ns4domains.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 95.65.0.74, located in Chisinau, Moldova and belongs to STARNET-AS, MD. The main domain is ns4domains.com.

This is the only time ns4domains.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	83.218.218.254 83.218.218.254	31204 (SUNCOMMUN...) (SUNCOMMUNICATIONS-AS JV Sun Communications Autonomous System)
1	95.65.0.74 95.65.0.74	31252 (STARNET-AS) (STARNET-AS)
6	3.162.3.125 3.162.3.125	16509 (AMAZON-02) (AMAZON-02)
7	2

1 83.218.218.254 (Chisinau, Moldova) 1 redirects

ASN31204 (SUNCOMMUNICATIONS-AS JV Sun Communications Autonomous System, MD)
PTR: pro2goal.com

pro2goal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.65.0.74 (Chisinau, Moldova)

ASN31252 (STARNET-AS, MD)
PTR: 95-65-0-74.starnet.md

ns4domains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.162.3.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-125.yul62.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	tradedoubler.com vht.tradedoubler.com — Cisco Umbrella Rank: 113489	49 KB
1	ns4domains.com ns4domains.com	8 KB
1	pro2goal.com 1 redirects pro2goal.com — Cisco Umbrella Rank: 625870	303 B
7	3

	Domain	Requested by
6	vht.tradedoubler.com	ns4domains.com
1	ns4domains.com
1	pro2goal.com	1 redirects
7	3

This site contains links to these domains. Also see Links.

Domain
clk.tradedoubler.com

Subject Issuer	Validity	Valid
*.tradedoubler.com Amazon RSA 2048 M02	`2023-11-14` - `2024-12-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://ns4domains.com/html/neosecdeslocaux19.html
Frame ID: 41FC32C9586BE37258D0D6387FFC6B03
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sécurité des locaux

Page URL History Show full URLs

http://pro2goal.com/iem65/link.php?m=975206&n=1161&l=176&f=h HTTP 302
http://ns4domains.com/html/neosecdeslocaux19.html Page URL

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

57 kB
Transfer

54 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://clk.tradedoubler.com/click?p=277888&a=2932876&g=23761528&url=https://entreprise-devis.net//3877_MB_NEOP/index.html
Title: Voir l'offre

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pro2goal.com/iem65/link.php?m=975206&n=1161&l=176&f=h HTTP 302
http://ns4domains.com/html/neosecdeslocaux19.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request neosecdeslocaux19.html Show response
ns4domains.com/html/
Redirect Chain

http://pro2goal.com/iem65/link.php?m=975206&n=1161&l=176&f=h
http://ns4domains.com/html/neosecdeslocaux19.html

8 KB
8 KB

556ms
143ms

Document
text/html

95.65.0.74
STARNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ns4domains.com/html/neosecdeslocaux19.html
Protocol: HTTP/1.1
Server: 95.65.0.74 Chisinau, Moldova, ASN31252 (STARNET-AS, MD),
Reverse DNS: 95-65-0-74.starnet.md
Software: Apache /
Resource Hash: 56005c802c37d51390b79050db4a1e16c35dd23fa438264e71d11a6111a37c2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 8080
Content-Type: text/html
Date: Wed, 07 Feb 2024 00:14:40 GMT
ETag: "e82ef-1f90-60eaabcadcd40"
Keep-Alive: timeout=15, max=100
Last-Modified: Thu, 11 Jan 2024 12:32:13 GMT
Server: Apache

Redirect headers

Connection: Upgrade, Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Feb 2024 00:14:39 GMT
Keep-Alive: timeout=5, max=100
Location: http://ns4domains.com/html/neosecdeslocaux19.html
Server: Apache
Upgrade: h2,h2c
X-Powered-By: PHP/7.4.33

GET
H/1.1 200
OK 3877_SecuriteLocaux_01.gif
vht.tradedoubler.com/file/277888/images/ 29 KB
29 KB 140ms
38ms Image
image/gif 3.162.3.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277888/images/3877_SecuriteLocaux_01.gif

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neosecdeslocaux19.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-125.yul62.r.cloudfront.net

Software

Apache /

Resource Hash

e18dfd62f0d1077e7f33f4b3cfbdaa1a51fe1d32453977feb6c51677b9455aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 16:18:41 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 1f0f1388abc5c7a2f1935aa322216120.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: YUL62-P2
Age: 374160
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 29517
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 24 Feb 2017 09:44:59 GMT
Server: Apache
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: EJBdn5FiJFXC1RZLEnAFzP62onSwjXlwIji9Zznfph7SZ7YLek7Jlw==

GET
H/1.1 200
OK 3877_SecuriteLocaux_02.jpg
vht.tradedoubler.com/file/277888/images/ 5 KB
5 KB 85ms
29ms Image
image/jpeg 3.162.3.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277888/images/3877_SecuriteLocaux_02.jpg

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neosecdeslocaux19.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-125.yul62.r.cloudfront.net

Software

Apache /

Resource Hash

319fb54bc9cb6b8896d9b86166743179555cfc67f3c8474b58b3d3493f244f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 16:18:42 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 302bce0287d24df9c94be17a5fd67262.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: YUL62-P2
Age: 374159
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4788
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 24 Feb 2017 09:45:44 GMT
Server: Apache
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: cR_RbYZeiSOuTFNLDrR-pB965PMd3o2S2uXBg88O9U31G5BYb70l7Q==

GET
H/1.1 200
OK 3877_SecuriteLocaux_03.gif
vht.tradedoubler.com/file/277888/images/ 2 KB
3 KB 104ms
35ms Image
image/gif 3.162.3.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277888/images/3877_SecuriteLocaux_03.gif

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neosecdeslocaux19.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-125.yul62.r.cloudfront.net

Software

Apache /

Resource Hash

6218f9148b7f9b83a22c19b4761cae9b7167355a9f7ddfc1b04a1734b3e4432e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 16:18:42 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 b00903dd6c0e35a04eab89fc03a8023e.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: YUL62-P2
Age: 374159
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2365
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 24 Feb 2017 09:45:49 GMT
Server: Apache
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: _O2rnoqgvlA4VkwLNhNTFluhRRITjb8uPHl_bEckKe4E8QypxnbvyA==

GET
H/1.1 200
OK 3877_SecuriteLocaux_04.gif
vht.tradedoubler.com/file/277888/images/ 4 KB
5 KB 35ms
34ms Image
image/gif 3.162.3.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277888/images/3877_SecuriteLocaux_04.gif

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neosecdeslocaux19.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-125.yul62.r.cloudfront.net

Software

Apache /

Resource Hash

74b89a87f7bb2483dc54558cf0130bff7800909ed83eaa3d84ca7ef3b2b1005b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 16:18:42 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 b00903dd6c0e35a04eab89fc03a8023e.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: YUL62-P2
Age: 374159
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4167
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 24 Feb 2017 09:45:53 GMT
Server: Apache
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: X9-2UTP54qIEt21yZO4f9NrDDi6Ow47937wF2p-1StSZp5SRcEdGOg==

GET
H/1.1 200
OK 3877_SecuriteLocaux_05.gif
vht.tradedoubler.com/file/277888/images/ 3 KB
4 KB 34ms
34ms Image
image/gif 3.162.3.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277888/images/3877_SecuriteLocaux_05.gif

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neosecdeslocaux19.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-125.yul62.r.cloudfront.net

Software

Apache /

Resource Hash

a6626f209439c3a765f79fcd93f8aeef9e4201c46af84f97a9fbfaa2e1d3cffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 12:20:38 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 1f0f1388abc5c7a2f1935aa322216120.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: YUL62-P2
Age: 42843
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3281
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 24 Feb 2017 09:45:57 GMT
Server: Apache
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: 5IBccSNkArM_Yn4eVJCaDp0_sc-SYlAP0NV9K8BOD_J7WS_uU83tRQ==

GET
H/1.1 200
OK 3877_SecuriteLocaux_06.gif
vht.tradedoubler.com/file/277888/images/ 3 KB
3 KB 28ms
27ms Image
image/gif 3.162.3.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277888/images/3877_SecuriteLocaux_06.gif

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neosecdeslocaux19.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-125.yul62.r.cloudfront.net

Software

Apache /

Resource Hash

3450575e5cc7ed30e82a271892286baa7d30c72bc86219529dcad2aa20697d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ns4domains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 16:18:42 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 302bce0287d24df9c94be17a5fd67262.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: YUL62-P2
Age: 374159
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2590
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 24 Feb 2017 09:46:00 GMT
Server: Apache
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: Z8QM4eXMD1gLgoglv-MUMBxLdrNMPwQ5ZLmR4YVJmNxASKfnQD4kfw==

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ns4domains.com
pro2goal.com
vht.tradedoubler.com
3.162.3.125
83.218.218.254
95.65.0.74
319fb54bc9cb6b8896d9b86166743179555cfc67f3c8474b58b3d3493f244f55
3450575e5cc7ed30e82a271892286baa7d30c72bc86219529dcad2aa20697d24
56005c802c37d51390b79050db4a1e16c35dd23fa438264e71d11a6111a37c2a
6218f9148b7f9b83a22c19b4761cae9b7167355a9f7ddfc1b04a1734b3e4432e
74b89a87f7bb2483dc54558cf0130bff7800909ed83eaa3d84ca7ef3b2b1005b
a6626f209439c3a765f79fcd93f8aeef9e4201c46af84f97a9fbfaa2e1d3cffb
e18dfd62f0d1077e7f33f4b3cfbdaa1a51fe1d32453977feb6c51677b9455aa5

ns4domains.com Open in urlscan Pro 95.65.0.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

86 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

57 kBTransfer

54 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

ns4domains.com Open in urlscan Pro
95.65.0.74 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

57 kB
Transfer

54 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions