urlscan.io logo urlscan.io
SecurityTrails logo

www.claro-search.com Open in urlscan Pro
198.20.96.92  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.claro-search.com/?q=www.aktia.fi&babsrc=HP_ss&s=web&rlz=0&sd=8&as=9&ac=0
Submission: On September 23 via manual from FI — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 198.20.96.92, located in Netherlands and belongs to SINGLEHOP-LLC, US. The main domain is www.claro-search.com.
This is the only time www.claro-search.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.20.96.92 32475 (SINGLEHOP...)
2 108.163.228.179 32475 (SINGLEHOP...)
3 2
Apex Domain
Subdomains		 Transfer
2 df-stream.net
img.df-stream.net
5 KB
1 claro-search.com
www.claro-search.com
11 KB
3 2
Domain Requested by
2 img.df-stream.net www.claro-search.com
img.df-stream.net
1 www.claro-search.com
3 2

This site contains links to these domains. Also see Links.

Domain
r.search.yahoo.com
www.aktia.fi
auth.aktia.fi
www.aktia.com
www.aktialkv.fi
claro-search.com
Subject Issuer Validity Valid

This page contains 2 frames:

Primary Page: http://www.claro-search.com/?q=www.aktia.fi&babsrc=HP_ss&s=web&rlz=0&sd=8&as=9&ac=0
Frame ID: 15313D049A4BB0B9A4EB12DCB5CE1BC5
Requests: 2 HTTP requests in this frame

Frame: http://img.df-stream.net/df/iframe_serp_4.1.html
Frame ID: A5D756CB67BCD725D4EFB18528237496
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

(1) www.aktia.fi - Web Search Results

Page Statistics

3
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

16 kB
Transfer

54 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.claro-search.com/ 		45 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.claro-search.com/?q=www.aktia.fi&babsrc=HP_ss&s=web&rlz=0&sd=8&as=9&ac=0
Protocol
HTTP/1.1
Server
198.20.96.92 , Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ba-sh-nl-dc1-.002.com
Software
nginx/1.13.12 / PHP/7.1.9
Resource Hash
b86051da9a63962bfa9de564c409fc641a7b3b846d2cc56529d7e77a9851d0ff
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.claro-search.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.13.12
Date
Thu, 23 Sep 2021 09:20:41 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=30
X-Powered-By
PHP/7.1.9
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Set-Cookie
visitorID=1632388840-3015264702; expires=Sun, 18-Sep-2022 09:20:40 GMT; Max-Age=31104000; path=/; domain=.claro-search.com bsearchCntry=DE; expires=Tue, 22-Mar-2022 09:20:40 GMT; Max-Age=15552000; path=/; domain=.claro-search.com
Content-Encoding
gzip
serp_4.1.js
img.df-stream.net/df/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://img.df-stream.net/df/serp_4.1.js
Requested by
Host: www.claro-search.com
URL: http://www.claro-search.com/?q=www.aktia.fi&babsrc=HP_ss&s=web&rlz=0&sd=8&as=9&ac=0
Protocol
HTTP/1.1
Server
108.163.228.179 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
singhop0013.babylon.com
Software
nginx/1.13.4 /
Resource Hash
30a2c8fc2845301a012cecca2b935d36e2ecf2498dfb338d2d43c9aa03ac6226

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.claro-search.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 23 Sep 2021 09:20:41 GMT
Last-Modified
Tue, 19 Aug 2014 11:13:31 GMT
Server
nginx/1.13.4
ETag
"53f3315b-6c9"
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=20
Content-Length
1737
iframe_serp_4.1.html
img.df-stream.net/df/ Frame A5D7 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://img.df-stream.net/df/iframe_serp_4.1.html
Requested by
Host: img.df-stream.net
URL: http://img.df-stream.net/df/serp_4.1.js
Protocol
HTTP/1.1
Server
108.163.228.179 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
singhop0013.babylon.com
Software
nginx/1.13.4 /
Resource Hash
09617a87ce5628c991bd4bcf89340324ec3d5b9d33b5310f132ceca3bb73aff9

Request headers

Host
img.df-stream.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.claro-search.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.claro-search.com/

Response headers

Server
nginx/1.13.4
Date
Thu, 23 Sep 2021 09:20:41 GMT
Content-Type
text/html
Last-Modified
Tue, 21 Oct 2014 12:04:12 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
Vary
Accept-Encoding
ETag
W/"54464bbc-1e93"
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding
gzip

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster number| ac string| hl string| cn object| ssgObj number| isEnterTrue undefined| oRequest function| $ function| SetFocus function| doPrventdouble function| validateForm function| gSTypeSel function| cl function| submitForm function| toggleDisplay function| showStatus function| clearStatus function| sugesstSize function| acp_new function| acp_yah function| bsDfp function| yahRel function| sitePlug function| setCookie

2 Cookies

Domain/Path Name / Value
.claro-search.com/ Name: visitorID
Value: 1632388840-3015264702
.claro-search.com/ Name: bsearchCntry
Value: DE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.df-stream.net
www.claro-search.com
108.163.228.179
198.20.96.92
09617a87ce5628c991bd4bcf89340324ec3d5b9d33b5310f132ceca3bb73aff9
30a2c8fc2845301a012cecca2b935d36e2ecf2498dfb338d2d43c9aa03ac6226
b86051da9a63962bfa9de564c409fc641a7b3b846d2cc56529d7e77a9851d0ff