-CDG
cf-bgj: imgq:100,h2pri

GET
H2 200 avatar_simple_agent.png
v2.zopim.com/widget/images/ Frame 5233 884 B
1 KB 37ms
37ms Image
image/png 104.16.83.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2.zopim.com/widget/images/avatar_simple_agent.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.83.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ada9e3734d7dc2b7478860850b43450391ea40d90498eaa4d7680f686a819f7

Request headers

Referer: http://www.coronakeyreplacement.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 23:35:04 GMT
cf-cache-status: HIT
age: 319424
cf-polished: origSize=2599
status: 200
content-length: 884
cf-request-id: 03098972000000086f36883200000001
last-modified: Thu, 02 Mar 2017 11:22:19 GMT
server: cloudflare
etag: "58b8006b-a27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Sat, 06 Jun 2020 23:35:04 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 59bc44fccb0c086f-CDG
cf-bgj: imgq:100,h2pri

GET
H2 200 avatar_simple_agent.png
v2.zopim.com/widget/images/ Frame 5233 884 B
1 KB 34ms
33ms Image
image/png 104.16.83.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2.zopim.com/widget/images/avatar_simple_agent.png
Requested by: Host: v2.zopim.com
URL: https://v2.zopim.com/bin/v/widget_v2.328.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.83.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ada9e3734d7dc2b7478860850b43450391ea40d90498eaa4d7680f686a819f7

Request headers

Referer: http://www.coronakeyreplacement.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 23:35:06 GMT
cf-cache-status: HIT
age: 319426
cf-polished: origSize=2599
status: 200
content-length: 884
cf-request-id: 03098979960000086f368dd200000001
last-modified: Thu, 02 Mar 2017 11:22:19 GMT
server: cloudflare
etag: "58b8006b-a27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Sat, 06 Jun 2020 23:35:06 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 59bc4508f950086f-CDG
cf-bgj: imgq:100,h2pri

GET
H2 200 loadingbar.gif
v2.zopim.com/widget/images/ Frame 5233 4 KB
4 KB 43ms
42ms Image
image/gif 104.16.83.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2.zopim.com/widget/images/loadingbar.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.83.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f5baff118183ab6307dbcfc64cd2558ed91773cdd90606417ebbf6674184ac3

Request headers

Referer: http://www.coronakeyreplacement.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 23:35:06 GMT
cf-cache-status: HIT
age: 319423
cf-polished: status=not_needed
status: 200
content-length: 4019
cf-request-id: 03098979a90000086f368df200000001
last-modified: Thu, 02 Mar 2017 11:22:20 GMT
server: cloudflare
etag: "58b8006c-fb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
expires: Sat, 06 Jun 2020 23:35:06 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 59bc45090989086f-CDG
cf-bgj: imgq:100,h2pri

GET
H2 206 triad_gbd.mp3
v2.zopim.com/widget/sounds/ 19 KB
19 KB 41ms
40ms Media
audio/mpeg 104.16.83.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.zopim.com/widget/sounds/triad_gbd.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.83.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee

Request headers

Referer: http://www.coronakeyreplacement.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 30 May 2020 23:35:06 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 02 Mar 2017 11:22:20 GMT
server: cloudflare
etag: "58b8006c-4cf2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 206
content-type: audio/mpeg
Content-Range: bytes 0-19697/19698
cache-control: max-age=604800
cf-ray: 59bc450919a7086f-CDG
Content-Length: 19698
cf-request-id: 03098979af0000086f368e0200000001
expires: Sat, 06 Jun 2020 23:35:06 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coronakeyreplacement.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
static.zdassets.com
v2.zopim.com
www.coronakeyreplacement.com
104.16.83.55
104.18.70.113
104.18.72.113
192.254.232.239
2001:4de0:ac19::1:b:1b
2a00:1450:4001:814::200a
2a00:1450:4001:81b::2003
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
1ada9e3734d7dc2b7478860850b43450391ea40d90498eaa4d7680f686a819f7
20d873079c4f891b718219395d4f6155e9997bc34625063481919f40f73a5f89
241b820e1c0b311944d814aaf5753e3135bea898475bc9e0815d6ff1a52f557a
27fd1dcf0fc60ffd7be309fdc2eef2b542c8766bd48e113e0671d63cf795bb8c
59b0b341f2377d03855e6151484cc22019c58f997a11577715121d710fd2386c
7007e974cc09dc7b55dc201b699961187d507ac94f82025437e43160b514dfc4
76aa2101390eac7626d1b94f8ace222f88f9bbfa8895841d6f792c65e4d23132
8f5baff118183ab6307dbcfc64cd2558ed91773cdd90606417ebbf6674184ac3
a901afae7bdb66678f08a39b32f8a46da9864c8a64fabc0e77a7f12b93df12ba
a98a2ad635be968f66057511a4e713a1fa5970e7de0829564d022484bfe24786
b97222a2defabec4251485e984b099fc52673f6007bb97d34869cf3199179008
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
eecd62ff64dc7f28eb3cb05691c3d017cbbc65a066b5b0943597688ad14372c0
fb7aaa8491585752b1a0f7a4e202868a3a590941ea452043079199e8014a9227
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.coronakeyreplacement.com Open in urlscan Pro 192.254.232.239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

67 %HTTPS

43 %IPv6

6 Domains

8 Subdomains

8 IPs

3 Countries

527 kBTransfer

1381 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

Indicators

www.coronakeyreplacement.com Open in urlscan Pro
192.254.232.239 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

67 %
HTTPS

43 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

527 kB
Transfer

1381 kB
Size

0
Cookies

18 HTTP transactions
1 data transactions