ns4domains.com Open in urlscan Pro
188.138.247.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://top2space.com/iem_621/link.php?M=187146&N=85&L=63&F=H
Effective URL:
http://ns4domains.com/html/bernard1.html
Submission: On November 15 via api (November 15th 2021, 1:21:02 am UTC) from BE — Scanned from DE

Summary HTTP 10 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 6 domains to perform 10 HTTP transactions. The main IP is 188.138.247.54, located in Durlesti, Moldova and belongs to STARNET-AS, MD. The main domain is ns4domains.com.

This is the only time ns4domains.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	217.12.123.30 217.12.123.30	25454 (ASN-OMD-F...) (ASN-OMD-FNO Orange Moldova Fixed Network Autonomous System)
1	188.138.247.54 188.138.247.54	31252 (STARNET-AS) (STARNET-AS)
8	52.239.194.164 52.239.194.164	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	34.77.87.28 34.77.87.28	15169 (GOOGLE) (GOOGLE)
1 1	34.102.211.201 34.102.211.201	15169 (GOOGLE) (GOOGLE)
1 2	34.102.166.105 34.102.166.105	15169 (GOOGLE) (GOOGLE)
10	3

1 217.12.123.30 (Chisinau, Moldova) 1 redirects

ASN25454 (ASN-OMD-FNO Orange Moldova Fixed Network Autonomous System, MD)
PTR: top2space.com

top2space.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.138.247.54 (Durlesti, Moldova)

ASN31252 (STARNET-AS, MD)
PTR: 188-138-247-54.starnet.md

ns4domains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.239.194.164 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

imgnewsbernardfr.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.77.87.28 (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 28.87.77.34.bc.googleusercontent.com

track.effimailing24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.211.201 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 201.211.102.34.bc.googleusercontent.com

track.effiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.166.105 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 105.166.102.34.bc.googleusercontent.com

partner.bernard.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	windows.net imgnewsbernardfr.blob.core.windows.net	156 KB
2	bernard.fr 1 redirects partner.bernard.fr	567 B
1	effiliation.com 1 redirects track.effiliation.com	299 B
1	effimailing24.com 1 redirects track.effimailing24.com	237 B
1	ns4domains.com ns4domains.com	75 KB
1	top2space.com 1 redirects top2space.com	268 B
10	6

	Domain	Requested by
8	imgnewsbernardfr.blob.core.windows.net	ns4domains.com
2	partner.bernard.fr	1 redirects ns4domains.com
1	track.effiliation.com	1 redirects
1	track.effimailing24.com	1 redirects
1	ns4domains.com
1	top2space.com	1 redirects
10	6

This site contains links to these domains. Also see Links.

Domain
track.effimailing24.com

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2021-09-01` - `2022-09-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://ns4domains.com/html/bernard1.html
Frame ID: 6CAFF23632D2FD3BE563AEFE223EB5D2
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bernard

Page URL History Show full URLs

https://top2space.com/iem_621/link.php?M=187146&N=85&L=63&F=H HTTP 302
http://ns4domains.com/html/bernard1.html Page URL

Page Statistics

10
Requests

80 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

3
IPs

4
Countries

232 kB
Transfer

228 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://track.effimailing24.com/servlet/effi.redir?id_compteur=22679410&url=https%3A%2F%2Fwww.bernard.fr%2F_cms_000272.html%3Futm_campaign%3DPR01%26utm_content%3DA1%26utm_source%3Daffi%26utm_medium%3DEM

Search URL Search Domain Scan URL

URL: https://track.effimailing24.com/servlet/effi.redir?id_compteur=22679410&url=https%3A%2F%2Fwww.bernard.fr%2F_cms_000272.html%23Enceinte_Waterproof_Blaupunkt%3Futm_campaign%3DPR01%26utm_content%3DA2%26utm_source%3Daffi%26utm_medium%3DEM%0A

Search URL Search Domain Scan URL

URL: https://track.effimailing24.com/servlet/effi.redir?id_compteur=22679410&url=https%3A%2F%2Fwww.bernard.fr%2F
Title: bernard.fr

Search URL Search Domain Scan URL

URL: https://track.effimailing24.com/servlet/effi.redir?id_compteur=22679410&url=https%3A%2F%2Fwww.bernard.fr%2Fconditions-de-ventes_cms_000027.html
Title: Garantie Sécurité Totale

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://top2space.com/iem_621/link.php?M=187146&N=85&L=63&F=H HTTP 302
http://ns4domains.com/html/bernard1.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://track.effimailing24.com/servlet/effi.pixel?id_compteur=22679410 HTTP 302
https://track.effiliation.com/servlet/effi.pixel?id_compteur=22679410 HTTP 302
https://partner.bernard.fr/servlet/effi.pixel?id_compteur=22679410 HTTP 302
https://partner.bernard.fr/pixel.gif

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request bernard1.html Show response
ns4domains.com/html/
Redirect Chain

https://top2space.com/iem_621/link.php?M=187146&N=85&L=63&F=H
http://ns4domains.com/html/bernard1.html

75 KB
75 KB

308ms
38ms

Document
text/html

188.138.247.54
STARNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ns4domains.com/html/bernard1.html
Protocol: HTTP/1.1
Server: 188.138.247.54 Durlesti, Moldova, ASN31252 (STARNET-AS, MD),
Reverse DNS: 188-138-247-54.starnet.md
Software: Apache /
Resource Hash: 4054b7238f1f387c2a64cc07973c1ca2ffedf4acbf13193b20ec75aa447b41ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 15 Nov 2021 01:20:57 GMT
Server: Apache
Last-Modified: Fri, 24 Sep 2021 12:59:16 GMT
ETag: "1a0006-12c5c-5ccbd508f3100"
Accept-Ranges: bytes
Content-Length: 76892
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

Date: Mon, 15 Nov 2021 01:20:57 GMT
Server: Apache
X-Powered-By: PHP/7.3.30
Location: http://ns4domains.com/html/bernard1.html
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Bernard-raja_full.png
imgnewsbernardfr.blob.core.windows.net/$web/email/common/ 10 KB
10 KB 160ms
28ms Image
image/png 52.239.194.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/Bernard-raja_full.png
Requested by: Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 41438c62ae740ce99bb2756d45afd7c67052d27ecee7cbea8c7f131670ff69c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 15 Nov 2021 01:20:57 GMT
Last-Modified: Tue, 08 Dec 2020 12:15:44 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: nWMbql6Xn4QAjcWObs9zHA==
ETag: 0x8D89B72FCC0074C
Content-Type: image/png
x-ms-request-id: e2ee1d6e-601e-0018-7ebf-d96602000000
x-ms-version: 2009-09-19
Content-Length: 9974

GET
H/1.1 200
OK spacer.png
imgnewsbernardfr.blob.core.windows.net/$web/email/common/ 928 B
1 KB 132ms
28ms Image
image/png 52.239.194.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/spacer.png
Requested by: Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3d3b998b7960fff9055c75ac51161cf502482a9dfbf71d71d70892d4bcbda4b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 15 Nov 2021 01:20:57 GMT
Last-Modified: Mon, 12 Oct 2020 08:15:02 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: TbCoRn9e4GI5Nm+zyLsC2Q==
ETag: 0x8D86E86EB3946DD
Content-Type: image/png
x-ms-request-id: 5b8c4344-401e-004e-65bf-d9ff3d000000
x-ms-version: 2009-09-19
Content-Length: 928

GET
H/1.1 200
OK bandeau_secteurs.jpg
imgnewsbernardfr.blob.core.windows.net/$web/email/common/affiliation/ 45 KB
46 KB 133ms
19ms Image
image/jpeg 52.239.194.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/affiliation/bandeau_secteurs.jpg
Requested by: Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5f7873d0d891d57ea1b5a37a54964003c64612ff21445305ceb9084d8c375b30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 15 Nov 2021 01:20:57 GMT
Last-Modified: Fri, 27 Aug 2021 08:28:40 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: D94pxo5xE6Bqxc2elLuQFg==
ETag: 0x8D96934ACE53860
Content-Type: image/jpeg
x-ms-request-id: 76db0441-d01e-005f-50bf-d9641d000000
x-ms-version: 2009-09-19
Content-Length: 46456

GET
H/1.1 200
OK bandeau_cadeau_enceinte_blaupunkt.jpg
imgnewsbernardfr.blob.core.windows.net/$web/email/common/affiliation/ 77 KB
78 KB 95ms
20ms Image
image/jpeg 52.239.194.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/affiliation/bandeau_cadeau_enceinte_blaupunkt.jpg
Requested by: Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a9f893f04e4e29576d4cc52d6adb6d799ca5c2eac9d32182c182b6c2d03a35f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 15 Nov 2021 01:20:57 GMT
Last-Modified: Fri, 27 Aug 2021 08:33:10 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Hip4Ns8nz+jtCMhpmLrOPg==
ETag: 0x8D969354D84B2DD
Content-Type: image/jpeg
x-ms-request-id: 38bdf56e-101e-0007-48bf-d95f3f000000
x-ms-version: 2009-09-19
Content-Length: 79186

GET
H/1.1 200
OK reassurance_livraison.png
imgnewsbernardfr.blob.core.windows.net/$web/email/common/ 4 KB
4 KB 74ms
26ms Image
image/png 52.239.194.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/reassurance_livraison.png
Requested by: Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fce25d5885b0b654d330d94d71a9a0f36c550a2f44de5d6ab88b1b28d181272e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 15 Nov 2021 01:20:56 GMT
Last-Modified: Mon, 21 Dec 2020 09:38:47 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Fx00Cl5FC1+FHsg6vPwSow==
ETag: 0x8D8A594377EE8C3
Content-Type: image/png
x-ms-request-id: b0c077a0-901e-001f-18bf-d9b70c000000
x-ms-version: 2009-09-19
Content-Length: 4024

GET
H/1.1 200
OK reassurance_paiement.png
imgnewsbernardfr.blob.core.windows.net/$web/email/common/ 5 KB
5 KB 74ms
24ms Image
image/png 52.239.194.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/reassurance_paiement.png
Requested by: Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e6bc0d7e51923fab73d7feaf40bfb84fe45493f45d9abe412e5fe77cbd5fbccd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 15 Nov 2021 01:20:57 GMT
Last-Modified: Mon, 21 Dec 2020 09:38:47 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 5T1L0YLrKExAKNV1oWMHqw==
ETag: 0x8D8A594377EE8C3
Content-Type: image/png
x-ms-request-id: f0254f2b-e01e-0000-5fbf-d98e31000000
x-ms-version: 2009-09-19
Content-Length: 4762

GET
H/1.1 200
OK reassurance_conseiller.png
imgnewsbernardfr.blob.core.windows.net/$web/email/common/ 6 KB
6 KB 27ms
25ms Image
image/png 52.239.194.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/reassurance_conseiller.png
Requested by: Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1afb7f00e315b53abf0be02d07557f9e13875e6f65d94934dee554ba97ec702e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 15 Nov 2021 01:20:57 GMT
Last-Modified: Wed, 23 Dec 2020 09:57:52 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: IwT0BLkhqdGPek/Y7ldobg==
ETag: 0x8D8A72936B90FB9
Content-Type: image/png
x-ms-request-id: 38bdf56b-101e-0007-47bf-d95f3f000000
x-ms-version: 2009-09-19
Content-Length: 5903

GET
H/1.1 200
OK reassurance_retours.png
imgnewsbernardfr.blob.core.windows.net/$web/email/common/ 5 KB
6 KB 26ms
23ms Image
image/png 52.239.194.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/reassurance_retours.png
Requested by: Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ffc5a558ed3f2c1ca625ca5e4fb7d040b029edc752062448b300f9556f4f450c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 15 Nov 2021 01:20:57 GMT
Last-Modified: Fri, 22 Jan 2021 10:00:40 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: irsQ7I/K+jwH9QiPni69zg==
ETag: 0x8D8BEBC93477AD8
Content-Type: image/png
x-ms-request-id: 76db043e-d01e-005f-4fbf-d9641d000000
x-ms-version: 2009-09-19
Content-Length: 5521

GET
H2

200

pixel.gif
partner.bernard.fr/
Redirect Chain

https://track.effimailing24.com/servlet/effi.pixel?id_compteur=22679410
https://track.effiliation.com/servlet/effi.pixel?id_compteur=22679410
https://partner.bernard.fr/servlet/effi.pixel?id_compteur=22679410
https://partner.bernard.fr/pixel.gif

43 B
134 B

15ms
14ms

Image
image/gif

34.102.166.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://partner.bernard.fr/pixel.gif

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html

Protocol

Server

34.102.166.105 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

105.166.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 01:20:58 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
x-frame-options: DENY
content-type: image/gif
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'none'; object-src 'none'
strict-transport-security: max-age=31536000; includeSubdomains
alt-svc: clear
content-length: 43
x-content-type-options: nosniff

Redirect headers

date: Mon, 15 Nov 2021 01:20:58 GMT
via: 1.1 google
x-content-type-options: nosniff
p3p: CP='ALL DSP COR IND PHY ONL UNI PUR COM NAV INT CNT PRE CUR ADM TAI PSA PSD IVAo IVDo CONo TELo OUR SAMo'
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-store
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubdomains
content-type: image/gif
location: https://partner.bernard.fr/pixel.gif
cache-control: no-store
content-security-policy: frame-ancestors 'none'; object-src 'none'
expire: Wed, 31 Dec 1969 23:59:59 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

imgnewsbernardfr.blob.core.windows.net
ns4domains.com
partner.bernard.fr
top2space.com
track.effiliation.com
track.effimailing24.com
188.138.247.54
217.12.123.30
34.102.166.105
34.102.211.201
34.77.87.28
52.239.194.164
1afb7f00e315b53abf0be02d07557f9e13875e6f65d94934dee554ba97ec702e
3d3b998b7960fff9055c75ac51161cf502482a9dfbf71d71d70892d4bcbda4b7
4054b7238f1f387c2a64cc07973c1ca2ffedf4acbf13193b20ec75aa447b41ca
41438c62ae740ce99bb2756d45afd7c67052d27ecee7cbea8c7f131670ff69c7
5f7873d0d891d57ea1b5a37a54964003c64612ff21445305ceb9084d8c375b30
a9f893f04e4e29576d4cc52d6adb6d799ca5c2eac9d32182c182b6c2d03a35f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e6bc0d7e51923fab73d7feaf40bfb84fe45493f45d9abe412e5fe77cbd5fbccd
fce25d5885b0b654d330d94d71a9a0f36c550a2f44de5d6ab88b1b28d181272e
ffc5a558ed3f2c1ca625ca5e4fb7d040b029edc752062448b300f9556f4f450c

ns4domains.com Open in urlscan Pro 188.138.247.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

80 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

3 IPs

4 Countries

232 kBTransfer

228 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

ns4domains.com Open in urlscan Pro
188.138.247.54 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

80 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

3
IPs

4
Countries

232 kB
Transfer

228 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions