urlscan.io logo urlscan.io
SecurityTrails logo

ads.kwanzoo.com Open in urlscan Pro
35.162.195.79  Public Scan

Go To Rescan Add Verdict Report
URL: https://ads.kwanzoo.com/widget/customized/9754/load
Submission: On April 13 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 16 HTTP transactions. The main IP is 35.162.195.79, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is ads.kwanzoo.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 7th 2019. Valid for: a year.
This is the only time ads.kwanzoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 35.162.195.79 16509 (AMAZON-02)
1 92.123.150.214 16625 (AKAMAI-AS)
1 6 52.215.103.126 16509 (AMAZON-02)
1 2 209.167.231.17 7160 (NETDYNAMICS)
1 34.196.252.78 14618 (AMAZON-AES)
1 2 54.194.155.186 16509 (AMAZON-02)
2 2 35.190.72.21 15169 (GOOGLE)
2 2 52.208.216.178 16509 (AMAZON-02)
2 2 52.211.146.59 16509 (AMAZON-02)
1 3.120.214.218 16509 (AMAZON-02)
16 7
6    35.162.195.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-195-79.us-west-2.compute.amazonaws.com
ads.kwanzoo.com
1    92.123.150.214 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-150-214.deploy.static.akamaitechnologies.com
tags.bluekai.com
6    52.215.103.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-103-126.eu-west-1.compute.amazonaws.com
ml314.com
2    209.167.231.17 (United States)

ASN7160 (NETDYNAMICS, US)
PTR: e017.en25.com
s2318.t.eloqua.com
1    34.196.252.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-252-78.compute-1.amazonaws.com
in.ml314.com
2    54.194.155.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-155-186.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    52.208.216.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-216-178.eu-west-1.compute.amazonaws.com
match.adsrvr.org
2    52.211.146.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-146-59.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
ps.eyeota.net
Apex Domain
Subdomains		 Transfer
7 ml314.com
ml314.com
in.ml314.com
15 KB
6 kwanzoo.com
ads.kwanzoo.com
15 KB
2 crwdcntrl.net
sync.crwdcntrl.net
1008 B
2 adsrvr.org
match.adsrvr.org
927 B
2 rlcdn.com
idsync.rlcdn.com
847 B
2 demdex.net
dpm.demdex.net
2 KB
2 eloqua.com
s2318.t.eloqua.com
1 KB
1 eyeota.net
ps.eyeota.net
344 B
1 bluekai.com
tags.bluekai.com
407 B
16 9
Domain Requested by
6 ml314.com 1 redirects ads.kwanzoo.com
ml314.com
6 ads.kwanzoo.com ads.kwanzoo.com
2 sync.crwdcntrl.net 2 redirects
2 match.adsrvr.org 2 redirects
2 idsync.rlcdn.com 2 redirects
2 dpm.demdex.net 1 redirects
2 s2318.t.eloqua.com 1 redirects ads.kwanzoo.com
1 ps.eyeota.net
1 in.ml314.com ml314.com
1 tags.bluekai.com ads.kwanzoo.com
16 10

This site contains no links.

Subject Issuer Validity Valid
www.kwanzoo.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-07 -
2020-06-05		 a year crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2020-01-10 -
2021-04-10		 a year crt.sh
*.ml314.com
Amazon		 2020-02-17 -
2021-03-17		 a year crt.sh
*.t.eloqua.com
DigiCert SHA2 Secure Server CA		 2020-03-09 -
2022-04-08		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.eyeota.net
Let's Encrypt Authority X3		 2020-04-10 -
2020-07-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ads.kwanzoo.com/widget/customized/9754/load
Frame ID: 07791CE8CA52DC841E7BB97E2AED2C14
Requests: 1 HTTP requests in this frame

Frame: https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
Frame ID: 95479707729C850A0919FE9975B37904
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

7
IPs

4
Countries

32 kB
Transfer

70 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://s2318.t.eloqua.com/visitor/v200/svrGP?pps=50&siteid=2318&DLKey=7dec57d9-6d3f-436f-85a2-5543a7460fa5&DLLookup=&ms=578 HTTP 302
  • https://s2318.t.eloqua.com/visitor/v200/svrGP.aspx?pps=50&siteid=2318&DLKey=7dec57d9-6d3f-436f-85a2-5543a7460fa5&DLLookup=&ms=578&elqCookie=1
Request Chain 8
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3609550891796922381&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3609550891796922381&redir=
Request Chain 9
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3609550891796922381 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYwOTU1MDg5MTc5NjkyMjM4MRAAGg0Il4fS9AUSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=5b676a1c40cfd43d2625003efd506a6b1b319ab6d1ba3cc44132bc574854e1bef4cb09cee1a4f8eb&person_id=3609550891796922381&eid=50082
Request Chain 10
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=0a319ca7-e23a-4aff-af4c-fe4dc4a9a8ca HTTP 302
  • https://ml314.com/csync.ashx?fp=0a319ca7-e23a-4aff-af4c-fe4dc4a9a8ca&person_id=3609550891796922381&eid=53819
Request Chain 11
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3609550891796922381 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3609550891796922381 HTTP 302
  • https://ml314.com/csync.ashx?fp=cbd84196959394ec337cb60bb45a772c&eid=50146&person_id=3609550891796922381

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set load
ads.kwanzoo.com/widget/customized/9754/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.kwanzoo.com/widget/customized/9754/load
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.195.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-195-79.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4869d3640fcc6fcd1608ccc16ff844e74f801c32b52d8555487c995a42f9da3e

Request headers

Host
ads.kwanzoo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Encoding
gzip
Content-Language
en-US
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 13 Apr 2020 15:21:55 GMT
Server
Apache/2.2.15 (CentOS)
Set-Cookie
JSESSIONID=376AD25305DE77DA5EF47BA2EC8516F8; Path=/; Secure AWSELB=4BAB97F70CCCEFA9B8962F2EAC9AE7EFE4A44BF10FB7123C8F5D9A1ED3C4A3C707DC05EFBCBE28B102439ECA265CA629566AC907AEEF09DF01318C8B0C64983307E90C2085B3EB69C8D9B3DF545486218B953FA70E;PATH=/;SECURE
Vary
Accept-Encoding
Content-Length
914
Connection
keep-alive
widget_cover.htm
ads.kwanzoo.com/kzmain/ Frame 9547 		36 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
Requested by
Host: ads.kwanzoo.com
URL: https://ads.kwanzoo.com/widget/customized/9754/load
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.195.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-195-79.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f3484aec1043f7ceece9d8f5b380f05a89659d6288fa01a02bdd03f537e83de9

Request headers

Host
ads.kwanzoo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.kwanzoo.com/widget/customized/9754/load
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
JSESSIONID=376AD25305DE77DA5EF47BA2EC8516F8; AWSELB=4BAB97F70CCCEFA9B8962F2EAC9AE7EFE4A44BF10FB7123C8F5D9A1ED3C4A3C707DC05EFBCBE28B102439ECA265CA629566AC907AEEF09DF01318C8B0C64983307E90C2085B3EB69C8D9B3DF545486218B953FA70E
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads.kwanzoo.com/widget/customized/9754/load

Response headers

Content-Encoding
gzip
Content-Language
en-US
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 13 Apr 2020 15:21:55 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
Content-Length
9892
Connection
keep-alive
41086
tags.bluekai.com/site/ Frame 9547 		39 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/41086?ret=js
Requested by
Host: ads.kwanzoo.com
URL: https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.150.214 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-150-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
665abaddd73f7c9d806765385846d95c25fb5cbca34e89575cad15cfccad248b

Request headers

Referer
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Apr 2020 15:21:56 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/javascript
Content-Length
39
BK-Server
708
Expires
Thu, 01 Dec 1994 16:00:00 GMT
tag.aspx
ml314.com/ Frame 9547 		26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?133
Requested by
Host: ads.kwanzoo.com
URL: https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-126.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9c6af299685617864c257472040f437ef951afec994720a24781931cc3527017

Request headers

Referer
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 13 Apr 2020 15:21:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Apr 2020 06:24:19 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=54143
Connection
keep-alive
Content-Length
11933
Expires
Tue, 14 Apr 2020 06:24:19 GMT
JSClientService.isDriftEnabled.dwr
ads.kwanzoo.com/kzmain/dwr/call/plaincall/ Frame 9547 		79 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.kwanzoo.com/kzmain/dwr/call/plaincall/JSClientService.isDriftEnabled.dwr
Requested by
Host: ads.kwanzoo.com
URL: https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.195.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-195-79.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
7fd1d96b5d5166938b8296d014ad6bdf2f45ed4d04cb9c339c32a837337e8ea3

Request headers

Referer
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 13 Apr 2020 15:21:56 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
Content-Length
92
Vary
Accept-Encoding
Content-Type
text/javascript
elqCfg.min.js
ads.kwanzoo.com/scripts/ Frame 9547 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.kwanzoo.com/scripts/elqCfg.min.js?8641
Requested by
Host: ads.kwanzoo.com
URL: https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.195.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-195-79.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b3754affe6725b0fd507673b62dc88a2c6c692d6d9d4b36bd8a243e9cbe3bb32

Request headers

Referer
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 13 Apr 2020 15:21:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Apr 2020 10:02:41 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1685
Expires
Tue, 13 Apr 2021 15:21:56 GMT
svrGP.aspx
s2318.t.eloqua.com/visitor/v200/ Frame 9547
Redirect Chain
  • https://s2318.t.eloqua.com/visitor/v200/svrGP?pps=50&siteid=2318&DLKey=7dec57d9-6d3f-436f-85a2-5543a7460fa5&DLLookup=&ms=578
  • https://s2318.t.eloqua.com/visitor/v200/svrGP.aspx?pps=50&siteid=2318&DLKey=7dec57d9-6d3f-436f-85a2-5543a7460fa5&DLLookup=&ms=578&elqCookie=1
0
404 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s2318.t.eloqua.com/visitor/v200/svrGP.aspx?pps=50&siteid=2318&DLKey=7dec57d9-6d3f-436f-85a2-5543a7460fa5&DLLookup=&ms=578&elqCookie=1
Requested by
Host: ads.kwanzoo.com
URL: https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.167.231.17 , United States, ASN7160 (NETDYNAMICS, US),
Reverse DNS
e017.en25.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Mon, 13 Apr 2020 15:21:57 GMT
Vary
Accept-Encoding
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
private,no-cache, no-store
Content-Type
application/javascript
Content-Length
20
Expires
-1

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Mon, 13 Apr 2020 15:21:57 GMT
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location
//s2318.t.eloqua.com/visitor/v200/svrGP.aspx?pps=50&siteid=2318&DLKey=7dec57d9-6d3f-436f-85a2-5543a7460fa5&DLLookup=&ms=578&elqCookie=1
Cache-Control
private,no-cache, no-store
Content-Type
text/html; charset=utf-8
Content-Length
272
Expires
-1
utsync.ashx
ml314.com/ Frame 9547 		644 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=60899&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fads.kwanzoo.com%2Fkzmain%2Fwidget_cover.htm%3FwidgetId%3D9754%26r%3D1586791315513&pv=1586791316112_9650c9ns9&bl=en-us&cb=5437&return=&ht=&d=&dc=&si=1586791316112_9650c9ns9&cid=&s=1600x1200&rp=https%3A%2F%2Fads.kwanzoo.com%2Fwidget%2Fcustomized%2F9754%2Fload
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-126.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9347bc22a0f8b5596b65bea3b434f7f2b76f80ca64416ead410d2775671998c5

Request headers

Referer
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Apr 2020 15:21:58 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
467
Expires
0
ud.ashx
in.ml314.com/ Frame 9547 		20 B
481 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=1332020
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.252.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-252-78.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 13 Apr 2020 15:21:58 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
Content-Length
138
Expires
Tue, 14 Apr 2020 15:21:59 GMT
demconf.jpg
dpm.demdex.net/ Frame 9547
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3609550891796922381&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3609550891796922381&redir=
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3609550891796922381&redir=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.155.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-155-186.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v065-068e20a35.edge-irl1.demdex.com 5.66.0.20200408080925 1ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
R+dYMQvBRZs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
5RsU3lcQSI4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3609550891796922381&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
csync.ashx
ml314.com/ Frame 9547
Redirect Chain
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3609550891796922381
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYwOTU1MDg5MTc5NjkyMjM4MRAAGg0Il4fS9AUSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=5b676a1c40cfd43d2625003efd506a6b1b319ab6d1ba3cc44132bc574854e1bef4cb09cee1a4f8eb&person_id=3609550891796922381&eid=50082
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=5b676a1c40cfd43d2625003efd506a6b1b319ab6d1ba3cc44132bc574854e1bef4cb09cee1a4f8eb&person_id=3609550891796922381&eid=50082
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-126.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 13 Apr 2020 15:21:59 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Tue, 14 Apr 2020 11:21:59 GMT

Redirect headers

date
Mon, 13 Apr 2020 15:21:59 GMT
via
1.1 google
status
307
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=5b676a1c40cfd43d2625003efd506a6b1b319ab6d1ba3cc44132bc574854e1bef4cb09cee1a4f8eb&person_id=3609550891796922381&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
csync.ashx
ml314.com/ Frame 9547
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=0a319ca7-e23a-4aff-af4c-fe4dc4a9a8ca
  • https://ml314.com/csync.ashx?fp=0a319ca7-e23a-4aff-af4c-fe4dc4a9a8ca&person_id=3609550891796922381&eid=53819
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=0a319ca7-e23a-4aff-af4c-fe4dc4a9a8ca&person_id=3609550891796922381&eid=53819
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-126.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 13 Apr 2020 15:21:58 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Tue, 14 Apr 2020 11:21:59 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 13 Apr 2020 15:21:58 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location
https://ml314.com/csync.ashx?fp=0a319ca7-e23a-4aff-af4c-fe4dc4a9a8ca&person_id=3609550891796922381&eid=53819
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Tue, 14 Apr 2020 11:21:59 GMT
csync.ashx
ml314.com/ Frame 9547
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3609550891796922381
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3609550891796922381
  • https://ml314.com/csync.ashx?fp=cbd84196959394ec337cb60bb45a772c&eid=50146&person_id=3609550891796922381
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=cbd84196959394ec337cb60bb45a772c&eid=50146&person_id=3609550891796922381
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-126.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 13 Apr 2020 15:21:58 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Tue, 14 Apr 2020 11:21:59 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Apr 2020 15:21:59 GMT
status
302
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ml314.com/csync.ashx?fp=cbd84196959394ec337cb60bb45a772c&eid=50146&person_id=3609550891796922381
cache-control
no-cache
x-server
10.45.22.144
content-length
0
expires
0
pixel
ps.eyeota.net/ Frame 9547 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 13 Apr 2020 15:21:59 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
JSClientService.storeCookieParams.dwr
ads.kwanzoo.com/kzmain/dwr/call/plaincall/ Frame 9547 		76 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.kwanzoo.com/kzmain/dwr/call/plaincall/JSClientService.storeCookieParams.dwr
Requested by
Host: ads.kwanzoo.com
URL: https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.195.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-195-79.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5b4c8af5c028d134927ed6cce741585cca4c1de631f373768a943bcf67ce04b9

Request headers

Referer
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 13 Apr 2020 15:21:59 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
Content-Length
91
Vary
Accept-Encoding
Content-Type
text/javascript
JSClientService.getActivityAnalysisJson.dwr
ads.kwanzoo.com/kzmain/dwr/call/plaincall/ Frame 9547 		350 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.kwanzoo.com/kzmain/dwr/call/plaincall/JSClientService.getActivityAnalysisJson.dwr
Requested by
Host: ads.kwanzoo.com
URL: https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.195.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-195-79.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d7601d12782b7cf20a19e9e327c0dd465140d39272f6e5b955f9fe1911508346

Request headers

Referer
https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 13 Apr 2020 15:21:59 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
Content-Length
217
Vary
Accept-Encoding
Content-Type
text/javascript

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| getPosition

2 Cookies

Domain/Path Name / Value
ads.kwanzoo.com/ Name: AWSELB
Value: 4BAB97F70CCCEFA9B8962F2EAC9AE7EFE4A44BF10FB7123C8F5D9A1ED3C4A3C707DC05EFBCBE28B102439ECA265CA629566AC907AEEF09DF01318C8B0C64983307E90C2085B3EB69C8D9B3DF545486218B953FA70E
ads.kwanzoo.com/ Name: JSESSIONID
Value: 376AD25305DE77DA5EF47BA2EC8516F8

3 Console Messages

Source Level URL
Text
console-api log URL: https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513(Line 134)
Message:
bomboraData: 3000ms [object Object]
console-api log URL: https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513(Line 158)
Message:
activityJson: [object Object]
console-api log URL: https://ads.kwanzoo.com/kzmain/widget_cover.htm?widgetId=9754&r=1586791315513(Line 164)
Message:
analysisJson: 231ms [object Object]