ns4domains.com Open in urlscan Pro
95.65.0.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://top2pot.com/iem7/link.php?m=68565&n=227&l=141&f=h
Effective URL:
http://ns4domains.com/html/neo_epos6.html
Submission: On May 09 via api (May 9th 2024, 10:08:47 pm UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 95.65.0.74, located in Chisinau, Moldova and belongs to STARNET-AS, MD. The main domain is ns4domains.com.

This is the only time ns4domains.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	217.12.123.30 217.12.123.30	25454 (ASN-OMD-F...) (ASN-OMD-FNO Orange Moldova Fixed Network Autonomous System)
2	95.65.0.74 95.65.0.74	31252 (STARNET-AS) (STARNET-AS)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
7	54.230.228.42 54.230.228.42	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
13	5

1 217.12.123.30 (Chisinau, Moldova) 1 redirects

ASN25454 (ASN-OMD-FNO Orange Moldova Fixed Network Autonomous System, MD)
PTR: top2pot.com

top2pot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.65.0.74 (Chisinau, Moldova)

ASN31252 (STARNET-AS, MD)
PTR: 95-65-0-74.starnet.md

ns4domains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.230.228.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-42.muc50.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	tradedoubler.com vht.tradedoubler.com — Cisco Umbrella Rank: 122462	197 KB
2	gstatic.com fonts.gstatic.com	40 KB
2	ns4domains.com ns4domains.com	18 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	915 B
1	top2pot.com 1 redirects top2pot.com	123 B
13	5

	Domain	Requested by
7	vht.tradedoubler.com	ns4domains.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ns4domains.com
1	fonts.googleapis.com	ns4domains.com
1	top2pot.com	1 redirects
13	5

This site contains links to these domains. Also see Links.

Domain
clk.tradedoubler.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.tradedoubler.com Amazon RSA 2048 M02	`2023-11-14` - `2024-12-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://ns4domains.com/html/neo_epos6.html
Frame ID: 785D2FD9E73FC3191F9DB926558ACD6D
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page URL History Show full URLs

http://top2pot.com/iem7/link.php?m=68565&n=227&l=141&f=h HTTP 307
https://top2pot.com/iem7/link.php?m=68565&n=227&l=141&f=h HTTP 302
http://ns4domains.com/html/neo_epos6.html HTTP 307
https://ns4domains.com/html/neo_epos6.html HTTP 307
http://ns4domains.com/html/neo_epos6.html Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

77 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

256 kB
Transfer

252 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://clk.tradedoubler.com/click?p=277895&a=2932876&g=25548722&url=https://entreprise-devis.pro/3720_NEO_0923?qcp=3720_NEO_0923
Title: Gagnez de la place avec une petite caisse tactile

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://top2pot.com/iem7/link.php?m=68565&n=227&l=141&f=h HTTP 307
https://top2pot.com/iem7/link.php?m=68565&n=227&l=141&f=h HTTP 302
http://ns4domains.com/html/neo_epos6.html HTTP 307
https://ns4domains.com/html/neo_epos6.html HTTP 307
http://ns4domains.com/html/neo_epos6.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request neo_epos6.html Show response
ns4domains.com/html/
Redirect Chain

http://top2pot.com/iem7/link.php?m=68565&n=227&l=141&f=h
https://top2pot.com/iem7/link.php?m=68565&n=227&l=141&f=h
http://ns4domains.com/html/neo_epos6.html
https://ns4domains.com/html/neo_epos6.html
http://ns4domains.com/html/neo_epos6.html

18 KB
18 KB

164ms
81ms

Document
text/html

95.65.0.74
STARNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ns4domains.com/html/neo_epos6.html
Protocol: HTTP/1.1
Server: 95.65.0.74 Chisinau, Moldova, ASN31252 (STARNET-AS, MD),
Reverse DNS: 95-65-0-74.starnet.md
Software: Apache /
Resource Hash: 0e4c2ae0732f88f348f42697a3a1d0b28ad8c0ec5609f709200ccef394bc6f64

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 17982
Content-Type: text/html
Date: Thu, 09 May 2024 22:08:42 GMT
ETag: "e8344-463e-6176113387e80"
Keep-Alive: timeout=15, max=100
Last-Modified: Wed, 01 May 2024 09:26:02 GMT
Server: Apache

Redirect headers

Location: http://ns4domains.com/html/neo_epos6.html
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
915 B 90ms
34ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cambay:wght@400;700&display=swap

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neo_epos6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f366850c80c2f39cc44cf22c19f6faffd1ff966d766129095328c4360c1879dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://ns4domains.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 May 2024 22:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 May 2024 22:08:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 May 2024 22:08:42 GMT

GET css2
fonts.googleapis.com/ 0
0

GET
H/1.1 200
OK cta1.png
vht.tradedoubler.com/file/277895/0923/ 7 KB
8 KB 112ms
36ms Image
image/png 54.230.228.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277895/0923/cta1.png

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neo_epos6.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-42.muc50.r.cloudfront.net

Software

Apache /

Resource Hash

bfd67f39fffe0a29b0f2e73663a60c04b3ff4cba2df0c95aa084050c5ea52d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://ns4domains.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 08 May 2024 22:54:50 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 e18c612d6dd4d2546736ebc7db886b6a.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: MUC50-P5
Age: 83632
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 7487
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 28 Nov 2023 11:27:34 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: wwIfUmc0lbWvuLLvhBms9EtnA9WGj2I7qAr6sPbikWxlAyLR7yTIXg==

GET
H/1.1 200
OK caisse.png
vht.tradedoubler.com/file/277895/0923/ 119 KB
120 KB 109ms
34ms Image
image/png 54.230.228.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277895/0923/caisse.png

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neo_epos6.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-42.muc50.r.cloudfront.net

Software

Apache /

Resource Hash

3e04871348757a405c7b9380325684734de61398ebdfebbb5d01b9e9c22a2d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://ns4domains.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 08 May 2024 22:54:50 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 65bfa9839a30709dc259dc9134cf67b2.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: MUC50-P5
Age: 83632
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 122327
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 28 Nov 2023 11:27:35 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: TqkXYwiCB8Zq5oAG_N_yRXYhOwwitIGtRBkqPJOOjP7gkNhUSceD1g==

GET
H/1.1 200
OK banniere.png
vht.tradedoubler.com/file/277895/0923/ 44 KB
44 KB 114ms
39ms Image
image/png 54.230.228.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277895/0923/banniere.png

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neo_epos6.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-42.muc50.r.cloudfront.net

Software

Apache /

Resource Hash

eb76b19e297cc61a8d72253500165c03f935a6e2a2399a78cc91687219c4d544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://ns4domains.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 08 May 2024 22:54:50 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 89855bc668c2d62d2715c482773d5732.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: MUC50-P5
Age: 83632
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 44722
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 28 Nov 2023 11:27:35 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: Yx0e8tPOBy665NU95aMcndKwQo_l13FcYumWnb3fSJvuYuKyY8626w==

GET
H/1.1 200
OK 1.png
vht.tradedoubler.com/file/277895/0923/ 5 KB
5 KB 113ms
36ms Image
image/png 54.230.228.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277895/0923/1.png

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neo_epos6.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-42.muc50.r.cloudfront.net

Software

Apache /

Resource Hash

4256a5560793ead1876f31af5d915138009a5bc0871aed2d88937c4caac0ed46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://ns4domains.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 08 May 2024 22:54:50 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 59c812f2c62b260446c519ec0c6279cc.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: MUC50-P5
Age: 83632
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4753
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 28 Nov 2023 11:27:35 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: gGA361UDhA8KeTFGSlholDc0XC4rw-m-zgasgK9G1zYR4X-6p2HMDw==

GET
H2 200 SLXJc1rY6H0_ZDs2ab6J.woff2
fonts.gstatic.com/s/cambay/v12/ 20 KB
20 KB 107ms
50ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cambay/v12/SLXJc1rY6H0_ZDs2ab6J.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cambay:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

119446262ac304f25bdb497fd715e68f822c3268cc5df3cb811960075ae7d988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: http://ns4domains.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 07:49:04 GMT
x-content-type-options: nosniff
age: 224378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20296
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:38:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 07:49:04 GMT

GET
H2 200 SLXKc1rY6H0_ZDs-0pucwPNx.woff2
fonts.gstatic.com/s/cambay/v12/ 20 KB
20 KB 84ms
27ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cambay/v12/SLXKc1rY6H0_ZDs-0pucwPNx.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cambay:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba3e5ff39d1b09191b3311203728ae3e56d7832be1966cb50f7ba338243fa58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: http://ns4domains.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:58:29 GMT
x-content-type-options: nosniff
age: 241813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20024
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:38:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 02:58:29 GMT

GET
H/1.1 200
OK 2.png
vht.tradedoubler.com/file/277895/0923/ 6 KB
6 KB 67ms
36ms Image
image/png 54.230.228.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277895/0923/2.png

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neo_epos6.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-42.muc50.r.cloudfront.net

Software

Apache /

Resource Hash

32750bfec3ca2695e32477873eba9f6b975b5a2d5ae621d5a01b6bbe58072381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://ns4domains.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 08 May 2024 22:54:50 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 59c812f2c62b260446c519ec0c6279cc.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: MUC50-P5
Age: 83632
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 6066
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 28 Nov 2023 11:27:35 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: ptDAwD5EpC9BZACFKDIdUbbzAwNAI6Y3R0dFJdU_FpdhON58TeILJw==

GET
H/1.1 200
OK 3.png
vht.tradedoubler.com/file/277895/0923/ 6 KB
6 KB 97ms
37ms Image
image/png 54.230.228.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277895/0923/3.png

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neo_epos6.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-42.muc50.r.cloudfront.net

Software

Apache /

Resource Hash

9dc52d6f1376aeacbc252ac627cf9f308fd0674fb0c03a870dcb74615731088c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://ns4domains.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 08 May 2024 22:54:50 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 89855bc668c2d62d2715c482773d5732.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: MUC50-P5
Age: 83632
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 5848
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 28 Nov 2023 11:27:35 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: wUzwikkl6vmOp6nk6uA2W7-kwY_gZn5lrhRB2x3mjKWt944A48xrag==

GET
H/1.1 200
OK cta2.png
vht.tradedoubler.com/file/277895/0923/ 6 KB
7 KB 63ms
33ms Image
image/png 54.230.228.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/277895/0923/cta2.png

Requested by

Host: ns4domains.com
URL: http://ns4domains.com/html/neo_epos6.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-42.muc50.r.cloudfront.net

Software

Apache /

Resource Hash

4e2f502c1bc43069ac0d13dbdab43b34e345609fb629a0a446e5dff8233c713a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://ns4domains.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 08 May 2024 22:54:50 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 e18c612d6dd4d2546736ebc7db886b6a.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: MUC50-P5
Age: 83632
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 6500
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 28 Nov 2023 11:27:34 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: LQAkq29A3hZ_ba1L8C1qTQ-Jf4tt54iLq6_kLd1Bg0hM-pfH0hBQjw==

GET
H/1.1 404
Not Found favicon.ico
ns4domains.com/ 273 B
474 B 87ms
87ms Other
text/html 95.65.0.74
STARNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ns4domains.com/favicon.ico
Protocol: HTTP/1.1
Server: 95.65.0.74 Chisinau, Moldova, ASN31252 (STARNET-AS, MD),
Reverse DNS: 95-65-0-74.starnet.md
Software: Apache /
Resource Hash: 9fc43b0e04001fb86df8fa084d109f9fc5f4171c58acd199c8c6df1a577d33c6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://ns4domains.com/html/neo_epos6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Thu, 09 May 2024 22:08:42 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
Content-Length: 273
Content-Type: text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cambay%22&display=swap

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://ns4domains.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
ns4domains.com
top2pot.com
vht.tradedoubler.com
fonts.googleapis.com
217.12.123.30
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
54.230.228.42
95.65.0.74
0e4c2ae0732f88f348f42697a3a1d0b28ad8c0ec5609f709200ccef394bc6f64
119446262ac304f25bdb497fd715e68f822c3268cc5df3cb811960075ae7d988
32750bfec3ca2695e32477873eba9f6b975b5a2d5ae621d5a01b6bbe58072381
3e04871348757a405c7b9380325684734de61398ebdfebbb5d01b9e9c22a2d3a
4256a5560793ead1876f31af5d915138009a5bc0871aed2d88937c4caac0ed46
4e2f502c1bc43069ac0d13dbdab43b34e345609fb629a0a446e5dff8233c713a
9dc52d6f1376aeacbc252ac627cf9f308fd0674fb0c03a870dcb74615731088c
9fc43b0e04001fb86df8fa084d109f9fc5f4171c58acd199c8c6df1a577d33c6
ba3e5ff39d1b09191b3311203728ae3e56d7832be1966cb50f7ba338243fa58c
bfd67f39fffe0a29b0f2e73663a60c04b3ff4cba2df0c95aa084050c5ea52d82
eb76b19e297cc61a8d72253500165c03f935a6e2a2399a78cc91687219c4d544
f366850c80c2f39cc44cf22c19f6faffd1ff966d766129095328c4360c1879dd

ns4domains.com Open in urlscan Pro 95.65.0.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

77 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

256 kBTransfer

252 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

ns4domains.com Open in urlscan Pro
95.65.0.74 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

77 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

256 kB
Transfer

252 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions