Submitted URL: https://top2space.com/iem_621/link.php?M=187146&N=85&L=63&F=H
Effective URL: http://ns4domains.com/html/bernard1.html
Submission: On November 15 via api from BE — Scanned from DE

Summary

This website contacted 3 IPs in 4 countries across 6 domains to perform 10 HTTP transactions. The main IP is 188.138.247.54, located in Durlesti, Moldova and belongs to STARNET-AS, MD. The main domain is ns4domains.com.
This is the only time ns4domains.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 217.12.123.30 25454 (ASN-OMD-F...)
1 188.138.247.54 31252 (STARNET-AS)
8 52.239.194.164 8075 (MICROSOFT...)
1 1 34.77.87.28 15169 (GOOGLE)
1 1 34.102.211.201 15169 (GOOGLE)
1 2 34.102.166.105 15169 (GOOGLE)
10 3
Domain Requested by
8 imgnewsbernardfr.blob.core.windows.net ns4domains.com
2 partner.bernard.fr 1 redirects ns4domains.com
1 track.effiliation.com 1 redirects
1 track.effimailing24.com 1 redirects
1 ns4domains.com
1 top2space.com 1 redirects
10 6

This site contains links to these domains. Also see Links.

Domain
track.effimailing24.com
Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 01
2021-09-01 -
2022-09-01
a year crt.sh

This page contains 1 frames:

Primary Page: http://ns4domains.com/html/bernard1.html
Frame ID: 6CAFF23632D2FD3BE563AEFE223EB5D2
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Bernard

Page URL History Show full URLs

  1. https://top2space.com/iem_621/link.php?M=187146&N=85&L=63&F=H HTTP 302
    http://ns4domains.com/html/bernard1.html Page URL

Page Statistics

10
Requests

80 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

3
IPs

4
Countries

232 kB
Transfer

228 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://top2space.com/iem_621/link.php?M=187146&N=85&L=63&F=H HTTP 302
    http://ns4domains.com/html/bernard1.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://track.effimailing24.com/servlet/effi.pixel?id_compteur=22679410 HTTP 302
  • https://track.effiliation.com/servlet/effi.pixel?id_compteur=22679410 HTTP 302
  • https://partner.bernard.fr/servlet/effi.pixel?id_compteur=22679410 HTTP 302
  • https://partner.bernard.fr/pixel.gif

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request bernard1.html
ns4domains.com/html/
Redirect Chain
  • https://top2space.com/iem_621/link.php?M=187146&N=85&L=63&F=H
  • http://ns4domains.com/html/bernard1.html
75 KB
75 KB
Document
General
Full URL
http://ns4domains.com/html/bernard1.html
Protocol
HTTP/1.1
Server
188.138.247.54 Durlesti, Moldova, ASN31252 (STARNET-AS, MD),
Reverse DNS
188-138-247-54.starnet.md
Software
Apache /
Resource Hash
4054b7238f1f387c2a64cc07973c1ca2ffedf4acbf13193b20ec75aa447b41ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 15 Nov 2021 01:20:57 GMT
Server
Apache
Last-Modified
Fri, 24 Sep 2021 12:59:16 GMT
ETag
"1a0006-12c5c-5ccbd508f3100"
Accept-Ranges
bytes
Content-Length
76892
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Mon, 15 Nov 2021 01:20:57 GMT
Server
Apache
X-Powered-By
PHP/7.3.30
Location
http://ns4domains.com/html/bernard1.html
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Bernard-raja_full.png
imgnewsbernardfr.blob.core.windows.net/$web/email/common/
10 KB
10 KB
Image
General
Full URL
https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/Bernard-raja_full.png
Requested by
Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
41438c62ae740ce99bb2756d45afd7c67052d27ecee7cbea8c7f131670ff69c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ns4domains.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 15 Nov 2021 01:20:57 GMT
Last-Modified
Tue, 08 Dec 2020 12:15:44 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
nWMbql6Xn4QAjcWObs9zHA==
ETag
0x8D89B72FCC0074C
Content-Type
image/png
x-ms-request-id
e2ee1d6e-601e-0018-7ebf-d96602000000
x-ms-version
2009-09-19
Content-Length
9974
spacer.png
imgnewsbernardfr.blob.core.windows.net/$web/email/common/
928 B
1 KB
Image
General
Full URL
https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/spacer.png
Requested by
Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3d3b998b7960fff9055c75ac51161cf502482a9dfbf71d71d70892d4bcbda4b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ns4domains.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 15 Nov 2021 01:20:57 GMT
Last-Modified
Mon, 12 Oct 2020 08:15:02 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
TbCoRn9e4GI5Nm+zyLsC2Q==
ETag
0x8D86E86EB3946DD
Content-Type
image/png
x-ms-request-id
5b8c4344-401e-004e-65bf-d9ff3d000000
x-ms-version
2009-09-19
Content-Length
928
bandeau_secteurs.jpg
imgnewsbernardfr.blob.core.windows.net/$web/email/common/affiliation/
45 KB
46 KB
Image
General
Full URL
https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/affiliation/bandeau_secteurs.jpg
Requested by
Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f7873d0d891d57ea1b5a37a54964003c64612ff21445305ceb9084d8c375b30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ns4domains.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 15 Nov 2021 01:20:57 GMT
Last-Modified
Fri, 27 Aug 2021 08:28:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
D94pxo5xE6Bqxc2elLuQFg==
ETag
0x8D96934ACE53860
Content-Type
image/jpeg
x-ms-request-id
76db0441-d01e-005f-50bf-d9641d000000
x-ms-version
2009-09-19
Content-Length
46456
bandeau_cadeau_enceinte_blaupunkt.jpg
imgnewsbernardfr.blob.core.windows.net/$web/email/common/affiliation/
77 KB
78 KB
Image
General
Full URL
https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/affiliation/bandeau_cadeau_enceinte_blaupunkt.jpg
Requested by
Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a9f893f04e4e29576d4cc52d6adb6d799ca5c2eac9d32182c182b6c2d03a35f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ns4domains.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 15 Nov 2021 01:20:57 GMT
Last-Modified
Fri, 27 Aug 2021 08:33:10 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Hip4Ns8nz+jtCMhpmLrOPg==
ETag
0x8D969354D84B2DD
Content-Type
image/jpeg
x-ms-request-id
38bdf56e-101e-0007-48bf-d95f3f000000
x-ms-version
2009-09-19
Content-Length
79186
reassurance_livraison.png
imgnewsbernardfr.blob.core.windows.net/$web/email/common/
4 KB
4 KB
Image
General
Full URL
https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/reassurance_livraison.png
Requested by
Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fce25d5885b0b654d330d94d71a9a0f36c550a2f44de5d6ab88b1b28d181272e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ns4domains.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 15 Nov 2021 01:20:56 GMT
Last-Modified
Mon, 21 Dec 2020 09:38:47 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Fx00Cl5FC1+FHsg6vPwSow==
ETag
0x8D8A594377EE8C3
Content-Type
image/png
x-ms-request-id
b0c077a0-901e-001f-18bf-d9b70c000000
x-ms-version
2009-09-19
Content-Length
4024
reassurance_paiement.png
imgnewsbernardfr.blob.core.windows.net/$web/email/common/
5 KB
5 KB
Image
General
Full URL
https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/reassurance_paiement.png
Requested by
Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e6bc0d7e51923fab73d7feaf40bfb84fe45493f45d9abe412e5fe77cbd5fbccd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ns4domains.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 15 Nov 2021 01:20:57 GMT
Last-Modified
Mon, 21 Dec 2020 09:38:47 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
5T1L0YLrKExAKNV1oWMHqw==
ETag
0x8D8A594377EE8C3
Content-Type
image/png
x-ms-request-id
f0254f2b-e01e-0000-5fbf-d98e31000000
x-ms-version
2009-09-19
Content-Length
4762
reassurance_conseiller.png
imgnewsbernardfr.blob.core.windows.net/$web/email/common/
6 KB
6 KB
Image
General
Full URL
https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/reassurance_conseiller.png
Requested by
Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1afb7f00e315b53abf0be02d07557f9e13875e6f65d94934dee554ba97ec702e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ns4domains.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 15 Nov 2021 01:20:57 GMT
Last-Modified
Wed, 23 Dec 2020 09:57:52 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
IwT0BLkhqdGPek/Y7ldobg==
ETag
0x8D8A72936B90FB9
Content-Type
image/png
x-ms-request-id
38bdf56b-101e-0007-47bf-d95f3f000000
x-ms-version
2009-09-19
Content-Length
5903
reassurance_retours.png
imgnewsbernardfr.blob.core.windows.net/$web/email/common/
5 KB
6 KB
Image
General
Full URL
https://imgnewsbernardfr.blob.core.windows.net/$web/email/common/reassurance_retours.png
Requested by
Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.194.164 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ffc5a558ed3f2c1ca625ca5e4fb7d040b029edc752062448b300f9556f4f450c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ns4domains.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 15 Nov 2021 01:20:57 GMT
Last-Modified
Fri, 22 Jan 2021 10:00:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
irsQ7I/K+jwH9QiPni69zg==
ETag
0x8D8BEBC93477AD8
Content-Type
image/png
x-ms-request-id
76db043e-d01e-005f-4fbf-d9641d000000
x-ms-version
2009-09-19
Content-Length
5521
pixel.gif
partner.bernard.fr/
Redirect Chain
  • https://track.effimailing24.com/servlet/effi.pixel?id_compteur=22679410
  • https://track.effiliation.com/servlet/effi.pixel?id_compteur=22679410
  • https://partner.bernard.fr/servlet/effi.pixel?id_compteur=22679410
  • https://partner.bernard.fr/pixel.gif
43 B
134 B
Image
General
Full URL
https://partner.bernard.fr/pixel.gif
Requested by
Host: ns4domains.com
URL: http://ns4domains.com/html/bernard1.html
Protocol
H2
Server
34.102.166.105 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
105.166.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ns4domains.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 01:20:58 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
x-frame-options
DENY
content-type
image/gif
x-xss-protection
1; mode=block
content-security-policy
frame-ancestors 'none'; object-src 'none'
strict-transport-security
max-age=31536000; includeSubdomains
alt-svc
clear
content-length
43
x-content-type-options
nosniff

Redirect headers

date
Mon, 15 Nov 2021 01:20:58 GMT
via
1.1 google
x-content-type-options
nosniff
p3p
CP='ALL DSP COR IND PHY ONL UNI PUR COM NAV INT CNT PRE CUR ADM TAI PSA PSD IVAo IVDo CONo TELo OUR SAMo'
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
pragma
no-store
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubdomains
content-type
image/gif
location
https://partner.bernard.fr/pixel.gif
cache-control
no-store
content-security-policy
frame-ancestors 'none'; object-src 'none'
expire
Wed, 31 Dec 1969 23:59:59 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

0 Cookies