ns4domains.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 95.65.0.74, located in Chisinau, Moldova and belongs to STARNET-AS, MD. The main domain is ns4domains.com.

This is the only time ns4domains.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	83.218.218.254 83.218.218.254	31204 (SUNCOMMUN...) (SUNCOMMUNICATIONS-AS JV Sun Communications Autonomous System)
1	95.65.0.74 95.65.0.74	31252 (STARNET-AS) (STARNET-AS)
5	108.138.106.104 108.138.106.104	16509 (AMAZON-02) (AMAZON-02)
6	2

1 83.218.218.254 (Chisinau, Moldova) 1 redirects

ASN31204 (SUNCOMMUNICATIONS-AS JV Sun Communications Autonomous System, MD)
PTR: pro2goal.com

pro2goal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.65.0.74 (Chisinau, Moldova)

ASN31252 (STARNET-AS, MD)
PTR: 95-65-0-74.starnet.md

ns4domains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.106.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-104.jfk50.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	tradedoubler.com vht.tradedoubler.com — Cisco Umbrella Rank: 113489	63 KB
1	ns4domains.com ns4domains.com	12 KB
1	pro2goal.com 1 redirects pro2goal.com — Cisco Umbrella Rank: 625870	299 B
6	3

	Domain	Requested by
5	vht.tradedoubler.com	ns4domains.com
1	ns4domains.com
1	pro2goal.com	1 redirects
6	3

This site contains links to these domains. Also see Links.

Domain
clk.tradedoubler.com

Subject Issuer	Validity	Valid
*.tradedoubler.com Amazon RSA 2048 M02	`2023-11-14` - `2024-12-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://ns4domains.com/html/neo_copieur23.html
Frame ID: 5AD766D60F2AA31CAC038258CA93D668
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page URL History Show full URLs

http://pro2goal.com/iem65/link.php?m=91150&n=1129&l=172&f=h HTTP 302
http://ns4domains.com/html/neo_copieur23.html Page URL

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

75 kB
Transfer

72 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://clk.tradedoubler.com/click?p=277898&a=2932876&g=23810828&url=https://entreprise-devis.net/676_IT1_1216?qcp=676_IT1_1216&utm_source=n&utm_medium=e-mail&utm_campaign=newsc&utm_nooverride=1
Title: Cliquez-ici.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pro2goal.com/iem65/link.php?m=91150&n=1129&l=172&f=h HTTP 302
http://ns4domains.com/html/neo_copieur23.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request neo_copieur23.html Show response
ns4domains.com/html/
Redirect Chain

http://pro2goal.com/iem65/link.php?m=91150&n=1129&l=172&f=h
http://ns4domains.com/html/neo_copieur23.html

12 KB
12 KB

986ms
358ms

Document
text/html

95.65.0.74
STARNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ns4domains.com/html/neo_copieur23.html
Protocol: HTTP/1.1
Server: 95.65.0.74 Chisinau, Moldova, ASN31252 (STARNET-AS, MD),
Reverse DNS: 95-65-0-74.starnet.md
Software: Apache /
Resource Hash: 463463f717d7e29bd0ae47d551b3b3e82d258529bcf557722beee3c8d4d6ab4c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 11832
Content-Type: text/html
Date: Sat, 27 Jan 2024 02:10:08 GMT
ETag: "e82f5-2e38-60eab4f3f2a00"
Keep-Alive: timeout=15, max=100
Last-Modified: Thu, 11 Jan 2024 13:13:12 GMT
Server: Apache

Redirect headers

Connection: Upgrade, Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sat, 27 Jan 2024 02:10:07 GMT
Keep-Alive: timeout=5, max=100
Location: http://ns4domains.com/html/neo_copieur23.html
Server: Apache
Upgrade: h2,h2c
X-Powered-By: PHP/7.4.33

GET
H/1.1 200
OK 676IT1_r2_c2.jpg
vht.tradedoubler.com/file/277898/img/ 11 KB
11 KB 347ms
106ms Image
image/jpeg 108.138.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277898/img/676IT1_r2_c2.jpg

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neo_copieur23.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-104.jfk50.r.cloudfront.net

Software

Apache /

Resource Hash

2c4ed7be07367c522585b5e11f78cf32d7ee85db692d8568e1184ce9643a2539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 09:09:23 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: JFK50-P3
Age: 61246
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11088
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 22 Feb 2017 15:15:12 GMT
Server: Apache
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: U_avDoAmmguivOiMdS17QmufrOpmBajZixEkPEwxUUit9Lc82DgNeA==

GET
H/1.1 200
OK 676IT1_r1_c7.jpg
vht.tradedoubler.com/file/277898/img/ 32 KB
32 KB 401ms
78ms Image
image/jpeg 108.138.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277898/img/676IT1_r1_c7.jpg

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neo_copieur23.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-104.jfk50.r.cloudfront.net

Software

Apache /

Resource Hash

17f190729411b65cd4231e6dffa3f29d30709a195a335e867e4c95d952173730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 09:09:23 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: JFK50-P3
Age: 61246
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 32437
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 22 Feb 2017 15:15:12 GMT
Server: Apache
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: _5Dn2-nimu4H2alHDhejZIbdxp0VYwA1GUQ8o5Z3S1Uru_NIOA04wQ==

GET
H/1.1 200
OK 676IT1_r5_c3.jpg
vht.tradedoubler.com/file/277898/img/ 6 KB
6 KB 257ms
77ms Image
image/jpeg 108.138.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277898/img/676IT1_r5_c3.jpg

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neo_copieur23.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-104.jfk50.r.cloudfront.net

Software

Apache /

Resource Hash

78039f6901cdb6bea9ac067fcf28f740f0c0e3f4edc42b5cd97d20a5279b7748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 09:09:23 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: JFK50-P3
Age: 61246
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 6018
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 22 Feb 2017 15:15:12 GMT
Server: Apache
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: eQ7QgVv-vsb5wih_p07XcRttC_qyMMxfQUI9ClX4Q5vnOSSjpDrB-A==

GET
H/1.1 200
OK 676IT1_r5_c5.jpg
vht.tradedoubler.com/file/277898/img/ 6 KB
7 KB 287ms
100ms Image
image/jpeg 108.138.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277898/img/676IT1_r5_c5.jpg

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neo_copieur23.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-104.jfk50.r.cloudfront.net

Software

Apache /

Resource Hash

3117d55c25c22560dc6d0286e115e7f80d35cd3214aaa1b6d4c0a0f21e97d099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 09:09:23 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 01b6e75b22243ae76d6d282c014927c6.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: JFK50-P3
Age: 61246
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 6535
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 22 Feb 2017 15:15:12 GMT
Server: Apache
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: KtXnSM6l0L1LXxEBiF35hHWWiMgrurtTiCnLvZVtDP6gQhQ57NVgbA==

GET
H/1.1 200
OK 676IT1_r5_c9.jpg
vht.tradedoubler.com/file/277898/img/ 5 KB
6 KB 218ms
85ms Image
image/jpeg 108.138.106.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277898/img/676IT1_r5_c9.jpg

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neo_copieur23.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-104.jfk50.r.cloudfront.net

Software

Apache /

Resource Hash

0833ac88bcc985e95e2907a650ed310710d6ae57eba8052c0ba0fb944cd7fc9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 09:09:23 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: JFK50-P3
Age: 61246
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 5553
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 22 Feb 2017 15:15:12 GMT
Server: Apache
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: wKLXQIGwE6IPQvfQikPANA8swZTguozOPNDk9LdRnzb03lLzqWaguA==

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ns4domains.com
pro2goal.com
vht.tradedoubler.com
108.138.106.104
83.218.218.254
95.65.0.74
0833ac88bcc985e95e2907a650ed310710d6ae57eba8052c0ba0fb944cd7fc9f
17f190729411b65cd4231e6dffa3f29d30709a195a335e867e4c95d952173730
2c4ed7be07367c522585b5e11f78cf32d7ee85db692d8568e1184ce9643a2539
3117d55c25c22560dc6d0286e115e7f80d35cd3214aaa1b6d4c0a0f21e97d099
463463f717d7e29bd0ae47d551b3b3e82d258529bcf557722beee3c8d4d6ab4c
78039f6901cdb6bea9ac067fcf28f740f0c0e3f4edc42b5cd97d20a5279b7748

ns4domains.com Open in urlscan Pro 95.65.0.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

75 kBTransfer

72 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

ns4domains.com Open in urlscan Pro
95.65.0.74 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

75 kB
Transfer

72 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions