www.gerandclaire.com Open in urlscan Pro
67.195.197.24 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.gerandclaire.com/pommo/user/confirm.php?code=4c6656e7192e0851c2521f267742079a
Submission: On July 07 via manual (July 7th 2020, 6:17:29 am UTC) from PH

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 67.195.197.24, located in United States and belongs to YAHOO-3, US. The main domain is www.gerandclaire.com.

This is the only time www.gerandclaire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	67.195.197.24 67.195.197.24	26101 (YAHOO-3) (YAHOO-3)
5	34.234.1.180 34.234.1.180	14618 (AMAZON-AES) (AMAZON-AES)
8	2

3 67.195.197.24 (United States)

ASN26101 (YAHOO-3, US)
PTR: p9ats-rhel.geo.vip.bf1.yahoo.com

www.gerandclaire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.234.1.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-1-180.compute-1.amazonaws.com

np.lexity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	lexity.com np.lexity.com	5 KB
3	gerandclaire.com www.gerandclaire.com	7 KB
8	2

	Domain	Requested by
5	np.lexity.com	www.gerandclaire.com np.lexity.com
3	www.gerandclaire.com	www.gerandclaire.com
8	2

This site contains links to these domains. Also see Links.

Domain
pommo.sourceforge.net

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.gerandclaire.com/pommo/user/confirm.php?code=4c6656e7192e0851c2521f267742079a
Frame ID: 551ABD20936490420E613054F9EDC9E7
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache Traffic Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /ATS\/?([\d.]+)?/i

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

12 kB
Transfer

15 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://pommo.sourceforge.net/
Title: poMMo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request confirm.php Show response www.gerandclaire.com/pommo/user/	2 KB 2 KB	576ms 385ms	Document text/html	67.195.197.24 YAHOO-3
General Check archive.org Show headers Download Go to Full URL http://www.gerandclaire.com/pommo/user/confirm.php?code=4c6656e7192e0851c2521f267742079a Protocol HTTP/1.1 Server 67.195.197.24 , United States, ASN26101 (YAHOO-3, US), Reverse DNS p9ats-rhel.geo.vip.bf1.yahoo.com Software ATS/7.1.2 / Resource Hash `49baa0ae355694af55051cfb26047452f88a04208fa35ba14ea634e53ca14c5f` Request headers Host www.gerandclaire.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 07 Jul 2020 06:17:05 GMT P3P policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Cache-Control private Content-Type text/html Age 3 Transfer-Encoding chunked Connection keep-alive Server ATS/7.1.2
GET H/1.1	200 OK	default.user.css www.gerandclaire.com/pommo/themes/shared/css/	1023 B 978 B	295ms 294ms	Stylesheet text/css	67.195.197.24 YAHOO-3
General Check archive.org Show headers Download Go to Full URL http://www.gerandclaire.com/pommo/themes/shared/css/default.user.css Requested by Host: www.gerandclaire.com URL: http://www.gerandclaire.com/pommo/user/confirm.php?code=4c6656e7192e0851c2521f267742079a Protocol HTTP/1.1 Server 67.195.197.24 , United States, ASN26101 (YAHOO-3, US), Reverse DNS p9ats-rhel.geo.vip.bf1.yahoo.com Software ATS/7.1.2 / Resource Hash `6fd6b3f00e79624078994ddde572db3f5728b16eed8839645c4de5de81a8b1fa` Request headers Referer http://www.gerandclaire.com/pommo/user/confirm.php?code=4c6656e7192e0851c2521f267742079a User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 07 Jul 2020 06:17:07 GMT Content-Encoding gzip Last-Modified Wed, 22 Jun 2011 17:21:29 GMT Server ATS/7.1.2 Age 1 Vary Accept-Encoding P3P policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Connection keep-alive Accept-Ranges bytes Content-Type text/css Content-Length 490
GET H/1.1	200 OK	back.png www.gerandclaire.com/pommo/themes/shared/images/icons/	3 KB 4 KB	363ms 350ms	Image image/png	67.195.197.24 YAHOO-3
General Check archive.org Show headers Download Go to Show image Full URL http://www.gerandclaire.com/pommo/themes/shared/images/icons/back.png Requested by Host: www.gerandclaire.com URL: http://www.gerandclaire.com/pommo/user/confirm.php?code=4c6656e7192e0851c2521f267742079a Protocol HTTP/1.1 Server 67.195.197.24 , United States, ASN26101 (YAHOO-3, US), Reverse DNS p9ats-rhel.geo.vip.bf1.yahoo.com Software ATS/7.1.2 / Resource Hash `a9352ebf9c2c4c9c9fc1d6559a8f5cc5d494a7b5a8199e575e5737140ecce3fe` Request headers Referer http://www.gerandclaire.com/pommo/user/confirm.php?code=4c6656e7192e0851c2521f267742079a User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 07 Jul 2020 06:17:06 GMT Last-Modified Wed, 22 Jun 2011 17:21:46 GMT Server ATS/7.1.2 Age 2 P3P policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Type image/png Content-Length 3221 Expires Fri, 17 Jul 2020 06:17:06 GMT
GET H/1.1	200 OK	e475c61be592c9c8f5e5204c5b108057 Show response np.lexity.com/embed/YW/	9 KB 4 KB	237ms 200ms	Script text/plain	34.234.1.180 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://np.lexity.com/embed/YW/e475c61be592c9c8f5e5204c5b108057?id=2cfdaa02967d Requested by Host: www.gerandclaire.com URL: http://www.gerandclaire.com/pommo/user/confirm.php?code=4c6656e7192e0851c2521f267742079a Protocol HTTP/1.1 Server 34.234.1.180 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-1-180.compute-1.amazonaws.com Software / Resource Hash `7c921e8118f1484735c5ca28b83d01b145ea021c53c46c25b3a487192d9e2d90` Request headers Referer http://www.gerandclaire.com/pommo/user/confirm.php?code=4c6656e7192e0851c2521f267742079a User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 07 Jul 2020 06:17:08 GMT content-encoding gzip Connection keep-alive Content-Length 3702
GET H/1.1	200 OK	wuinlant.f.kk[0] Show response np.lexity.com/embed/YW/e475c61be592c9c8f5e5204c5b108057/v/dgouraSJHihs/k/gbQUrZq1oi1q/u/http%3A%2F%2Fwww.gerandclaire.com%2Fpommo%2Fuser%2Fconfirm.php%3Fcode%3D4c6656e7192e0851c2521f267742079a/n/15...	20 B 321 B	105ms 105ms	Script text/javascript	34.234.1.180 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://np.lexity.com/embed/YW/e475c61be592c9c8f5e5204c5b108057/v/dgouraSJHihs/k/gbQUrZq1oi1q/u/http%3A%2F%2Fwww.gerandclaire.com%2Fpommo%2Fuser%2Fconfirm.php%3Fcode%3D4c6656e7192e0851c2521f267742079a/n/1594102628889/t/.%20..poMMo..%20./vn/1/c/wuinlant.f.kk[0]?id=2cfdaa02967d&ts=1594102629152 Requested by Host: np.lexity.com URL: http://np.lexity.com/embed/YW/e475c61be592c9c8f5e5204c5b108057?id=2cfdaa02967d Protocol HTTP/1.1 Server 34.234.1.180 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-1-180.compute-1.amazonaws.com Software / Resource Hash `e036bd9b1537bb2a63b0ee1eed2414a1ec7492ca34603a8111f3174015427aa4` Request headers Referer http://www.gerandclaire.com/pommo/user/confirm.php?code=4c6656e7192e0851c2521f267742079a User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 07 Jul 2020 06:17:09 GMT Cache-Control no-store, no-cache Connection keep-alive p3p policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC" Content-Length 20 Content-Type text/javascript
GET H/1.1	200 OK	wuinlant.f.kk[1] Show response np.lexity.com/embed/YW/e475c61be592c9c8f5e5204c5b108057/h/1/v/dgouraSJHihs/k/gbQUrZq1oi1q/u/http%3A%2F%2Fwww.gerandclaire.com%2Fpommo%2Fuser%2Fconfirm.php%3Fcode%3D4c6656e7192e0851c2521f267742079a/...	20 B 321 B	105ms 105ms	Script text/javascript	34.234.1.180 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://np.lexity.com/embed/YW/e475c61be592c9c8f5e5204c5b108057/h/1/v/dgouraSJHihs/k/gbQUrZq1oi1q/u/http%3A%2F%2Fwww.gerandclaire.com%2Fpommo%2Fuser%2Fconfirm.php%3Fcode%3D4c6656e7192e0851c2521f267742079a/n/1594102628889/t/.%20..poMMo..%20./vn/1/c/wuinlant.f.kk[1]?id=2cfdaa02967d&ts=1594102633153 Requested by Host: np.lexity.com URL: http://np.lexity.com/embed/YW/e475c61be592c9c8f5e5204c5b108057?id=2cfdaa02967d Protocol HTTP/1.1 Server 34.234.1.180 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-1-180.compute-1.amazonaws.com Software / Resource Hash `4be90c7c0b7636b14159df1da921bb323040f6abe03eb5bf2d91ed1d9a75961a` Request headers Referer http://www.gerandclaire.com/pommo/user/confirm.php?code=4c6656e7192e0851c2521f267742079a User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 07 Jul 2020 06:17:13 GMT Cache-Control no-store, no-cache Connection keep-alive p3p policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC" Content-Length 20 Content-Type text/javascript
GET H/1.1	200 OK	wuinlant.f.kk[2] Show response np.lexity.com/embed/YW/e475c61be592c9c8f5e5204c5b108057/h/1/v/dgouraSJHihs/k/gbQUrZq1oi1q/u/http%3A%2F%2Fwww.gerandclaire.com%2Fpommo%2Fuser%2Fconfirm.php%3Fcode%3D4c6656e7192e0851c2521f267742079a/...	20 B 321 B	105ms 104ms	Script text/javascript	34.234.1.180 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://np.lexity.com/embed/YW/e475c61be592c9c8f5e5204c5b108057/h/1/v/dgouraSJHihs/k/gbQUrZq1oi1q/u/http%3A%2F%2Fwww.gerandclaire.com%2Fpommo%2Fuser%2Fconfirm.php%3Fcode%3D4c6656e7192e0851c2521f267742079a/n/1594102628889/t/.%20..poMMo..%20./vn/1/c/wuinlant.f.kk[2]?id=2cfdaa02967d&ts=1594102637154 Requested by Host: np.lexity.com URL: http://np.lexity.com/embed/YW/e475c61be592c9c8f5e5204c5b108057?id=2cfdaa02967d Protocol HTTP/1.1 Server 34.234.1.180 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-1-180.compute-1.amazonaws.com Software / Resource Hash `fa626735eb6497b574b38d090aa97cd59f62e292d41ae1cbcb66a20131819974` Request headers Referer http://www.gerandclaire.com/pommo/user/confirm.php?code=4c6656e7192e0851c2521f267742079a User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 07 Jul 2020 06:17:17 GMT Cache-Control no-store, no-cache Connection keep-alive p3p policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC" Content-Length 20 Content-Type text/javascript
GET H/1.1	200 OK	wuinlant.f.kk[3] Show response np.lexity.com/embed/YW/e475c61be592c9c8f5e5204c5b108057/h/1/v/dgouraSJHihs/k/gbQUrZq1oi1q/u/http%3A%2F%2Fwww.gerandclaire.com%2Fpommo%2Fuser%2Fconfirm.php%3Fcode%3D4c6656e7192e0851c2521f267742079a/...	20 B 321 B	106ms 106ms	Script text/javascript	34.234.1.180 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://np.lexity.com/embed/YW/e475c61be592c9c8f5e5204c5b108057/h/1/v/dgouraSJHihs/k/gbQUrZq1oi1q/u/http%3A%2F%2Fwww.gerandclaire.com%2Fpommo%2Fuser%2Fconfirm.php%3Fcode%3D4c6656e7192e0851c2521f267742079a/n/1594102628889/t/.%20..poMMo..%20./vn/1/c/wuinlant.f.kk[3]?id=2cfdaa02967d&ts=1594102641154 Requested by Host: np.lexity.com URL: http://np.lexity.com/embed/YW/e475c61be592c9c8f5e5204c5b108057?id=2cfdaa02967d Protocol HTTP/1.1 Server 34.234.1.180 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-1-180.compute-1.amazonaws.com Software / Resource Hash `2e45803e8c267c452516e9ca05ebc8da911b0a1ff29c2d1c2c8eac53c02f60e7` Request headers Referer http://www.gerandclaire.com/pommo/user/confirm.php?code=4c6656e7192e0851c2521f267742079a User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 07 Jul 2020 06:17:21 GMT Cache-Control no-store, no-cache Connection keep-alive p3p policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC" Content-Length 20 Content-Type text/javascript

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| wuinlant object| _ycc object| _lex

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

np.lexity.com
www.gerandclaire.com
34.234.1.180
67.195.197.24
2e45803e8c267c452516e9ca05ebc8da911b0a1ff29c2d1c2c8eac53c02f60e7
49baa0ae355694af55051cfb26047452f88a04208fa35ba14ea634e53ca14c5f
4be90c7c0b7636b14159df1da921bb323040f6abe03eb5bf2d91ed1d9a75961a
6fd6b3f00e79624078994ddde572db3f5728b16eed8839645c4de5de81a8b1fa
7c921e8118f1484735c5ca28b83d01b145ea021c53c46c25b3a487192d9e2d90
a9352ebf9c2c4c9c9fc1d6559a8f5cc5d494a7b5a8199e575e5737140ecce3fe
e036bd9b1537bb2a63b0ee1eed2414a1ec7492ca34603a8111f3174015427aa4
fa626735eb6497b574b38d090aa97cd59f62e292d41ae1cbcb66a20131819974

www.gerandclaire.com Open in urlscan Pro 67.195.197.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

12 kBTransfer

15 kBSize

0 Cookies

1 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Indicators

www.gerandclaire.com Open in urlscan Pro
67.195.197.24 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

12 kB
Transfer

15 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions