urlscan.io logo urlscan.io
SecurityTrails logo

corot-20c.com Open in urlscan Pro
66.254.114.49  Public Scan

Go To Rescan Add Verdict Report
URL: http://corot-20c.com/iframe.php?spotID=376&w=300&h=250&adblock=1&host=maturemompics.com
Submission: On December 07 via manual from RO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 8 HTTP transactions. The main IP is 66.254.114.49, located in Waltham, United States and belongs to REFLECTED - Reflected Networks, Inc., US. The main domain is corot-20c.com.
This is the only time corot-20c.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 66.254.114.49 29789 (REFLECTED)
1 216.18.168.120 29789 (REFLECTED)
1 2606:2800:234... 15133 (EDGECAST)
1 151.101.114.110 54113 (FASTLY)
1 162.247.242.20 23467 (NEWRELIC-...)
8 5
4    66.254.114.49 (Waltham, United States)

ASN29789 (REFLECTED - Reflected Networks, Inc., US)
corot-20c.com
1    216.18.168.120 (Waltham, United States)

ASN29789 (REFLECTED - Reflected Networks, Inc., US)
stats.hprofits.com
1    2606:2800:234:1f1f:1754:1fef:718:1223 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ads.exoclick.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net
bam.nr-data.net
Domain Requested by
4 corot-20c.com corot-20c.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com corot-20c.com
1 ads.exoclick.com corot-20c.com
1 stats.hprofits.com corot-20c.com
8 5

This site contains no links.

Subject Issuer Validity Valid
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://corot-20c.com/iframe.php?spotID=376&w=300&h=250&adblock=1&host=maturemompics.com
Frame ID: 02979F06D8D452EBB0BA3624664305C3
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

8
Requests

25 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

47 kB
Transfer

63 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set iframe.php
corot-20c.com/ 		8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://corot-20c.com/iframe.php?spotID=376&w=300&h=250&adblock=1&host=maturemompics.com
Protocol
HTTP/1.1
Server
66.254.114.49 Waltham, United States, ASN29789 (REFLECTED - Reflected Networks, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b0eb0d28dfe17406a2e1e6793301beea4b7a784fe289dc125eae8f00f63960f6
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Host
corot-20c.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Sat, 07 Dec 2019 06:01:55 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Cache-Control
no-cache
Pragma
no-cache
Expires
Sat, 07 Dec 2019 06:01:54 GMT
Set-Cookie
domain=maturemompics.com; expires=Sat, 07-Dec-2019 06:11:55 GMT; Max-Age=600 376_uniq=1; expires=Sun, 08-Dec-2019 06:01:55 GMT; Max-Age=86400 shows=%5B%221911%22%5D; expires=Sun, 08-Dec-2019 06:01:55 GMT; Max-Age=86400 RNLBSERVERIDCRYPTO=ded3371; path=/
X-Backend-Server
ded3371
X-Backend-Name
c4431_www_crypto
Strict-Transport-Security
max-age=16000000; includeSubDomains; preload;
fl.js
corot-20c.com/nb-34/ 		24 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://corot-20c.com/nb-34/fl.js
Requested by
Host: corot-20c.com
URL: http://corot-20c.com/iframe.php?spotID=376&w=300&h=250&adblock=1&host=maturemompics.com
Protocol
HTTP/1.1
Server
66.254.114.49 Waltham, United States, ASN29789 (REFLECTED - Reflected Networks, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
a5cfe1b107a51a95e784e6321e65a6f09f90a1d697a7cb95d0808021fea38610
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
http://corot-20c.com/iframe.php?spotID=376&w=300&h=250&adblock=1&host=maturemompics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Dec 2019 06:01:55 GMT
Last-Modified
Tue, 11 Sep 2018 06:27:04 GMT
Server
nginx
ETag
"5b976038-61a4"
Strict-Transport-Security
max-age=16000000; includeSubDomains; preload;
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Backend-Server
ded3371
Content-Length
24996
X-Backend-Name
c4431_www_crypto
advertisement.js
stats.hprofits.com/ 		24 B
396 B 		Script
General
Check archive.org
Download Go to
Full URL
http://stats.hprofits.com/advertisement.js
Requested by
Host: corot-20c.com
URL: http://corot-20c.com/iframe.php?spotID=376&w=300&h=250&adblock=1&host=maturemompics.com
Protocol
HTTP/1.1
Server
216.18.168.120 Waltham, United States, ASN29789 (REFLECTED - Reflected Networks, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
5031b7f1ee6ca6fbb260d67518ba48265142fc13e0853e7be6d91ce098980ba7
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
http://corot-20c.com/iframe.php?spotID=376&w=300&h=250&adblock=1&host=maturemompics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Dec 2019 06:01:55 GMT
Last-Modified
Fri, 03 Aug 2018 09:11:10 GMT
Server
nginx
ETag
"5b641c2e-18"
Strict-Transport-Security
max-age=16000000; includeSubDomains; preload;
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
24
bnstats.js
corot-20c.com/ 		1 KB
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
http://corot-20c.com/bnstats.js
Requested by
Host: corot-20c.com
URL: http://corot-20c.com/iframe.php?spotID=376&w=300&h=250&adblock=1&host=maturemompics.com
Protocol
HTTP/1.1
Server
66.254.114.49 Waltham, United States, ASN29789 (REFLECTED - Reflected Networks, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
34b1beb0365a7f0b03d0305ea4ab5419fd76b5f5d1155b6cedd1a3e3292edd7f
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
http://corot-20c.com/iframe.php?spotID=376&w=300&h=250&adblock=1&host=maturemompics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Dec 2019 06:01:55 GMT
Content-Encoding
gzip
X-Backend-Name
c4431_www_crypto
Last-Modified
Tue, 21 Aug 2018 15:41:54 GMT
Server
nginx
ETag
W/"5b7c32c2-4cb"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Strict-Transport-Security
max-age=16000000; includeSubDomains; preload;
X-Backend-Server
ded3371
Expires
Tue, 17 Dec 2019 06:01:55 GMT
ads.js
ads.exoclick.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.exoclick.com/ads.js
Requested by
Host: corot-20c.com
URL: http://corot-20c.com/nb-34/fl.js
Protocol
HTTP/1.1
Server
2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E2) /
Resource Hash
5757a0cb74885086431384d44cff5b736b132fa91050657a3a54215eeb26131e

Request headers

Referer
http://corot-20c.com/iframe.php?spotID=376&w=300&h=250&adblock=1&host=maturemompics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Dec 2019 06:01:55 GMT
Content-Encoding
gzip
Last-Modified
Sat, 07 Dec 2019 05:33:38 GMT
Server
ECS (fcn/40E2)
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=10800
Content-Length
1043
Expires
Sat, 07 Dec 2019 09:01:55 GMT
nr-1153.min.js
js-agent.newrelic.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1153.min.js
Requested by
Host: corot-20c.com
URL: http://corot-20c.com/iframe.php?spotID=376&w=300&h=250&adblock=1&host=maturemompics.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0f4eb8ed7fc767a6dc7512f7597e4d34e4259e797c7c2ee224d7a97d14ecd23

Request headers

Referer
http://corot-20c.com/iframe.php?spotID=376&w=300&h=250&adblock=1&host=maturemompics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 07 Dec 2019 06:01:55 GMT
content-encoding
gzip
x-amz-request-id
2D3E105A17E6604D
x-cache
HIT
status
200
content-length
10041
x-amz-id-2
3t2tQkRjpPp4+gdFW47JilyJiUbAK2RvAnDqzmjysD9hoW4Nrlxvo7Z+PN9rqyVwbaH2UA5RltE=
x-served-by
cache-hhn4065-HHN
last-modified
Fri, 08 Nov 2019 16:26:28 GMT
server
AmazonS3
x-timer
S1575698515.467453,VS0,VE0
etag
"d3b942e7c79a167d59ed590feee5e193"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
7970
6a41edd84a
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/6a41edd84a?a=117041659&v=1153.61ee9ba&to=bwZVZEtUWkdQW0YKX1ZMYkJQGl1SQ1lfBh5IC0c%3D&rst=512&ref=http://corot-20c.com/iframe.php&ap=1&be=272&fe=501&dc=489&perf=%7B%22timing%22:%7B%22of%22:1575698514962,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:26,%22c%22:26,%22ce%22:31,%22rq%22:31,%22rp%22:250,%22rpe%22:252,%22dl%22:257,%22di%22:489,%22ds%22:489,%22de%22:489,%22dc%22:500,%22l%22:500,%22le%22:501%7D,%22navigation%22:%7B%7D%7D&at=Q0FWEgNOSUk%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1153.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
http://corot-20c.com/iframe.php?spotID=376&w=300&h=250&adblock=1&host=maturemompics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bst
corot-20c.com/ 		0
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://corot-20c.com/bst?id=1911&spotID=376&device=pc&is_uniq=1&country=DE&referer=maturemompics.com
Requested by
Host: corot-20c.com
URL: http://corot-20c.com/bnstats.js
Protocol
HTTP/1.1
Server
66.254.114.49 Waltham, United States, ASN29789 (REFLECTED - Reflected Networks, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
http://corot-20c.com/iframe.php?spotID=376&w=300&h=250&adblock=1&host=maturemompics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Dec 2019 06:01:55 GMT
X-Backend-Name
c4431_www_crypto
Server
nginx
Strict-Transport-Security
max-age=16000000; includeSubDomains; preload;
Access-Control-Allow-Methods
POST, OPTIONS, GET
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Backend-Server
ded3371
Expires
Sat, 07 Dec 2019 06:01:54 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require object| ExoLoader object| mn34JWgnin4 boolean| canRunAds object| exoParams string| exoDocumentProtocol

4 Cookies

Domain/Path Name / Value
corot-20c.com/ Name: RNLBSERVERIDCRYPTO
Value: ded3371
corot-20c.com/ Name: shows
Value: %5B%221911%22%5D
corot-20c.com/ Name: 376_uniq
Value: 1
corot-20c.com/ Name: domain
Value: maturemompics.com

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;