urlscan.io logo urlscan.io
SecurityTrails logo

www.dramabeans.com Open in urlscan Pro
2400:cb00:2048:1::681f:42e6  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Submission: On September 13 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 7 countries across 21 domains to perform 42 HTTP transactions. The main IP is 2400:cb00:2048:1::681f:42e6, located in United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is www.dramabeans.com.
This is the only time www.dramabeans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2400:cb00:204... 13335 (CLOUDFLAR...)
2 52.203.113.41 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
4 8 52.44.143.16 14618 (AMAZON-AES)
1 1 8.41.222.241 26120 (RHYTHMONE)
3 3 35.189.195.106 15169 (GOOGLE)
2 2 136.243.75.33 24940 (HETZNER-AS)
1 1 151.101.114.49 54113 (FASTLY)
1 1 188.138.33.12 8972 (PLUSSERVE...)
1 34.203.101.54 14618 (AMAZON-AES)
3 216.58.210.2 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.144.140 16509 (AMAZON-02)
1 52.94.216.48 16509 (AMAZON-02)
1 185.86.139.29 201081 (SMARTADSE...)
3 68.232.35.16 15133 (EDGECAST)
5 151.101.112.166 54113 (FASTLY)
1 1 216.58.214.66 15169 (GOOGLE)
2 2 54.247.91.116 16509 (AMAZON-02)
2 104.108.37.192 16625 (AKAMAI-AS)
1 2 34.202.7.71 14618 (AMAZON-AES)
1 2 52.51.71.211 16509 (AMAZON-02)
1 62.67.193.41 26667 (RUBICONPR...)
1 46.101.210.134 ()
1 192.241.140.55 ()
3 128.199.81.241 ()
1 192.241.148.20 ()
42 21
2    2400:cb00:2048:1::681f:42e6 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
www.dramabeans.com
2    52.203.113.41 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-203-113-41.compute-1.amazonaws.com
banner.monarchads.com
tb.monarchads.com
3    2a00:1450:4001:817::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.googletagservices.com
pagead2.googlesyndication.com
8    52.44.143.16 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-44-143-16.compute-1.amazonaws.com
sync.monarchads.com
1    8.41.222.241 (United States)

ASN26120 (RHYTHMONE - RhythmOne, LLC, US)
sync.1rx.io
3    35.189.195.106 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 106.195.189.35.bc.googleusercontent.com
x.bidswitch.net
2    136.243.75.33 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hosting.adhigh.net
px.adhigh.net
1    151.101.114.49 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
match.basebanner.com
1    188.138.33.12 (Germany)

ASN8972 (PLUSSERVER-AS, DE)
PTR: loft9003.serverprofi24.de
cs.tekblue.net
1    34.203.101.54 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-203-101-54.compute-1.amazonaws.com
sync.monarchads.com
3    216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra16s07-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:816::2001 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
tpc.googlesyndication.com
1    13.32.144.140 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-144-140.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    52.94.216.48 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
aax.amazon-adsystem.com
1    185.86.139.29 (France)

ASN201081 (SMARTADSERVER, FR)
www9.smartadserver.com
3    68.232.35.16 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ced-ns.sascdn.com
5    151.101.112.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
tag.contextweb.com
bh.contextweb.com
tag-st.contextweb.com
ads.contextweb.com
1    216.58.214.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra15s10-in-f2.1e100.net
cm.g.doubleclick.net
2    54.247.91.116 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-91-116.eu-west-1.compute.amazonaws.com
match.adsrvr.org
2    104.108.37.192 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-37-192.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
2    34.202.7.71 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-202-7-71.compute-1.amazonaws.com
idsync.rlcdn.com
2    52.51.71.211 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-71-211.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    62.67.193.41 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
optimized-by.rubiconproject.com
1    46.101.210.134 (Frankfurt, Germany)

ASN- ()
PTR: pcdn01.fra02.nsone.co
c.ns1p.net
1    192.241.140.55 (North Bergen, United States)

ASN- ()
PTR: pschedlb02.lga02.nsone.co
s.ns1p.net
3    128.199.81.241 (Singapore, Singapore)

ASN- ()
PTR: pcdn01.sin04.nsone.co
pcdn01.sin04.nsone.co
1    192.241.148.20 (North Bergen, United States)

ASN- ()
PTR: pblb02.lga02.nsone.co
b.ns1p.net
Domain Requested by
9 sync.monarchads.com 4 redirects www.dramabeans.com
banner.monarchads.com
3 pcdn01.sin04.nsone.co
3 ced-ns.sascdn.com www9.smartadserver.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.dramabeans.com
3 x.bidswitch.net 3 redirects
2 dpm.demdex.net 1 redirects www.dramabeans.com
2 idsync.rlcdn.com 1 redirects www.dramabeans.com
2 match.adsrvr.org 2 redirects
2 bh.contextweb.com www.dramabeans.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.dramabeans.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
2 px.adhigh.net 2 redirects
2 www.dramabeans.com www.dramabeans.com
1 b.ns1p.net c.ns1p.net
1 s.ns1p.net c.ns1p.net
1 c.ns1p.net www.dramabeans.com
1 secure-assets.rubiconproject.com www.dramabeans.com
1 optimized-by.rubiconproject.com ads.rubiconproject.com
1 ads.rubiconproject.com ads.contextweb.com
1 ads.contextweb.com tag-st.contextweb.com
1 tag-st.contextweb.com tag.contextweb.com
1 cm.g.doubleclick.net 1 redirects
1 tag.contextweb.com ced-ns.sascdn.com
1 www9.smartadserver.com c.amazon-adsystem.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 c.amazon-adsystem.com securepubads.g.doubleclick.net
1 cs.tekblue.net 1 redirects
1 match.basebanner.com 1 redirects
1 sync.1rx.io 1 redirects
1 tb.monarchads.com banner.monarchads.com
1 www.googletagservices.com banner.monarchads.com
1 banner.monarchads.com www.dramabeans.com
0 aax-eu.amazon-adsystem.com Failed c.amazon-adsystem.com
0 pixel.quantserve.com Failed www.dramabeans.com
42 34

This site contains no links.

Subject Issuer Validity Valid
*.monarchads.com
Amazon		 2017-02-13 -
2018-03-13		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G2		 2017-09-07 -
2017-11-30		 3 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G2		 2017-09-07 -
2017-11-30		 3 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2016-01-12 -
2019-03-01		 3 years crt.sh

This page contains 4 frames:

Primary Page: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Frame ID: 12963.1
Requests: 39 HTTP requests in this frame

Frame: http://bh.contextweb.com/bh/visitormatch?tag=357773&pid=558442
Frame ID: 12963.3
Requests: 1 HTTP requests in this frame

Frame: http://pixel.quantserve.com/pixel/p-01-0VIaSjnOLg.gif?tags=CONTEXTWEB.IAB24-2,PUBLISHER.558442,,CAMPAIGN.0.0,,ADSIZE.300X600,ZIPCODE.91710,PUBLISHERDOMAIN.dramabeans.com
Frame ID: 12963.4
Requests: 1 HTTP requests in this frame

Frame: http://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=simplifi
Frame ID: 12963.5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /https?:\/\/[^\/]*\.rubiconproject\.com/i

Page Statistics

42
Requests

24 %
HTTPS

11 %
IPv6

21
Domains

34
Subdomains

21
IPs

7
Countries

185 kB
Transfer

449 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://sync.monarchads.com/?pid=rhythmone HTTP 302
  • https://sync.1rx.io/usersync2/monarchads HTTP 302
  • https://sync.monarchads.com/?pid=rhythmone&xid=OPTOUT
Request Chain 5
  • https://sync.monarchads.com/?pid=bidswitch HTTP 302
  • https://x.bidswitch.net/sync?ssp=monarch HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=monarch HTTP 302
  • https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=monarch HTTP 302
  • https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=monarch&bounced=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=9&user_id=DpMgFWHe7s&expires=30&ssp=monarch HTTP 302
  • https://sync.monarchads.com/?pid=bidswitch&xid=d083250a-789c-4575-94ed-4fb1950b7c0f
Request Chain 7
  • https://sync.monarchads.com/?pid=taboola HTTP 302
  • https://match.basebanner.com/match?excid=65&cijs=0 HTTP 302
  • https://sync.monarchads.com/?pid=taboola&xid=bfb0cff1-4778-4b63-9b6d-4fb76fcfe526-tuctb2b692
Request Chain 8
  • https://sync.monarchads.com/?pid=telemetry HTTP 302
  • https://cs.tekblue.net/u/map.gif?redir=http%3A%2F%2Fsync.monarchads.com%2F%3Fpid%3Dtelemetry%26xid%3D__TEKBLUE_UUID HTTP 302
  • http://sync.monarchads.com/?pid=telemetry&xid=17309987163121202726_5370423194383845577
Request Chain 22
  • http://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
  • http://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEGpUBHU-mKPKgGvXRVKYZww&google_cver=1
Request Chain 23
  • http://match.adsrvr.org/track/cmf/contextweb HTTP 302
  • http://match.adsrvr.org/track/cmb/contextweb HTTP 302
  • http://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=eb01a3d4-3713-4109-92f7-ac5fb436bdc2
Request Chain 27
  • http://idsync.rlcdn.com/400066.gif?partner_uid=vicvsiT2grcq HTTP 302
  • http://idsync.rlcdn.com/400066.gif?partner_uid=vicvsiT2grcq&redirect=1
Request Chain 28
  • http://dpm.demdex.net/ibs:dpid=96678&dpuuid=vicvsiT2grcq HTTP 302
  • http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=vicvsiT2grcq

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bannerFrame.php
www.dramabeans.com/ads/ 		196 B
170 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:42e6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
17364c14b86c8a38ca6c0c02563f2a4991f295963fcf102da4bad6940e6b212b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:22:24 GMT
Content-Encoding
gzip
Server
cloudflare-nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
39db6a45e5d764ff-FRA
ad_timer.js
www.dramabeans.com/ads/ 		419 B
282 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dramabeans.com/ads/ad_timer.js
Requested by
Host: www.dramabeans.com
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:42e6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
a8b6b2a3a39951a5b77a4028b407aa9966f70cb75d4823840d52173e738407be

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:22:24 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 31 Aug 2017 09:37:36 GMT
Server
cloudflare-nginx
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
39db6a48371c64ff-FRA
Content-Length
282
Expires
Wed, 13 Sep 2017 17:22:24 GMT
/
banner.monarchads.com/ 		633 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
http://banner.monarchads.com/?tag=2621
Requested by
Host: www.dramabeans.com
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
HTTP/1.1
Server
52.203.113.41 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-203-113-41.compute-1.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) / Express
Resource Hash
b1539eb26b6d0b9ad02e7020e209217ad31a104ea7587232d895caf92d9f59bb

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:24:08 GMT
ETag
W/"279-1CYTQtwhzk67XX9FDpvr0g"
Server
nginx/1.4.6 (Ubuntu)
Connection
keep-alive
X-Powered-By
Express
Content-Length
633
Content-Type
text/javascript; charset=utf-8
gpt.js
www.googletagservices.com/tag/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: banner.monarchads.com
URL: http://banner.monarchads.com/?tag=2621
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
9d0d3a16faa92c1b4ec9742fbe10d91b6ebe31998be4eed4c9823055aa656000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 13 Sep 2017 13:22:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1505249114138232"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
3814
X-XSS-Protection
1; mode=block
Expires
Wed, 13 Sep 2017 13:22:25 GMT
render
tb.monarchads.com/98878569-6ff7-42e9-b21e-5cf81de07cf0/2864/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tb.monarchads.com/98878569-6ff7-42e9-b21e-5cf81de07cf0/2864/render
Requested by
Host: banner.monarchads.com
URL: http://banner.monarchads.com/?tag=2621
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.113.41 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-203-113-41.compute-1.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) / Express
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:24:08 GMT
ETag
W/"2b-V/GHx6ho+urFWAB6jrbLLg"
Server
nginx/1.4.6 (Ubuntu)
Connection
keep-alive
X-Powered-By
Express
Content-Length
43
Content-Type
image/gif
/
sync.monarchads.com/
Redirect Chain
  • https://sync.monarchads.com/?pid=rhythmone
  • https://sync.1rx.io/usersync2/monarchads
  • https://sync.monarchads.com/?pid=rhythmone&xid=OPTOUT
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.monarchads.com/?pid=rhythmone&xid=OPTOUT
Requested by
Host: www.dramabeans.com
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.143.16 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-44-143-16.compute-1.amazonaws.com
Software
go /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:22:25 GMT
Server
go
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 13 Sep 2017 13:22:26 GMT
Server
nginx
ETag
OPTOUT
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.monarchads.com/?pid=rhythmone&xid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Expires
0
/
sync.monarchads.com/
Redirect Chain
  • https://sync.monarchads.com/?pid=bidswitch
  • https://x.bidswitch.net/sync?ssp=monarch
  • https://x.bidswitch.net/ul_cb/sync?ssp=monarch
  • https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=monarch
  • https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=monarch&bounced=1
  • https://x.bidswitch.net/sync?dsp_id=9&user_id=DpMgFWHe7s&expires=30&ssp=monarch
  • https://sync.monarchads.com/?pid=bidswitch&xid=d083250a-789c-4575-94ed-4fb1950b7c0f
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.monarchads.com/?pid=bidswitch&xid=d083250a-789c-4575-94ed-4fb1950b7c0f
Requested by
Host: www.dramabeans.com
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.143.16 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-44-143-16.compute-1.amazonaws.com
Software
go /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:22:25 GMT
Server
go
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Wed, 13 Sep 2017 13:22:26 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//sync.monarchads.com/?pid=bidswitch&xid=d083250a-789c-4575-94ed-4fb1950b7c0f
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
/
sync.monarchads.com/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.monarchads.com/?pid=cox
Requested by
Host: banner.monarchads.com
URL: http://banner.monarchads.com/?tag=2621
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.143.16 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-44-143-16.compute-1.amazonaws.com
Software
go /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:22:25 GMT
Server
go
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
sync.monarchads.com/
Redirect Chain
  • https://sync.monarchads.com/?pid=taboola
  • https://match.basebanner.com/match?excid=65&cijs=0
  • https://sync.monarchads.com/?pid=taboola&xid=bfb0cff1-4778-4b63-9b6d-4fb76fcfe526-tuctb2b692
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.monarchads.com/?pid=taboola&xid=bfb0cff1-4778-4b63-9b6d-4fb76fcfe526-tuctb2b692
Requested by
Host: www.dramabeans.com
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.143.16 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-44-143-16.compute-1.amazonaws.com
Software
go /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:22:25 GMT
Server
go
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Wed, 13 Sep 2017 13:22:26 GMT
via
1.1 varnish
server
nginx/1.9.12
x-timer
S1505308946.077482,VS0,VE8
x-served-by
cache-hhn1536-HHN
status
302
x-cache
MISS
p3p
policyref="http://null/w3c/p3p.xml", CP="NOI IDC DSP COR CURa ADMa OUR IND COM STA NOR UNI"
location
https://sync.monarchads.com/?pid=taboola&xid=bfb0cff1-4778-4b63-9b6d-4fb76fcfe526-tuctb2b692
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, X-Prototype-Version, Content-Type, Origin, Allow
content-length
0
x-cache-hits
0
/
sync.monarchads.com/
Redirect Chain
  • https://sync.monarchads.com/?pid=telemetry
  • https://cs.tekblue.net/u/map.gif?redir=http%3A%2F%2Fsync.monarchads.com%2F%3Fpid%3Dtelemetry%26xid%3D__TEKBLUE_UUID
  • http://sync.monarchads.com/?pid=telemetry&xid=17309987163121202726_5370423194383845577
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sync.monarchads.com/?pid=telemetry&xid=17309987163121202726_5370423194383845577
Requested by
Host: www.dramabeans.com
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
HTTP/1.1
Server
34.203.101.54 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-203-101-54.compute-1.amazonaws.com
Software
go /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:22:25 GMT
Server
go
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 13 Sep 2017 13:22:26 GMT
Server
nginx/1.6.2
Content-Type
text/html
Location
http://sync.monarchads.com/?pid=telemetry&xid=17309987163121202726_5370423194383845577
Cache-Control
no-cache
Connection
keep-alive
Content-Length
160
Expires
Thu, 01 Jan 1970 00:00:01 GMT
pubads_impl_147.js
securepubads.g.doubleclick.net/gpt/ 		203 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
6d8fbc7f6dc806a2e9c82eb2aaa996fcd4888a25dde01c8487c7a425c023bf9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 11 Sep 2017 12:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177227
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
72677
x-xss-protection
1; mode=block
last-modified
Mon, 28 Aug 2017 21:04:09 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Sep 2018 12:08:38 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-10/html/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-10/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
48098da7b08a94c3c3c814c6c7f1ec8caf664c16fd02771b86ea4a88469ba11e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Purpose
prefetch
Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Mon, 11 Sep 2017 12:08:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 26 Jul 2017 14:03:10 GMT
Server
sffe
Age
177226
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, immutable, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1789
X-XSS-Protection
1; mode=block
Expires
Tue, 11 Sep 2018 12:08:39 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1938222581947586&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=108809107%2C21060003&sc=0&sfv=1-0-10&iu=%2F8095840%2F.2_6653.7_bm-dramabeans.com_tier1&sz=300x600&eri=2&cookie_enabled=1&abxe=1&lmt=1505308945&dt=1505308945771&frm=20&biw=1600&bih=1200&oid=3&adk=3761640287&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dramabeans.com%2Fads%2FbannerFrame.php%3Ftag%3D2621&dssz=4&icsg=202&std=0&vrg=147&vis=1&ga_vid=1247592362.1505308946&ga_sid=1505308946&ga_hid=48400705
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
3c099f292c96a5abaebd4b496fa4be047c89e7c4dbcc7b2522c9998cddd2ea14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 13 Sep 2017 13:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
3214
x-xss-protection
1; mode=block
google-lineitem-id
25460280
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
7385443920
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amzn_ads.js
c.amazon-adsystem.com/aax2/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/aax2/amzn_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js
Protocol
HTTP/1.1
Server
13.32.144.140 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-144-140.fra56.r.cloudfront.net
Software
Server /
Resource Hash
4bd7db4cf4edd4c8c8fc5f86b3909a81feb99aa92179d61017716b2d750a4486

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sun, 10 Sep 2017 20:10:00 GMT
Content-Encoding
gzip
Server
Server
Age
61944
ETag
dbd7d0cff324329fa8d4b918060533ed
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 bab68affea15bbe0bb14b61f027cc282.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4001
X-Amz-Cf-Id
JDxICCKceYpJJBWipk6qeZH2-1ryngKZKGYeqPuOPCdAfB4kH3axww==
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20170906/r20110914/activeview/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20170906/r20110914/activeview/osd_listener.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
1f845f1467f1b480ce488c236c7b86bcbddb14d453a96172809e9c287ff86844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 11 Sep 2017 12:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
10519
x-xss-protection
1; mode=block
server
cafe
etag
4539587328534411571
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2017 12:08:36 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
a048a57458c94d9c920c389ea29e5cba2b9138a5b21b96a84727b70c2f18cc81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 12:48:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
2052
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag
2010172586691044685
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
28513
X-XSS-Protection
1; mode=block
Expires
Wed, 13 Sep 2017 13:48:13 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyUVZRaBMRqXqejT-2haSNfj6n0hc5o-YOAEhfuPdd4pbTb3wk0jvWMaNL_xKWn6P7XxqV80LIaHKr6Ms2_OSP9ft3HMuDZHr--rsUyHvK_i4imLsqZX0e8sJ5QZ9fk9bCbRhjMuOnt0_zREySgfq6kijdTJa1xnrN5dyJgdzf5qJre8d9o8h_JV5GSKxjqTDeLEUpmqHlLGnoer_JfPSwfi-s1lv6nHX4A4FzQ4w0r2J_t2-YPx3yB79b7yIiR2kh-LngdAixMSGB7Q&sig=Cg0ArKJSzO44fhlTYrEwEAE&urlfix=1&adurl=
Requested by
Host: www.dramabeans.com
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Sep 2017 13:22:25 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
0
x-xss-protection
1; mode=block
expires
Wed, 13 Sep 2017 13:22:25 GMT
getad
aax.amazon-adsystem.com/x/ 		369 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
http://aax.amazon-adsystem.com/x/getad?jsd=1&src=3137&slot_uuid=a3f99c73-79fb-46fc-a376-27d47a5fc3f6&c=100&u=http%3A%2F%2Fwww.dramabeans.com%2Fads%2FbannerFrame.php%3Ftag%3D2621&cb=6035685
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Protocol
HTTP/1.1
Server
52.94.216.48 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
8e861ff6fa90eb3f5a5d81866650d48ff4b94740c0fa4f282d0acc42a5c4d791

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 13 Sep 2017 13:22:25 GMT
Content-Encoding
gzip
Server
Server
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=2, max=17
Content-Length
300
ac
www9.smartadserver.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www9.smartadserver.com/ac?out=js&nwid=1331&siteid=112642&pgname=.2_6653.7_bm-dramabeans.com_row_tier1&fmtid=41303&tgt=[sas_target]&visit=m&tmstp=[timestamp]&clcturl=[countgo]
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Protocol
HTTP/1.1
Server
185.86.139.29 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
7b41138d76351629d0f9b26d2081d0fb0cf67472f8d9866922aae266aae7a135

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 13 Sep 2017 13:22:26 GMT
Content-Encoding
gzip
X-SMRT-D
6%3b28%3b93
Vary
Accept-Encoding
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-SMRT-I
5685367
Cache-Control
no-cache, no-store
Content-Type
application/javascript; charset=utf-8
Content-Length
2918
Expires
-1
sas-browser.js
ced-ns.sascdn.com/diff/templates/js/sas/ 		2 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ced-ns.sascdn.com/diff/templates/js/sas/sas-browser.js
Requested by
Host: www9.smartadserver.com
URL: http://www9.smartadserver.com/ac?out=js&nwid=1331&siteid=112642&pgname=.2_6653.7_bm-dramabeans.com_row_tier1&fmtid=41303&tgt=[sas_target]&visit=m&tmstp=[timestamp]&clcturl=[countgo]
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4194) /
Resource Hash
98624d1fde012681aa1b41708b05b3eeac4eca34cc6e2f8ccbfc19ebcdc2e2d0

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 13 Sep 2017 13:22:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Jul 2015 14:55:29 GMT
Server
ECS (fcn/4194)
Cache-Control
max-age=86400
Etag
"f6e7332722340be0f535a70192991c6d:1438008929"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
X-N
S
Accept-Ranges
bytes
Content-Length
945
sas-dom.js
ced-ns.sascdn.com/diff/templates/js/sas/ 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ced-ns.sascdn.com/diff/templates/js/sas/sas-dom.js
Requested by
Host: www9.smartadserver.com
URL: http://www9.smartadserver.com/ac?out=js&nwid=1331&siteid=112642&pgname=.2_6653.7_bm-dramabeans.com_row_tier1&fmtid=41303&tgt=[sas_target]&visit=m&tmstp=[timestamp]&clcturl=[countgo]
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41CC) /
Resource Hash
3f9fbc5e546005c89714033d7edf1a92e3e72050baa75b0866fe1fef1ad74f0f

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 13 Sep 2017 13:22:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Aug 2014 13:05:03 GMT
Server
ECS (fcn/41CC)
Cache-Control
max-age=86400
Etag
"6bf614f460a08462cb3319a924c9c36a:1408539903"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
X-N
S
Accept-Ranges
bytes
Content-Length
1013
sas-banner-2.2.js
ced-ns.sascdn.com/diff/templates/js/banner/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ced-ns.sascdn.com/diff/templates/js/banner/sas-banner-2.2.js
Requested by
Host: www9.smartadserver.com
URL: http://www9.smartadserver.com/ac?out=js&nwid=1331&siteid=112642&pgname=.2_6653.7_bm-dramabeans.com_row_tier1&fmtid=41303&tgt=[sas_target]&visit=m&tmstp=[timestamp]&clcturl=[countgo]
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41DD) /
Resource Hash
348b5ad6db7b2f178e63bc676a206a7b3e797e59f5f3e0a1b94c8cb8adbeb2a5

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 13 Sep 2017 13:22:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Oct 2015 13:03:45 GMT
Server
ECS (fcn/41DD)
Cache-Control
max-age=86400
Etag
"21f1607ff98020b6cc878ce7818c55ae:1443791025"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
X-N
S
Accept-Ranges
bytes
Content-Length
2160
getjs.aspx
tag.contextweb.com/TagPublish/ 		1 KB
726 B 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=300X600&cwpid=558442&cwwidth=300&cwheight=600&cwpnet=1&cwtagid=357773
Requested by
Host: ced-ns.sascdn.com
URL: http://ced-ns.sascdn.com/diff/templates/js/banner/sas-banner-2.2.js
Protocol
HTTP/1.1
Server
151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.2.22.v20170606) /
Resource Hash
a9a2a055cf7090184348a244878ff427f9da644ce07476c798616c3223c1e2c8

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 13 Sep 2017 13:22:26 GMT
Content-Encoding
gzip
Content-Type
application/x-javascript
Server
Jetty(9.2.22.v20170606)
Age
0
X-Served-By
cache-hhn1549-HHN
Transfer-Encoding
chunked
X-Cache
MISS
P3P
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Via
1.1 varnish
Cache-Control
max-age=432000, public, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1505308946.468272,VS0,VE14
X-Cache-Hits
0
rtset
bh.contextweb.com/bh/
Redirect Chain
  • http://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
  • http://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEGpUBHU-mKPKgGvXRVKYZww&google_cver=1
0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEGpUBHU-mKPKgGvXRVKYZww&google_cver=1
Requested by
Host: www.dramabeans.com
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
HTTP/1.1
Server
151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.2.22.v20170606) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:22:26 GMT
Via
1.1 varnish
Server
Jetty(9.2.22.v20170606)
Content-Language
en-US
P3P
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
X-Cache-Hits
0
X-Cache
MISS
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript; charset=ISO-8859-1
CW-Server
ams-bh01
Content-Length
0
X-Served-By
cache-hhn1526-HHN

Redirect headers

Pragma
no-cache
Date
Wed, 13 Sep 2017 13:22:26 GMT
Server
HTTP server (unknown)
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
http://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEGpUBHU-mKPKgGvXRVKYZww&google_cver=1
Cache-Control
no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Content-Length
305
X-XSS-Protection
1; mode=block
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/
Redirect Chain
  • http://match.adsrvr.org/track/cmf/contextweb
  • http://match.adsrvr.org/track/cmb/contextweb?
  • http://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=eb01a3d4-3713-4109-92f7-ac5fb436bdc2
0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=eb01a3d4-3713-4109-92f7-ac5fb436bdc2
Requested by
Host: www.dramabeans.com
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
HTTP/1.1
Server
151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.2.22.v20170606) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:22:26 GMT
Via
1.1 varnish
Server
Jetty(9.2.22.v20170606)
Content-Language
en-US
P3P
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
X-Cache-Hits
0
X-Cache
MISS
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript; charset=ISO-8859-1
CW-Server
ams-bh01
Content-Length
0
X-Served-By
cache-hhn1526-HHN

Redirect headers

Pragma
no-cache
Date
Wed, 13 Sep 2017 13:22:19 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Location
http://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=eb01a3d4-3713-4109-92f7-ac5fb436bdc2
Cache-Control
private,no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Content-Length
213
getjs.static.js
tag-st.contextweb.com/TagPublish/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Requested by
Host: tag.contextweb.com
URL: http://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=300X600&cwpid=558442&cwwidth=300&cwheight=600&cwpnet=1&cwtagid=357773
Protocol
HTTP/1.1
Server
151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.2.22.v20170606) /
Resource Hash
7b95feb0faa8a803225604b1353755447550ce19b3b167143402a44aba46e011

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 13 Sep 2017 13:22:26 GMT
Content-Encoding
gzip
Age
330
X-Cache
HIT
P3P
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
Content-Length
10423
X-Served-By
cache-hhn1523-HHN
Server
Jetty(9.2.22.v20170606)
X-Timer
S1505308947.501735,VS0,VE0
ETag
8f7d54636bed9472099fd222d8411f621190abb7
Content-Type
application/x-javascript
Via
1.1 varnish
Cache-Control
max-age=432000, public
Accept-Ranges
bytes
X-Cache-Hits
723
GetAd.aspx
ads.contextweb.com/TagPublish/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=558442&ct=357773&cwod=&epid=&esid=&brk=false&ccid=&wp=0&cf=300X600&asv=30&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.dramabeans.com%2Fads%2FbannerFrame.php%3Ftag%3D2621&cwr=&mrnd=26668952&if=0&tl=1&pxy=8,8&cxy=1600,1200&dxy=1584,1184&tz=0&ln=en-US&acid=pp_ad_container_0
Requested by
Host: tag-st.contextweb.com
URL: http://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Protocol
HTTP/1.1
Server
151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.2.22.v20170606) /
Resource Hash
2d3030ad8e992d466d5ac4424026b203d807b2ee8d4dadf4f601d9a0287dcfc3

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 13 Sep 2017 13:22:26 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-Cache
MISS
P3P
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
X-Served-By
cache-hhn1529-HHN
Pragma
no-cache
Server
Jetty(9.2.22.v20170606)
CWDL
12/2528
Via
1.1 varnish
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
application/x-javascript; charset=utf-8
CW-Server
AMS-TAG05:8080
X-Cache-Hits
0
11618.js
ads.rubiconproject.com/ad/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.rubiconproject.com/ad/11618.js
Requested by
Host: ads.contextweb.com
URL: http://ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=558442&ct=357773&cwod=&epid=&esid=&brk=false&ccid=&wp=0&cf=300X600&asv=30&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.dramabeans.com%2Fads%2FbannerFrame.php%3Ftag%3D2621&cwr=&mrnd=26668952&if=0&tl=1&pxy=8,8&cxy=1600,1200&dxy=1584,1184&tz=0&ln=en-US&acid=pp_ad_container_0
Protocol
HTTP/1.1
Server
104.108.37.192 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-37-192.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e3496490793fd5b66f4dd1e893c63304d5e6fe70a469507fa647ca2e82762e8

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 13 Sep 2017 13:22:26 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
nnCoection
close
Cache-Control
max-age=1451
Connection
keep-alive
Content-Length
7069
Expires
Wed, 13 Sep 2017 13:46:37 GMT
400066.gif
idsync.rlcdn.com/
Redirect Chain
  • http://idsync.rlcdn.com/400066.gif?partner_uid=vicvsiT2grcq
  • http://idsync.rlcdn.com/400066.gif?partner_uid=vicvsiT2grcq&redirect=1
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://idsync.rlcdn.com/400066.gif?partner_uid=vicvsiT2grcq&redirect=1
Requested by
Host: www.dramabeans.com
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
HTTP/1.1
Server
34.202.7.71 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-202-7-71.compute-1.amazonaws.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Content-Length
43
Content-Type
image/gif; charset=ISO-8859-1

Redirect headers

Location
http://idsync.rlcdn.com/400066.gif?partner_uid=vicvsiT2grcq&redirect=1
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif; charset=ISO-8859-1
Content-Length
0
P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • http://dpm.demdex.net/ibs:dpid=96678&dpuuid=vicvsiT2grcq
  • http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=vicvsiT2grcq
42 B
42 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=vicvsiT2grcq
Requested by
Host: www.dramabeans.com
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
HTTP/1.1
Server
52.51.71.211 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-51-71-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

DCS
irl1-prod-dcscanary-061ff8a31481caf28.edge-irl1.demdex.com 5.17.3.20170905151459 2ms
Pragma
no-cache
Date
Wed, 13 Sep 2017 13:22:26 GMT
X-TID
fVjky/X5RPM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Sep 2017 13:22:26 GMT
X-TID
x7tUWqPsQ3k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=vicvsiT2grcq
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 2009 00:00:00 GMT
696522-10.js
optimized-by.rubiconproject.com/a/11618/147478/ 		157 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
http://optimized-by.rubiconproject.com/a/11618/147478/696522-10.js?&cb=0.5452142483721485&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=147478_10
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/ad/11618.js
Protocol
HTTP/1.1
Server
62.67.193.41 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
282597c9fabb5ec8c90c8d778537f9d7c8a56652f942569996d4ce3a56e6cb8a

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 13 Sep 2017 13:22:26 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Content-Type
text/javascript
Keep-Alive
timeout=5, max=97
Content-Length
157
Expires
Wed, 17 Sep 1975 21:32:10 GMT
10.png
secure-assets.rubiconproject.com/static/psa/casala/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-assets.rubiconproject.com/static/psa/casala/10.png
Requested by
Host: www.dramabeans.com
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.37.192 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-37-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f1ad63b8dc5e7e34d4c4b6dfc2c42c0fdd12c712f12fa124b02cde4212f4dd70

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:22:26 GMT
Last-Modified
Mon, 17 Jul 2017 21:05:00 GMT
Server
Apache
Content-Type
image/png
Cneonction
close
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32229
visitormatch
bh.contextweb.com/bh/ Frame 1296 		0
0
p-01-0VIaSjnOLg.gif
pixel.quantserve.com/pixel/ Frame 1296 		0
0
iu3
aax-eu.amazon-adsystem.com/s/ Frame 1296 		0
0
activeview
pagead2.googlesyndication.com/ 		42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/activeview?avi=BX0p0ETG5WaS4Ndibbrb6ntgDAAAAABABOAHIAQnAAgLgAgDgBAGgBhbSCAUIgGEQAQ&cid=CAASBORoH3Q&id=osdim&ti=1&r=u&adk=3761640287&tt=2045&bs=1600,1200&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&p=8,8,609,1592&inapp=0&mcvt=1005&rs=3&ht=0&tfs=1039&tls=2044&mc=1&lte=-1&bas=0&bac=0&la=1&bos=1600,1200&ps=1600,1200&ss=1600,1200&pt=-1&deb=1-0-1-7-9--1&tvt=2015&avms=geo&uc=3&tgt=DIV&cl=0&cec=21&clc=1&cac=0&cd=1584x601
Requested by
Host: www.dramabeans.com
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Sep 2017 13:22:28 GMT
X-Content-Type-Options
nosniff
Server
cafe
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Timing-Allow-Origin
*
Content-Length
42
X-XSS-Protection
1; mode=block
Expires
Fri, 01 Jan 1990 00:00:00 GMT
p.js
c.ns1p.net/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.ns1p.net/p.js?a=1mbjnam
Requested by
Host: www.dramabeans.com
URL: http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
Protocol
HTTP/1.1
Server
46.101.210.134 Frankfurt, Germany, ASN (),
Reverse DNS
pcdn01.fra02.nsone.co
Software
nginx /
Resource Hash
3aa1da4fec4370e5bd190cc2cb57d1030fa40c4f906308d00bae2e93503e4c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:22:29 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Aug 2016 17:03:24 GMT
Server
nginx
ETag
"57acafdc-e5e"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3678
X-XSS-Protection
1; mode=block
Expires
Thu, 14 Sep 2017 13:22:29 GMT
/
s.ns1p.net/ 		115 B
115 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s.ns1p.net/?v=1436725112&a=1mbjnam
Requested by
Host: c.ns1p.net
URL: http://c.ns1p.net/p.js?a=1mbjnam
Protocol
HTTP/1.1
Server
192.241.140.55 North Bergen, United States, ASN (),
Reverse DNS
pschedlb02.lga02.nsone.co
Software
psched /
Resource Hash
58fa94a3d7ea680b77c68dcf8f8cfb6d9647a32c2b1283dab763b02cee0457ee

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:22:29 GMT
Server
psched
Etag
"9a9af279b2ca06b40221f21b8da9833085d44d94"
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Content-Length
115
Expires
Wed, 13 Sep 2017 13:22:28 GMT
l.gif
pcdn01.sin04.nsone.co/a/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pcdn01.sin04.nsone.co/a/l.gif?t=h1shaa
Protocol
HTTP/1.1
Server
128.199.81.241 Singapore, Singapore, ASN (),
Reverse DNS
pcdn01.sin04.nsone.co
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Sep 2017 13:22:30 GMT
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
0
l.gif
pcdn01.sin04.nsone.co/a/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pcdn01.sin04.nsone.co/a/l.gif?t=lxhm5b
Protocol
HTTP/1.1
Server
128.199.81.241 Singapore, Singapore, ASN (),
Reverse DNS
pcdn01.sin04.nsone.co
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Sep 2017 13:22:31 GMT
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
0
l.gif
pcdn01.sin04.nsone.co/a/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pcdn01.sin04.nsone.co/a/l.gif?t=i27bp7
Protocol
HTTP/1.1
Server
128.199.81.241 Singapore, Singapore, ASN (),
Reverse DNS
pcdn01.sin04.nsone.co
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Sep 2017 13:22:31 GMT
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
0
/
b.ns1p.net/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://b.ns1p.net/?v=1436725112&a=1mbjnam&x=17u9838&s=18b99jr&r=19666nn:259.5|4.85|2
Requested by
Host: c.ns1p.net
URL: http://c.ns1p.net/p.js?a=1mbjnam
Protocol
HTTP/1.1
Server
192.241.148.20 North Bergen, United States, ASN (),
Reverse DNS
pblb02.lga02.nsone.co
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.dramabeans.com/ads/bannerFrame.php?tag=2621
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 13 Sep 2017 13:22:31 GMT
Cache-Control
no-cache
Server
nginx
Connection
close
Expires
Wed, 13 Sep 2017 13:22:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bh.contextweb.com
URL
http://bh.contextweb.com/bh/visitormatch?tag=357773&pid=558442
Domain
pixel.quantserve.com
URL
http://pixel.quantserve.com/pixel/p-01-0VIaSjnOLg.gif?tags=CONTEXTWEB.IAB24-2,PUBLISHER.558442,,CAMPAIGN.0.0,,ADSIZE.300X600,ZIPCODE.91710,PUBLISHERDOMAIN.dramabeans.com
Domain
aax-eu.amazon-adsystem.com
URL
http://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=simplifi

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Domain/Path Name / Value
.eqads.com/ Name: EQUser
Value: UID=e18d5596-1a6a-47e0-987d-2858c88cf58a
.dramabeans.com/ Name: __gads
Value: ID=6dd5784656fc7425:T=1505308945:S=ALNI_Mazs9cVKSpcT5QMKuLtMRsSiaHymA
.quantserve.com/ Name: mc
Value: 59b93112-efb5f-66fe8-57ceb
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.contextweb.com/ Name: cw
Value: cw
.amazon-adsystem.com/ Name: ad-id
Value: A7dNFjn_j0dbgjL2bnw---o
.quantserve.com/ Name: d
Value: ED0BDQHpGMjI0QA
.dramabeans.com/ Name: __cfduid
Value: d5e86e65608a694cb0865ddd34cc884b31505308944
.contextweb.com/ Name: wf
Value: 0
.contextweb.com/ Name: pb_rtb_ev
Value: 3-i9k|7Ot.0.PvdtvpR0q4TVAx4Af4YoESpv|7C6.0.fe21b7ae0765b81b5a0b87c11d2627fd|79f.0.L3Qkkil8d5k3KCDJLytrnSwrI5M3eHHIfy-tm_LJ|2JB.0.Q5585953471776501423|Vs.0.eb01a3d4-3713-4109-92f7-ac5fb436bdc2|79k.0.69c50899-d636-43ce-a9da-eb4d947a89ef|7Vc.0.A-612254082|6zB.0.d083250a-789c-4575-94ed-4fb1950b7c0f|14X.0.e18d5596-1a6a-47e0-987d-2858c88cf58a|78K.0.OPTOUT|2N.0.AAABpV3EWmrnjgNCot97AAAAAAA|7OU.0.ad6a45b3b0d35e447651753fb8b6a6ee|77B.0.b5cd36f15d2518d182bb3b3270ce2602|7dN.0.AACjOU6zcmIAACW2vkhPIQ|7hV.0.043a6ed04684e7a3df2303e182b618dc|7Va.0.97250aec-9886-11e7-9d83-0219060f95f2|7K6.0.5B9jjSrTeN4|4is.0.CAESEGpUBHU-mKPKgGvXRVKYZww|7Rn.0.jaJBYxbxEkIIrRrpM7IrPcyi|1Em.0.B780FD9F1331B95959AF7E3402C28296|17m.0.k7NAl6cj1DS7Cz5|76Y.0.9999|3oy.0.fa00f4d8-afd6-4696-a041-016ebc06f5e8|0.0.c85159b9-3113-4000-97e8-e0ecab237770|5Ql.0.4a189243-b4f3-4e2b-845a-c967fcc8fb5f-tuctb2b693|7FT.0.d080167e-2234-46c0-93a8-9f19873fe80e
.contextweb.com/ Name: sto-id-20480-bh
Value: DIANNMAKJCBP
.contextweb.com/ Name: vf
Value: 1
.contextweb.com/ Name: 357773_300X600__POS8X8
Value: 1505308946683
.contextweb.com/ Name: V
Value: vicvsiT2grcq

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ads.contextweb.com
ads.rubiconproject.com
b.ns1p.net
banner.monarchads.com
bh.contextweb.com
c.amazon-adsystem.com
c.ns1p.net
ced-ns.sascdn.com
cm.g.doubleclick.net
cs.tekblue.net
dpm.demdex.net
idsync.rlcdn.com
match.adsrvr.org
match.basebanner.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
pcdn01.sin04.nsone.co
pixel.quantserve.com
px.adhigh.net
s.ns1p.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
sync.1rx.io
sync.monarchads.com
tag-st.contextweb.com
tag.contextweb.com
tb.monarchads.com
tpc.googlesyndication.com
www.dramabeans.com
www.googletagservices.com
www9.smartadserver.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
bh.contextweb.com
pixel.quantserve.com
104.108.37.192
128.199.81.241
13.32.144.140
136.243.75.33
151.101.112.166
151.101.114.49
185.86.139.29
188.138.33.12
192.241.140.55
192.241.148.20
216.58.210.2
216.58.214.66
2400:cb00:2048:1::681f:42e6
2a00:1450:4001:816::2001
2a00:1450:4001:817::2002
34.202.7.71
34.203.101.54
35.189.195.106
46.101.210.134
52.203.113.41
52.44.143.16
52.51.71.211
52.94.216.48
54.247.91.116
62.67.193.41
68.232.35.16
8.41.222.241
17364c14b86c8a38ca6c0c02563f2a4991f295963fcf102da4bad6940e6b212b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1e3496490793fd5b66f4dd1e893c63304d5e6fe70a469507fa647ca2e82762e8
1f845f1467f1b480ce488c236c7b86bcbddb14d453a96172809e9c287ff86844
282597c9fabb5ec8c90c8d778537f9d7c8a56652f942569996d4ce3a56e6cb8a
2d3030ad8e992d466d5ac4424026b203d807b2ee8d4dadf4f601d9a0287dcfc3
348b5ad6db7b2f178e63bc676a206a7b3e797e59f5f3e0a1b94c8cb8adbeb2a5
3aa1da4fec4370e5bd190cc2cb57d1030fa40c4f906308d00bae2e93503e4c31
3c099f292c96a5abaebd4b496fa4be047c89e7c4dbcc7b2522c9998cddd2ea14
3f9fbc5e546005c89714033d7edf1a92e3e72050baa75b0866fe1fef1ad74f0f
48098da7b08a94c3c3c814c6c7f1ec8caf664c16fd02771b86ea4a88469ba11e
4bd7db4cf4edd4c8c8fc5f86b3909a81feb99aa92179d61017716b2d750a4486
58fa94a3d7ea680b77c68dcf8f8cfb6d9647a32c2b1283dab763b02cee0457ee
6d8fbc7f6dc806a2e9c82eb2aaa996fcd4888a25dde01c8487c7a425c023bf9c
7b41138d76351629d0f9b26d2081d0fb0cf67472f8d9866922aae266aae7a135
7b95feb0faa8a803225604b1353755447550ce19b3b167143402a44aba46e011
8e861ff6fa90eb3f5a5d81866650d48ff4b94740c0fa4f282d0acc42a5c4d791
98624d1fde012681aa1b41708b05b3eeac4eca34cc6e2f8ccbfc19ebcdc2e2d0
9d0d3a16faa92c1b4ec9742fbe10d91b6ebe31998be4eed4c9823055aa656000
a048a57458c94d9c920c389ea29e5cba2b9138a5b21b96a84727b70c2f18cc81
a8b6b2a3a39951a5b77a4028b407aa9966f70cb75d4823840d52173e738407be
a9a2a055cf7090184348a244878ff427f9da644ce07476c798616c3223c1e2c8
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1539eb26b6d0b9ad02e7020e209217ad31a104ea7587232d895caf92d9f59bb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ad63b8dc5e7e34d4c4b6dfc2c42c0fdd12c712f12fa124b02cde4212f4dd70