bcp.crwdcntrl.net Open in urlscan Pro
52.51.136.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bcp.crwdcntrl.net/5/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Tr...
Effective URL:
https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site...
Submission: On January 20 via manual (January 20th 2020, 3:11:41 am UTC) from SG

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 5 countries across 11 domains to perform 7 HTTP transactions. The main IP is 52.51.136.41, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is bcp.crwdcntrl.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 13th 2019. Valid for: 2 years.

This is the only time bcp.crwdcntrl.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	52.51.136.41 52.51.136.41	16509 (AMAZON-02) (AMAZON-02)
1	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE)
1	52.215.103.126 52.215.103.126	16509 (AMAZON-02) (AMAZON-02)
1	34.194.33.21 34.194.33.21	14618 (AMAZON-AES) (AMAZON-AES)
3 3	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
2 2	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
6 7	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
1 1	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
2 2	185.29.133.208 185.29.133.208	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
2 2	52.49.13.31 52.49.13.31	16509 (AMAZON-02) (AMAZON-02)
7	5

4 52.51.136.41 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-136-41.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.103.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-103-126.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.33.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-33-21.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.250 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.184.216.10 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.133.208 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.13.31 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-13-31.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	eyeota.net 6 redirects ps.eyeota.net	2 KB
4	crwdcntrl.net 1 redirects bcp.crwdcntrl.net sync.crwdcntrl.net	3 KB
3	doubleclick.net 3 redirects cm.g.doubleclick.net	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	875 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	642 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
1	turn.com 1 redirects d.turn.com	546 B
1	thrtle.com thrtle.com
1	ml314.com ml314.com	517 B
1	rlcdn.com idsync.rlcdn.com	433 B
7	11

	Domain	Requested by
7	ps.eyeota.net	6 redirects bcp.crwdcntrl.net
3	cm.g.doubleclick.net	3 redirects
3	bcp.crwdcntrl.net	1 redirects bcp.crwdcntrl.net
2	match.adsrvr.org	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	sync.mathtag.com	2 redirects
2	secure.adnxs.com	2 redirects
1	d.turn.com	1 redirects
1	sync.crwdcntrl.net	bcp.crwdcntrl.net
1	thrtle.com	bcp.crwdcntrl.net
1	ml314.com	bcp.crwdcntrl.net
1	idsync.rlcdn.com	bcp.crwdcntrl.net
7	12

This site contains no links.

Subject Issuer	Validity	Valid
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.ml314.com Amazon	`2019-03-16` - `2020-04-16`	a year	crt.sh
*.thrtle.com Go Daddy Secure Certificate Authority - G2	`2019-05-06` - `2020-05-21`	a year	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2019-12-02` - `2020-03-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr
Frame ID: 1B4CFE1EFF5C50C7866D7CAC72E586D0
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bcp.crwdcntrl.net/5/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A... HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

5
IPs

5
Countries

3 kB
Transfer

1 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bcp.crwdcntrl.net/5/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_cm=&google_tc= HTTP 302
https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_gid=CAESEBDz7qkS70gkC3_JtlJ2_XU&google_cver=1

Request Chain 4

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=258207274%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D258207274%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=258207274/tpid=8078594335754389105/tp=ANXS

Request Chain 5

https://ps.eyeota.net/match?bid=51mdg9u&uid=905add1febbd2fc05a1a0673a01eedb7 HTTP 302
https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=905add1febbd2fc05a1a0673a01eedb7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u& HTTP 302
https://ps.eyeota.net/match?bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESENRDIyiY6CgIDz7yAzBPGZk&google_cver=1 HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3462580498202964942&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26&mm_bnc&mm_bct&UUID=6b285e25-0d28-4800-a0da-49d756cba7f1 HTTP 302
https://ps.eyeota.net/match?bid=7vi0rg0&uid=6b285e25-0d28-4800-a0da-49d756cba7f1&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& HTTP 302
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26&_test=XiUaXAAAAJ9VkEQW HTTP 302
https://ps.eyeota.net/match?uid=XiUaXAAAAJ9VkEQW&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=51mdg9u&&_test=XiUaXAAAAJ9VkEQW HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
https://ps.eyeota.net/match?uid=fb5f4efa-147e-4435-a793-ebd61ae2f529&bid=1e2n4ou

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set rt=ifr Show response bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic... Redirect Chain https://bcp.crwdcntrl.net/5/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traf... https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%2...	917 B 2 KB	50ms 49ms	Document text/html	52.51.136.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.51.136.41 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-51-136-41.eu-west-1.compute.amazonaws.com Software / Resource Hash `0d7c9111757cc6d89afa0c5626f2f82701524a7b1bc6dd01d1ccc2e795a87955` Request headers Host bcp.crwdcntrl.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Sec-Fetch-User ?1 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site none Sec-Fetch-Mode navigate Accept-Encoding gzip, deflate, br Cookie _cc_cc=ctst Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Sec-Fetch-User ?1 Response headers Access-Control-Allow-Origin * Cache-Control no-cache Content-Encoding gzip Content-Type text/html;charset=UTF-8 Date Mon, 20 Jan 2020 03:11:23 GMT Expires 0 P3P CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV Pragma no-cache Set-Cookie _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 16-Oct-2020 03:10:00 GMT;SameSite=None _cc_domain=.cc.straitstimes.com;Path=/;Domain=crwdcntrl.net;Expires=Fri, 16-Oct-2020 03:10:00 GMT;SameSite=None _cc_id=905add1febbd2fc05a1a0673a01eedb7;Path=/;Domain=crwdcntrl.net;Expires=Fri, 16-Oct-2020 03:10:00 GMT;SameSite=None _cc_cc="ACZ4nGNQsDQwTUxJMUxLTUpKMUpLBvIMEw3MzI0TDQxTU1OSzBmAIE5VKpoBDgR37fzBz%2FhekeE%2FIyPDndNbhWDsh7sQ4hN2INibzu5ih7HfNNwXgLFvnVSHMS8snsMCYz%2BY2sMIYy%2F%2FaAljXn5%2BRxbGPoykfMnSFrj4pVOP2GDs1vVPuWHsD0i2vkNiAwC5x1Qe";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 16-Oct-2020 03:10:00 GMT;Max-Age=23328000;SameSite=None _cc_aud="ABR4nGNgYGCIU5WKZoABFgbmtX9BDNalGmCBkx0Qqh1IAAB3QAYd";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 16-Oct-2020 03:10:00 GMT;Max-Age=23328000;SameSite=None Vary Accept-Encoding X-Server 10.45.24.128 Content-Length 458 Connection keep-alive Redirect headers Cache-Control no-cache Date Mon, 20 Jan 2020 03:11:23 GMT Expires 0 Location https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr P3P CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV Pragma no-cache Set-Cookie _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None X-Server 10.45.15.94 Content-Length 0 Connection keep-alive
GET H2	200	382416.gif idsync.rlcdn.com/	42 B 433 B	172ms 130ms	Image image/gif	35.190.72.21 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/382416.gif?partner_uid=905add1febbd2fc05a1a0673a01eedb7&gdpr=0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 21.72.190.35.bc.googleusercontent.com Software / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Referer https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Mon, 20 Jan 2020 03:11:23 GMT via 1.1 google content-type image/gif p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" status 200 cache-control no-cache, no-store timing-allow-origin * alt-svc clear content-length 42
GET H/1.1	200 OK	utsync.ashx ml314.com/	43 B 517 B	126ms 30ms	Image image/gif	52.215.103.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/utsync.ashx?eid=50146&et=0&fp=905add1febbd2fc05a1a0673a01eedb7 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.103.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-103-126.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers Referer https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Mon, 20 Jan 2020 03:11:22 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET p3P CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" Cache-Control private Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0,Mon, 20 Jan 2020 22:11:23 GMT
GET H2	403	insync thrtle.com/	0 0	330ms 99ms	Image text/html	34.194.33.21 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=905add1febbd2fc05a1a0673a01eedb7 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.194.33.21 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-194-33-21.compute-1.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H/1.1	200 OK	/ bcp.crwdcntrl.net/gmap/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_cm https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_cm=&google_tc= https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_gid=CAESEBDz7qkS70gkC3_JtlJ2_XU&google_cver=1	49 B 336 B	32ms 31ms	Image image/gif	52.51.136.41 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_gid=CAESEBDz7qkS70gkC3_JtlJ2_XU&google_cver=1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.51.136.41 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-51-136-41.eu-west-1.compute.amazonaws.com Software / Resource Hash `2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef` Request headers Referer https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Mon, 20 Jan 2020 03:11:23 GMT P3P CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV Access-Control-Allow-Origin * Cache-Control no-cache X-Server 10.45.22.142 Connection keep-alive Content-Type image/gif Content-Length 49 Expires 0 Redirect headers pragma no-cache date Mon, 20 Jan 2020 03:11:23 GMT server HTTP server (unknown) location https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_gid=CAESEBDz7qkS70gkC3_JtlJ2_XU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 297 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	tp=ANXS sync.crwdcntrl.net/map/c=281/rand=258207274/tpid=8078594335754389105/ Redirect Chain https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=258207274%2Ftpid%3D%24UID%2Ftp%3DANXS https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D258207274%252Ftpid%253D%2524UID%252Ftp%253DANXS https://sync.crwdcntrl.net/map/c=281/rand=258207274/tpid=8078594335754389105/tp=ANXS	49 B 335 B	117ms 29ms	Image image/gif	52.51.136.41 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=281/rand=258207274/tpid=8078594335754389105/tp=ANXS Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.51.136.41 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-51-136-41.eu-west-1.compute.amazonaws.com Software / Resource Hash `2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef` Request headers Referer https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Mon, 20 Jan 2020 03:11:23 GMT P3P CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV Access-Control-Allow-Origin * Cache-Control no-cache X-Server 10.45.15.94 Connection keep-alive Content-Type image/gif Content-Length 49 Expires 0 Redirect headers Pragma no-cache Date Mon, 20 Jan 2020 03:11:25 GMT AN-X-Request-Uuid 112e9a00-ac00-4638-8d09-803089c0d063 Content-Type text/html; charset=utf-8 Server nginx/1.13.4 Location https://sync.crwdcntrl.net/map/c=281/rand=258207274/tpid=8078594335754389105/tp=ANXS P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 85.159.237.67; 85.159.237.67; 538.bm-nginx-loadbalancer.mgmt.fra1; .adnxs.com; 37.252.172.233:80 Content-Length* 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://ps.eyeota.net/match?bid=51mdg9u&uid=905add1febbd2fc05a1a0673a01eedb7 https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=905add1febbd2fc05a1a0673a01eedb7 https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u& https://ps.eyeota.net/match?bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESENRDIyiY6CgIDz7yAzBPGZk&google_cver=1 https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3462580498202964942&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26&mm_bnc&mm_bct&UUID=6b2... https://ps.eyeota.net/match?bid=7vi0rg0&uid=6b285e25-0d28-4800-a0da-49d756cba7f1&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26&_test=XiUaXA... https://ps.eyeota.net/match?uid=XiUaXAAAAJ9VkEQW&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=51mdg9u&&_test=XiUaXAAAAJ9VkEQW https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1 https://ps.eyeota.net/match?uid=fb5f4efa-147e-4435-a793-ebd61ae2f529&bid=1e2n4ou	70 B 171 B	21ms 20ms	Image image/gif	18.184.216.10 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=fb5f4efa-147e-4435-a793-ebd61ae2f529&bid=1e2n4ou Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-216-10.eu-central-1.compute.amazonaws.com Software / Resource Hash `de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98` Request headers Referer https://bcp.crwdcntrl.net/5/ct=y/c=4335/rand=804368089/pv=y/int=%23OpR%2342678%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2345439%23www.straitstimes.com%20%3A%20Total%20Site%20Traffic/ug=%23OpR%2376400%23Straits%20Times%20%3A%20Adblocker%20%3A%200/ug=%23OpR%2372875%23Grapeshot%20keywords%20%3A%20gs_health_misc%2Cgs_home_pets%2Cgs_science_misc/rt=ifr User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 20 Jan 2020 03:11:24 GMT Content-Length 70 Content-Type image/gif Redirect headers pragma no-cache date Mon, 20 Jan 2020 03:11:24 GMT x-aspnet-version 4.0.30319 location https://ps.eyeota.net/match?uid=fb5f4efa-147e-4435-a793-ebd61ae2f529&bid=1e2n4ou p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" status 302 cache-control private,no-cache, must-revalidate content-type text/html content-length 191

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.crwdcntrl.net/	1970-01-19 13:13:37	Name: _cc_cc Value: "ACZ4nGNQsDQwTUxJMUxLTUpKMUpLBvIMEw3MzI0TDQxTU1OSzBmAIE5VKpoBDgR37fzBz%2FhekeE%2FIyPDndNbhWDsh7sQ4hN2INibzu5ih7HfNNwXgLFvnVSHMS8snsMCYz%2BY2sMIYy%2F%2FaAljXn5%2BRxbGPoykfMnSFrj4pVOP2GDs1vVPuWHsD0i2vkNiAwC5x1Qe"
.crwdcntrl.net/	1970-01-19 13:13:37	Name: _cc_domain Value: .cc.straitstimes.com
.crwdcntrl.net/	1970-01-19 13:13:37	Name: _cc_aud Value: "ABR4nGNgYGCIU5WKZoABFgbmtX9BDNalGmCBkx0Qqh1IAAB3QAYd"
.crwdcntrl.net/	1970-01-19 13:13:37	Name: _cc_id Value: 905add1febbd2fc05a1a0673a01eedb7
.crwdcntrl.net/	1970-01-19 13:13:37	Name: _cc_dc Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
cm.g.doubleclick.net
d.turn.com
idsync.rlcdn.com
match.adsrvr.org
ml314.com
ps.eyeota.net
secure.adnxs.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
thrtle.com
151.101.14.49
172.217.18.162
18.184.216.10
185.29.133.208
34.194.33.21
35.190.72.21
37.252.172.250
46.228.164.13
52.215.103.126
52.49.13.31
52.51.136.41
0d7c9111757cc6d89afa0c5626f2f82701524a7b1bc6dd01d1ccc2e795a87955
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

bcp.crwdcntrl.net Open in urlscan Pro 52.51.136.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

11 Domains

12 Subdomains

5 IPs

5 Countries

3 kBTransfer

1 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

5 Cookies

Indicators

bcp.crwdcntrl.net Open in urlscan Pro
52.51.136.41 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

5
IPs

5
Countries

3 kB
Transfer

1 kB
Size

5
Cookies

7 HTTP transactions
0 data transactions