urlscan.io logo urlscan.io
SecurityTrails logo

lipserman.com Open in urlscan Pro
193.169.188.140  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lipserman.com/images/reverse/zoom/liber6.html
Effective URL: https://lipserman.com/images/reverse/zoom/liber6.html
Submission: On November 14 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 21 domains to perform 42 HTTP transactions. The main IP is 193.169.188.140, located in Kiev, Ukraine and belongs to HOSTPRO-AS, UA. The main domain is lipserman.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 13th 2017. Valid for: 3 months.
This is the only time lipserman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 14 193.169.188.140 196645 (HOSTPRO-AS)
1 2 2a00:1450:400... 15169 (GOOGLE)
10 11 54.75.227.121 16509 (AMAZON-02)
5 92.123.93.2 20940 (AKAMAI-ASN1)
1 104.16.156.86 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 3 195.93.42.12 1668 (AOL-ATDN)
1 3 52.58.121.84 16509 (AMAZON-02)
5 5 176.34.123.138 16509 (AMAZON-02)
1 3 92.123.93.251 20940 (AKAMAI-ASN1)
1 3 62.67.193.85 26667 (RUBICONPR...)
2 185.64.189.236 62713 (AS-PUBMATIC)
2 151.101.114.2 54113 (FASTLY)
2 2a00:1288:110... 34010 (YAHOO-IRD)
7 8 54.247.88.67 16509 (AMAZON-02)
2 2 104.155.36.133 15169 (GOOGLE)
1 35.157.90.167 16509 (AMAZON-02)
2 185.33.223.83 29990 (ASN-APPNEXUS)
1 3 54.87.211.125 14618 (AMAZON-AES)
1 2 173.241.240.143 36089 (OPENX-AS1)
2 2 172.217.21.226 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
42 19
14    193.169.188.140 (Kiev, Ukraine)

ASN196645 (HOSTPRO-AS, UA)
PTR: skm41.hostsila.org
lipserman.com
2    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google-analytics.com
11    54.75.227.121 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-75-227-121.eu-west-1.compute.amazonaws.com
d.adroll.com
5    92.123.93.2 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-93-2.deploy.akamaitechnologies.com
s.adroll.com
1    104.16.156.86 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
www.zoominfo.com
1    2a00:1450:400c:c04::9d (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
stats.g.doubleclick.net
1    2a00:1450:4001:816::2004 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google.com
1    2a00:1450:4001:816::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google.de
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
3    195.93.42.12 (United Kingdom)

ASN1668 (AOL-ATDN - AOL Transit Data Network, US)
PTR: adtech-ssp-ums-adtech-frr-a.evip.aol.com
ums.adtech.de
3    52.58.121.84 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-121-84.eu-central-1.compute.amazonaws.com
pixel.advertising.com
5    176.34.123.138 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-123-138.eu-west-1.compute.amazonaws.com
d.adroll.com
3    92.123.93.251 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-93-251.deploy.akamaitechnologies.com
dsum-sec.casalemedia.com
3    62.67.193.85 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
pixel.rubiconproject.com
2    185.64.189.236 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
simage2.pubmatic.com
2    151.101.114.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
trc.taboola.com
2    2a00:1288:110:422::3000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
ads.yahoo.com
8    54.247.88.67 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-88-67.eu-west-1.compute.amazonaws.com
d.adroll.com
2    104.155.36.133 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 133.36.155.104.bc.googleusercontent.com
x.bidswitch.net
1    35.157.90.167 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-90-167.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    185.33.223.83 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
ib.adnxs.com
3    54.87.211.125 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-87-211-125.compute-1.amazonaws.com
idsync.rlcdn.com
2    173.241.240.143 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org
us-u.openx.net
2    172.217.21.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra16s13-in-f2.1e100.net
cm.g.doubleclick.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
24 d.adroll.com 22 redirects lipserman.com
s.adroll.com
14 lipserman.com 4 redirects lipserman.com
5 s.adroll.com lipserman.com
s.adroll.com
3 idsync.rlcdn.com 1 redirects lipserman.com
3 pixel.rubiconproject.com 1 redirects lipserman.com
3 dsum-sec.casalemedia.com 1 redirects lipserman.com
3 pixel.advertising.com 1 redirects lipserman.com
3 ums.adtech.de 3 redirects
2 www.facebook.com lipserman.com
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects lipserman.com
2 ib.adnxs.com lipserman.com
2 x.bidswitch.net 2 redirects
2 ads.yahoo.com lipserman.com
2 trc.taboola.com lipserman.com
2 simage2.pubmatic.com lipserman.com
2 connect.facebook.net s.adroll.com
connect.facebook.net
2 www.google-analytics.com 1 redirects lipserman.com
1 match.sharethrough.com lipserman.com
1 www.google.de lipserman.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.zoominfo.com www.google-analytics.com
42 23

This site contains links to these domains. Also see Links.

Domain
www.zoominfo.com
Subject Issuer Validity Valid
lipserman.com
Let's Encrypt Authority X3		 2017-11-13 -
2018-02-11		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2017-11-01 -
2018-01-24		 3 months crt.sh
*.adroll.com
Symantec Class 3 Secure Server CA - G4		 2016-11-07 -
2018-01-06		 a year crt.sh
ssl431629.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2017-10-04 -
2018-04-12		 6 months crt.sh
www.google.de
Google Internet Authority G3		 2017-11-01 -
2018-01-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2016-12-09 -
2018-01-25		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2017-06-14 -
2020-06-18		 3 years crt.sh
san.casalemedia.com
GeoTrust SSL CA - G3		 2017-08-03 -
2018-11-02		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2016-01-12 -
2019-03-01		 3 years crt.sh
*.pubmatic.com
COMODO RSA Organization Validation Secure Server CA		 2016-04-12 -
2019-05-27		 3 years crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2017-10-31 -
2018-10-06		 a year crt.sh
ad.yieldmanager.com
Symantec Class 3 Secure Server CA - G4		 2017-07-27 -
2018-01-23		 6 months crt.sh
*.sharethrough.com
Go Daddy Secure Certificate Authority - G2		 2017-09-18 -
2018-11-17		 a year crt.sh
*.adnxs.com
Symantec Class 3 ECC 256 bit SSL CA - G2		 2017-01-25 -
2019-01-25		 2 years crt.sh
*.rlcdn.com
Go Daddy Secure Certificate Authority - G2		 2017-05-08 -
2019-06-21		 2 years crt.sh
*.openx.net
GeoTrust SSL CA - G3		 2017-05-11 -
2020-07-09		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://lipserman.com/images/reverse/zoom/liber6.html
Frame ID: 2523.1
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://lipserman.com/images/reverse/zoom/liber6.html HTTP 302
    https://lipserman.com/images/reverse/zoom/liber6.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i

Page Statistics

42
Requests

100 %
HTTPS

28 %
IPv6

21
Domains

23
Subdomains

19
IPs

6
Countries

362 kB
Transfer

938 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lipserman.com/images/reverse/zoom/liber6.html HTTP 302
    https://lipserman.com/images/reverse/zoom/liber6.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://d.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK?pv=39259425429.493256&cookie=&adroll_s_ref=https%3A//www.zoominfo.com/login&keyw=&arrfrr=https%3A%2F%2Fwww.zoominfo.com%2Flogin HTTP 302
  • https://s.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK/SO2YFJV3ZRH33O7MPHDJCH.js
Request Chain 9
  • https://lipserman.com/business/mktg/fonts/KlinicSlab-Light.woff2 HTTP 302
  • https://lipserman.com/
Request Chain 10
  • https://www.google-analytics.com/r/collect?v=1&_v=j65&a=1341328976&t=pageview&_s=1&dl=https%3A%2F%2Flipserman.com%2Fimages%2Freverse%2Fzoom%2Fliber6.html&ul=en-us&de=UTF-8&dt=Business%20Profiles%20and%20Company%20Information%20%7C%20ZoomInfo.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABI~&jid=1695396316&gjid=1553978831&cid=686799994.1510628569&tid=UA-12845882-1&_gid=1869304172.1510628569&_r=1&z=983618220 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12845882-1&cid=686799994.1510628569&jid=1695396316&_gid=1869304172.1510628569&gjid=1553978831&_v=j65&z=983618220 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12845882-1&cid=686799994.1510628569&jid=1695396316&_v=j65&z=983618220 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12845882-1&cid=686799994.1510628569&jid=1695396316&_v=j65&z=983618220&slf_rd=1&random=3795559856
Request Chain 11
  • https://d.adroll.com/pixel/undefined/undefined?pv=35296208330.24878&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Flipserman.com%2Fimages%2Freverse%2Fzoom%2Fliber6.html HTTP 302
  • https://s.adroll.com/j/adroll_pixel_being_processed.js
Request Chain 12
  • https://lipserman.com/business/mktg/fonts/KlinicSlab-Light.woff HTTP 302
  • https://lipserman.com/
Request Chain 13
  • https://lipserman.com/business/mktg/fonts/KlinicSlab-Light.ttf HTTP 302
  • https://lipserman.com/
Request Chain 16
  • https://d.adroll.com/cm/aol/out HTTP 302
  • https://ums.adtech.de/mapuser?providerid=1076;userid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI HTTP 302
  • https://ums.adtech.de/mapuser?providerid=1076;cfp=1;rndc=1510628569;userid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&_origin=0 HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&_origin=0&verify=true
Request Chain 17
  • https://d.adroll.com/cm/index/out HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expiration=1542164569 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expiration=1542164569&C=1
Request Chain 18
  • https://d.adroll.com/cm/n/out HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expires=365 HTTP 307
  • https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expires=365
Request Chain 19
  • https://d.adroll.com/cm/pubmatic/out HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
Request Chain 20
  • https://d.adroll.com/cm/taboola/out HTTP 302
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
Request Chain 21
  • https://d.adroll.com/cm/r/out HTTP 302
  • https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Request Chain 22
  • https://d.adroll.com/cm/b/out HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=20b30416-7678-4c4e-a259-74b267367c2b&seat_user_id=&seat_key=
Request Chain 23
  • https://d.adroll.com/cm/x/out HTTP 302
  • https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI%27)
Request Chain 24
  • https://d.adroll.com/cm/l/out HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=eedeca053826014fa1afdaef51decce2 HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=eedeca053826014fa1afdaef51decce2&redirect=1
Request Chain 25
  • https://d.adroll.com/cm/o/out HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=eedeca053826014fa1afdaef51decce2 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=eedeca053826014fa1afdaef51decce2
Request Chain 26
  • https://d.adroll.com/cm/g/out?google_nid=adroll5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=7t7KBTgmAU-hr9rvUd7M4g&google_ula=1535926 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=7t7KBTgmAU-hr9rvUd7M4g&google_ula=1535926&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in?google_ula=1535926,0
Request Chain 30
  • https://d.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK?pv=35296208330.24878&cookie=P6H4KM2PNNAX3JYTBRM6YP%3A1%7COSQYA5EFIRAYRN2E43E6RK%3A1%7CSO2YFJV3ZRH33O7MPHDJCH%3A1&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Flipserman.com%2Fimages%2Freverse%2Fzoom%2Fliber6.html HTTP 302
  • https://s.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK/MRUD5X6EV5ABJOPHMNRJ4C.js
Request Chain 31
  • https://d.adroll.com/cm/index/out HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expiration=1542164570
Request Chain 32
  • https://d.adroll.com/cm/n/out HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expires=365
Request Chain 33
  • https://d.adroll.com/cm/l/out HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=eedeca053826014fa1afdaef51decce2
Request Chain 35
  • https://d.adroll.com/cm/aol/out HTTP 302
  • https://ums.adtech.de/mapuser?providerid=1076;userid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&_origin=0
Request Chain 36
  • https://d.adroll.com/cm/pubmatic/out HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
Request Chain 37
  • https://d.adroll.com/cm/taboola/out HTTP 302
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
Request Chain 39
  • https://d.adroll.com/cm/r/out HTTP 302
  • https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Request Chain 40
  • https://d.adroll.com/cm/x/out HTTP 302
  • https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI%27)

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request liber6.html
lipserman.com/images/reverse/zoom/
Redirect Chain
  • http://lipserman.com/images/reverse/zoom/liber6.html
  • https://lipserman.com/images/reverse/zoom/liber6.html
38 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.169.188.140 Kiev, Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm41.hostsila.org
Software
nginx /
Resource Hash
a482624ad116611770904652b7759320510a621b59ef223f169ba981b65e571f

Request headers

:path
/images/reverse/zoom/liber6.html
pragma
no-cache
accept-encoding
gzip, deflate
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control
no-cache
:authority
lipserman.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 14 Nov 2017 03:02:48 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2017 13:14:24 GMT
server
nginx
content-type
text/html; charset=utf-8
status
200
cache-control
max-age=43200
expires
Tue, 14 Nov 2017 15:02:48 GMT

Redirect headers

Date
Tue, 14 Nov 2017 03:02:48 GMT
Server
nginx
Content-Type
text/html; charset=iso-8859-1
Location
https://lipserman.com/images/reverse/zoom/liber6.html
Cache-Control
max-age=43200
Connection
keep-alive
Content-Length
237
Expires
Tue, 14 Nov 2017 15:02:48 GMT
analytics.js
www.google-analytics.com/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
45fa5c9e6fed4bf92ae35aec5d65164af6365cb957bbfeaa81c96d7aad186c5a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 20 Oct 2017 23:46:20 GMT
server
Golfe2
age
7182
date
Tue, 14 Nov 2017 01:03:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14635
expires
Tue, 14 Nov 2017 03:03:07 GMT
simple-login-page-min.css
lipserman.com/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lipserman.com/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/simple-login-page-min.css
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.169.188.140 Kiev, Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm41.hostsila.org
Software
nginx /
Resource Hash
c80041af9b4194572c68834f08de46d9b948585cf3eb4d584a89b779c922d62b

Request headers

:path
/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/simple-login-page-min.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
lipserman.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Tue, 14 Nov 2017 03:02:48 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2017 13:14:24 GMT
server
nginx
etag
W/"5a01b1b0-21f2"
content-type
text/css
status
200
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 14 Dec 2017 03:02:48 GMT
roundtrip.js.download
lipserman.com/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lipserman.com/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/roundtrip.js.download
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.169.188.140 Kiev, Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm41.hostsila.org
Software
nginx /
Resource Hash
118e1e9f8051a3d2cb41438c802ef354febdf61ad6050a9ddce076e6640231e6

Request headers

:path
/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/roundtrip.js.download
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
lipserman.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 14 Nov 2017 03:02:48 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2017 13:14:24 GMT
server
nginx
content-type
application/javascript
status
200
cache-control
max-age=5
expires
Tue, 14 Nov 2017 03:02:53 GMT
SO2YFJV3ZRH33O7MPHDJCH.js
s.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK/
Redirect Chain
  • https://d.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK?pv=39259425429.493256&cookie=&adroll_s_ref=https%3A//www.zoominfo.com/login&keyw=&arrfrr=https%3A%2F%2Fwww.zoominfo.com%2Flogin
  • https://s.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK/SO2YFJV3ZRH33O7MPHDJCH.js
5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK/SO2YFJV3ZRH33O7MPHDJCH.js
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.93.2 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-93-2.deploy.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5713f95ce9b45b8d7b352e84d8f8c323c95f3586a1aada3ed65ea2d029ce5fa8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.adroll.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

x-amz-version-id
u.vl7hhLISqALcNszzHGiBXVUuZUaP9d
Content-Encoding
gzip
ETag
"5c781f321d3670bfb159fd543133d88f"
x-amz-request-id
03BE76C21188C8CA
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1462
x-amz-id-2
Vn1kmUBG6ugBkX+SvbSd2tnHWziOH2cWA4MGMumiyPW8nZI5kFWp6IWD2pkuqqb/Y9ohQfNZU4Y=
Last-Modified
Thu, 09 Nov 2017 22:18:10 GMT
Server
AmazonS3
Date
Tue, 14 Nov 2017 03:02:49 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Tue, 14 Nov 2017 03:02:49 GMT
X-Segment-Display-Name
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection
keep-alive
Content-Length
0
Pragma
no-cache
X-Conversion-Value
0.0
Server
nginx/1.10.2
X-Rule
*/login*
X-Segment-Eid
SO2YFJV3ZRH33O7MPHDJCH
Location
https://s.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK/SO2YFJV3ZRH33O7MPHDJCH.js
Cache-Control
no-store, no-cache, must-revalidate
X-Pixel-Eid
OSQYA5EFIRAYRN2E43E6RK
Set-Cookie
__adroll=0df1314276407f2cd347b67ce0e3eb5f; Version=1; Expires=Fri, 14-Dec-2018 03:02:48 GMT; Max-Age=34128000; Path=/
X-Segment-Name
497034f6
X-Advertisable-Eid
P6H4KM2PNNAX3JYTBRM6YP
X-Conversion-Currency
font-awesome.min.css
lipserman.com/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lipserman.com/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/font-awesome.min.css
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.169.188.140 Kiev, Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm41.hostsila.org
Software
nginx /
Resource Hash
e19d5c5376b45baadda13e31a04208d3a519a3baed58af5b926c52c56602cbf4

Request headers

:path
/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/font-awesome.min.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
lipserman.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Tue, 14 Nov 2017 03:02:48 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2017 13:14:24 GMT
server
nginx
etag
W/"5a01b1b0-7e0e"
content-type
text/css
status
200
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 14 Dec 2017 03:02:48 GMT
login.min.css
lipserman.com/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lipserman.com/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/login.min.css
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.169.188.140 Kiev, Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm41.hostsila.org
Software
nginx /
Resource Hash
fec2d2f6f85f3e7f543695fad5e1cf301eb822d0e711e181e948415e8a5c58eb

Request headers

:path
/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/login.min.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
lipserman.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Tue, 14 Nov 2017 03:02:48 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2017 13:14:24 GMT
server
nginx
etag
W/"5a01b1b0-1d1e"
content-type
text/css
status
200
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 14 Dec 2017 03:02:48 GMT
general.min.css
lipserman.com/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lipserman.com/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/general.min.css
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.169.188.140 Kiev, Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm41.hostsila.org
Software
nginx /
Resource Hash
b6be2b45dbca3703bb73ae3bf2d6a26e27b0b21e4e8767abd2f97b94f440be18

Request headers

:path
/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/general.min.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
lipserman.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Tue, 14 Nov 2017 03:02:48 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2017 13:14:24 GMT
server
nginx
etag
W/"5a01b1b0-1d1e"
content-type
text/css
status
200
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 14 Dec 2017 03:02:48 GMT
zoomLogin-min.js.download
lipserman.com/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/ 		537 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lipserman.com/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/zoomLogin-min.js.download
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.169.188.140 Kiev, Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm41.hostsila.org
Software
nginx /
Resource Hash
5a3efb523a0906c8903aab9236a3eea519c4de40594a150b77f7069a359a55de

Request headers

:path
/images/reverse/zoom/Business%20Profiles%20and%20Company%20Information%20_%20ZoomInfo.com_files/zoomLogin-min.js.download
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
lipserman.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 14 Nov 2017 03:02:48 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2017 13:14:24 GMT
server
nginx
content-type
application/javascript
status
200
cache-control
max-age=5
expires
Tue, 14 Nov 2017 03:02:53 GMT
login-page-bg.jpg
www.zoominfo.com/assets/images/login/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zoominfo.com/assets/images/login/login-page-bg.jpg
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.156.86 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / Express
Resource Hash
a131d213fc0932e5a99272206783f5894597b330e3197dacaa3ac98407bf4460

Request headers

:path
/assets/images/login/login-page-bg.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.zoominfo.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 14 Nov 2017 03:02:49 GMT
via
1.1 google, 1.1 google
cf-cache-status
MISS
x-powered-by
Express
status
200
content-length
98982
last-modified
Sun, 12 Nov 2017 13:38:25 GMT
server
cloudflare-nginx
etag
W/"182a6-15fb073e068"
x-robots-tag
noindex
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
cache-control
public, max-age=57600
access-control-allow-credentials
true
set-cookie
__cfduid=d58b9dcc54789c0c1a36343b0db1b57b71510628569; expires=Wed, 14-Nov-18 03:02:49 GMT; path=/; domain=.zoominfo.com; HttpOnly
accept-ranges
bytes
cf-ray
3bd6bbed6e3296f4-FRA
access-control-allow-headers
Content-Type, Authorization
expires
Tue, 14 Nov 2017 19:02:49 GMT
/
lipserman.com/
Redirect Chain
  • https://lipserman.com/business/mktg/fonts/KlinicSlab-Light.woff2
  • https://lipserman.com/
12 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lipserman.com/
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.169.188.140 Kiev, Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm41.hostsila.org
Software
nginx /
Resource Hash
4ee932216240c2ee6aa981207bf209a893bd5be47041a332f1f40424894df163

Request headers

:path
/
pragma
no-cache
cookie
_ga=GA1.2.686799994.1510628569; _gid=GA1.2.1869304172.1510628569; _gat=1; __ar_v4=
origin
https://lipserman.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
lipserman.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 14 Nov 2017 03:02:48 GMT
content-encoding
gzip
last-modified
Fri, 17 Mar 2017 14:44:03 GMT
server
nginx
content-type
text/html; charset=utf-8
status
200
cache-control
max-age=43200
expires
Tue, 14 Nov 2017 15:02:48 GMT

Redirect headers

date
Tue, 14 Nov 2017 03:02:48 GMT
server
nginx
status
302
content-type
text/html; charset=iso-8859-1
location
https://lipserman.com/
cache-control
max-age=43200
content-length
206
expires
Tue, 14 Nov 2017 15:02:48 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j65&a=1341328976&t=pageview&_s=1&dl=https%3A%2F%2Flipserman.com%2Fimages%2Freverse%2Fzoom%2Fliber6.html&ul=en-us&de=UTF-8&dt=Business%20Profiles%20...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12845882-1&cid=686799994.1510628569&jid=1695396316&_gid=1869304172.1510628569&gjid=1553978831&_v=j65&z=983618220
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12845882-1&cid=686799994.1510628569&jid=1695396316&_v=j65&z=983618220
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12845882-1&cid=686799994.1510628569&jid=1695396316&_v=j65&z=983618220&slf_rd=1&random=3795559856
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12845882-1&cid=686799994.1510628569&jid=1695396316&_v=j65&z=983618220&slf_rd=1&random=3795559856
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12845882-1&cid=686799994.1510628569&jid=1695396316&_v=j65&z=983618220&slf_rd=1&random=3795559856
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google.de
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2017 03:02:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2017 03:02:49 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12845882-1&cid=686799994.1510628569&jid=1695396316&_v=j65&z=983618220&slf_rd=1&random=3795559856
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
adroll_pixel_being_processed.js
s.adroll.com/j/
Redirect Chain
  • https://d.adroll.com/pixel/undefined/undefined?pv=35296208330.24878&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Flipserman.com%2Fimages%2Freverse%2Fzoom%2Fliber6.html
  • https://s.adroll.com/j/adroll_pixel_being_processed.js
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/adroll_pixel_being_processed.js
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.93.2 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-93-2.deploy.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.adroll.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

x-amz-version-id
4CR1vIn1x_OlF4OXPbmZwHpDuVkR_ttw
ETag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id
231DACB2ECF05132
Connection
keep-alive
Content-Length
0
x-amz-id-2
MZgqPQ0FwLeZLSBYUqhTgAqji4aESaF980QOpCLuD2ZXA9Y1MzKZyPsvVOSFJ1/BB5NwrdBys4U=
Last-Modified
Mon, 13 Apr 2015 21:39:27 GMT
Server
AmazonS3
Date
Tue, 14 Nov 2017 03:02:49 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300,must-revalidate
x-amz-meta-creator
Cyberduck
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Access-Control-Allow-Credentials
false

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://s.adroll.com/j/adroll_pixel_being_processed.js
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2; Version=1; Expires=Fri, 14-Dec-2018 03:02:48 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
/
lipserman.com/
Redirect Chain
  • https://lipserman.com/business/mktg/fonts/KlinicSlab-Light.woff
  • https://lipserman.com/
12 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lipserman.com/
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.169.188.140 Kiev, Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm41.hostsila.org
Software
nginx /
Resource Hash
4ee932216240c2ee6aa981207bf209a893bd5be47041a332f1f40424894df163

Request headers

:path
/
pragma
no-cache
cookie
_ga=GA1.2.686799994.1510628569; _gid=GA1.2.1869304172.1510628569; _gat=1; __ar_v4=
origin
https://lipserman.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
lipserman.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 14 Nov 2017 03:02:48 GMT
content-encoding
gzip
last-modified
Fri, 17 Mar 2017 14:44:03 GMT
server
nginx
content-type
text/html; charset=utf-8
status
200
cache-control
max-age=43200
expires
Tue, 14 Nov 2017 15:02:48 GMT

Redirect headers

date
Tue, 14 Nov 2017 03:02:48 GMT
server
nginx
status
302
content-type
text/html; charset=iso-8859-1
location
https://lipserman.com/
cache-control
max-age=43200
content-length
206
expires
Tue, 14 Nov 2017 15:02:48 GMT
/
lipserman.com/
Redirect Chain
  • https://lipserman.com/business/mktg/fonts/KlinicSlab-Light.ttf
  • https://lipserman.com/
12 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lipserman.com/
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.169.188.140 Kiev, Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
skm41.hostsila.org
Software
nginx /
Resource Hash
4ee932216240c2ee6aa981207bf209a893bd5be47041a332f1f40424894df163

Request headers

:path
/
pragma
no-cache
cookie
_ga=GA1.2.686799994.1510628569; _gid=GA1.2.1869304172.1510628569; _gat=1; __ar_v4=
origin
https://lipserman.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
lipserman.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 14 Nov 2017 03:02:48 GMT
content-encoding
gzip
last-modified
Fri, 17 Mar 2017 14:44:03 GMT
server
nginx
content-type
text/html; charset=utf-8
status
200
cache-control
max-age=43200
expires
Tue, 14 Nov 2017 15:02:48 GMT

Redirect headers

date
Tue, 14 Nov 2017 03:02:48 GMT
server
nginx
status
302
content-type
text/html; charset=iso-8859-1
location
https://lipserman.com/
cache-control
max-age=43200
content-length
206
expires
Tue, 14 Nov 2017 15:02:48 GMT
fbevents.js
connect.facebook.net/en_US/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK/SO2YFJV3ZRH33O7MPHDJCH.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e1f244c41a11d32ede57cc0db3c2c2cf6b1cb0fc55a0bdf23130ef607ad80969
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/en_US/fbevents.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
content-length
10869
x-xss-protection
0
pragma
public
x-fb-debug
1m+wHzw4mHJWd2qWmDn2jcWkjW15jWRJsNuiukcRmHlOCVU4A7lt8I0C195ZL4pXdq9gnyjWqlfxF269wg5beA==
x-frame-options
DENY
date
Tue, 14 Nov 2017 03:02:49 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
sendrolling.js
s.adroll.com/j/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK/SO2YFJV3ZRH33O7MPHDJCH.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.93.2 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-93-2.deploy.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2739cf70a13b93c9eb0d4ebe43027962bb45557e5b177f2ec6ce7f7734de7f2b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.adroll.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

x-amz-version-id
mAmbKRXoYPjfT4zYEd4k1C.Sxgfbx2uR
Content-Encoding
gzip
ETag
"9c75cbd7818ca10405cc43f31bcf04ca"
x-amz-request-id
ADDDDAD787CB6CB8
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2038
x-amz-id-2
ntWmtPvYxs29HOmaNwMmNVf+2ho6IJHTxthk7QisVUlG/itf2SrPaaSQb+dN6i89+vaZ0aGrWg4=
Last-Modified
Fri, 10 Nov 2017 19:23:23 GMT
Server
AmazonS3
Date
Tue, 14 Nov 2017 03:02:49 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
sync
pixel.advertising.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/aol/out
  • https://ums.adtech.de/mapuser?providerid=1076;userid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
  • https://ums.adtech.de/mapuser?providerid=1076;cfp=1;rndc=1510628569;userid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
  • https://pixel.advertising.com/ups/55980/sync?uid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&_origin=0
  • https://pixel.advertising.com/ups/55980/sync?uid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&_origin=0&verify=true
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55980/sync?uid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&_origin=0&verify=true
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.121.84 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-121-84.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/ups/55980/sync?uid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&_origin=0&verify=true
pragma
no-cache
cookie
APID=UP4c48b326-c8e8-11e7-be37-06bde20ff4f6
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pixel.advertising.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

status
204
date
Tue, 14 Nov 2017 03:02:49 GMT
set-cookie
IDSYNC=1770~1agr;Version=1;Domain=.advertising.com;Path=/;Max-Age=31622400;Expires=Thu, 15-Nov-2018 03:02:49 GMT APID=UP4c48b326-c8e8-11e7-be37-06bde20ff4f6;Version=1;Domain=.advertising.com;Path=/;Max-Age=31622400;Expires=Thu, 15-Nov-2018 03:02:49 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Tue, 14 Nov 2017 03:02:49 GMT
set-cookie
APID=UP4c48b326-c8e8-11e7-be37-06bde20ff4f6;Version=1;Domain=.advertising.com;Path=/;Max-Age=31622400;Expires=Thu, 15-Nov-2018 03:02:49 GMT
content-length
0
location
https://pixel.advertising.com/ups/55980/sync?uid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&_origin=0&verify=true
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Cookie set rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expiration=1542164569
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expiration=1542164569&C=1
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expiration=1542164569&C=1
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-93-251.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dsum-sec.casalemedia.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Cookie
CMID=Wgpc2blQJrkAAE26eFkAAABD; CMPS=3216
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
Apache
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
CMID=Wgpc2blQJrkAAE26eFkAAABD;domain=casalemedia.com;path=/;expires=Wed, 14 Nov 2018 03:02:49 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Mon, 12 Feb 2018 03:02:49 GMT CMPRO=1103;domain=casalemedia.com;path=/;expires=Mon, 12 Feb 2018 03:02:49 GMT CMST=Wgpc2VoKXNkA;domain=casalemedia.com;path=/;expires=Wed, 15 Nov 2017 03:02:49 GMT CMDD=;domain=casalemedia.com;path=/;expires=Wed, 15 Nov 2017 03:02:49 GMT CMRUM3=695a0a5cd92760ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI;domain=casalemedia.com;path=/;expires=Wed, 14 Nov 2018 03:02:49 GMT CMSC=Wgpc2Q**;domain=casalemedia.com;path=/;
Content-Type
image/gif
Content-Length
43
Expires
Tue, 14 Nov 2017 03:02:49 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
Apache
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expiration=1542164569&C=1
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
CMID=Wgpc2blQJrkAAE26eFkAAABD;domain=casalemedia.com;path=/;expires=Wed, 14 Nov 2018 03:02:49 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Mon, 12 Feb 2018 03:02:49 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Tue, 14 Nov 2017 03:02:49 GMT
Cookie set tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expires=365
  • https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expires=365
42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expires=365
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
62.67.193.85 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
pixel.rubiconproject.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Cookie
c=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
Rubicon Project
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rpb=194538%3D1; Domain=.rubiconproject.com; Expires=Thu, 14-Dec-2017 03:02:49 GMT; Path=/ put_3644=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI; Domain=.rubiconproject.com; Expires=Wed, 14-Nov-2018 02:59:59 GMT; Path=/ rpx=194538%3D68971%2C0%2C1%2C%2C; Domain=.pixel.rubiconproject.com; Expires=Thu, 14-Dec-2017 03:02:49 GMT; Path=/ khaos=J9Z18W6T-1X-87UB; Domain=.rubiconproject.com; Expires=Tue, 15-May-2018 15:02:49 GMT; Path=/
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
X-RPHost
sHi99U1XGAMzAil1gJPQeg
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
Rubicon Project
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
/tap.php?cookie_redirect=1&v=194538&nid=3644&put=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expires=365
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
c=1; Path=/
Content-Length
0
Expires
0
Cookie set Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.236 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
simage2.pubmatic.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:49 GMT
X-lat
Pug22008:0:427
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Set-Cookie
KRTBCOOKIE_10=22808-ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&KRTB&22883-ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI; domain=pubmatic.com; expires=Thu, 14-Dec-2017 03:02:49 GMT; path=/ PugT=1510628569; domain=pubmatic.com; expires=Thu, 14-Dec-2017 03:02:49 GMT; path=/ PUBRETARGET=dummy; domain=pubmatic.com; expires=Tue, 14-Nov-2017 03:02:49 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; expires=Mon, 12-Feb-2018 03:02:49 GMT; path=/
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2; Version=1; Expires=Fri, 14-Dec-2018 03:02:49 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
161
/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/sg/adroll-network/1/rtb-h/?taboola_hm=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
trc.taboola.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 14 Nov 2017 03:02:49 GMT
via
1.1 varnish
server
nginx
x-timer
S1510628570.607233,VS0,VE18
x-served-by
cache-hhn1535-HHN
x-cache
MISS
status
204
x-cache-hits
0
set-cookie
t_gid=f44d5850-5c79-4271-b332-f1c3d2e51993-tuct103e259;Path=/;Domain=.taboola.com;Expires=Wed, 14-Nov-2018 03:02:49 GMT taboola_usg=GgQQmc5A;Path=/;Domain=.taboola.com;Expires=Wed, 14-Nov-2018 03:02:49 GMT
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2; Version=1; Expires=Fri, 14-Dec-2018 03:02:49 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
111
pixel
ads.yahoo.com/
Redirect Chain
  • https://d.adroll.com/cm/r/out
  • https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:422::3000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ads.yahoo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
ATS
Connection
keep-alive
Age
0
Content-Length
0
Strict-Transport-Security
max-age=3600

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2; Version=1; Expires=Fri, 14-Dec-2018 03:02:49 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
181
Cookie set v1
match.sharethrough.com/sync/
Redirect Chain
  • https://d.adroll.com/cm/b/out
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=20b30416-7678-4c4e-a259-74b267367c2b&seat_user_id=&seat_key=
68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=20b30416-7678-4c4e-a259-74b267367c2b&seat_user_id=&seat_key=
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.90.167 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-90-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
match.sharethrough.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Set-Cookie
stx_user_id=4df43306-3ca0-4bd6-be1a-dafd38cb4fd2; Expires=Wed, 14 Nov 2018 03:02:49 GMT; Path=/; Domain=.sharethrough.com
Connection
keep-alive
Content-Length
68
Content-Type
image/png

Redirect headers

Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
nginx/1.12.0
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=20b30416-7678-4c4e-a259-74b267367c2b&seat_user_id=&seat_key=
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
tuuid=20b30416-7678-4c4e-a259-74b267367c2b; path=/; expires=Wed, 14-Nov-2018 03:02:49 GMT; domain=.bidswitch.net tuuid_last_update=1510628569; path=/; expires=Wed, 14-Nov-2018 03:02:49 GMT; domain=.bidswitch.net
Keep-Alive
timeout=10
Content-Length
0
pxj
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out
  • https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI%27)
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI%27)
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
185.33.223.83 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ib.adnxs.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:51 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.14:80
AN-X-Request-Uuid
ad3432f0-193e-4d7d-82eb-5fd2bebd3be6
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid('ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI')
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2; Version=1; Expires=Fri, 14-Dec-2018 03:02:48 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
113
Cookie set 377928.gif
idsync.rlcdn.com/
Redirect Chain
  • https://d.adroll.com/cm/l/out
  • https://idsync.rlcdn.com/377928.gif?partner_uid=eedeca053826014fa1afdaef51decce2
  • https://idsync.rlcdn.com/377928.gif?partner_uid=eedeca053826014fa1afdaef51decce2&redirect=1
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/377928.gif?partner_uid=eedeca053826014fa1afdaef51decce2&redirect=1
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.211.125 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-87-211-125.compute-1.amazonaws.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
idsync.rlcdn.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Cookie
ck1=ck1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store
Set-Cookie
rlas3=S7NB1qXvlqSVvpfjvT3zRijpqlmIV7CKPy8Zja5iwDGMyA9jEACu5w==;Domain=.rlcdn.com;Expires=Sun, 13-May-2018 03:02:49 GMT rtn1-z=IaPVs8VHz+TV9kgF3acTEfOCyuABGOzKQqpgzMftYoQ=;Domain=.rlcdn.com;Expires=Sun, 13-May-2018 03:02:48 GMT
P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Content-Length
43
Connection
keep-alive
Content-Type
image/gif; charset=ISO-8859-1

Redirect headers

P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Location
https://idsync.rlcdn.com/377928.gif?partner_uid=eedeca053826014fa1afdaef51decce2&redirect=1
Set-Cookie
ck1=ck1;Domain=.rlcdn.com;Expires=Sun, 13-May-2018 03:02:48 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif; charset=ISO-8859-1
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=eedeca053826014fa1afdaef51decce2
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=eedeca053826014fa1afdaef51decce2
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=eedeca053826014fa1afdaef51decce2
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/11.155.7 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
us-u.openx.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Cookie
i=30c2b53e-863f-4b3b-914a-a9b7d0ecbfe1|1510628569
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
OXGW/11.155.7
Vary
Accept
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=eedeca053826014fa1afdaef51decce2
Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
OXGW/11.155.7
Set-Cookie
i=30c2b53e-863f-4b3b-914a-a9b7d0ecbfe1|1510628569; Version=1; Expires=Wed, 14-Nov-2018 03:02:49 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Content-Length
0
P3P
CP="CUR ADM OUR NOR STA NID"
Cookie set in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?google_nid=adroll5
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=7t7KBTgmAU-hr9rvUd7M4g&google_ula=1535926
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=7t7KBTgmAU-hr9rvUd7M4g&google_ula=1535926&google_tc=
  • https://d.adroll.com/cm/g/in?google_ula=1535926,0
35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in?google_ula=1535926,0
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.227.121 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-75-227-121.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
d.adroll.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Cookie
__adroll=eedeca053826014fa1afdaef51decce2
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2-g_1510628569; Version=1; Expires=Fri, 14-Dec-2018 03:02:49 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-Result
g.-1.-1.1535926.0.-1

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2017 03:02:49 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in?google_ula=1535926,0
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUnGVMemq8EimNlHoUsCqD3CqoqkTa9z4AhUoulA-XAOQZa95-grJg; expires=Sun, 09-Dec-2018 03:02:49 GMT; path=/; domain=.doubleclick.net; HttpOnly
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
246
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
1134271973313320
connect.facebook.net/signals/config/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1134271973313320?v=2.8.1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
017974ea12bfbc322646be726a0eb7951ca752fb25e6151745de23d7032c7a5d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.net/csp.php
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/1134271973313320?v=2.8.1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.net/csp.php
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
GTucUu6dofKJTuWB7AzU1FQGP1bln88cXd4iG75x9EYaoChixiqc4XANdoLYM/lPtGtdP5YpiTtmtsMPcJ6CNg==
x-frame-options
DENY
date
Tue, 14 Nov 2017 03:02:49 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1134271973313320&ev=PageView&dl=https%3A%2F%2Flipserman.com%2Fimages%2Freverse%2Fzoom%2Fliber6.html&rl=&if=false&ts=1510628569572&cd[segment_eid]=WDDEU77MW5DGXPKM5VCWTQ%2CSO2YFJV3ZRH33O7MPHDJCH&v=2.8.1&ec=0&o=29&it=1510628569517
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1134271973313320&ev=PageView&dl=https%3A%2F%2Flipserman.com%2Fimages%2Freverse%2Fzoom%2Fliber6.html&rl=&if=false&ts=1510628569572&cd[segment_eid]=WDDEU77MW5DGXPKM5VCWTQ%2CSO2YFJV3ZRH33O7MPHDJCH&v=2.8.1&ec=0&o=29&it=1510628569517
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 14 Nov 2017 03:02:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
fr=0pagMoAvJcEeqjRju..BaClzZ...1.0.BaClzZ.; expires=Monday, 12-Feb-2018 03:02:49 GMT; path=/; domain=.facebook.com; HttpOnly; secure
content-length
44
expires
Tue, 14 Nov 2017 03:02:49 GMT
roundtrip.js
s.adroll.com/j/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: lipserman.com
URL: https://lipserman.com/images/reverse/zoom/liber6.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.93.2 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-93-2.deploy.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8ed88bd70c8b7d1fa74b1289ff8d6ec7de7949f9a6555487be080317b07fff49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.adroll.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

x-amz-version-id
5hgQnKmlorpLe6L_ghXWclhJAt3DRaG_
Content-Encoding
gzip
ETag
"48c928b5ee8f9c11b5f3ebc187e2299a"
x-amz-request-id
DCBA668F7E2E8EDA
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
9210
x-amz-id-2
OjilzTMeYWYpDgcvhnWLrcVsFyOPl+V0MmAmP92AyYhVstTacBuaC0KqA90sUOW5ZvfmaPzWu1Q=
Last-Modified
Thu, 09 Nov 2017 16:19:45 GMT
Server
AmazonS3
Date
Tue, 14 Nov 2017 03:02:50 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
MRUD5X6EV5ABJOPHMNRJ4C.js
s.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK/
Redirect Chain
  • https://d.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK?pv=35296208330.24878&cookie=P6H4KM2PNNAX3JYTBRM6YP%3A1%7COSQYA5EFIRAYRN2E43E6RK%3A1%7CSO2YFJV3ZRH33O7MPHDJCH%3A1&adroll_s_re...
  • https://s.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK/MRUD5X6EV5ABJOPHMNRJ4C.js
4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK/MRUD5X6EV5ABJOPHMNRJ4C.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.93.2 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-93-2.deploy.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7f9fa78f7a4d910b511b5bb61713807b0b1de16e5bb0d9012bbec96892386684

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.adroll.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

x-amz-version-id
LQt60fLA7WtX8t7eRVcc5KPkdOOZUd6U
Content-Encoding
gzip
ETag
"9a84d1b0a8e20d394c38e40b465c2596"
x-amz-request-id
E057A9EEED4BCC08
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1420
x-amz-id-2
xF/4mAjGOIZleVTbsv5nBFrdjL4JyukHoZuYRmf1Jf5PHQwbdx9faMGtC5ByxUERa4QPJDWsUc4=
Last-Modified
Thu, 09 Nov 2017 22:18:10 GMT
Server
AmazonS3
Date
Tue, 14 Nov 2017 03:02:50 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Tue, 14 Nov 2017 03:02:50 GMT
X-Segment-Display-Name
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection
keep-alive
Content-Length
0
Pragma
no-cache
X-Conversion-Value
0.0
Server
nginx/1.10.2
X-Rule
*
X-Segment-Eid
MRUD5X6EV5ABJOPHMNRJ4C
Location
https://s.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK/MRUD5X6EV5ABJOPHMNRJ4C.js
Cache-Control
no-store, no-cache, must-revalidate
X-Pixel-Eid
OSQYA5EFIRAYRN2E43E6RK
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2-g_1510628569; Version=1; Expires=Fri, 14-Dec-2018 03:02:49 GMT; Max-Age=34128000; Path=/
X-Segment-Name
*
X-Advertisable-Eid
P6H4KM2PNNAX3JYTBRM6YP
X-Conversion-Currency
Cookie set rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expiration=1542164570
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expiration=1542164570
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-93-251.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dsum-sec.casalemedia.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Cookie
CMID=Wgpc2blQJrkAAE26eFkAAABD; CMPS=3216; CMPRO=1103; CMST=Wgpc2VoKXNkA; CMDD=; CMRUM3=695a0a5cd92760ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI; CMSC=Wgpc2Q**
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:50 GMT
Server
Apache
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
CMID=Wgpc2blQJrkAAE26eFkAAABD;domain=casalemedia.com;path=/;expires=Wed, 14 Nov 2018 03:02:50 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Mon, 12 Feb 2018 03:02:50 GMT CMPRO=1103;domain=casalemedia.com;path=/;expires=Mon, 12 Feb 2018 03:02:50 GMT CMST=Wgpc2VoKXNoA;domain=casalemedia.com;path=/;expires=Wed, 15 Nov 2017 03:02:50 GMT CMRUM3=695a0a5cda2760ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI;domain=casalemedia.com;path=/;expires=Wed, 14 Nov 2018 03:02:50 GMT
Content-Type
image/gif
Content-Length
43
Expires
Tue, 14 Nov 2017 03:02:50 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:50 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expiration=1542164570
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2-g_1510628569; Version=1; Expires=Fri, 14-Dec-2018 03:02:49 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
139
Cookie set tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expires=365
42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
62.67.193.85 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
pixel.rubiconproject.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Cookie
c=1; rpb=194538%3D1; put_3644=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI; rpx=194538%3D68971%2C0%2C1%2C%2C; khaos=J9Z18W6T-1X-87UB
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:49 GMT
Server
Rubicon Project
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rpb=194538%3D1; Domain=.rubiconproject.com; Expires=Thu, 14-Dec-2017 03:02:50 GMT; Path=/ put_3644=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI; Domain=.rubiconproject.com; Expires=Wed, 14-Nov-2018 02:59:59 GMT; Path=/ rpx=194538%3D68971%2C0%2C2%2C%2C; Domain=.pixel.rubiconproject.com; Expires=Thu, 14-Dec-2017 03:02:50 GMT; Path=/ khaos=J9Z18W6T-1X-87UB; Domain=.rubiconproject.com; Expires=Tue, 15-May-2018 15:02:50 GMT; Path=/
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
X-RPHost
sHi99U1XGAMzAil1gJPQeg
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:50 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&expires=365
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2-g_1510628569; Version=1; Expires=Fri, 14-Dec-2018 03:02:50 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
124
Cookie set 377928.gif
idsync.rlcdn.com/
Redirect Chain
  • https://d.adroll.com/cm/l/out
  • https://idsync.rlcdn.com/377928.gif?partner_uid=eedeca053826014fa1afdaef51decce2
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/377928.gif?partner_uid=eedeca053826014fa1afdaef51decce2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.211.125 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-87-211-125.compute-1.amazonaws.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
idsync.rlcdn.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Cookie
ck1=ck1; rlas3=S7NB1qXvlqSVvpfjvT3zRijpqlmIV7CKPy8Zja5iwDGMyA9jEACu5w==; rtn1-z=IaPVs8VHz+TV9kgF3acTEfOCyuABGOzKQqpgzMftYoQ=
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store
Set-Cookie
rlas3=S7NB1qXvlqSVvpfjvT3zRijpqlmIV7CKPy8Zja5iwDGMyA9jEACu5w==;Domain=.rlcdn.com;Expires=Sun, 13-May-2018 03:02:49 GMT rtn1-z=IaPVs8VHz+TV9kgF3acTEfOCyuABGOzKQqpgzMftYoQ=;Domain=.rlcdn.com;Expires=Sun, 13-May-2018 03:02:49 GMT
P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Content-Length
43
Connection
keep-alive
Content-Type
image/gif; charset=ISO-8859-1

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:50 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://idsync.rlcdn.com/377928.gif?partner_uid=eedeca053826014fa1afdaef51decce2
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2-g_1510628569; Version=1; Expires=Fri, 14-Dec-2018 03:02:50 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
86
Cookie set out
d.adroll.com/cm/g/ 		35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/out?google_nid=adroll5
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/pixel/P6H4KM2PNNAX3JYTBRM6YP/OSQYA5EFIRAYRN2E43E6RK/MRUD5X6EV5ABJOPHMNRJ4C.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.88.67 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-88-67.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
d.adroll.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Cookie
__adroll=eedeca053826014fa1afdaef51decce2-g_1510628569
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:50 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2-g_1510628569; Version=1; Expires=Fri, 14-Dec-2018 03:02:50 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
sync
pixel.advertising.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/aol/out
  • https://ums.adtech.de/mapuser?providerid=1076;userid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
  • https://pixel.advertising.com/ups/55980/sync?uid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&_origin=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55980/sync?uid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&_origin=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.121.84 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-121-84.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/ups/55980/sync?uid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&_origin=0
pragma
no-cache
cookie
IDSYNC=1770~1agr; APID=UP4c48b326-c8e8-11e7-be37-06bde20ff4f6
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pixel.advertising.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

status
204
date
Tue, 14 Nov 2017 03:02:50 GMT
set-cookie
IDSYNC=1770~1agr;Version=1;Domain=.advertising.com;Path=/;Max-Age=31622400;Expires=Thu, 15-Nov-2018 03:02:50 GMT APID=UP4c48b326-c8e8-11e7-be37-06bde20ff4f6;Version=1;Domain=.advertising.com;Path=/;Max-Age=31622400;Expires=Thu, 15-Nov-2018 03:02:50 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:50 GMT
Server
nginx
Location
https://pixel.advertising.com/ups/55980/sync?uid=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&_origin=0
Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 15 Jun 1998 00:00:00 GMT
Cookie set Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.236 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
simage2.pubmatic.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Cookie
KRTBCOOKIE_10=22808-ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&KRTB&22883-ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI; PugT=1510628569; PUBMDCID=3
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:50 GMT
X-lat
Pug22015:0:442
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Set-Cookie
KRTBCOOKIE_10=22808-ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI&KRTB&22883-ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI; domain=pubmatic.com; expires=Thu, 14-Dec-2017 03:02:50 GMT; path=/ PugT=1510628570; domain=pubmatic.com; expires=Thu, 14-Dec-2017 03:02:50 GMT; path=/ PUBRETARGET=dummy; domain=pubmatic.com; expires=Tue, 14-Nov-2017 03:02:50 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; expires=Mon, 12-Feb-2018 03:02:50 GMT; path=/
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:50 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2-g_1510628569; Version=1; Expires=Fri, 14-Dec-2018 03:02:50 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
161
/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/sg/adroll-network/1/rtb-h/?taboola_hm=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
pragma
no-cache
cookie
t_gid=f44d5850-5c79-4271-b332-f1c3d2e51993-tuct103e259; taboola_usg=GgQQmc5A
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
trc.taboola.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 14 Nov 2017 03:02:50 GMT
via
1.1 varnish
server
nginx
x-timer
S1510628571.508585,VS0,VE8
x-served-by
cache-hhn1535-HHN
x-cache
MISS
status
204
x-cache-hits
0
set-cookie
t_gid=f44d5850-5c79-4271-b332-f1c3d2e51993-tuct103e259;Path=/;Domain=.taboola.com;Expires=Wed, 14-Nov-2018 03:02:50 GMT taboola_usg=GgQQmc5A;Path=/;Domain=.taboola.com;Expires=Wed, 14-Nov-2018 03:02:50 GMT
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:50 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2-g_1510628569; Version=1; Expires=Fri, 14-Dec-2018 03:02:50 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
111
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1134271973313320&ev=EventSegment&dl=https%3A%2F%2Flipserman.com%2Fimages%2Freverse%2Fzoom%2Fliber6.html&rl=&if=false&ts=1510628570434&cd[event]=EventSegment&cd[segment_eid]=MRUD5X6EV5ABJOPHMNRJ4C&v=2.8.1&ec=1&o=29&it=1510628569517
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1134271973313320&ev=EventSegment&dl=https%3A%2F%2Flipserman.com%2Fimages%2Freverse%2Fzoom%2Fliber6.html&rl=&if=false&ts=1510628570434&cd[event]=EventSegment&cd[segment_eid]=MRUD5X6EV5ABJOPHMNRJ4C&v=2.8.1&ec=1&o=29&it=1510628569517
pragma
no-cache
cookie
fr=0pagMoAvJcEeqjRju..BaClzZ...1.0.BaClzZ.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://lipserman.com/images/reverse/zoom/liber6.html
:scheme
https
:method
GET
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 14 Nov 2017 03:02:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
content-length
44
expires
Tue, 14 Nov 2017 03:02:50 GMT
pixel
ads.yahoo.com/
Redirect Chain
  • https://d.adroll.com/cm/r/out
  • https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:422::3000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ads.yahoo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 14 Nov 2017 03:02:50 GMT
Server
ATS
Connection
keep-alive
Age
0
Content-Length
0
Strict-Transport-Security
max-age=3600

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:50 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2-g_1510628569; Version=1; Expires=Fri, 14-Dec-2018 03:02:50 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
181
pxj
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out
  • https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI%27)
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI%27)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
185.33.223.83 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ib.adnxs.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lipserman.com/images/reverse/zoom/liber6.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:52 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.27:80
AN-X-Request-Uuid
a488e614-1d3d-4330-8868-bba8beca3f00
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2017 03:02:50 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid('ZWVkZWNhMDUzODI2MDE0ZmExYWZkYWVmNTFkZWNjZTI')
Set-Cookie
__adroll=eedeca053826014fa1afdaef51decce2-g_1510628569; Version=1; Expires=Fri, 14-Dec-2018 03:02:49 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
113

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
.lipserman.com/ Name: __ar_v4
Value: %7CP6H4KM2PNNAX3JYTBRM6YP%3A20171114%3A1%7COSQYA5EFIRAYRN2E43E6RK%3A20171114%3A1%7CSO2YFJV3ZRH33O7MPHDJCH%3A20171114%3A1
.lipserman.com/ Name: _gat
Value: 1
.lipserman.com/ Name: _gid
Value: GA1.2.1869304172.1510628569
.lipserman.com/ Name: _ga
Value: GA1.2.686799994.1510628569
lipserman.com/images/reverse/zoom Name: zoom_cookie
Value: null

2 Console Messages

Source Level URL
Text
console-api log URL: https://lipserman.com/images/reverse/zoom/liber6.html(Line 550)
Message:
audioblocktrue
console-api log URL: https://lipserman.com/images/reverse/zoom/liber6.html(Line 599)
Message:
canvasfont = true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
lipserman.com
match.sharethrough.com
pixel.advertising.com
pixel.rubiconproject.com
s.adroll.com
simage2.pubmatic.com
stats.g.doubleclick.net
trc.taboola.com
ums.adtech.de
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.zoominfo.com
x.bidswitch.net
104.155.36.133
104.16.156.86
151.101.114.2
172.217.21.226
173.241.240.143
176.34.123.138
185.33.223.83
185.64.189.236
193.169.188.140
195.93.42.12
2a00:1288:110:422::3000
2a00:1450:4001:816::2003
2a00:1450:4001:816::2004
2a00:1450:4001:816::200e
2a00:1450:400c:c04::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.157.90.167
52.58.121.84
54.247.88.67
54.75.227.121
54.87.211.125
62.67.193.85
92.123.93.2
92.123.93.251
017974ea12bfbc322646be726a0eb7951ca752fb25e6151745de23d7032c7a5d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
118e1e9f8051a3d2cb41438c802ef354febdf61ad6050a9ddce076e6640231e6
2739cf70a13b93c9eb0d4ebe43027962bb45557e5b177f2ec6ce7f7734de7f2b
45fa5c9e6fed4bf92ae35aec5d65164af6365cb957bbfeaa81c96d7aad186c5a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee932216240c2ee6aa981207bf209a893bd5be47041a332f1f40424894df163
5713f95ce9b45b8d7b352e84d8f8c323c95f3586a1aada3ed65ea2d029ce5fa8
5a3efb523a0906c8903aab9236a3eea519c4de40594a150b77f7069a359a55de
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
7f9fa78f7a4d910b511b5bb61713807b0b1de16e5bb0d9012bbec96892386684
8ed88bd70c8b7d1fa74b1289ff8d6ec7de7949f9a6555487be080317b07fff49
a131d213fc0932e5a99272206783f5894597b330e3197dacaa3ac98407bf4460
a482624ad116611770904652b7759320510a621b59ef223f169ba981b65e571f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6be2b45dbca3703bb73ae3bf2d6a26e27b0b21e4e8767abd2f97b94f440be18
c80041af9b4194572c68834f08de46d9b948585cf3eb4d584a89b779c922d62b
ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617
e19d5c5376b45baadda13e31a04208d3a519a3baed58af5b926c52c56602cbf4
e1f244c41a11d32ede57cc0db3c2c2cf6b1cb0fc55a0bdf23130ef607ad80969
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fec2d2f6f85f3e7f543695fad5e1cf301eb822d0e711e181e948415e8a5c58eb