presentation-atl1.turn.com

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 50.116.194.21, located in United States and belongs to TURN-US-ASN - Turn Inc., US. The main domain is presentation-atl1.turn.com.

This is the only time presentation-atl1.turn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	50.116.194.21 50.116.194.21	6336 (TURN-US-ASN) (TURN-US-ASN - Turn Inc.)
2 2	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE - Google LLC)
1	46.228.164.11 46.228.164.11	56396 (TURN) (TURN)
2	2

1 50.116.194.21 (United States)

ASN6336 (TURN-US-ASN - Turn Inc., US)
PTR: presentation-atl1.turn.com

presentation-atl1.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.66 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom)

ASN56396 (TURN, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	doubleclick.net 2 redirects cm.g.doubleclick.net	575 B
2	turn.com presentation-atl1.turn.com r.turn.com	2 KB
2	2

	Domain	Requested by
2	cm.g.doubleclick.net	2 redirects
1	r.turn.com	presentation-atl1.turn.com
1	presentation-atl1.turn.com
2	3

This site contains no links.

Subject Issuer	Validity	Valid
*.turn.com DigiCert SHA2 Secure Server CA	`2019-01-25` - `2020-03-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=2347338610911706602&mktid=705&btp=-1&sp=y&pid=3&nu=n&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&ssl=y&drvuid=-1&bddc=n
Frame ID: 0E007B90F5CA250F878552DA50691DAE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Apache Tomcat (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

2 kB
Transfer

1 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM0NzMzODYxMDkxMTcwNjYwMg== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm=&google_sc=&google_hm=MjM0NzMzODYxMDkxMTcwNjYwMg==&google_tc= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEPbhu2o1psDZK5XHQiV-yc4&google_cver=1

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set dynamic_ddc.htm Show response presentation-atl1.turn.com/server/	879 B 1 KB	460ms 355ms	Document text/html	50.116.194.21 Turn Inc.
General Check archive.org Show headers Download Go to Full URL http://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=2347338610911706602&mktid=705&btp=-1&sp=y&pid=3&nu=n&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&ssl=y&drvuid=-1&bddc=n Protocol HTTP/1.1 Server 50.116.194.21 , United States, ASN6336 (TURN-US-ASN - Turn Inc., US), Reverse DNS presentation-atl1.turn.com Software Apache-Coyote/1.1 / Resource Hash `4a6a919c1e5a84b4c83f483c58a6b1a243f8440eac92da4ca18cbea55ba9973c` Request headers Host presentation-atl1.turn.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server Apache-Coyote/1.1 Set-Cookie JSESSIONID=0E17AA9550D544EF885CAE97ED19E1F3; Path=/; HttpOnly P3P policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Content-Encoding gzip Vary Accept-Encoding Date Fri, 15 Nov 2019 16:43:33 GMT
GET H/1.1	200 OK	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM0NzMzODYxMDkxMTcwNjYwMg== https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm=&google_sc=&google_hm=MjM0NzMzODYxMDkxMTcwNjYwMg==&google_tc= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEPbhu2o1psDZK5XHQiV-yc4&google_cver=1	43 B 490 B	389ms 76ms	Image image/gif	46.228.164.11 TURN
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEPbhu2o1psDZK5XHQiV-yc4&google_cver=1 Requested by Host: presentation-atl1.turn.com URL: http://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=2347338610911706602&mktid=705&btp=-1&sp=y&pid=3&nu=n&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&ssl=y&drvuid=-1&bddc=n Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 46.228.164.11 , United Kingdom, ASN56396 (TURN, GB), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash `48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438` Request headers Referer http://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=2347338610911706602&mktid=705&btp=-1&sp=y&pid=3&nu=n&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&ssl=y&drvuid=-1&bddc=n User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Fri, 15 Nov 2019 16:43:33 GMT Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Server Apache-Coyote/1.1 P3P policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Content-Length 43 Content-Type image/gif Redirect headers pragma no-cache date Fri, 15 Nov 2019 16:43:33 GMT server HTTP server (unknown) status 302 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEPbhu2o1psDZK5XHQiV-yc4&google_cver=1 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 301 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.turn.com/	1970-01-19 09:29:48	Name: pxs Value: 172291738%2318215
			presentation-atl1.turn.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 0E17AA9550D544EF885CAE97ED19E1F3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.g.doubleclick.net
presentation-atl1.turn.com
r.turn.com
172.217.22.66
46.228.164.11
50.116.194.21
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6a919c1e5a84b4c83f483c58a6b1a243f8440eac92da4ca18cbea55ba9973c

presentation-atl1.turn.com Open in urlscan Pro 50.116.194.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

2 Requests

50 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

2 Countries

2 kBTransfer

1 kBSize

2 Cookies

0 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

2 Cookies

Indicators

presentation-atl1.turn.com Open in urlscan Pro
50.116.194.21 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

2 kB
Transfer

1 kB
Size

2
Cookies

2 HTTP transactions
0 data transactions