![](/screenshots/0d963338-1aec-4fa4-8dd2-b4a02db09eb2.png)
landing.add-now.org
Open in
urlscan Pro
2606:4700:3037::6815:21d9
Public Scan
Effective URL: https://landing.add-now.org/t28a?clk_domain=ad-blocking24.net&flow=binom&campaignId=20101&cid=b07ecxsbzwfa26o322&source=Prop...
Submission: On December 07 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on November 9th 2023. Valid for: 3 months.
This is the only time landing.add-now.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-74-49.deploy.static.akamaitechnologies.com
ak.roudoduor.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-74-65.deploy.static.akamaitechnologies.com
ak.deephicy.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
add-now.org
landing.add-now.org — Cisco Umbrella Rank: 640600 |
70 KB |
5 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 796 c.clarity.ms — Cisco Umbrella Rank: 1377 i.clarity.ms — Cisco Umbrella Rank: 18363 |
27 KB |
3 |
gstatic.com
fonts.gstatic.com |
53 KB |
3 |
deephicy.net
1 redirects
ak.deephicy.net — Cisco Umbrella Rank: 98971 |
15 KB |
3 |
roudoduor.com
1 redirects
ak.roudoduor.com |
14 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
2 KB |
2 |
ad-blocking24.net
1 redirects
ad-blocking24.net — Cisco Umbrella Rank: 125446 |
1 KB |
2 |
datatechone.com
datatechone.com — Cisco Umbrella Rank: 41680 |
937 B |
2 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12331 |
983 B |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 228 |
761 B |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189 |
248 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36 |
83 KB |
1 |
livecinemaplay.com
livecinemaplay.com |
4 KB |
27 | 13 |
Domain | Requested by | |
---|---|---|
6 | landing.add-now.org |
landing.add-now.org
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | ak.deephicy.net |
1 redirects
ak.deephicy.net
|
3 | ak.roudoduor.com |
1 redirects
livecinemaplay.com
ak.roudoduor.com |
2 | c.clarity.ms | 1 redirects |
2 | www.clarity.ms |
landing.add-now.org
www.clarity.ms |
2 | fonts.googleapis.com |
landing.add-now.org
|
2 | ad-blocking24.net | 1 redirects |
2 | datatechone.com |
ak.roudoduor.com
ak.deephicy.net |
2 | my.rtmark.net |
ak.roudoduor.com
ak.deephicy.net |
1 | i.clarity.ms |
www.clarity.ms
|
1 | c.bing.com | 1 redirects |
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
landing.add-now.org
|
1 | livecinemaplay.com | |
27 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
livecinemaplay.com E1 |
2023-11-14 - 2024-02-12 |
3 months | crt.sh |
ak.hetaruwg.com R3 |
2023-12-07 - 2024-03-06 |
3 months | crt.sh |
rtmark.net R3 |
2023-10-07 - 2024-01-05 |
3 months | crt.sh |
datatechone.com Sectigo RSA Domain Validation Secure Server CA |
2022-12-18 - 2023-12-24 |
a year | crt.sh |
add-now.org GTS CA 1P5 |
2023-11-09 - 2024-02-07 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-29 - 2024-08-29 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
ad-blocking24.net E1 |
2023-11-05 - 2024-02-03 |
3 months | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 06 |
2023-02-13 - 2024-02-08 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://landing.add-now.org/t28a?clk_domain=ad-blocking24.net&flow=binom&campaignId=20101&cid=b07ecxsbzwfa26o322&source=PropellerAds&lpkey=171a01399521621309&uclick=xsbzwfa26o&uclickhash=xsbzwfa26o-xsbzwfa26o-x9bl-0-usdu-8pe2-8pb7-3de384
Frame ID: 724888F7AA68A81F3D8DF70E20D71890
Requests: 27 HTTP requests in this frame
Screenshot
![](/screenshots/0d963338-1aec-4fa4-8dd2-b4a02db09eb2.png)
Page Title
AdSweeperPage URL History Show full URLs
- https://livecinemaplay.com/tds3_new2.html?zoneid=5925106 Page URL
- https://ak.roudoduor.com/afu.php?zoneid=5925106&ymid=null&var=null Page URL
-
https://ak.roudoduor.com/?z=5925106&syncedCookie=true&rhd=false
HTTP 302
https://ak.deephicy.net/4/6118780/?var=5925106 Page URL
-
https://ak.deephicy.net/?z=6118780&syncedCookie=true&rhd=false
HTTP 302
https://ad-blocking24.net/cp4kl7k.php?key=cvkb851un7wcxn431w3l&visitor_id=756620523789881784&cost=0.00... HTTP 302
https://landing.add-now.org/t28a?clk_domain=ad-blocking24.net&flow=binom&campaignId=20101&cid=b07ecxsbzw... Page URL
Detected technologies
Detected patterns
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://livecinemaplay.com/tds3_new2.html?zoneid=5925106 Page URL
- https://ak.roudoduor.com/afu.php?zoneid=5925106&ymid=null&var=null Page URL
-
https://ak.roudoduor.com/?z=5925106&syncedCookie=true&rhd=false
HTTP 302
https://ak.deephicy.net/4/6118780/?var=5925106 Page URL
-
https://ak.deephicy.net/?z=6118780&syncedCookie=true&rhd=false
HTTP 302
https://ad-blocking24.net/cp4kl7k.php?key=cvkb851un7wcxn431w3l&visitor_id=756620523789881784&cost=0.000922&zoneid=6118780&campaignid=7726687&bannerid=19793729&subzoneid=0 HTTP 302
https://landing.add-now.org/t28a?clk_domain=ad-blocking24.net&flow=binom&campaignId=20101&cid=b07ecxsbzwfa26o322&source=PropellerAds&lpkey=171a01399521621309&uclick=xsbzwfa26o&uclickhash=xsbzwfa26o-xsbzwfa26o-x9bl-0-usdu-8pe2-8pb7-3de384 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://ak.roudoduor.com/?z=5925106&syncedCookie=true&rhd=false HTTP 302
- https://ak.deephicy.net/4/6118780/?var=5925106
- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=75E332F3138D4E08A536A671CD154FC7&RedC=c.clarity.ms&MXFR=21B44CDBC47467CB235B5F3BC0746997 HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=75E332F3138D4E08A536A671CD154FC7&MUID=0911DF7071B163EC19C2CC9070636268
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
tds3_new2.html
livecinemaplay.com/ |
6 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
afu.php
ak.roudoduor.com/ |
30 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
sftouch
ak.roudoduor.com/ |
2 B 540 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img.gif
my.rtmark.net/ |
43 B 492 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
add
datatechone.com/log/ |
2 B 469 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ak.deephicy.net/4/6118780/ Redirect Chain
|
30 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
sftouch
ak.deephicy.net/ |
2 B 538 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img.gif
my.rtmark.net/ |
43 B 491 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
add
datatechone.com/log/ |
2 B 468 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
t28a
landing.add-now.org/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
landing.add-now.org/t28a/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.css
landing.add-now.org/styles/ |
54 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
236 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
landing.add-now.org/js/ |
158 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
7 KB 791 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jfl2pu6cif
www.clarity.ms/tag/ |
650 B 1014 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3182.2682440e2f81b332832a.js
landing.add-now.org/js/ |
533 B 885 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfUVwoNnq4CLz0_upHZPYsZ51Q42ptCprt1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 248 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chrome_store_icon.svg
landing.add-now.org/images/browser-icons/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.20/ |
60 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cp4kl7k.php
ad-blocking24.net/ |
0 286 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 466 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
i.clarity.ms/ |
0 299 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| webpackChunkstatic_landings function| clarity object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal30 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.livecinemaplay.com/ | Name: id Value: a3fWa |
|
ak.roudoduor.com/ | Name: OAID Value: 45944cfe5b534b91b4c26fc83532bc70 |
|
ak.roudoduor.com/ | Name: oaidts Value: 1701955908 |
|
my.rtmark.net/ | Name: ID Value: 45944cfe5b534b91b4c26fc83532bc70 |
|
ak.roudoduor.com/ | Name: syncedCookie Value: true |
|
ak.deephicy.net/ | Name: oaidts Value: 1701955908 |
|
ak.deephicy.net/ | Name: OAID Value: 45944cfe5b534b91b4c26fc83532bc70 |
|
ak.deephicy.net/ | Name: syncedCookie Value: true |
|
ad-blocking24.net/ | Name: uclick Value: xsbzwfa26o |
|
ad-blocking24.net/ | Name: uclickhash Value: xsbzwfa26o-xsbzwfa26o-x9bl-0-usdu-8pe2-8pb7-3de384 |
|
.add-now.org/ | Name: _ga Value: GA1.1.2026208391.1701955910 |
|
.add-now.org/ | Name: _ga_WV373MWWXX Value: GS1.1.1701955909.1.0.1701955909.0.0.0 |
|
.add-now.org/ | Name: clk_domain Value: ad-blocking24.net |
|
.add-now.org/ | Name: flow Value: binom |
|
.add-now.org/ | Name: campaignId Value: 20101 |
|
.add-now.org/ | Name: cid Value: b07ecxsbzwfa26o322 |
|
.add-now.org/ | Name: source Value: PropellerAds |
|
.add-now.org/ | Name: lpkey Value: 171a01399521621309 |
|
.add-now.org/ | Name: uclick Value: xsbzwfa26o |
|
.add-now.org/ | Name: uclickhash Value: xsbzwfa26o-xsbzwfa26o-x9bl-0-usdu-8pe2-8pb7-3de384 |
|
www.clarity.ms/ | Name: CLID Value: 2123e16edd9c40c9973159123a516b77.20231207.20241206 |
|
.add-now.org/ | Name: _clck Value: 1ee9sqg%7C2%7Cfhc%7C0%7C1436 |
|
.bing.com/ | Name: MUID Value: 0911DF7071B163EC19C2CC9070636268 |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 0911DF7071B163EC19C2CC9070636268 |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 0911DF7071B163EC19C2CC9070636268 |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
|
.add-now.org/ | Name: _clsk Value: 1if2jfp%7C1701955910066%7C1%7C1%7Ci.clarity.ms%2Fcollect |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad-blocking24.net
ak.deephicy.net
ak.roudoduor.com
c.bing.com
c.clarity.ms
datatechone.com
fonts.googleapis.com
fonts.gstatic.com
i.clarity.ms
landing.add-now.org
livecinemaplay.com
my.rtmark.net
region1.google-analytics.com
www.clarity.ms
www.googletagmanager.com
139.45.195.253
139.45.195.8
2.21.74.49
2.21.74.65
2001:4860:4802:34::36
2606:4700:3032::6815:7c7
2606:4700:3037::6815:21d9
2606:4700::6812:8c8
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:811::2008
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
52.167.85.21
68.219.88.97
1301a3d95702de3b7b756e303f84ef56c085180dd27bf6a08627d0b5190393f9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
658622c2af479f22ef4479693ad4135f419b34ff2655fe506d0b5d72c53dbba3
94bcb5e1df6f9dcb7c74fbf28ebcaf30a459012b539edd60342afa06f6d302e3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f564c0872b20b68ed53a1dd9940756dc2d67f836c11d719af67b16a68142180
a6b6a6b1a31bc200bf5df9e0f37473398e007bc238a5242932ad286d3d3ca240
ac2e083705b2e923fac5e3c3fed3ffacabde2994fffdc192385cb96ed10e7b75
ae3c75c1a70505b9b9ce8680ded2667f0ad5ab3dbe38b3a45c9a9d95547ac7e9
b0021af002bba23fe301aa696bfd9d7b92e36af96730496a669f1c8b9beecd9f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
beeec7fbc2ad6fdec4ba693e6861c973f24315c87cd45fa456d346ea5e7232e3
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
dbe9763f8387408d28c5c72e02271ded7c9be04a7e58af0a96c55d2d44875d15
e10d9d1877c5479601865fb22bffe42fa86e03315b109253598c0c1552e32d79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff77c61bd9f925275715a3f2685f4a8b4335f887d7dd00bac1c44f5cd58bde45