urlscan.io logo urlscan.io
SecurityTrails logo

coronahelm.nl Open in urlscan Pro
5.157.87.204  Public Scan

Go To Rescan Add Verdict Report
URL: http://coronahelm.nl/
Submission: On May 23 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 5.157.87.204, located in Amersfoort, Netherlands and belongs to ASTRALUS, NL. The main domain is coronahelm.nl.
This is the only time coronahelm.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5.157.87.204 48635 (ASTRALUS)
1 2 5.157.86.209 48635 (ASTRALUS)
2 2
Apex Domain
Subdomains		 Transfer
2 yourhosting.nl
www.yourhosting.nl
712 B
1 coronahelm.nl
coronahelm.nl
494 B
2 2
Domain Requested by
2 www.yourhosting.nl 1 redirects coronahelm.nl
1 coronahelm.nl
2 2

This site contains no links.

Subject Issuer Validity Valid
yourhosting.nl
Sectigo RSA Extended Validation Secure Server CA		 2020-01-22 -
2021-08-12		 2 years crt.sh

This page contains 2 frames:

Primary Page: http://coronahelm.nl/
Frame ID: 2A60277E497660D5D5A69DFC37F19083
Requests: 1 HTTP requests in this frame

Frame: https://www.yourhosting.nl/parkeerpagina/
Frame ID: F5FD156E8B2EC3B56D9AD84255E08742
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

0 kB
Transfer

0 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.yourhosting.nl/parkeerpagina.html HTTP 301
  • https://www.yourhosting.nl/parkeerpagina/

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
coronahelm.nl/ 		351 B
494 B 		Document
General
Check archive.org
Download Go to
Full URL
http://coronahelm.nl/
Protocol
HTTP/1.1
Server
5.157.87.204 Amersfoort, Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
redirect.yourhosting.nl
Software
nginx/1.16.1 / PHP/7.1.30
Resource Hash
2187ef4dfcdb6ddf25696470dd259a17731923d06943ffc71529948f652c1e14

Request headers

Host
coronahelm.nl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Sat, 23 May 2020 06:18:01 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.1.30
Content-Encoding
gzip
Cookie set /
www.yourhosting.nl/parkeerpagina/ Frame F5FD
Redirect Chain
  • https://www.yourhosting.nl/parkeerpagina.html
  • https://www.yourhosting.nl/parkeerpagina/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.yourhosting.nl/parkeerpagina/
Requested by
Host: coronahelm.nl
URL: http://coronahelm.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.157.86.209 Amersfoort, Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
prod3.yourhosting.nl
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.yourhosting.nl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://coronahelm.nl/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
django_language=nl-nl; lead=Z_coronahelm_nl
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://coronahelm.nl/

Response headers

Server
nginx
Date
Sat, 23 May 2020 06:18:02 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Language, Cookie
Content-Language
nl-nl
Expires
Sat, 23 May 2020 06:18:02 GMT
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Set-Cookie
lead=Z_coronahelm_nl; Domain=.yourhosting.nl; expires=Tue, 21-May-2030 06:18:02 GMT; httponly; Max-Age=315360000; Path=/; secure gtm-userid=; Domain=.yourhosting.nl; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Sat, 23 May 2020 06:18:02 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Vary
Accept-Language, Cookie
Location
/parkeerpagina/
Content-Language
nl-nl
Set-Cookie
django_language=nl-nl; expires=Sun, 23-May-2021 06:18:02 GMT; Max-Age=31536000; Path=/ lead=Z_coronahelm_nl; Domain=.yourhosting.nl; expires=Tue, 21-May-2030 06:18:02 GMT; httponly; Max-Age=315360000; Path=/; secure gtm-userid=; Domain=.yourhosting.nl; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

3 Cookies

Domain/Path Name / Value
.yourhosting.nl/ Name: btw
Value: ex
.yourhosting.nl/ Name: lead
Value: Z_coronahelm_nl
www.yourhosting.nl/ Name: django_language
Value: nl-nl

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coronahelm.nl
www.yourhosting.nl
5.157.86.209
5.157.87.204
2187ef4dfcdb6ddf25696470dd259a17731923d06943ffc71529948f652c1e14