landing.november-sin.com
Open in
urlscan Pro
188.114.96.3
Public Scan
Effective URL: https://landing.november-sin.com/t1c/de?t=2&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&cid=b58ef2ta9u3j2cde&source=...
Submission: On September 24 via manual from IT — Scanned from IT
Summary
TLS certificate: Issued by E1 on August 19th 2023. Valid for: 3 months.
This is the only time landing.november-sin.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 104.21.76.107 104.21.76.107 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2.16.202.97 2.16.202.97 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2.23.196.132 2.23.196.132 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
1 1 | 104.21.7.199 104.21.7.199 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.250.185.136 142.250.185.136 | 15169 (GOOGLE) (GOOGLE) | |
3 | 142.250.185.106 142.250.185.106 | 15169 (GOOGLE) (GOOGLE) | |
5 | 142.250.181.227 142.250.181.227 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.184.206 142.250.184.206 | 15169 (GOOGLE) (GOOGLE) | |
24 | 10 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-97.deploy.static.akamaitechnologies.com
ak.onpluslean.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-23-196-132.deploy.static.akamaitechnologies.com
s.go-mpulse.net |
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
november-sin.com
landing.november-sin.com |
110 KB |
5 |
gstatic.com
fonts.gstatic.com |
84 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113 |
3 KB |
2 |
askalons.com
askalons.com — Cisco Umbrella Rank: 486807 |
140 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96 |
260 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111 |
82 KB |
1 |
ad-blocking24.net
1 redirects
ad-blocking24.net |
786 B |
1 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 6646 |
508 B |
1 |
go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1904 c.go-mpulse.net Failed |
49 KB |
1 |
onpluslean.com
ak.onpluslean.com — Cisco Umbrella Rank: 76810 |
4 KB |
0 |
at-systems.biz
Failed
hub.at-systems.biz Failed |
|
24 | 11 |
Domain | Requested by | |
---|---|---|
7 | landing.november-sin.com |
ak.onpluslean.com
landing.november-sin.com |
5 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | fonts.googleapis.com |
landing.november-sin.com
|
2 | askalons.com |
askalons.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
landing.november-sin.com
|
1 | ad-blocking24.net | 1 redirects |
1 | my.rtmark.net |
ak.onpluslean.com
|
1 | s.go-mpulse.net |
ak.onpluslean.com
|
1 | ak.onpluslean.com |
askalons.com
|
0 | c.go-mpulse.net Failed |
s.go-mpulse.net
|
0 | hub.at-systems.biz Failed | |
24 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
ad-blocking24.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
askalons.com GTS CA 1P5 |
2023-08-26 - 2023-11-24 |
3 months | crt.sh |
ak.hetaruwg.com R3 |
2023-09-08 - 2023-12-07 |
3 months | crt.sh |
akstat.io DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-05 - 2024-04-04 |
a year | crt.sh |
rtmark.net R3 |
2023-07-25 - 2023-10-23 |
3 months | crt.sh |
november-sin.com E1 |
2023-08-19 - 2023-11-17 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://landing.november-sin.com/t1c/de?t=2&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&cid=b58ef2ta9u3j2cde&source=PropellerAds&src=5178792&lpkey=167b950f55f2088655&uclick=2ta9u3j2&uclickhash=2ta9u3j2-2ta9u3j2-8p6o-0-ftdz-h9rn-h9bg-d8397c
Frame ID: 08D45DDF3392D0B30365D3B2B554AEEA
Requests: 22 HTTP requests in this frame
Frame:
https://s.go-mpulse.net/boomerang/2HNJE-JMUDN-FRHAR-H9AHD-8XUM9
Frame ID: E96D27A68415718CE341BD0694ED38CC
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
AdSweeperPage URL History Show full URLs
- https://askalons.com/l/PA/20/?resubscription=1&clickid=1679085099805j7oe0e63i&source=41&unique_us... Page URL
- https://ak.onpluslean.com/afu.php?zoneid=5178792&ymid=1679085099805j7oe0e63i&var=41 Page URL
-
https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=729754518723764615&cost=0.00...
HTTP 302
https://landing.november-sin.com/t1c/de?t=2&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&cid=b58e... Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://askalons.com/l/PA/20/?resubscription=1&clickid=1679085099805j7oe0e63i&source=41&unique_user=1&browser_name=Chrome&browser_version=109.0.0.0&country=IT&partner=PA&language=it-IT&unixtime=1679085099&tb={https://ak.onpluslean.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} Page URL
- https://ak.onpluslean.com/afu.php?zoneid=5178792&ymid=1679085099805j7oe0e63i&var=41 Page URL
-
https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=729754518723764615&cost=0.000964&zoneid=5178792&campaignid=7439474&device=desktop&browser=chrome&os=windows&osversion=win10&country=IT&language=it&payout={payout}&user_activity=high
HTTP 302
https://landing.november-sin.com/t1c/de?t=2&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&cid=b58ef2ta9u3j2cde&source=PropellerAds&src=5178792&lpkey=167b950f55f2088655&uclick=2ta9u3j2&uclickhash=2ta9u3j2-2ta9u3j2-8p6o-0-ftdz-h9rn-h9bg-d8397c Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
askalons.com/l/PA/20/ |
23 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cbimage.gif
askalons.com/l/PA/20/ |
132 KB 133 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
afu.php
ak.onpluslean.com/ |
5 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
tb
hub.at-systems.biz/impression/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2HNJE-JMUDN-FRHAR-H9AHD-8XUM9
s.go-mpulse.net/boomerang/ Frame E96D |
205 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
img.gif
my.rtmark.net/ |
43 B 508 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
de
landing.november-sin.com/t1c/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
config.json
c.go-mpulse.net/api/ Frame E96D |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
landing.november-sin.com/t1c/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.css
landing.november-sin.com/styles/ |
55 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
233 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vwo.js
landing.november-sin.com/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
landing.november-sin.com/images/promo-images/t1a/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
landing.november-sin.com/js/ |
46 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
11 KB 913 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 661 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XRXI3I6Li01BKofiOc5wtlZ2di8HDGUmdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v26/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4Y_LDrMfIA.woff2
fonts.gstatic.com/s/comfortaa/v45/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
player.webp
landing.november-sin.com/images/promo-images/t1c/ |
59 KB 60 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 260 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- hub.at-systems.biz
- URL
- https://hub.at-systems.biz/impression/tb?impression_id=1679085099805j7oe0e63i
- Domain
- c.go-mpulse.net
- URL
- https://c.go-mpulse.net/api/config.json?key=2HNJE-JMUDN-FRHAR-H9AHD-8XUM9&d=ak.onpluslean.com&t=5651835&v=1.720.0&if=&sl=0&si=52a75414-7290-4fed-af56-734fd37b0d48-s1hj6j&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=777544
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ak.onpluslean.com/ | Name: OAID Value: 1899d69bdd5b498682a6e4ccb677dc68 |
|
ak.onpluslean.com/ | Name: oaidts Value: 1695550554 |
|
my.rtmark.net/ | Name: ID Value: 1899d69bdd5b498682a6e4ccb677dc68 |
|
ad-blocking24.net/ | Name: uclick Value: 2ta9u3j2 |
|
ad-blocking24.net/ | Name: uclickhash Value: 2ta9u3j2-2ta9u3j2-8p6o-0-ftdz-h9rn-h9bg-d8397c |
|
.november-sin.com/ | Name: t Value: 2 |
|
.november-sin.com/ | Name: clk_domain Value: ad-blocking24.net |
|
.november-sin.com/ | Name: flow Value: binom |
|
.november-sin.com/ | Name: campaignId Value: 10557 |
|
.november-sin.com/ | Name: cid Value: b58ef2ta9u3j2cde |
|
.november-sin.com/ | Name: source Value: PropellerAds |
|
.november-sin.com/ | Name: src Value: 5178792 |
|
.november-sin.com/ | Name: lpkey Value: 167b950f55f2088655 |
|
.november-sin.com/ | Name: uclick Value: 2ta9u3j2 |
|
.november-sin.com/ | Name: uclickhash Value: 2ta9u3j2-2ta9u3j2-8p6o-0-ftdz-h9rn-h9bg-d8397c |
|
.november-sin.com/ | Name: _ga Value: GA1.1.2095153274.1695550558 |
|
.november-sin.com/ | Name: _ga_WV373MWWXX Value: GS1.1.1695550557.1.0.1695550557.0.0.0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad-blocking24.net
ak.onpluslean.com
askalons.com
c.go-mpulse.net
fonts.googleapis.com
fonts.gstatic.com
hub.at-systems.biz
landing.november-sin.com
my.rtmark.net
s.go-mpulse.net
www.google-analytics.com
www.googletagmanager.com
c.go-mpulse.net
hub.at-systems.biz
104.21.7.199
104.21.76.107
139.45.195.8
142.250.181.227
142.250.184.206
142.250.185.106
142.250.185.136
188.114.96.3
2.16.202.97
2.23.196.132
0538b9cbde0bc08b6eef1647c4a009330e8ff2e13614312fa8a56de3e31d5266
140de897bb414f0cbe6577d23699df976fc7ef39afb5709790b1e49c21914fd8
2662b50e91dbec6cb28681186f005aca904ac25f91c8a2a8ded7e2bac81530a7
27c4a98628687e750611e0a243a583f84504935227326f871682304724728e2f
5417762aa611ad9f1d01397a654d37bd1b98bb02155d1a859908fdc3595f99cd
563b63f72c9af73637db7102243b5b2c4ca6d70abf7e3d446daf58cd34f27dc3
622aa5e1804340b4fed467c79b62c8a308cfda49e8156ef4103a7143a5c78fd3
72f4dad9076ee652f90406ad66b457b11fce8de23bcccf06ceb95b1e1c66a5dc
8219a1ee9bf316df1383c965672d8ea34115281b97a56ae345f885e5afab9825
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c72dff279a67fd1c1f9d58af8700aae0ff4bf8085c07d5b5965786585c296a1d
d373bc6879da3751e9865df6da70b897c1bf545e3fa70b3db4204bddab5f39ed
d49403c5ad711c8f48115b3f247eb9d95fc12cf856d8c3ebe17b0d4afd7cce4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f890ba0ffd7012cb3248709ec502bc061109c5c669af09e0d2d4c786b192158e
ffb7306ebf140834ec4aa82442afabccee2a144228f87b7377a253350f27f17b