lizaonair.com Open in urlscan Pro
2606:4700:10::6816:89f  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://lizaonair.com/giveaway HTTP 301
   https://lizaonair.com/giveaway/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

• https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A792%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A2%3Adp%3A0%3Als%3A376825828162%3Ahid%3A727852081%3Az%3A0%3Ai%3A20230323145013%3Aet%3A1679583014%3Ac%3A1%3Arn%3A983393207%3Arqn%3A1%3Au%3A1679583014554103886%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C226%2C42%2C380%2C380%2C1%2C316%2C1%2C%2C%2C%2C965%3Aco%3A0%3Acpf%3A1%3Ans%3A1679583012478%3Ast%3A1679583014&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
• https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A792%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A2%3Adp%3A0%3Als%3A376825828162%3Ahid%3A727852081%3Az%3A0%3Ai%3A20230323145013%3Aet%3A1679583014%3Ac%3A1%3Arn%3A983393207%3Arqn%3A1%3Au%3A1679583014554103886%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C226%2C42%2C380%2C380%2C1%2C316%2C1%2C%2C%2C%2C965%3Aco%3A0%3Acpf%3A1%3Ans%3A1679583012478%3Ast%3A1679583014&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 22

• https://mc.yandex.ru/watch/11815663?wmode=7&page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A792%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A1%3Adp%3A0%3Als%3A1039159618746%3Ahid%3A727852081%3Az%3A0%3Ai%3A20230323145013%3Aet%3A1679583014%3Ac%3A1%3Arn%3A250984964%3Arqn%3A1%3Au%3A1679583014554103886%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C226%2C42%2C380%2C380%2C1%2C316%2C1%2C%2C%2C%2C965%3Aco%3A0%3Acpf%3A1%3Ans%3A1679583012478%3Arqnl%3A1%3Ast%3A1679583014%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BF%D0%BE%D0%B1%D0%B5%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%20%D0%B2%20%D0%98%D0%BD%D1%81%D1%82%D0%B0%D0%B3%D1%80%D0%B0%D0%BC%2C%20Youtube%20%D0%B8%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%80%D0%B0%D0%BD%D0%B4%D0%BE%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%E2%84%961&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
• https://mc.yandex.ru/watch/11815663/1?wmode=7&page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A792%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A1%3Adp%3A0%3Als%3A1039159618746%3Ahid%3A727852081%3Az%3A0%3Ai%3A20230323145013%3Aet%3A1679583014%3Ac%3A1%3Arn%3A250984964%3Arqn%3A1%3Au%3A1679583014554103886%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C226%2C42%2C380%2C380%2C1%2C316%2C1%2C%2C%2C%2C965%3Aco%3A0%3Acpf%3A1%3Ans%3A1679583012478%3Arqnl%3A1%3Ast%3A1679583014%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BF%D0%BE%D0%B1%D0%B5%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%20%D0%B2%20%D0%98%D0%BD%D1%81%D1%82%D0%B0%D0%B3%D1%80%D0%B0%D0%BC%2C%20Youtube%20%D0%B8%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%80%D0%B0%D0%BD%D0%B4%D0%BE%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%E2%84%961&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 28

• https://mc.webvisor.org/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9951.3wcW-ovXJI7s1pwxykVHaaryupCQYR2bO45FGIb0Ggkcq3mOPJb32OhHb8KKYDQt.jag1o-AxHECELb_2IfU7PrZKaQs%2C HTTP 302
• https://mc.webvisor.org/sync_cookie_image_decide?token=9951.kZKtLcehKesifqnvx2WDo2eXaykMnpEo_DDriPsGgnsvfhZ9q40-UUcw7Ndj-zlPb9CjLOpcOA4mNSyvw1UciRZmaeWB3Fsk4N_AJ8UwLXelRAwJiZGZuj3RG13_JfvQfOSavbjTffuBMyF08Rb7R0jYOriHBG-Zj_1JAKQpR5TvAYMPZiGuKrMH6hUEb_dhWbzV5yE_toTDFbYN6ZOVUmoNV5JMXtloW8FNoobtFfU%2C.4HUw4P-tkd19fcNMKmh5JHTmdHs%2C

Request Chain 29

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9951.D7TlpGYLaCrOMxE9wYGdWIb-NiMIoZroVWKdIyQ5_S3bw6E6mmZpzK-rj7xM1336.5LRF_5pbFFr3MRwuijGASKA4toA%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9951.zdR-pJw278fkCrUCZKRab3LXeY3EU9yH4yAcI5Hz7Ng6USirLT2URRSXdM8yC3m5lnJUp1IDllULxEyHAHYbu_uDnOjhrCBO3XEDLUqMedFO1wuHeRRLr0TE-Uy-gk7OZvpcALCb540Dyyk1b2lTGn0Wyhtl5qa-UOKQrb7XZiHnhB0NV7lbIT0T-TXtj8junNyPy20P4Cs8Oc-9RpFwNv34O5QSmcNK94Ci5hXG7Q8%2C.BDe1pxWTmKACjrfMN7BKgWtsC40%2C

Request Chain 65

• https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
• https://an.yandex.ru/mapuid/arcspireis/bd3cf9b4f0686e8f37113d

Request Chain 66

• https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
• https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
• https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
• https://acint.net/rmatch?dp=14&euid=3403420A2A671C6449002B0102D26E6E&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D HTTP 302
• https://an.yandex.ru/mapuid/sapeis/1503420A29671C64B406988802FA58D8

Request Chain 67

• https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
• https://an.yandex.ru/mapuid/betweendigitalis/ae5b0ba3-e184-5252-b7bf-74b1d3a31396

Request Chain 68

• https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
• https://dpm.demdex.net/ibs:dpid=423652&dpuuid=8528AF8F5792EF3A HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=8528AF8F5792EF3A

Request Chain 69

• https://yandex.ru/an/mapuid/azerionis/ HTTP 302
• https://match.360yield.com/match?external_user_id=1A90FF6CBE43D7F&publisher_dsp_id=429&publisher_call_type=redirect HTTP 302
• https://match.360yield.com/ul_cb/match?external_user_id=1A90FF6CBE43D7F&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 71

• https://yandex.ru/an/mapuid/betweenx/ HTTP 302
• https://ads.betweendigital.com/match?bidder_id=161&external_user_id=6A6C08DCE688403D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=161&external_user_id=6A6C08DCE688403D&crf=1

Request Chain 72

• https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
• https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=3EE5C38A27B8BA32

Request Chain 74

• https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=70B9517B58E124D5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 75

• https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=70B9517B58E124D5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 76

• https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=70B9517B58E124D5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 77

• https://yandex.ru/an/mapuid/operacom/ HTTP 302
• https://t.adx.opera.com/sync?vendor=60143&uid=787BFAC35E40A4D9

Request Chain 79

• https://cm.tns-counter.ru/yacm HTTP 302
• https://an.yandex.ru/mapuid/mediascope/b55342c4d1e493856e6ef07b24b8a6f56469f056f27e6ff2ef73fe6b5b92aa14

Request Chain 82

• https://dmg.digitaltarget.ru/1/119/i/i?i=1679583014 HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1679583015262&i=1679583014 HTTP 307
• https://an.yandex.ru/mapuid/dmpamberdata/Z.3f1kplFL1l0ub76-RD

Request Chain 83

• https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
• https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
• https://an.yandex.ru/mapuid/azerionis/9d9bd970-5f39-4632-af51-f263e05b02f6 HTTP 302
• https://match.360yield.com/match?external_user_id=9d9bd970-5f39-4632-af51-f263e05b02f6&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 84

• https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
• https://an.yandex.ru/mapuid/buzzooladspis/f2145114-a202-42dc-794d-81531a5efa7e

Request Chain 85

• https://kimberlite.io/rtb/sync/yandex HTTP 307
• https://ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsoltadspis%252FZBxnJz6WTCg%26n%3D1 HTTP 302
• https://kimberlite.io/rtb/sync/between2?u=ae5b0ba3-e184-5252-b7bf-74b1d3a31396&f=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZBxnJz6WTCg&n=1 HTTP 307
• https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZBxnJz6WTCg HTTP 301
• https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZBxnJz6WTCg HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=80b773d2-9f19-4325-a67e-162b2df1b9a8&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D59%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
• https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D2%26ssp%3Daidata%26id%3D%24UID HTTP 302
• https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D2%26ssp%3Daidata%26id%3D%24UID&bounce=1 HTTP 302
• https://sm.rtb.mts.ru/em?next=59&em=2&ssp=aidata&id=B8kVmG5ExMAPw4K9SzpWZg HTTP 301
• https://kimberlite.io/rtb/sync/mts?u=69a9ebac-ced5-4cb6-a8bf-18938c15a38e HTTP 307
• https://an.yandex.ru/mapuid/soltadspis/ZBxnJz6WTCg

Request Chain 86

• https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
• https://an.yandex.ru/mapuid/targetrtbis/

Request Chain 88

• https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/ HTTP 302
• https://an.yandex.ru/mapuid/hyperdspis/eddb5730-27ad-5060-3616-ed6c0247e08d

Request Chain 89

• https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
• https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 90

• https://px.adhigh.net/p/cm/yandexssp HTTP 302
• https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
• https://an.yandex.ru/mapuid/getintentis/uPA1fpe5H9ah.AikABlGHDvLyng

Request Chain 91

• https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 307
• https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2546335427 HTTP 302
• https://an.yandex.ru/mapuid/dmpweborama/HUU.h8qKJmWIovOQ5S0s1u

Request Chain 93

• https://s.uuidksinc.net/match/501 HTTP 302
• https://an.yandex.ru/mapuid/kadamis/Ace2RyOxGhV1nXCQKkjY

Request Chain 94

• https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
• https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=69a9ebac-ced5-4cb6-a8bf-18938c15a38e&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F69a9ebac-ced5-4cb6-a8bf-18938c15a38e HTTP 302
• https://an.yandex.ru/mapuid/mtsdspis/69a9ebac-ced5-4cb6-a8bf-18938c15a38e

Request Chain 101

• https://sync.gonet-ads.com/match/yandex?id=[buyerUid] HTTP 302
• https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1 HTTP 302
• https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Request Chain 102

• https://sync.upravel.com/yandex/sync HTTP 302
• https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
• https://an.yandex.ru/mapuid/upravelis/ec6e0936-ec8f-470f-a084-15e75b977048

Request Chain 103

• https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
• https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
• https://an.yandex.ru/mapuid/dmpaidatame/B8kVmG5ExMAPw4K9SzpWZg?sign=2623944490

Request Chain 104

• https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
• https://an.yandex.ru/mapuid/dmpsegmento/gLXDMyZK7BdY?sign=2334750047

Request Chain 105

• https://yandex-sync.rutarget.ru/sync HTTP 302
• https://an.yandex.ru/mapuid/rutargetis/sZFaeRamFeko

Request Chain 118

• https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//lizaonair.com/giveaway/;0.21874557135890904 HTTP 302
• https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//lizaonair.com/giveaway/;0.21874557135890904

Request Chain 119

• https://top-fwz1.mail.ru/counter?id=2482748;js=na HTTP 302
• https://top-fwz1.mail.ru/counter2?id=2482748;js=na

Request Chain 139

• https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KWccZMysEdrLmwfzz5CABQ&random=2093642808&sscte=1&crd= HTTP 302
• https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2093642808&crd=&is_vtc=1&random=3944551668 HTTP 302
• https://www.google.fi/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2093642808&crd=&is_vtc=1&random=3944551668&ipr=y

Request Chain 140

• https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KWccZLOtEcKsmLAPqdqN-AY&random=1619687636&sscte=1&crd= HTTP 302
• https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1619687636&crd=&is_vtc=1&random=1625553786 HTTP 302
• https://www.google.fi/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1619687636&crd=&is_vtc=1&random=1625553786&ipr=y

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response lizaonair.com/giveaway/ Redirect Chain https://lizaonair.com/giveaway https://lizaonair.com/giveaway/	66 KB 20 KB	227ms 226ms	Document text/html	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f405654899ca378d28de845fbec487ac7194f66656585d832a582cb124f5c790 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7ac77c466b56d957-HEL content-encoding br content-type text/html; charset=UTF-8 date Thu, 23 Mar 2023 14:50:13 GMT expires Thu, 19 Nov 1981 08:52:00 GMT geo-city Helsinki geo-lat 60.21880 geo-lon 24.87080 pragma no-cache referrer-policy no-referrer-when-downgrade server cloudflare strict-transport-security max-age=15552000 vary Accept-Encoding,User-Agent x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block Redirect headers cache-control max-age=5 cf-cache-status DYNAMIC cf-ray 7ac77c45489fd957-HEL content-type text/html; charset=iso-8859-1 date Thu, 23 Mar 2023 14:50:12 GMT expires Thu, 23 Mar 2023 14:50:17 GMT geo-city Helsinki geo-lat 60.21880 geo-lon 24.87080 location https://lizaonair.com/giveaway/ server cloudflare strict-transport-security max-age=15552000 vary Accept-Encoding
GET H2	200	prebid-ads.js Show response lizaonair.com/giveaway/assets/	14 B 267 B	79ms 79ms	Script application/javascript	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lizaonair.com/giveaway/assets/prebid-ads.js?v2 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1214383d077dd4ef2e5d7d39bf7df7257f87913403900b7a35dca58f9e79e90a Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff cf-cache-status HIT content-encoding br geo-lat 60.21880 age 1391198 cf-polished origSize=33 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Wed, 16 Sep 2020 13:35:49 GMT cf-bgj minify server cloudflare geo-city Helsinki etag W/"21-5af6e588577c0" geo-lon 24.87080 vary Accept-Encoding, User-Agent,Accept-Encoding content-type application/javascript cache-control public, max-age=31536000 cf-ray 7ac77c480f17d957-HEL expires Fri, 22 Mar 2024 14:50:13 GMT
GET H2	200	bundle.min.js Show response lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/	54 KB 20 KB	81ms 81ms	Script application/javascript	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c3638ad3116de83d6a4479d2c244bf1b08f71537646618ce90d68501c2b1ed7 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff Request headers Referer https://lizaonair.com/giveaway/ Origin https://lizaonair.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff last-modified Fri, 02 Sep 2022 09:52:02 GMT geo-lat 60.21880 server cloudflare geo-city Helsinki etag W/"ad83b0273752f1dd9fedc8f21c996a7e" geo-lon 24.87080 vary Accept-Encoding content-type application/javascript; charset=utf-8 content-encoding br cache-control public, max-age=31536000 cf-ray 7ac77c480f1bd957-HEL expires Sat, 02 Sep 2023 13:02:24 GMT
GET H2	200	checkout.js Show response checkout.stripe.com/	88 KB 23 KB	274ms 81ms	Script application/javascript	13.224.189.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://checkout.stripe.com/checkout.js Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-9.fra2.r.cloudfront.net Software Cloudfront / Resource Hash 18781492fefe9e0fb34b391582891c3d0700908f2c991f91f506de046f5c3c8c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 23 Mar 2023 14:49:34 GMT last-modified Wed, 13 Jul 2022 15:14:21 GMT server Cloudfront via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 etag W/"9df39fdc36e7b7d12c767cc16f78989c" age 51 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=60 x-amz-cf-id 6YpN4NbwbYH8GkuKMG3-bUJP0B5to-0VUfp4N_Qp4_2gDSshwESQfg==
GET H2	200	jquery.min.js Show response lizaonair.com/proxy/ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 33 KB	73ms 72ms	Script text/javascript	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lizaonair.com/proxy/ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff last-modified Wed, 10 Mar 2021 14:28:09 GMT geo-lat 60.21880 server cloudflare geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding content-type text/javascript; charset=UTF-8 content-encoding br cache-control public, max-age=31536000, stale-while-revalidate=2592000 cf-ray 7ac77c481f56d957-HEL expires Sat, 15 Jul 2023 02:50:30 GMT
GET H2	200	script.min.js Show response lizaonair.com/giveaway/assets/1679582279/	630 KB 186 KB	111ms 111ms	Script application/javascript	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lizaonair.com/giveaway/assets/1679582279/script.min.js Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cce8e543cb5b0c2654ac96592d93131103f93bddaa5e4be757cf9d551ae7485 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff cf-cache-status HIT content-encoding br geo-lat 60.21880 age 722 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 23 Mar 2023 14:37:59 GMT server cloudflare geo-city Helsinki etag W/"9d6d2-5f79239284a41-gzip" geo-lon 24.87080 vary Accept-Encoding,User-Agent content-type application/javascript cache-control public, max-age=31536000 cf-ray 7ac77c481f5ad957-HEL expires Fri, 22 Mar 2024 14:50:13 GMT
GET H2	200	styles.min.css lizaonair.com/giveaway/assets/1674116353/	70 KB 22 KB	88ms 88ms	Stylesheet text/css	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lizaonair.com/giveaway/assets/1674116353/styles.min.css Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 23bc0a486c75dafc2b343a79a94cd0f162647374436500fc27ce53948f48cac3 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff cf-cache-status HIT content-encoding br geo-lat 60.21880 age 627482 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 19 Jan 2023 08:19:13 GMT server cloudflare geo-city Helsinki etag W/"11853-5f29996963c00-gzip" geo-lon 24.87080 vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=31536000 cf-ray 7ac77c481f59d957-HEL expires Fri, 22 Mar 2024 14:50:13 GMT
GET DATA	200 OK	truncated /	73 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 38814c5240d913c5270db8b8c3eae9f192489b2d2752b63c30562c4287f70015 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	256 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a0d9a67083de4d01e31a9122f58b5493e84a1635a71461590d399a8575198bcd Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	476 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d96636838cdcae47d0e346fc47dead46630d280ae65faebac99f81007ee6279d Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	ig-white.svg lizaonair.com/giveaway/images/	1 KB 625 B	77ms 77ms	Image image/svg+xml	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/giveaway/images/ig-white.svg Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4235075f01fd1bf946f4a3999d11b97a51bdb5700610fb7dca190e4962daef9e Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff cf-cache-status HIT content-encoding br geo-lat 60.21880 age 438759 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Tue, 22 Jan 2019 01:48:22 GMT server cloudflare geo-city Helsinki etag W/"4b2-580022c27f304-gzip" geo-lon 24.87080 vary Accept-Encoding,User-Agent content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 7ac77c48a88dd957-HEL expires Fri, 22 Mar 2024 14:50:13 GMT
GET H2	200	yt-white.png lizaonair.com/giveaway/images/	856 B 1 KB	79ms 79ms	Image image/png	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/giveaway/images/yt-white.png Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b0e9e4482a58253ebfc30af8c3583163f62bbf5cf93ce3270d4faeed881ea37 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff cf-cache-status HIT geo-lat 60.21880 age 1397483 cf-polished status=not_needed content-length 856 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Tue, 22 Jan 2019 01:49:01 GMT cf-bgj imgq:85,h2pri server cloudflare geo-city Helsinki etag "358-580022e756ce5" geo-lon 24.87080 vary User-Agent, Accept-Encoding content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7ac77c48a88ed957-HEL expires Fri, 22 Mar 2024 14:50:13 GMT
GET H2	200	kv-white.png lizaonair.com/giveaway/images/	1 KB 1 KB	80ms 80ms	Image image/png	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/giveaway/images/kv-white.png Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5465d39fc47ffe5e01a3a616f0677da6ee63fda028ee94924e889065e788dd4c Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff cf-cache-status HIT geo-lat 60.21880 age 2005631 cf-polished status=not_needed content-length 1104 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Tue, 22 Jan 2019 01:48:49 GMT cf-bgj imgq:85,h2pri server cloudflare geo-city Helsinki etag "450-580022dbb8343" geo-lon 24.87080 vary User-Agent, Accept-Encoding content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7ac77c48a890d957-HEL expires Fri, 22 Mar 2024 14:50:13 GMT
GET DATA	200 OK	truncated /	113 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a294f42940e78d075164db239e9d7157df30d99329c33b5fdd1129562e4cb1d9 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/png
GET H2	200	js Show response www.googletagmanager.com/gtag/	164 KB 60 KB	247ms 98ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-28308328-1&_=1679583013404 Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ab000beefe16152af7b336c94b6e59460dcd8446cd83f74c608132206a0cd969 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 61329 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 23 Mar 2023 14:50:13 GMT
GET H2	200	tag.js Show response cdn.jsdelivr.net/npm/yandex-metrica-watch/	212 KB 86 KB	163ms 68ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js?_=1679583013405 Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2718c011d6f4888fa728493273f9b12f35e5bd98d9e76db0c08d86c3e5617b7a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 13255 x-jsd-version 1.260.0 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra-eddf8230100-FRA, cache-bma1635-BMA x-jsd-version-type version server cloudflare etag W/"34f5f-yGewIL0vxuRUBEBE3b6MwsdNGFQ" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtjyD5Gj2aPFxr6UikFxneJD4Pnn15Iqjt2Oz%2FiyCRfX7qqVTws%2BHbhNPKrZDzCtUeExkixPba3kCpYo%2FpqiQwcBLvspzuYvj88jEPqmbUdiMnoUWISt%2Bpj3nLR9bmziZQmUmboHKFvfU5Tz60c%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 7ac77c4a9c18d98d-HEL
GET H2	200	yeps.js Show response widget.yeps.io/	158 KB 50 KB	382ms 284ms	Script application/javascript	2606:4700:20::ac43:4a70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widget.yeps.io/yeps.js?_=1679583013406 Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a70 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3405512f75d98160601bcf811f81765b07dca3c2a6f8b99daab6ce9e199880fb Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 01 Feb 2023 05:04:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-amz-request-id 47FC7T2EJ3XPZEYV etag W/"e989d2a0cefab48fc159c779512ba8ae" x-amz-server-side-encryption AES256 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jza%2Fls01H3q4BWVeKmcmWMdXegggCPH25GdRBVNGhUcialM3Q35kFzodA3ZLx3LDJusu8AVzym6WBFhdaE4kXLdobmSbxcFpdosUvqyubOK6R1kTlJLfNBNnpHBFtGaTb443EgRayZ%2B2Ki0Z"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=max-age=1800 cf-ray 7ac77c4a9d54d93b-HEL x-amz-id-2 T2QLdbOznJoKxcNDsPQUJPv+qn0wokd0VS5Ji4nGQR8Wo5sP8hF1lrLZ3nb7CUHTdHpLJlAhgUQ=
GET H2	200	chatra.js Show response call.chatra.io/	46 KB 12 KB	307ms 209ms	Script text/javascript	2606:4700:10::6816:28e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://call.chatra.io/chatra.js?_=1679583013407 Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:28e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 048a1435e4cd4ea438b746fe84848a1df9185e10b9419f8a17fcbfa6da91f9d6 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT content-encoding br cf-cache-status MISS last-modified Sat, 28 Jan 2023 23:42:20 GMT server cloudflare etag W/"b6f7-185fac2ab60" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=1800, s-maxage=1800, stale-while-revalidate=300, stale-if-error=1800 cf-ray 7ac77c4a993fd953-HEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2 lizaonair.com/proxy/fonts.gstatic.com/s/opensanscondensed/v23/	15 KB 15 KB	68ms 68ms	Font font/woff2	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lizaonair.com/proxy/fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff Request headers Referer https://lizaonair.com/giveaway/ Origin https://lizaonair.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff last-modified Tue, 19 Apr 2022 18:08:11 GMT geo-lat 60.21880 server cloudflare geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding content-type font/woff2 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7ac77c4a0b87d957-HEL content-length 14964 expires Tue, 22 Aug 2023 20:06:51 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 lizaonair.com/proxy/fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	74ms 74ms	Font font/woff2	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lizaonair.com/proxy/fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff Request headers Referer https://lizaonair.com/giveaway/ Origin https://lizaonair.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff last-modified Mon, 15 Aug 2022 18:20:18 GMT geo-lat 60.21880 server cloudflare geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding content-type font/woff2 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7ac77c4a0b8dd957-HEL content-length 44856 expires Sat, 13 Jan 2024 14:09:47 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 lizaonair.com/proxy/fonts.gstatic.com/s/opensans/v34/	26 KB 26 KB	66ms 66ms	Font font/woff2	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lizaonair.com/proxy/fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff Request headers Referer https://lizaonair.com/giveaway/ Origin https://lizaonair.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff last-modified Mon, 15 Aug 2022 18:14:37 GMT geo-lat 60.21880 server cloudflare geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding content-type font/woff2 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7ac77c4a0b9cd957-HEL content-length 26240 expires Tue, 15 Aug 2023 19:00:37 GMT
GET H2	206	iFiZFSxjY4o.mp4 lizaonair.com/giveaway/assets/video/360p/	2 MB 2 MB	227ms 226ms	Media video/mp4	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lizaonair.com/giveaway/assets/video/360p/iFiZFSxjY4o.mp4?v2 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9183a7a2977187684d184b3c922a74953bac83bcfd43cea02e1d764a59200b9e Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://lizaonair.com/giveaway/ Accept-Encoding identity;q=1, *;q=0 accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Range bytes=0- Response headers date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff cf-cache-status HIT geo-lat 60.21880 Content-Range bytes 0-1992213/1992214 Content-Length 1992214 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 28 Dec 2020 19:23:43 GMT server cloudflare geo-city Helsinki etag "1e6616-5b78b3654e5cb" geo-lon 24.87080 vary User-Agent, Accept-Encoding content-type video/mp4 cache-control public, max-age=31536000 cf-ray 7ac77c4afd64d957-HEL expires Fri, 22 Mar 2024 14:50:13 GMT
GET H2	200	1 Show response mc.yandex.ru/watch/3/ Redirect Chain https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A792%3Afu%3A0%3Aen%3Autf-8%3A... https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A792%3Afu%3A0%3Aen%3Autf-8%3...	264 B 347 B	61ms 60ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A792%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A2%3Adp%3A0%3Als%3A376825828162%3Ahid%3A727852081%3Az%3A0%3Ai%3A20230323145013%3Aet%3A1679583014%3Ac%3A1%3Arn%3A983393207%3Arqn%3A1%3Au%3A1679583014554103886%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C226%2C42%2C380%2C380%2C1%2C316%2C1%2C%2C%2C%2C965%3Aco%3A0%3Acpf%3A1%3Ans%3A1679583012478%3Ast%3A1679583014&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash f3fcdf2779be10dc0d2e4043dba1a828c936c9dd092f51c0e7e06da7e8bbb82d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Thu, 23-Mar-2023 14:50:13 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://lizaonair.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 264 x-xss-protection 1; mode=block expires Thu, 23-Mar-2023 14:50:13 GMT Redirect headers pragma no-cache date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=31536000 last-modified Thu, 23-Mar-2023 14:50:13 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/3/1?wmode=7&page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A792%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A2%3Adp%3A0%3Als%3A376825828162%3Ahid%3A727852081%3Az%3A0%3Ai%3A20230323145013%3Aet%3A1679583014%3Ac%3A1%3Arn%3A983393207%3Arqn%3A1%3Au%3A1679583014554103886%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C226%2C42%2C380%2C380%2C1%2C316%2C1%2C%2C%2C%2C965%3Aco%3A0%3Acpf%3A1%3Ans%3A1679583012478%3Ast%3A1679583014&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 access-control-allow-origin https://lizaonair.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Thu, 23-Mar-2023 14:50:13 GMT
GET H2	200	1 Show response mc.yandex.ru/watch/11815663/ Redirect Chain https://mc.yandex.ru/watch/11815663?wmode=7&page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A792%3Afu%3A0%3Aen%3Autf-8%3Ala%... https://mc.yandex.ru/watch/11815663/1?wmode=7&page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A792%3Afu%3A0%3Aen%3Autf-8%3Al...	447 B 527 B	61ms 60ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/11815663/1?wmode=7&page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A792%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A1%3Adp%3A0%3Als%3A1039159618746%3Ahid%3A727852081%3Az%3A0%3Ai%3A20230323145013%3Aet%3A1679583014%3Ac%3A1%3Arn%3A250984964%3Arqn%3A1%3Au%3A1679583014554103886%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C226%2C42%2C380%2C380%2C1%2C316%2C1%2C%2C%2C%2C965%3Aco%3A0%3Acpf%3A1%3Ans%3A1679583012478%3Arqnl%3A1%3Ast%3A1679583014%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BF%D0%BE%D0%B1%D0%B5%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%20%D0%B2%20%D0%98%D0%BD%D1%81%D1%82%D0%B0%D0%B3%D1%80%D0%B0%D0%BC%2C%20Youtube%20%D0%B8%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%80%D0%B0%D0%BD%D0%B4%D0%BE%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%E2%84%961&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 059206f6555230a0fccb56b1d103f1df9467320e4928ead7456e190edb21ce0e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Thu, 23-Mar-2023 14:50:13 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://lizaonair.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 447 x-xss-protection 1; mode=block expires Thu, 23-Mar-2023 14:50:13 GMT Redirect headers pragma no-cache date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=31536000 last-modified Thu, 23-Mar-2023 14:50:13 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/11815663/1?wmode=7&page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A792%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A1%3Adp%3A0%3Als%3A1039159618746%3Ahid%3A727852081%3Az%3A0%3Ai%3A20230323145013%3Aet%3A1679583014%3Ac%3A1%3Arn%3A250984964%3Arqn%3A1%3Au%3A1679583014554103886%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C226%2C42%2C380%2C380%2C1%2C316%2C1%2C%2C%2C%2C965%3Aco%3A0%3Acpf%3A1%3Ans%3A1679583012478%3Arqnl%3A1%3Ast%3A1679583014%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BF%D0%BE%D0%B1%D0%B5%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%20%D0%B2%20%D0%98%D0%BD%D1%81%D1%82%D0%B0%D0%B3%D1%80%D0%B0%D0%BC%2C%20Youtube%20%D0%B8%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%80%D0%B0%D0%BD%D0%B4%D0%BE%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%E2%84%961&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 access-control-allow-origin https://lizaonair.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Thu, 23-Mar-2023 14:50:13 GMT
GET H2	200	advert.gif mc.yandex.ru/metrika/	43 B 187 B	173ms 59ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/metrika/advert.gif Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 13:00:21 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "641c2335-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Thu, 23 Mar 2023 15:50:13 GMT
GET H2	200	context.js Show response yandex.ru/ads/system/	283 KB 84 KB	505ms 74ms	Script text/javascript	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/system/context.js?_=1679583013408 Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 74fe3d16fb7e41c84756cdff9a109fdbf340c6b99b470820edbd0777e091f00e Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers content-encoding br x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679583014249113-2124839639135445122-vla1-3230-vla-l7-balancer-8080-BAL-4969 report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 23 Mar 2023 15:50:14 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	242 KB 82 KB	101ms 100ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-6TX4G0QLVH&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-28308328-1&_=1679583013404 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 268a8694f6483e5560d037e9acddc62467d6347f1600e4342c48cbf16415f352 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83668 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 23 Mar 2023 14:50:13 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	259 KB 85 KB	146ms 145ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-JCCFKRW5MH&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-28308328-1&_=1679583013404 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8d7abf3bbbee8f4a7ae628557836aa0eca12d49d5dd5f1855dd57d86c00f73c5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 87389 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 23 Mar 2023 14:50:13 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	219ms 70ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-28308328-1&_=1679583013404 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 23 Mar 2023 14:05:11 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 2702 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Thu, 23 Mar 2023 16:05:11 GMT
GET H2	200	sync_cookie_image_decide mc.webvisor.org/ Redirect Chain https://mc.webvisor.org/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9951.3wcW-ovXJI7s1pwxykVHaaryupCQYR2bO45FGIb0Ggkcq3mOPJb32OhHb8KKYDQt.jag1o-AxHECELb_2IfU7PrZKaQs%2C https://mc.webvisor.org/sync_cookie_image_decide?token=9951.kZKtLcehKesifqnvx2WDo2eXaykMnpEo_DDriPsGgnsvfhZ9q40-UUcw7Ndj-zlPb9CjLOpcOA4mNSyvw1UciRZmaeWB3Fsk4N_AJ8UwLXelRAwJiZGZuj3RG13_JfvQfOSavbjTf...	43 B 506 B	66ms 66ms	Image image/gif	80.239.201.34 TWELVE99 Arelion
General Check archive.org Show headers Download Go to Show image Full URL https://mc.webvisor.org/sync_cookie_image_decide?token=9951.kZKtLcehKesifqnvx2WDo2eXaykMnpEo_DDriPsGgnsvfhZ9q40-UUcw7Ndj-zlPb9CjLOpcOA4mNSyvw1UciRZmaeWB3Fsk4N_AJ8UwLXelRAwJiZGZuj3RG13_JfvQfOSavbjTffuBMyF08Rb7R0jYOriHBG-Zj_1JAKQpR5TvAYMPZiGuKrMH6hUEb_dhWbzV5yE_toTDFbYN6ZOVUmoNV5JMXtloW8FNoobtFfU%2C.4HUw4P-tkd19fcNMKmh5JHTmdHs%2C Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Server 80.239.201.34 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE), Reverse DNS 80-239-201-34.teliacarrier-cust.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:14 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.webvisor.org/sync_cookie_image_decide?token=9951.kZKtLcehKesifqnvx2WDo2eXaykMnpEo_DDriPsGgnsvfhZ9q40-UUcw7Ndj-zlPb9CjLOpcOA4mNSyvw1UciRZmaeWB3Fsk4N_AJ8UwLXelRAwJiZGZuj3RG13_JfvQfOSavbjTffuBMyF08Rb7R0jYOriHBG-Zj_1JAKQpR5TvAYMPZiGuKrMH6hUEb_dhWbzV5yE_toTDFbYN6ZOVUmoNV5JMXtloW8FNoobtFfU%2C.4HUw4P-tkd19fcNMKmh5JHTmdHs%2C date Thu, 23 Mar 2023 14:50:14 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9951.D7TlpGYLaCrOMxE9wYGdWIb-NiMIoZroVWKdIyQ5_S3bw6E6mmZpzK-rj7xM1336.5LRF_5pbFFr3MRwuijGASKA4toA%2C https://mc.yandex.com/sync_cookie_image_decide?token=9951.zdR-pJw278fkCrUCZKRab3LXeY3EU9yH4yAcI5Hz7Ng6USirLT2URRSXdM8yC3m5lnJUp1IDllULxEyHAHYbu_uDnOjhrCBO3XEDLUqMedFO1wuHeRRLr0TE-Uy-gk7OZvpcALCb540...	43 B 504 B	58ms 58ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9951.zdR-pJw278fkCrUCZKRab3LXeY3EU9yH4yAcI5Hz7Ng6USirLT2URRSXdM8yC3m5lnJUp1IDllULxEyHAHYbu_uDnOjhrCBO3XEDLUqMedFO1wuHeRRLr0TE-Uy-gk7OZvpcALCb540Dyyk1b2lTGn0Wyhtl5qa-UOKQrb7XZiHnhB0NV7lbIT0T-TXtj8junNyPy20P4Cs8Oc-9RpFwNv34O5QSmcNK94Ci5hXG7Q8%2C.BDe1pxWTmKACjrfMN7BKgWtsC40%2C Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:14 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9951.zdR-pJw278fkCrUCZKRab3LXeY3EU9yH4yAcI5Hz7Ng6USirLT2URRSXdM8yC3m5lnJUp1IDllULxEyHAHYbu_uDnOjhrCBO3XEDLUqMedFO1wuHeRRLr0TE-Uy-gk7OZvpcALCb540Dyyk1b2lTGn0Wyhtl5qa-UOKQrb7XZiHnhB0NV7lbIT0T-TXtj8junNyPy20P4Cs8Oc-9RpFwNv34O5QSmcNK94Ci5hXG7Q8%2C.BDe1pxWTmKACjrfMN7BKgWtsC40%2C date Thu, 23 Mar 2023 14:50:14 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	/ lizaonair.com/cors/	5 KB 6 KB	246ms 245ms	Image image/jpeg	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqGi7jPtTYH/media/?size=t&v=3 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 956d1febe5c6575d246f747be58d34a888b5e5f1890b07d6d09e4d92afb8a262 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:14 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 age 4668 content-digest adler32=2559376276 cross-origin-resource-policy same-origin content-length 5261 x-fb-trip-id 2050670934 last-modified Wed, 22 Mar 2023 19:03:51 GMT x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET server cloudflare geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding x-frame-options DENY content-type image/jpeg access-control-allow-origin null access-control-expose-headers accept-ranges,age,alt-svc,cache-control,cf-cache-status,cf-ray,connection,content-digest,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 1672637816 accept-ranges bytes cf-ray 7ac77c4dab08d957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","age":"4668","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-cache-status":"HIT","cf-ray":"7ac77c4ec1b0d957-HEL","connection":"keep-alive","content-digest":"adler32=2559376276","content-length":"5261","content-type":"image/jpeg","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:14 GMT","last-modified":"Wed, 22 Mar 2023 19:03:51 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept-Encoding","x-fb-trip-id":"2050670934","x-frame-options":"DENY","x-needle-checksum":"1672637816","x-storage-error-category":"dfs:none;sc_p:200:WSE_NOT_SET"}
POST H2	204	collect region1.google-analytics.com/g/	0 252 B	131ms 43ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-6TX4G0QLVH&gtm=45je33k0&_p=1436632764&cid=823113174.1679583014&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679583014&sct=1&seg=0&dl=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&dt=%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BF%D0%BE%D0%B1%D0%B5%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%20%D0%B2%20%D0%98%D0%BD%D1%81%D1%82%D0%B0%D0%B3%D1%80%D0%B0%D0%BC%2C%20Youtube%20%D0%B8%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%80%D0%B0%D0%BD%D0%B4%D0%BE%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%E2%84%961&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6TX4G0QLVH&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:14 GMT server Golfe2 content-type text/plain access-control-allow-origin https://lizaonair.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 243 B	136ms 45ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-JCCFKRW5MH&gtm=45je33k0&_p=1436632764&_gaz=1&cid=823113174.1679583014&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1679583014&sct=1&seg=0&dl=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&dt=%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BF%D0%BE%D0%B1%D0%B5%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%20%D0%B2%20%D0%98%D0%BD%D1%81%D1%82%D0%B0%D0%B3%D1%80%D0%B0%D0%BC%2C%20Youtube%20%D0%B8%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%80%D0%B0%D0%BD%D0%B4%D0%BE%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%E2%84%961&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-JCCFKRW5MH&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:14 GMT server Golfe2 content-type text/plain access-control-allow-origin https://lizaonair.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 252 B	224ms 74ms	Ping text/plain	2a00:1450:400c:c06::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JCCFKRW5MH&cid=823113174.1679583014&gtm=45je33k0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-JCCFKRW5MH&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:14 GMT server Golfe2 content-type text/plain access-control-allow-origin https://lizaonair.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.fi/ads/	42 B 408 B	258ms 95ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JCCFKRW5MH&cid=823113174.1679583014&gtm=45je33k0&aip=1&z=168015156 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 205 B	78ms 78ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1436632764&t=pageview&_s=1&dl=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BF%D0%BE%D0%B1%D0%B5%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%20%D0%B2%20%D0%98%D0%BD%D1%81%D1%82%D0%B0%D0%B3%D1%80%D0%B0%D0%BC%2C%20Youtube%20%D0%B8%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%80%D0%B0%D0%BD%D0%B4%D0%BE%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%E2%84%961&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=697994487&gjid=685582515&cid=823113174.1679583014&tid=UA-28308328-1&_gid=1554359247.1679583014&_r=1&gtm=457e33k0&z=1062720825 Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://lizaonair.com/giveaway/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:14 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://lizaonair.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	pageView Show response widget-api.yeps.io/widget/	16 B 1 KB	209ms 108ms	Fetch application/json	2606:4700:20::ac43:4a70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widget-api.yeps.io/widget/pageView Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a70 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3129a3a4d6ecdc707a5b05d71e68654a7a1319580075d70dfe570ab2a060814 Security Headers Name Value Content-Security-Policy default-src https://app.yeps.io/ 'self'; script-src https://app.yeps.io/ 'self' https://*.google-analytics.com https://*.facebook.com https://vk.com https://login.vk.com https://*.pinterest.com https://*.linkedin.com https://checkout.stripe.com https://call.chatra.io https://chat.chatra.io http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io unsafe-eval unsafe-inline; child-src 'self' https://chat.chatra.io https://checkout.stripe.com; img-src https://app.yeps.io/ 'self' https://*.stripe.com https://*.google-analytics.com https://*.doubleclick.net https://cdn.shopify.com https://widget.yeps.io data: blob: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; connect-src * 'self' ws://app.yeps.io/ wss://app.yeps.io/ http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; style-src https://app.yeps.io/ https://fonts.googleapis.com 'self' 'unsafe-inline'; font-src https://app.yeps.io/ https://fonts.gstatic.com https://netdna.bootstrapcdn.com 'self' data: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; frame-ancestors 'self'; frame-src https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'self' https://chat.chatra.io https://checkout.stripe.com Request headers Accept application/json Referer https://lizaonair.com/giveaway/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 23 Mar 2023 14:50:14 GMT content-security-policy default-src https://app.yeps.io/ 'self'; script-src https://app.yeps.io/ 'self' https://*.google-analytics.com https://*.facebook.com https://vk.com https://login.vk.com https://*.pinterest.com https://*.linkedin.com https://checkout.stripe.com https://call.chatra.io https://chat.chatra.io http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io unsafe-eval unsafe-inline; child-src 'self' https://chat.chatra.io https://checkout.stripe.com; img-src https://app.yeps.io/ 'self' https://*.stripe.com https://*.google-analytics.com https://*.doubleclick.net https://cdn.shopify.com https://widget.yeps.io data: blob: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; connect-src * 'self' ws://app.yeps.io/ wss://app.yeps.io/ http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; style-src https://app.yeps.io/ https://fonts.googleapis.com 'self' 'unsafe-inline'; font-src https://app.yeps.io/ https://fonts.gstatic.com https://netdna.bootstrapcdn.com 'self' data: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; frame-ancestors 'self'; frame-src https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'self' https://chat.chatra.io https://checkout.stripe.com content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods POST content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXkzGzkZAPnnmPWaTRB%2FLmmHXQKTUuOwCVLCj9K46c80NSgkSZVfxHZPxdzeDUqygoIa17takSzLhjzETxhLgd%2BLLWY0tH%2Bu0nlpGV%2BkUQdjLYVNPVXYKFrfWd7vzhIYt25BSJEIwf0Fu77YpBifxA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 7ac77c4f3f7ffe54-HEL access-control-allow-headers Content-Type, Content-Length, X-Requested-With
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 151 B	119ms 75ms	XHR text/plain	2a00:1450:400c:c06::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-28308328-1&cid=823113174.1679583014&jid=697994487&gjid=685582515&_gid=1554359247.1679583014&_u=YADAAUAAAAAAACAAI~&z=1467230246 Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://lizaonair.com/giveaway/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Thu, 23 Mar 2023 14:50:14 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://lizaonair.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ lizaonair.com/cors/	4 KB 6 KB	320ms 319ms	Image image/webp	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqFxcjhA6Ge/media/?size=t&v=3 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 875ca9903f781e44fcb70236d70ad362d16391b89ea938e58980c20bab2321db Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:14 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 cf-polished qual=85, origFmt=jpeg, origSize=5074 content-digest adler32=3525953782 cross-origin-resource-policy same-origin content-disposition inline; filename="337350917_904270847511598_618505340157925446_n.webp" content-length 4566 x-fb-trip-id 1814657579 last-modified Wed, 22 Mar 2023 12:10:07 GMT cf-bgj imgq:85,h2pri server cloudflare x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET geo-city Helsinki geo-lon 24.87080 vary Accept, Accept-Encoding x-frame-options DENY content-type image/webp access-control-allow-origin null access-control-expose-headers accept-ranges,alt-svc,cache-control,cf-bgj,cf-cache-status,cf-polished,cf-ray,connection,content-digest,content-disposition,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 1010155202 accept-ranges bytes cf-ray 7ac77c4f0ddfd957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-bgj":"imgq:85,h2pri","cf-cache-status":"HIT","cf-polished":"qual=85, origFmt=jpeg, origSize=5074","cf-ray":"7ac77c50725dd957-HEL","connection":"keep-alive","content-digest":"adler32=3525953782","content-disposition":"inline; filename=\"337350917_904270847511598_618505340157925446_n.webp\"","content-length":"4566","content-type":"image/webp","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:14 GMT","last-modified":"Wed, 22 Mar 2023 12:10:07 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-needle-checksum":"1010155202","x-storage-error-category":"dfs:none;sc_p:200:WSE_NOT_SET"}
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	265ms 96ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28308328-1&cid=823113174.1679583014&jid=697994487&_u=YADAAUAAAAAAACAAI~&z=1354618960 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.fi/ads/	42 B 107 B	114ms 96ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28308328-1&cid=823113174.1679583014&jid=697994487&_u=YADAAUAAAAAAACAAI~&z=1354618960 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1c0942547d39e10f5f56.js Show response yastatic.net/partner-code-bundles/741854/	14 KB 5 KB	262ms 137ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/741854/1c0942547d39e10f5f56.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js?_=1679583013408 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 1a46091c13b87ebc7dec600c22d945afc8f302d77ef42cd14af6aa3ed2eda364 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://lizaonair.com/giveaway/ Origin https://lizaonair.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:14 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 4802 last-modified Mon, 20 Mar 2023 17:31:39 GMT server nginx/1.17.9 etag "335eed275bf4fcdb085b892f6cfe212f" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Sat, 22 Mar 2053 21:24:12 GMT
GET H2	200	b73ad5bad35108f49f3c.js Show response yastatic.net/partner-code-bundles/741854/	112 KB 24 KB	288ms 164ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/741854/b73ad5bad35108f49f3c.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js?_=1679583013408 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash ed43154d41004ca7c361eb62ded5b54e230d49256cc7d08d7a038127d5adf2e1 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://lizaonair.com/giveaway/ Origin https://lizaonair.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:14 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 24291 last-modified Mon, 20 Mar 2023 17:31:39 GMT server nginx/1.17.9 etag "4e7c229ab8de735168aa161ed2b965d4" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Sat, 22 Mar 2053 21:24:50 GMT
GET H2	200	host.js Show response yastatic.net/safeframe-bundles/0.83/	33 KB 9 KB	305ms 182ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/safeframe-bundles/0.83/host.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js?_=1679583013408 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://lizaonair.com/giveaway/ Origin https://lizaonair.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:14 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 8878 last-modified Wed, 03 Nov 2021 13:42:58 GMT server nginx/1.17.9 etag "f80882bf67cf261aa08d636da095149a" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Sat, 22 Mar 2053 21:21:14 GMT
GET H2	200	text-variable-full.woff2 yastatic.net/s3/home/fonts/ys/3/	25 KB 26 KB	229ms 110ms	Font font/woff2	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2 Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js?_=1679583013408 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://lizaonair.com/giveaway/ Origin https://lizaonair.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:14 GMT strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 26004 x-amz-meta-owner {"role":"admin","login":"4eb0da"} last-modified Mon, 25 Apr 2022 14:02:39 GMT server nginx/1.17.9 etag "7f0cdaf91230f9789ca4162aedff612e" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31556952 x-nginx-request-id 1786af9ac8fb344a accept-ranges bytes timing-allow-origin * expires Fri, 22 Mar 2024 20:34:26 GMT
GET H2	200	07cea2bf8567304efc16.js Show response yastatic.net/partner-code-bundles/741854/	23 KB 8 KB	307ms 190ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/741854/07cea2bf8567304efc16.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js?_=1679583013408 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 69ec7de048d51d58f50177971f6a1727560be8dc3131c8c558498c07bc2d8e95 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://lizaonair.com/giveaway/ Origin https://lizaonair.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:14 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 7922 last-modified Mon, 20 Mar 2023 17:31:39 GMT server nginx/1.17.9 etag "eea7e55b0209fbfbefb31468e5ec834c" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Sat, 22 Mar 2053 21:24:31 GMT
GET H2	200	2ec9a88e40a26b53acde.js Show response yastatic.net/partner-code-bundles/741854/	7 KB 3 KB	307ms 191ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/741854/2ec9a88e40a26b53acde.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js?_=1679583013408 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash b7d42d174e12b5c47a1d62d392195b609d7186d8d70966816178daae59871721 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://lizaonair.com/giveaway/ Origin https://lizaonair.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:14 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 2065 last-modified Mon, 20 Mar 2023 17:31:39 GMT server nginx/1.17.9 etag "2b341acc3fbfa76f543a9657ebc80a1b" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Sat, 22 Mar 2053 21:24:39 GMT
GET H2	200	1c75991f19b9bf8bdb79.js Show response yastatic.net/partner-code-bundles/741854/	582 KB 111 KB	80ms 79ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/741854/1c75991f19b9bf8bdb79.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js?_=1679583013408 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash f480ea18e31386000ae16ec588abb7c6e77f593ab828ab41d420055850905349 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://lizaonair.com/giveaway/ Origin https://lizaonair.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:14 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 113370 last-modified Mon, 20 Mar 2023 17:31:39 GMT server nginx/1.17.9 etag "bf2820e137c8e8059c932e6e9d07d96e" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Sat, 22 Mar 2053 21:24:18 GMT
GET H2	200	493699 Show response yandex.ru/ads/meta/	79 KB 26 KB	226ms 224ms	XHR application/json	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/meta/493699?target-ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C63%3B740570%2C0%2C4%3B739448%2C0%2C13%3B725915%2C0%2C53%3B735207%2C0%2C38%3B734893%2C0%2C53%3B739440%2C0%2C33%3B736883%2C0%2C10%3B681845%2C0%2C96&pcode-flags-map=eJydWNty2zYQ%2FZWO%2BppJeQVFv4EkKGFEEiwAWlEyGYwSK7Y6vnQcO3Gdyb93AVA2KdlQ2ifTlPZgsXt296x%2BTE6xUGLOlgoXqsIZqVTJuKKNynDTED45%2BfBj8m19eb%2BZnEwk78jkzeRu8%2FWOnsH%2FCIVhlEx%2BfnzzDNNyVnS5FIo1qsWdIE6ExE%2Bj0CKQBmcVUSRn9TNIRYXUzpzSgjD9AJ9mTGFej2A3D3%2FvocZhbFALKgxszrpGKk4KykmuIXHbuj0LvCgKnu4GF1F1V0nKWVUBWiP1A%2BFqiWU%2BJ4WStCaKlaUg0o0bBl7yHLOsk5Lpa1VsHOvfw%2BTL2A6lMTJ2bc4KMrI0ORvH6FfBTOKkidEp4YKyZmSZREEIYRjaRlGIbGC6hlYMF8Sej%2BtRRO9u7zcDsyiYhqlnzSCWQhiS7dnsJ3JgBPQUhDSKZYLw0z1ibq7Xny43I0vwMbVhLuk7VcNZc0Jnc6ka6T4yisPUN4Yr3BTkneKdKliNaeMyi70kCNHTeRlnC3AWzlIzTgunpZ%2FEU%2FTigQrYKznNnOaB76HImL8nTaDKDvi5pIWcK1rjGXHaRn409Z5td8WSMa6TynFBO%2FHbLyKssPbbOqxwtcQr4bYMkz7ORdlCZYqWNUAMXUesG9dQ4Hne2DbywmhQC7k2baT7vBhgeiqVDKJMNHd35ynyzkkLODJJgkNzWurGudRFBOz8Pwg7B05x1Y2yFXovW1cE80bVjEPFYk7x3r1HxRrHntdHueWUcSpXKltBqyDLlnF3wFCC%2Btrb8aJvnrngTsPUT6YDRlKhcsw5kwrnOWRJOLpEnIax749sDYsFUFrOdZhaXBS0mblBojiynpu2D1SWq5ao0O11NE3iQXpqnkOcBM1oBVFzH5cm6FVLPQjziuaLI6fvMMyUscNXQYMtKQwXqi9R4txdzek06CeL9aMHsXNBMk3UtsKrDOeLwQRzQSIviMJglI45MQ0fJikRdOZkPPLjANk8NGQJJiVU%2BVxVbEZzt9007FsauFlSXmvOctLsJk3LSeZuqgi6YuCPyAtThwOTQAXAvIYI6EYpcq5nihDO2kd%2B6kfRCGxOpfFkAALxWEjmBgqTIAiHamdP1xSkxJB%2BeFHShkoCbM8XIKuchYqi2ENo5J6oMZfqz450RIMfu1%2BMEIqf1ICcc9Bxe54RKGCuqUwbaFQUhnF1xKvET3rq5BhGEmv6BOJSFyQtOQbBZOSDO5PJNEXpk24oOQWYaqWsvZYQrftyY%2FtsoQR976wjhNKwT%2FfAQhzTWAfnppGXPKFA0y40glO3IjSNkL9%2FsqpBtWL3WUHg2VgPCKmFxy%2BxcooiP9yVG8xvUN5wVSCNAq1qBYVpYFYbHK4FB3jJNDy8hZy57wBpmvrD2tA9wzaZF0Jv5sGxPQClAerVia0IsaCtktw0wGMtGaWwmljjvaPLimm5Wyjr6BGQaV8Fr4EYco0wvmwf1NX6QV1stucXd6%2FAmQ1GLUiGMwWK07kOeTDaRqVoq3k5B5YMCNPAiDYNd9ZBe9cLBjTdnNBTd4Umvhf1k5NzZTu97ECi2Eo3gTZNpZvNjyyDgGRLtcLvV6Y5KCPwhmY%2FJl82d58v6vXt%2BfZ6cuLHIJOubj5tLzfi8%2Fpye30%2BOQl%2BjlBjmIsDEti2CHpPZZVmgt4xhwd8mFytt5dvb%2B%2FBt3%2FW12ebB3j%2BY3u1Pt98Hb06X1%2BZN2ePm2v79fW37d2Nfbx6O%2Fjn7Hrbv9XITwjw4nb9eHnzeNF%2F%2FHhr%2F97frt9eb75%2FPfjCX%2Bubq60x%2FfjyFYcV95xad%2FrQjucjY81PfCTxYOnvtx3cgdTIK7a3%2BcNqPF6vYUOzpGmwBIpBl%2BOzvtcpiWfO5QEmSzBolCUBunKCcwnr6xHDOPSCQ41Emxa0gRZJ%2F1EhwSYdoumrgINWBr3HnYdnpGEbNvLXpmSn4Econ%2B8ux9u5FyfeAYqe6DvJpru6EyJMo8g6ImdMa3cGQa60qIDmAZDQeECBO%2B8SwBJgsytALBDzyxC0vpYJeSyesKb11QoDyO76SpIa8iKJ2%2B1omtox9rRMmrCZw3PGYd%2FCcv%2F3jdA7uLqO3s9%2FAXvrnoM%3D&pcode-icookie=dcvc%2BLNB6fnjWf1tASWyu3szKbKUYENFNlvPxNSAd%2BkNSFgHPQ%2FEriewdKisNHRbkpB6wjnCa3kAA4yYje84%2Fkow7Kg%3D&duid=MTY3OTU4MzAxNDU1NDEwMzg4Ng%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=262783279038466&ad-session-id=9900041679583014503&target-id=40849983&tga-with-creatives=1&top-ancestor=https%3A%2F%2Flizaonair.com&top-ancestor-undetermined=0&pcode-version=741854&pcodever=741854&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A328%2C%22h%22%3A199%2C%22width%22%3A328%2C%22height%22%3A199%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1592%2C%22top%22%3A991%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=1700&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1MDJ9CjqpNJEkuesiBNTZo0wuPL9MXqZbdP36ff-Sdemi-tyVm_C7jauNl6qm644jS_7tWL_pvi79ekBfjxvHadK0-gP6PKAXaAszD96uXR2L6qdpeYgRI4QRRvBxq1AtGBVyZVhwdgW4Mk7DrJAq24J9IJYF5K6cXYGoTAv_beyKZcE5CGqyQeh2s8VzV_auUCva8TFzPVrBh2RXQCuzsg6DXpk7Y2Y-FaOi5i5GxXxEgICBIiWVgjg8b7rbmcEM2-jePhg0z2mLyF2-FhkkQffaErS5SaXAbilixDKpjKTkYVSMH_hTC4YF82_Q73rucLLjmA_EOGZw5FrBw66QLShmhHceCfV1EC2gH4NUIlxO28sT7SkUjnBMr31vl2CEc7e-Re7ibfck3d-8vKhzzAhXm8fKd6c_bH8TDYK5eItbSCtgFp4F1Adnf3ALP8fj3CX8_YfZI0ae1pyXladllw7lynkuhWU4dMsiv-smJamAF3iqQI9tQSdnb_DJUPLv3EI9IKZJ-Mj3tqJmzJx_gGhGBHOTxoTND6KYcC5RFLfRghmBIwWP5eb12J9tbW_5kzgVTSd0B79Ie7rDq8B1nThVm-mg-e5Njaf7oZmHo_tbscl4m-_8Et6z439MWNRDKG5yr5hPZniBdCO74u-Z5jg-7D-Fnb9evhIlY55SiM0p0cxCC5aFa8HM6bBKm6zFIfyoAvJhoZWPSFO5ehfB5PK6K3Jop1GwaqLoIHTK7RLq9uaas1I2dAuq3aeu5lD5m-SmujBPyv457FyFW9Gz1fNmrMKbTQHJmJRbOxhwV_fWcBP6q0FXfgJBATA4UKL0Nuy-_x2dxGCticZyT51nqKt1VycbcOcpQW9tuicgGKLZk73sRliKbW8Abz-yyRhvBWimIQ0qXqGqtlWwdFIYIavItCmBVy50WllP1BL37Fh58cLXsE31yk32seNmqDa6ERlSVi1GRdM2w8hjk-EQCW0k8qz11eUHo4RTVtjADgXc7dm--Gwg2fzOm654BUFCtyKVxxT6Tl3PgZAsqRamvqI4KeUk59qHZxdocGXt7K7B95INSlZ8JN0l2iu46nurXaOTwuFvxnL-eZg5y-1_GVILXGHhWLTqpSnl5o9QkJWZGoKaOTqlTBbOLzch_uIu4u4wWI5DnHq9XbGc4JCoNIqX20ZY2Eypm-6BpJEicjp2-MuLMoiedxDti2waaRwrllPUctv9TiODZymWEwjSSEMC6_U68C_HhJIIgKDgj01iuFB8lWueGXQ9hju9109RSru_JCKLDEc2lXq6WBwZKMdYLo7AC9VoeqMc3TGNHsXC7vr0B0vE_QnhmIHImU1v-Gt4H3SkqlXMtjGS2G7tCeG3R_89E1ZvIZjAtVtiIqUTy_XYhfbzJa9-djnnjXroNJKCJZNJJTLZHxRyg-Cnm9s9oghR5noXk4Lnqc1WbB81HQw9tVAMb189CY8PXlGsCPQVTnHvgg2G7QxvOjf5-vlg0GDltlykaSRFedHIl1NAtug18nJbexFt-Daf38u2i9byclp79wsH3YWYT6eg4EhkUhIUHLALXXK62uAXZFezNwoOQo0nynfxBxGoJZoJj2DyHDosyNP1DQf42eLl_ulFMIoKFxQggA%3D%3D&uniformat=true&callback=Ya%5B3060515759435%5D Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 643bc20f01a3f08662cfab16705e5013440033e0944d0d1cda5c30cb10c5be25 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://lizaonair.com/giveaway/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 23 Mar 2023 14:50:14 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} ssr true x-yandex-req-id 1679583014541025-2608412883150677307-vla1-3230-vla-l7-balancer-8080-BAL-2276 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" uniformat-product-type Direct x-xss-protection 1; mode=block pragma no-cache last-modified Thu, 23 Mar 2023 14:50:14 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT uniformat true report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type application/json access-control-allow-origin https://lizaonair.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Thu, 23 Mar 2023 14:50:14 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/11815663/	43 B 459 B	62ms 61ms	XHR image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/11815663/1?page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&charset=utf-8&hittoken=1679583013_b327d3d74f5cd0393766664ef93338b8d51752104a2f3d4e1d2b15d0849eb392&browser-info=pa%3A1%3Aar%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A1%3Adp%3A1%3Als%3A1039159618746%3Ahid%3A727852081%3Az%3A0%3Ai%3A20230323145014%3Aet%3A1679583015%3Ac%3A1%3Arn%3A389849124%3Arqn%3A2%3Au%3A1679583014554103886%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679583012478%3Aadb%3A2%3Ast%3A1679583015&t=gdpr(14)clc(0-0-0)rqnt(2)aw(1)ecs(0)ti(2) Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://lizaonair.com/giveaway/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:14 GMT strict-transport-security max-age=31536000 last-modified Thu, 23-Mar-2023 14:50:14 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://lizaonair.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Thu, 23-Mar-2023 14:50:14 GMT
GET H2	200	/ lizaonair.com/cors/	8 KB 9 KB	280ms 280ms	Image image/jpeg	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqFtULsp5cT/media/?size=t&v=3 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash adf111a2bd0a28686804f1cbdfef5618a7094a0f1cb85257ee476c6cef1575d6 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:14 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 cf-polished degrade=85, origSize=7892, status=webp_bigger content-digest adler32=3102062607 cross-origin-resource-policy same-origin content-length 7785 x-fb-trip-id 1814657579 last-modified Wed, 22 Mar 2023 11:17:38 GMT cf-bgj imgq:85,h2pri server cloudflare x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding x-frame-options DENY content-type image/jpeg access-control-allow-origin null access-control-expose-headers accept-ranges,alt-svc,cache-control,cf-bgj,cf-cache-status,cf-polished,cf-priority,cf-priority-change,cf-ray,connection,content-digest,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 3735297017 accept-ranges bytes cf-ray 7ac77c50d94cd957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-bgj":"imgq:85,h2pri","cf-cache-status":"HIT","cf-polished":"degrade=85, origSize=7892, status=webp_bigger","cf-priority":"50/0","cf-priority-change":"260:30/0,783:20/1,2925:10/1","cf-ray":"7ac77c51e2dfd957-HEL","connection":"keep-alive","content-digest":"adler32=3102062607","content-length":"7785","content-type":"image/jpeg","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:14 GMT","last-modified":"Wed, 22 Mar 2023 11:17:38 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept-Encoding","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-needle-checksum":"3735297017","x-storage-error-category":"dfs:none;sc_p:200:WSE_NOT_SET"}
GET H2	200	/ lizaonair.com/cors/	5 KB 6 KB	272ms 271ms	Image image/webp	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqFrtdjqL3C/media/?size=t&v=3 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90d3e3178c001c0d3a9f108adf3b5ae6496d9007c47308c4493ced6281d4d21a Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers x-haystack-needlechecksum 2618061686 date Thu, 23 Mar 2023 14:50:14 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 cf-polished qual=85, origFmt=jpeg, origSize=5585 content-digest adler32=4113950891 cross-origin-resource-policy same-origin content-disposition inline; filename="336956245_1604551310061055_3885205150392571893_n.webp" content-length 5080 x-fb-trip-id 1814657579 last-modified Wed, 22 Mar 2023 11:02:23 GMT cf-bgj imgq:85,h2pri server cloudflare x-storage-error-category dfs:none;hs_p:200:HS_ESUCCESS geo-city Helsinki geo-lon 24.87080 vary Accept, Accept-Encoding x-frame-options DENY content-type image/webp access-control-allow-origin null access-control-expose-headers accept-ranges,alt-svc,cache-control,cf-bgj,cf-cache-status,cf-polished,cf-ray,connection,content-digest,content-disposition,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-haystack-needlechecksum,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 2579422490 accept-ranges bytes cf-ray 7ac77c523c2dd957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-bgj":"imgq:85,h2pri","cf-cache-status":"HIT","cf-polished":"qual=85, origFmt=jpeg, origSize=5585","cf-ray":"7ac77c535384d957-HEL","connection":"keep-alive","content-digest":"adler32=4113950891","content-disposition":"inline; filename=\"336956245_1604551310061055_3885205150392571893_n.webp\"","content-length":"5080","content-type":"image/webp","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:14 GMT","last-modified":"Wed, 22 Mar 2023 11:02:23 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-haystack-needlechecksum":"2618061686","x-needle-checksum":"2579422490","x-storage-error-category":"dfs:none;hs_p:200:HS_ESUCCESS"}
OPTIONS H2	200	event_confirmation an.yandex.ru/ Frame	0 0	193ms 63ms	Preflight	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://lizaonair.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://lizaonair.com access-control-max-age 1728000 content-encoding gzip date Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 timing-allow-origin * x-xss-protection 1; mode=block
POST H2	200	event_confirmation Show response an.yandex.ru/	0 51 B	202ms 69ms	XHR text/plain	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://lizaonair.com/giveaway/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://lizaonair.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT
GET H2	200	493699 Show response mc.yandex.ru/watch/	399 B 725 B	59ms 58ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/493699?wmode=7&page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A3%3Adp%3A1%3Als%3A87238408125%3Ahid%3A727852081%3Az%3A0%3Ai%3A20230323145014%3Aet%3A1679583015%3Ac%3A1%3Arn%3A742380281%3Au%3A1679583014554103886%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679583012478%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679583015%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BF%D0%BE%D0%B1%D0%B5%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%20%D0%B2%20%D0%98%D0%BD%D1%81%D1%82%D0%B0%D0%B3%D1%80%D0%B0%D0%BC%2C%20Youtube%20%D0%B8%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%80%D0%B0%D0%BD%D0%B4%D0%BE%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%E2%84%961&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)ecs(0)ti(2) Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 6082237ce3fcad45e49be22d2e8f9c59cd8b8d6f81d87514148fef9949d8decb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:14 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Thu, 23-Mar-2023 14:50:14 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://lizaonair.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 399 x-xss-protection 1; mode=block expires Thu, 23-Mar-2023 14:50:14 GMT
GET H2	200	wy300 avatars.mds.yandex.net/get-direct/5265737/i1lroJlTZZP8iWB5WmNHsg/	34 KB 35 KB	265ms 126ms	Image image/webp	2a02:6b8::184 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://avatars.mds.yandex.net/get-direct/5265737/i1lroJlTZZP8iWB5WmNHsg/wy300 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx / Resource Hash 81f006bd79dfb014c152aaac0c89feeaad3f4bb1e4efcc2e9b9d83c48936d913 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:15 GMT last-modified Mon, 30 Jan 2023 11:27:44 GMT server nginx nel {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01} report-to {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]} content-type image/webp access-control-allow-origin * cache-control max-age=31536000,immutable access-control-allow-credentials true content-length 35020 x-request-id 4495209ee42a4dc1
GET H/1.1	200 Ok	keturah-reserve.com favicon.yandex.net/favicon/	1 KB 1 KB	209ms 69ms	Image image/png	2a02:6b8::36 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://favicon.yandex.net/favicon/keturah-reserve.com?size=32&stub=2 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash dac9aa3fcf06146f1b5546d54559467475a9785aa01d64c5f22e7c3f90839794 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers access-control-allow-origin * Cache-Control max-age=691200 X-Content-Type-Options nosniff Transfer-Encoding chunked X-XSS-Protection 1; mode=block Content-Type image/png
GET H2	200	render.html Show response yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 7709	24 KB 7 KB	167ms 58ms	Document text/html	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html Requested by Host: yastatic.net URL: https://yastatic.net/safeframe-bundles/0.83/host.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://lizaonair.com/giveaway/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control public, max-age=946708560 content-encoding br content-length 6262 content-type text/html date Thu, 23 Mar 2023 14:50:15 GMT etag "eb77de48712912aadc9aa8171ac75ede" expires Sat, 22 Mar 2053 21:21:16 GMT last-modified Wed, 03 Nov 2021 13:42:58 GMT nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} server nginx/1.17.9 strict-transport-security max-age=43200000; includeSubDomains; timing-allow-origin * vary Accept-Encoding x-robots-tag noindex, noarchive, nofollow
POST H2	200	1 Show response mc.yandex.ru/watch/493699/	43 B 74 B	64ms 63ms	XHR image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/493699/1?page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&charset=utf-8&cnt-class=1&hittoken=1679583014_55baa3379eba2c4028cfe09e3dd58981686f5f78cd16093b12c4aa6b8531220b&browser-info=pa%3A1%3Aar%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A792%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A3%3Adp%3A1%3Als%3A87238408125%3Ahid%3A727852081%3Az%3A0%3Ai%3A20230323145014%3Aet%3A1679583015%3Ac%3A1%3Arn%3A347384218%3Arqn%3A1%3Au%3A1679583014554103886%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C226%2C42%2C380%2C380%2C1%2C316%2C1%2C%2C%2C%2C965%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679583012478%3Aadb%3A2%3Ast%3A1679583015&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(5500)aw(1)ecs(0)ti(2) Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://lizaonair.com/giveaway/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:14 GMT strict-transport-security max-age=31536000 last-modified Thu, 23-Mar-2023 14:50:14 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://lizaonair.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Thu, 23-Mar-2023 14:50:14 GMT
GET H2	200	493699 Show response mc.yandex.ru/watch/	43 B 74 B	70ms 69ms	XHR image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/493699?page-url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&charset=utf-8&cnt-class=1&hittoken=1679583014_55baa3379eba2c4028cfe09e3dd58981686f5f78cd16093b12c4aa6b8531220b&browser-info=pv%3A1%3Aar%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A3%3Adp%3A1%3Als%3A87238408125%3Ahid%3A727852081%3Az%3A0%3Ai%3A20230323145014%3Aet%3A1679583015%3Ac%3A1%3Arn%3A877117321%3Arqn%3A2%3Au%3A1679583014554103886%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679583012478%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679583015%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BF%D0%BE%D0%B1%D0%B5%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%20%D0%B2%20%D0%98%D0%BD%D1%81%D1%82%D0%B0%D0%B3%D1%80%D0%B0%D0%BC%2C%20Youtube%20%D0%B8%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%80%D0%B0%D0%BD%D0%B4%D0%BE%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%E2%84%961&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(5500)aw(1)ecs(0)ti(2) Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:14 GMT strict-transport-security max-age=31536000 last-modified Thu, 23-Mar-2023 14:50:14 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://lizaonair.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Thu, 23-Mar-2023 14:50:14 GMT
GET H2	200	/ lizaonair.com/cors/	6 KB 7 KB	344ms 344ms	Image image/webp	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqFd7YhtAJf/media/?size=t&v=3 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b40aefadf9bdc5df4ee7f917e8248e8938cdc17bac4692fcce5b9057c4fc4720 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers x-haystack-needlechecksum 3143393144 date Thu, 23 Mar 2023 14:50:15 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 cf-polished qual=85, origFmt=jpeg, origSize=6449 content-digest adler32=3766454678 cross-origin-resource-policy same-origin content-disposition inline; filename="336948733_950638022611411_2924038772381777367_n.webp" content-length 5920 x-fb-trip-id 1814657579 last-modified Wed, 22 Mar 2023 09:00:53 GMT cf-bgj imgq:85,h2pri server cloudflare x-storage-error-category dfs:none;hs_p:200:HS_ESUCCESS geo-city Helsinki geo-lon 24.87080 vary Accept, Accept-Encoding x-frame-options DENY content-type image/webp access-control-allow-origin null access-control-expose-headers accept-ranges,alt-svc,cache-control,cf-bgj,cf-cache-status,cf-polished,cf-ray,connection,content-digest,content-disposition,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-haystack-needlechecksum,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 712835910 accept-ranges bytes cf-ray 7ac77c53df8ed957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-bgj":"imgq:85,h2pri","cf-cache-status":"HIT","cf-polished":"qual=85, origFmt=jpeg, origSize=6449","cf-ray":"7ac77c55343ed957-HEL","connection":"keep-alive","content-digest":"adler32=3766454678","content-disposition":"inline; filename=\"336948733_950638022611411_2924038772381777367_n.webp\"","content-length":"5920","content-type":"image/webp","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:15 GMT","last-modified":"Wed, 22 Mar 2023 09:00:53 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-haystack-needlechecksum":"3143393144","x-needle-checksum":"712835910","x-storage-error-category":"dfs:none;hs_p:200:HS_ESUCCESS"}
OPTIONS H2	200	event_confirmation an.yandex.ru/ Frame	0 0	60ms 60ms	Preflight	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://lizaonair.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://lizaonair.com access-control-max-age 1728000 content-encoding gzip date Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 timing-allow-origin * x-xss-protection 1; mode=block
POST H2	200	event_confirmation Show response an.yandex.ru/	0 393 B	142ms 66ms	XHR text/plain	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://lizaonair.com/giveaway/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://lizaonair.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT
GET H2	200	1U4h42kp0VK100000000U9nJLDF_jJb0Bi_6y2sdh-ogvUk4BTNIPL8OWC0J9XAQzU6XPMnp1pj3AYDGFFCjvrz1a7WfY5VxLuE1ePKHH7Q2-430n32JyPyPXBsGyGOBXBMISI9KVY_ZNJi9XgDW_bb6Pg38LKQGr5r61Xa6Xh-CivWO6EOoWKJEClq7WbTC0dSNA... Show response yandex.ru/an/rtbcount/	43 B 389 B	61ms 61ms	XHR image/gif	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/an/rtbcount/1U4h42kp0VK100000000U9nJLDF_jJb0Bi_6y2sdh-ogvUk4BTNIPL8OWC0J9XAQzU6XPMnp1pj3AYDGFFCjvrz1a7WfY5VxLuE1ePKHH7Q2-430n32JyPyPXBsGyGOBXBMISI9KVY_ZNJi9XgDW_bb6Pg38LKQGr5r61Xa6Xh-CivWO6EOoWKJEClq7WbTC0dSNARMyvMHaMFNuSygaxwmCVvb0sbgPMO5aBxCYa9pA3D8mbva9P1MGL03PnBAHEJrFkhI4EQNp93FCfrV1Ak-2oP_C3axy48Uoi1OrWbahMFxbRc1XtC72T825wGBBkGUpJotzVMIv-4seHpxOFsIP-F7MqvCRhjY_PG5vOW4hvqdMrXTSOEaBh0qD3ImtMTLcy-meFDFO-9KLv8SEjWQM2MpBxhsOttsgVRlD3BQF1xOmBc3RFsFAXDiBVtGAhMI36Nc0BUO46yiZDjuWSrUhb8mSTsE3ydJpbsmmot_2MHFP9IDZFQxtlRMVnSvcRc9eOMgoWPrf1plF2NRn1-mhh_sUyt5Pxt6Z7-my2pZ-vQxWkC6vWMCYymuEHW1gxQ4g Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://lizaonair.com/giveaway/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679583015067287-8094882140381415994-vla1-3230-vla-l7-balancer-8080-BAL p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-xss-protection 1; mode=block pragma no-cache last-modified Thu, 23 Mar 2023 14:50:15 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type image/gif access-control-allow-origin https://lizaonair.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Thu, 23 Mar 2023 14:50:15 GMT
GET H/1.1	200 Ok	d.png ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 7709	95 B 400 B	224ms 59ms	Image image/png	2a02:6b8::5:114 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.14.2 / Resource Hash 18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Thu, 23 Mar 2023 14:50:15 GMT Strict-Transport-Security max-age=315360000; includeSubDomains Server nginx/1.14.2 X-RT-IH 0.0001 Content-Type image/png Cache-Control private Connection close X-RT-IQ 0.0001 Content-Length 95 Expires Fri, 24 Mar 2023 14:50:15 GMT
GET H2	200	bd3cf9b4f0686e8f37113d an.yandex.ru/mapuid/arcspireis/ Frame 7709 Redirect Chain https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 https://an.yandex.ru/mapuid/arcspireis/bd3cf9b4f0686e8f37113d	43 B 80 B	70ms 69ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/arcspireis/bd3cf9b4f0686e8f37113d Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT Redirect headers location https://an.yandex.ru/mapuid/arcspireis/bd3cf9b4f0686e8f37113d date Thu, 23 Mar 2023 14:50:14 GMT x-envoy-upstream-service-time 0 server envoy content-length 0
GET H2	200	1503420A29671C64B406988802FA58D8 an.yandex.ru/mapuid/sapeis/ Frame 7709 Redirect Chain https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 https://acint.net/rmatch?dp=14&euid=3403420A2A671C6449002B0102D26E6E&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D https://an.yandex.ru/mapuid/sapeis/1503420A29671C64B406988802FA58D8	43 B 152 B	67ms 67ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/sapeis/1503420A29671C64B406988802FA58D8 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:18 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:18 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:18 GMT Redirect headers date Thu, 23 Mar 2023 14:50:18 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" location https://an.yandex.ru/mapuid/sapeis/1503420A29671C64B406988802FA58D8 content-type text/html cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 154 expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	ae5b0ba3-e184-5252-b7bf-74b1d3a31396 an.yandex.ru/mapuid/betweendigitalis/ Frame 7709 Redirect Chain https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 https://an.yandex.ru/mapuid/betweendigitalis/ae5b0ba3-e184-5252-b7bf-74b1d3a31396	43 B 80 B	71ms 66ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/betweendigitalis/ae5b0ba3-e184-5252-b7bf-74b1d3a31396 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT Redirect headers location https://an.yandex.ru/mapuid/betweendigitalis/ae5b0ba3-e184-5252-b7bf-74b1d3a31396 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame 7709 Redirect Chain https://yandex.ru/an/mapuid/adobedmp/ https://dpm.demdex.net/ibs:dpid=423652&dpuuid=8528AF8F5792EF3A https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=8528AF8F5792EF3A	42 B 942 B	86ms 86ms	Image image/gif	52.51.195.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=8528AF8F5792EF3A Protocol HTTP/1.1 Server 52.51.195.137 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-51-195-137.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v046-05f641722.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID VDOolyGOSbY= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-2-v046-04caab9e7.edge-irl1.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID CGqdQS3FQ8o= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=8528AF8F5792EF3A Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	match match.360yield.com/ul_cb/ Frame 7709 Redirect Chain https://yandex.ru/an/mapuid/azerionis/ https://match.360yield.com/match?external_user_id=1A90FF6CBE43D7F&publisher_dsp_id=429&publisher_call_type=redirect https://match.360yield.com/ul_cb/match?external_user_id=1A90FF6CBE43D7F&publisher_dsp_id=429&publisher_call_type=redirect	43 B 198 B	84ms 84ms	Image image/gif	54.194.216.88 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.360yield.com/ul_cb/match?external_user_id=1A90FF6CBE43D7F&publisher_dsp_id=429&publisher_call_type=redirect Protocol H2 Server 54.194.216.88 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-216-88.eu-west-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers access-control-allow-origin * date Thu, 23 Mar 2023 14:50:15 GMT content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers location https://match.360yield.com/ul_cb/match?external_user_id=1A90FF6CBE43D7F&publisher_dsp_id=429&publisher_call_type=redirect date Thu, 23 Mar 2023 14:50:15 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	/ yandex.ru/an/mapuid/behaviorx/ Frame 7709	0 0	69ms 60ms	Image text/html	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://yandex.ru/an/mapuid/behaviorx/ Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers
GET H2	200	match ads.betweendigital.com/ Frame 7709 Redirect Chain https://yandex.ru/an/mapuid/betweenx/ https://ads.betweendigital.com/match?bidder_id=161&external_user_id=6A6C08DCE688403D https://ads.betweendigital.com/match?bidder_id=161&external_user_id=6A6C08DCE688403D&crf=1	68 B 607 B	77ms 77ms	Image image/png	188.42.196.115 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://ads.betweendigital.com/match?bidder_id=161&external_user_id=6A6C08DCE688403D&crf=1 Protocol H2 Server 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 68 content-type image/png Redirect headers location /match?bidder_id=161&external_user_id=6A6C08DCE688403D&crf=1 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H/1.1	204 No Content	pixel im.bluevoox.com/ Frame 7709 Redirect Chain https://yandex.ru/an/mapuid/blueseaxcom/ https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=3EE5C38A27B8BA32	0 241 B	454ms 147ms	Image text/plain	52.45.175.185 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=3EE5C38A27B8BA32 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol HTTP/1.1 Server 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-175-185.compute-1.amazonaws.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Connection close Date Thu, 23 Mar 2023 14:50:15 GMT Server openresty Redirect headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} last-modified Thu, 23 Mar 2023 14:50:15 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679583015136274-4574747582487845324-vla1-3230-vla-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=3EE5C38A27B8BA32 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT
GET H2	200	/ yandex.ru/an/mapuid/eplanningrtb/ Frame 7709	0 0	70ms 62ms	Image text/html	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://yandex.ru/an/mapuid/eplanningrtb/ Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers
GET H2	200	pixel cm.g.doubleclick.net/ Frame 7709 Redirect Chain https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=70B9517B58E124D5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif	170 B 409 B	239ms 83ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=70B9517B58E124D5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} last-modified Thu, 23 Mar 2023 14:50:15 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679583015136887-4329047921590707311-vla1-3230-vla-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=70B9517B58E124D5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 7709 Redirect Chain https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=70B9517B58E124D5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif	170 B 232 B	186ms 84ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=70B9517B58E124D5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} last-modified Thu, 23 Mar 2023 14:50:15 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679583015191775-7371653715325422631-vla1-3230-vla-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=70B9517B58E124D5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 7709 Redirect Chain https://yandex.ru/an/mapuid/google/?partner-tag=yandexru https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=70B9517B58E124D5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif	170 B 232 B	187ms 84ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=70B9517B58E124D5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} last-modified Thu, 23 Mar 2023 14:50:15 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679583015192084-12317516341417298733-vla1-3230-vla-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=70B9517B58E124D5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT
GET H2	200	sync t.adx.opera.com/ Frame 7709 Redirect Chain https://yandex.ru/an/mapuid/operacom/ https://t.adx.opera.com/sync?vendor=60143&uid=787BFAC35E40A4D9	35 B 466 B	673ms 430ms	Image image/gif	82.145.213.8 NO-OPERA
General Check archive.org Show headers Download Go to Show image Full URL https://t.adx.opera.com/sync?vendor=60143&uid=787BFAC35E40A4D9 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Server 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO), Reverse DNS n-sysadmin-jumpbox-03.feednews.opera.technology Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT server nginx access-control-allow-methods POST, GET content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} last-modified Thu, 23 Mar 2023 14:50:15 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679583015192418-9268614678801880565-vla1-3230-vla-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://t.adx.opera.com/sync?vendor=60143&uid=787BFAC35E40A4D9 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT
GET H2	200	/ yandex.ru/an/mapuid/xapadsssp/ Frame 7709	43 B 156 B	123ms 116ms	Image image/gif	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://yandex.ru/an/mapuid/xapadsssp/ Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} last-modified Thu, 23 Mar 2023 14:50:15 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679583015192695-4782559125113944220-vla1-3230-vla-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT
GET H2	200	b55342c4d1e493856e6ef07b24b8a6f56469f056f27e6ff2ef73fe6b5b92aa14 an.yandex.ru/mapuid/mediascope/ Frame 7709 Redirect Chain https://cm.tns-counter.ru/yacm https://an.yandex.ru/mapuid/mediascope/b55342c4d1e493856e6ef07b24b8a6f56469f056f27e6ff2ef73fe6b5b92aa14	43 B 108 B	67ms 66ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/mediascope/b55342c4d1e493856e6ef07b24b8a6f56469f056f27e6ff2ef73fe6b5b92aa14 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT Redirect headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT server ms-counter-4.0.4/1.22.1 content-type text/html location https://an.yandex.ru/mapuid/mediascope/b55342c4d1e493856e6ef07b24b8a6f56469f056f27e6ff2ef73fe6b5b92aa14 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate timing-allow-origin * content-length 0 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	204	match dm.hybrid.ai/ Frame 7709	0 279 B	196ms 64ms	Image text/plain	37.18.16.22 HYBRID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dm.hybrid.ai/match?id=182 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, DE), Reverse DNS Software Hybrid Web Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT server Hybrid Web Server p3p CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC" access-control-allow-origin https://yastatic.net cache-control no-cache, no-store access-control-allow-credentials true x-mode 105 x-xss-protection 1; mode=block expires -1
GET H2	204	yandexdmp-match dm.hybrid.ai/ Frame 7709	0 237 B	196ms 65ms	Image text/plain	37.18.16.22 HYBRID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dm.hybrid.ai/yandexdmp-match Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, DE), Reverse DNS Software Hybrid Web Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT server Hybrid Web Server p3p CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC" access-control-allow-origin * cache-control no-cache, no-store x-mode 106 x-xss-protection 1; mode=block expires -1
GET H2	200	Z.3f1kplFL1l0ub76-RD an.yandex.ru/mapuid/dmpamberdata/ Frame 7709 Redirect Chain https://dmg.digitaltarget.ru/1/119/i/i?i=1679583014 https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1679583015262&i=1679583014 https://an.yandex.ru/mapuid/dmpamberdata/Z.3f1kplFL1l0ub76-RD	43 B 80 B	66ms 66ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpamberdata/Z.3f1kplFL1l0ub76-RD Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT Redirect headers Date Thu, 23 Mar 2023 14:50:15 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Content-Type-Options nosniff Server nginx X-Permitted-Cross-Domain-Policies master-only Request-Time 6 X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Location https://an.yandex.ru/mapuid/dmpamberdata/Z.3f1kplFL1l0ub76-RD Access-Control-Max-Age 86400 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 X-XSS-Protection 1; mode=block
GET H2	200	match match.360yield.com/ Frame 7709 Redirect Chain https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D https://an.yandex.ru/mapuid/azerionis/9d9bd970-5f39-4632-af51-f263e05b02f6 https://match.360yield.com/match?external_user_id=9d9bd970-5f39-4632-af51-f263e05b02f6&publisher_dsp_id=429&publisher_call_type=redirect	43 B 198 B	89ms 83ms	Image image/gif	54.194.216.88 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.360yield.com/match?external_user_id=9d9bd970-5f39-4632-af51-f263e05b02f6&publisher_dsp_id=429&publisher_call_type=redirect Protocol H2 Server 54.194.216.88 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-216-88.eu-west-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers access-control-allow-origin * date Thu, 23 Mar 2023 14:50:15 GMT content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://match.360yield.com/match?external_user_id=9d9bd970-5f39-4632-af51-f263e05b02f6&publisher_dsp_id=429&publisher_call_type=redirect cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT
GET H2	200	f2145114-a202-42dc-794d-81531a5efa7e an.yandex.ru/mapuid/buzzooladspis/ Frame 7709 Redirect Chain https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D https://an.yandex.ru/mapuid/buzzooladspis/f2145114-a202-42dc-794d-81531a5efa7e	43 B 80 B	67ms 66ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/buzzooladspis/f2145114-a202-42dc-794d-81531a5efa7e Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT Redirect headers location https://an.yandex.ru/mapuid/buzzooladspis/f2145114-a202-42dc-794d-81531a5efa7e date Thu, 23 Mar 2023 14:50:15 GMT server nginx content-length 113 serverid TODO content-type text/html; charset=utf-8
GET H2	200	ZBxnJz6WTCg an.yandex.ru/mapuid/soltadspis/ Frame 7709 Redirect Chain https://kimberlite.io/rtb/sync/yandex https://ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fso... https://kimberlite.io/rtb/sync/between2?u=ae5b0ba3-e184-5252-b7bf-74b1d3a31396&f=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZBxnJz6WTCg&n=1 https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZBxnJz6WTCg https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZBxnJz6WTCg https://tech.rtb.mts.ru/?dsp_uid=80b773d2-9f19-4325-a67e-162b2df1b9a8&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D5... https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D2%26ssp%3Daidata%26id%3D%24UID https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D2%26ssp%3Daidata%26id%3D%24UID&bounce=1 https://sm.rtb.mts.ru/em?next=59&em=2&ssp=aidata&id=B8kVmG5ExMAPw4K9SzpWZg https://kimberlite.io/rtb/sync/mts?u=69a9ebac-ced5-4cb6-a8bf-18938c15a38e https://an.yandex.ru/mapuid/soltadspis/ZBxnJz6WTCg	43 B 80 B	68ms 67ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/soltadspis/ZBxnJz6WTCg Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:16 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:16 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:16 GMT Redirect headers Date Thu, 23 Mar 2023 14:50:16 GMT referrer-policy no-referrer Server nginx access-control-allow-origin * location https://an.yandex.ru/mapuid/soltadspis/ZBxnJz6WTCg cache-control no-store access-control-allow-credentials true Connection keep-alive server-timing app;srv=5;dur=0.0004 Content-Length 0
GET H2	200	/ an.yandex.ru/mapuid/targetrtbis/ Frame 7709 Redirect Chain https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 https://an.yandex.ru/mapuid/targetrtbis/	43 B 80 B	68ms 68ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/targetrtbis/ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT Redirect headers Date Thu, 23 Mar 2023 14:50:15 GMT Server nginx/1.22.1 Vary Origin Access-Control-Allow-Origin * Location https://an.yandex.ru/mapuid/targetrtbis/ Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET		pixel mitdmp.whiteboxdigital.ru/ Frame 7709	0 0
GET H2	200	eddb5730-27ad-5060-3616-ed6c0247e08d an.yandex.ru/mapuid/hyperdspis/ Frame 7709 Redirect Chain https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/ https://an.yandex.ru/mapuid/hyperdspis/eddb5730-27ad-5060-3616-ed6c0247e08d	43 B 80 B	67ms 67ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/hyperdspis/eddb5730-27ad-5060-3616-ed6c0247e08d Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT Redirect headers Location https://an.yandex.ru/mapuid/hyperdspis/eddb5730-27ad-5060-3616-ed6c0247e08d Access-Control-Allow-Origin * Date Thu, 23 Mar 2023 14:50:15 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Content-Length 0
GET H2	200	/ an.yandex.ru/mapuid/ramblerssp/ Frame 7709 Redirect Chain https://profile.ssp.rambler.ru/sync3.302?pid=188 https://an.yandex.ru/mapuid/ramblerssp/	43 B 80 B	68ms 67ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/ramblerssp/ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT Redirect headers date Thu, 23 Mar 2023 14:50:15 GMT strict-transport-security max-age=0 server nginx p3p policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" location //an.yandex.ru/mapuid/ramblerssp/ content-type application/x-javascript; charset=Windows-1251 x-passed 1bal1 content-length 0
GET H2	200	uPA1fpe5H9ah.AikABlGHDvLyng an.yandex.ru/mapuid/getintentis/ Frame 7709 Redirect Chain https://px.adhigh.net/p/cm/yandexssp https://px.adhigh.net/p/cm/yandexssp?bounced=1 https://an.yandex.ru/mapuid/getintentis/uPA1fpe5H9ah.AikABlGHDvLyng	43 B 80 B	67ms 67ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/getintentis/uPA1fpe5H9ah.AikABlGHDvLyng Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT Redirect headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT server nginx x-backend-id f9-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin * location https://an.yandex.ru/mapuid/getintentis/uPA1fpe5H9ah.AikABlGHDvLyng cache-control no-cache, no-store access-control-allow-credentials true content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	HUU.h8qKJmWIovOQ5S0s1u an.yandex.ru/mapuid/dmpweborama/ Frame 7709 Redirect Chain https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2546335427 https://an.yandex.ru/mapuid/dmpweborama/HUU.h8qKJmWIovOQ5S0s1u	43 B 80 B	70ms 70ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpweborama/HUU.h8qKJmWIovOQ5S0s1u Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT Redirect headers pragma no-cache date Thu, 23 Mar 2023 14:50:14 GMT via 1.1 google last-modified Thu, 23 Mar 2023 14:50:15 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" location https://an.yandex.ru/mapuid/dmpweborama/HUU.h8qKJmWIovOQ5S0s1u access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	y rtb-eu-warsaw.intent.ai/um/ Frame 7709	68 B 834 B	184ms 82ms	Image image/png	2606:4700:20::681a:f45 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-eu-warsaw.intent.ai/um/y Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f45 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:15 GMT strict-transport-security max-age=15724800; includeSubDomains cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 68 pragma no-cache last-modified Thu, 23 Mar 2023 14:50:15 GMT server cloudflare access-control-max-age 1728000 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type image/png access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuwGHahEfeTy8WHpj7rDllpfLpjfbb4aD6ClgBgYNxB9MwGF1WdnfKRw2CuBUEse0QJ37umsQih1FkTzRGS094DqC0rOjXhOSvqFYCTPAt7uGGKZsQJMVBQoarUO8L2ZbuX8to2%2BCzwjsMZXs4PhrMlpnXuh"}],"group":"cf-nel","max_age":604800} cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 access-control-allow-credentials true cf-ray 7ac77c583f5ddf68-HEL access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization expires Wed, 11 Nov 1998 11:11:11 GMT
GET H2	200	Ace2RyOxGhV1nXCQKkjY an.yandex.ru/mapuid/kadamis/ Frame 7709 Redirect Chain https://s.uuidksinc.net/match/501 https://an.yandex.ru/mapuid/kadamis/Ace2RyOxGhV1nXCQKkjY	43 B 80 B	66ms 66ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/kadamis/Ace2RyOxGhV1nXCQKkjY Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:15 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:15 GMT Redirect headers location https://an.yandex.ru/mapuid/kadamis/Ace2RyOxGhV1nXCQKkjY date Thu, 23 Mar 2023 14:50:15 GMT server nginx/1.19.0 content-length 0
GET H2	200	69a9ebac-ced5-4cb6-a8bf-18938c15a38e an.yandex.ru/mapuid/mtsdspis/ Frame 7709 Redirect Chain https://sm.rtb.mts.ru/p?ssp=yandex&id=map https://sm.rtb.mts.ru/match/second?ssp=55&exu=map https://tech.rtb.mts.ru/?dsp_uid=69a9ebac-ced5-4cb6-a8bf-18938c15a38e&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F69a9ebac-ced5-4cb6-a8bf-18938c15a38e https://an.yandex.ru/mapuid/mtsdspis/69a9ebac-ced5-4cb6-a8bf-18938c15a38e	43 B 152 B	67ms 67ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/mtsdspis/69a9ebac-ced5-4cb6-a8bf-18938c15a38e Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:16 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:16 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:16 GMT Redirect headers Date Thu, 23 Mar 2023 14:50:16 GMT Server nginx/1.20.2 Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/html; charset=utf-8 Location https://an.yandex.ru/mapuid/mtsdspis/69a9ebac-ced5-4cb6-a8bf-18938c15a38e Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
GET		scr.php sonar.semantiqo.com/dmp/ Frame 7709	0 0
GET H/1.1	200 OK	sync.cgi ssp.adriver.ru/cgi-bin/ Frame 7709	42 B 201 B	287ms 69ms	Image image/gif	81.222.128.214 ELTEL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad14.adriver.ru Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Thu, 23 Mar 2023 14:50:16 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif
GET H/1.1	200 OK	sync.cgi ssp.adriver.ru/cgi-bin/ Frame 7709	42 B 201 B	253ms 63ms	Image image/gif	81.222.128.214 ELTEL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad14.adriver.ru Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Thu, 23 Mar 2023 14:50:16 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif
GET H2	200	pixel.gif sync.1dmp.io/ Frame 7709	12 B 155 B	188ms 59ms	Image text/html	87.242.89.90 SBERCLOUD-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU), Reverse DNS Software elb / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:15 GMT last-modified Mon, 30 Jan 2023 18:57:34 GMT server elb accept-ranges bytes etag "63d8131e-c" content-length 12 content-type text/html
GET H/1.1	200 OK	/ sync.bumlam.com/ Frame 7709	43 B 390 B	295ms 72ms	Image image/gif	31.172.81.158 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bumlam.com/?src=yandex Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/gif Date Thu, 23 Mar 2023 14:50:16 GMT Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Server nginx Connection keep-alive Content-Length 43 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	204	yandexortb sync.dmp.otm-r.com/match/ Frame 7709	0 69 B	261ms 80ms	Image text/plain	195.201.108.196 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.dmp.otm-r.com/match/yandexortb Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.108.196 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.196.108.201.195.clients.your-server.de Software nginx/1.15.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers access-control-allow-origin * date Thu, 23 Mar 2023 14:50:16 GMT server nginx/1.15.9
GET H2	200	NjcyMmEwMWYyN2UyNDU2ZQ an.yandex.ru/mapuid/gonetisnew/ Frame 7709 Redirect Chain https://sync.gonet-ads.com/match/yandex?id=[buyerUid] https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1 https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ	43 B 80 B	67ms 67ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:16 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:16 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:16 GMT Redirect headers date Thu, 23 Mar 2023 14:50:16 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff server nginx x-frame-options SAMEORIGIN location https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ content-length 0 x-xss-protection 1; mode=block
GET H2	200	ec6e0936-ec8f-470f-a084-15e75b977048 an.yandex.ru/mapuid/upravelis/ Frame 7709 Redirect Chain https://sync.upravel.com/yandex/sync https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ https://an.yandex.ru/mapuid/upravelis/ec6e0936-ec8f-470f-a084-15e75b977048	43 B 80 B	66ms 66ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/upravelis/ec6e0936-ec8f-470f-a084-15e75b977048 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:16 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:16 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:16 GMT Redirect headers date Thu, 23 Mar 2023 14:50:16 GMT server nginx access-control-allow-methods GET, POST, OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://an.yandex.ru/mapuid/upravelis/ec6e0936-ec8f-470f-a084-15e75b977048 access-control-allow-origin * content-type image/png access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials false access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range content-length 0
GET H2	200	B8kVmG5ExMAPw4K9SzpWZg an.yandex.ru/mapuid/dmpaidatame/ Frame 7709 Redirect Chain https://x01.aidata.io/0.gif?pid=YANDEX https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 https://an.yandex.ru/mapuid/dmpaidatame/B8kVmG5ExMAPw4K9SzpWZg?sign=2623944490	43 B 80 B	67ms 66ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpaidatame/B8kVmG5ExMAPw4K9SzpWZg?sign=2623944490 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:16 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:16 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:16 GMT Redirect headers pragma no-cache date Thu, 23 Mar 2023 14:50:16 GMT last-modified Thu, 23 Mar 2023 14:50:15 GMT server nginx access-control-allow-methods GET, POST p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' location https://an.yandex.ru/mapuid/dmpaidatame/B8kVmG5ExMAPw4K9SzpWZg?sign=2623944490 cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 content-length 0 expires Thu, 23 Mar 2023 14:50:15 GMT
GET H2	200	gLXDMyZK7BdY an.yandex.ru/mapuid/dmpsegmento/ Frame 7709 Redirect Chain https://yandex-dmp-sync.rutarget.ru/sync https://an.yandex.ru/mapuid/dmpsegmento/gLXDMyZK7BdY?sign=2334750047	43 B 80 B	67ms 66ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpsegmento/gLXDMyZK7BdY?sign=2334750047 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:16 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:16 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:16 GMT Redirect headers Location https://an.yandex.ru/mapuid/dmpsegmento/gLXDMyZK7BdY?sign=2334750047 Date Thu, 23 Mar 2023 14:50:16 GMT Server nginx Connection close Content-Length 0 P3P CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
GET H2	200	sZFaeRamFeko an.yandex.ru/mapuid/rutargetis/ Frame 7709 Redirect Chain https://yandex-sync.rutarget.ru/sync https://an.yandex.ru/mapuid/rutargetis/sZFaeRamFeko	43 B 80 B	67ms 66ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/rutargetis/sZFaeRamFeko Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:16 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 14:50:16 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Mar 2023 14:50:16 GMT Redirect headers Location https://an.yandex.ru/mapuid/rutargetis/sZFaeRamFeko Date Thu, 23 Mar 2023 14:50:16 GMT Server nginx Connection close Content-Length 0 P3P CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
GET H2	404	/ lizaonair.com/cors/	19 KB 19 KB	87ms 87ms	Image text/html	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqFB8B1ICMN/media/?size=t&v=3 Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bcb3b990ebd41d9eb2f9b74c90b635a0bc24bd74df427e45b107aa9c9312121e Security Headers Name Value Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers content-security-policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests content-encoding br geo-lat 60.21880 age 120140 pragma no-cache x-ig-request-elapsed-time-ms 96 cross-origin-embedder-policy-report-only require-corp;report-to="coep" x-ig-origin-region cln geo-city Helsinki vary Accept-Language, Cookie, Accept-Encoding x-frame-options SAMEORIGIN content-language ru access-control-allow-origin null content-type text/html; charset=utf-8 cache-control private, max-age=31536000, must-revalidate access-control-expose-headers access-control-expose-headers,age,alt-svc,cache-control,cf-cache-status,cf-ray,connection,content-language,content-security-policy,content-type,cross-origin-embedder-policy-report-only,cross-origin-opener-policy,date,expires,origin-trial,pragma,report-to,server,strict-transport-security,transfer-encoding,vary,x-aed,x-content-type-options,x-fb-trip-id,x-frame-options,x-ig-cache-control,x-ig-origin-region,x-ig-peak-time,x-ig-push-state,x-ig-request-elapsed-time-ms,x-xss-protection,cors-received-headers origin-trial AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0= expires Sat, 01 Jan 2000 00:00:00 GMT date Thu, 23 Mar 2023 14:50:15 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff cf-cache-status HIT x-aed 77 x-xss-protection 0 x-fb-trip-id 1679558926 server cloudflare cross-origin-opener-policy same-origin-allow-popups;report-to="coop" geo-lon 24.87080 x-ig-peak-time 1 x-ig-push-state c2 report-to {"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]} x-ig-cache-control no-cache cf-ray 7ac77c552a70d957-HEL cors-received-headers {"access-control-expose-headers":"X-IG-Set-WWW-Claim","age":"120140","alt-svc":"h3=\":443\"; ma=86400","cache-control":"private, max-age=31536000, must-revalidate","cf-cache-status":"HIT","cf-ray":"7ac77c55444ad957-HEL","connection":"keep-alive","content-language":"ru","content-security-policy":"report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests","content-type":"text/html; charset=utf-8","cross-origin-embedder-policy-report-only":"require-corp;report-to=\"coep\"","cross-origin-opener-policy":"same-origin-allow-popups;report-to=\"coop\"","date":"Thu, 23 Mar 2023 14:50:15 GMT","expires":"Sat, 01 Jan 2000 00:00:00 GMT","origin-trial":"AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=","pragma":"no-cache","report-to":"{\"group\": \"coep\", \"max_age\": 86400, \"endpoints\": [{\"url\": \"/security/coep_report/\"}]},{\"group\": \"coop\", \"max_age\": 86400, \"endpoints\": [{\"url\": \"/security/coop_report/\"}]}","server":"cloudflare","strict-transport-security":"max-age=15552000","transfer-encoding":"chunked","vary":"Accept-Language, Cookie, Accept-Encoding","x-aed":"77","x-content-type-options":"nosniff","x-fb-trip-id":"1679558926","x-frame-options":"SAMEORIGIN","x-ig-cache-control":"no-cache","x-ig-origin-region":"cln","x-ig-peak-time":"1","x-ig-push-state":"c2","x-ig-request-elapsed-time-ms":"96","x-xss-protection":"0"}
GET H2	400	CqFB8B1ICMN Show response lizaonair.com/giveaway/api/oembed/	524 B 636 B	1359ms 1359ms	XHR application/json	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lizaonair.com/giveaway/api/oembed/CqFB8B1ICMN Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3e830ea17e95f3ef221893716e3e2961243aa93d56b4022e1a10c629797a642 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://lizaonair.com/giveaway/ X-Requested-With XMLHttpRequest accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:16 GMT strict-transport-security max-age=15552000 geo-lat 60.21880 server cloudflare geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding content-type application/json access-control-allow-origin null cf-ray 7ac77c55bb88d957-HEL content-length 524
GET H2	200	/ Show response chat.chatra.io/ Frame DEB3	1023 B 976 B	85ms 70ms	Document text/html	2606:4700:10::6816:28e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://chat.chatra.io/?isModern=true Requested by Host: call.chatra.io URL: https://call.chatra.io/chatra.js?_=1679583013407 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:28e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 241dd63d84269a9af4df40f4fe9c5cbd96096bedd21ed134c6f2ab1403af593f Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' https://static.chatra.io; child-src 'none'; img-src https://static.chatra.io 'self' ucarecdn.com data: blob: https://uc.chatra.io https://uc.chatra-usercontent.com; connect-src 'self' data: https://upload.uc.chatra.io ws://chat.chatra.io/ wss://chat.chatra.io/; style-src 'self' 'unsafe-inline' https://static.chatra.io; media-src data:; form-action 'none'; block-all-mixed-content; frame-src 'none' Strict-Transport-Security max-age=31536000 Request headers Referer https://lizaonair.com/giveaway/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers age 151 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control public, max-age=300, s-maxage=300, stale-while-revalidate=300, stale-if-error=1800 cf-cache-status HIT cf-ray 7ac77c56199ad953-HEL content-encoding br content-security-policy default-src 'self'; script-src 'self' https://static.chatra.io; child-src 'none'; img-src https://static.chatra.io 'self' ucarecdn.com data: blob: https://uc.chatra.io https://uc.chatra-usercontent.com; connect-src 'self' data: https://upload.uc.chatra.io ws://chat.chatra.io/ wss://chat.chatra.io/; style-src 'self' 'unsafe-inline' https://static.chatra.io; media-src data:; form-action 'none'; block-all-mixed-content; frame-src 'none' content-type text/html; charset=utf-8 date Thu, 23 Mar 2023 14:50:15 GMT etag W/"appV0.0.1674949352" server cloudflare strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	0f4b36301fb51872f1b179a76dbf2e28b4b4a818.css static.chatra.io/jscss/ Frame DEB3	81 KB 15 KB	73ms 63ms	Stylesheet text/css	2606:4700:10::6816:28e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.chatra.io/jscss/0f4b36301fb51872f1b179a76dbf2e28b4b4a818.css?meteor_css_resource=true Requested by Host: chat.chatra.io URL: https://chat.chatra.io/?isModern=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:28e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9735d0a41f5a59d268962a94fda8c90d047fdc9d2409109f29a63e67c56b420f Request headers accept-language fi-FI,fi;q=0.9 Referer https://chat.chatra.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:15 GMT via 1.1 f44b0401aa25ee4759a1c3f13a10909b.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT x-edge-origin-shield-skipped 0 x-amz-cf-pop HEL50-C2 age 15295833 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 27 Sep 2021 13:51:50 GMT server cloudflare etag W/"514df76ab838700823c7e222ed868b78" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 7ac77c56aaa2d953-HEL x-amz-cf-id GZnsUi6eHa6cM-b9fhIodfbal0QpOPnXto4Gd49JscNM38K4GkF1sQ==
GET H2	200	meteor_runtime_config.js Show response chat.chatra.io/ Frame DEB3	681 B 651 B	65ms 64ms	Script application/javascript	2606:4700:10::6816:28e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://chat.chatra.io/meteor_runtime_config.js?hash=e522bedc11179c9f940fd9fe0c23c35594193478 Requested by Host: chat.chatra.io URL: https://chat.chatra.io/?isModern=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:28e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02208c7b9dc56b6c82a887dbfafa13b52510ee460e3ae7e837b68009fe5b04ff Request headers accept-language fi-FI,fi;q=0.9 Referer https://chat.chatra.io/?isModern=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:15 GMT content-encoding br cf-cache-status HIT server cloudflare age 38 etag W/"68f67d2ffd01f046099da13ab4e7b7ab352d2362" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 7ac77c569a80d953-HEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	9a3dd9408ba92325dee4f179c7bf424dac820dd8.js Show response static.chatra.io/jscss/ Frame DEB3	810 KB 247 KB	91ms 82ms	Script application/javascript	2606:4700:10::6816:28e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.chatra.io/jscss/9a3dd9408ba92325dee4f179c7bf424dac820dd8.js?meteor_js_resource=true Requested by Host: chat.chatra.io URL: https://chat.chatra.io/?isModern=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:28e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 060e14498a61ec71a8da4b6bb5a2f41fc1f13ec0920acb1aa23a5bb615c2ff8e Request headers accept-language fi-FI,fi;q=0.9 Referer https://chat.chatra.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:15 GMT via 1.1 bd29d18ddcad5397b0dff22184078bfc.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT x-amz-cf-pop HEL50-C2 age 5696820 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 16 Jan 2023 16:18:37 GMT server cloudflare etag W/"1a0a5cdf89447359e2b44a94036a1b6e" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 7ac77c56aaaad953-HEL x-amz-cf-id i9H5HcXG3-z0MbkjtwWMbxyBu57KRYAy18HLeyey0GYk22m-Tftpog==
GET H2	200	/ lizaonair.com/cors/	6 KB 8 KB	354ms 353ms	Image image/jpeg	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqEfyzEDjf3/media/?size=t&v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42fda095ba5d9c496b3851916a190724f5a6bef65ea84752b8c362fd6091d662 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers x-haystack-needlechecksum 422393015 date Thu, 23 Mar 2023 14:50:15 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 age 11953 cf-polished degrade=85, origSize=6811, status=webp_bigger content-digest adler32=2156669706 cross-origin-resource-policy same-origin content-length 6538 x-fb-trip-id 1814657579 last-modified Tue, 21 Mar 2023 23:56:15 GMT cf-bgj imgq:85,h2pri server cloudflare x-storage-error-category dfs:none;hs_p:200:HS_ESUCCESS geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding x-frame-options DENY content-type image/jpeg access-control-allow-origin null access-control-expose-headers accept-ranges,age,alt-svc,cache-control,cf-bgj,cf-cache-status,cf-polished,cf-priority,cf-priority-change,cf-ray,connection,content-digest,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-haystack-needlechecksum,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 1092051673 accept-ranges bytes cf-ray 7ac77c56ee35d957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","age":"11953","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-bgj":"imgq:85,h2pri","cf-cache-status":"HIT","cf-polished":"degrade=85, origSize=6811, status=webp_bigger","cf-priority":"50/0","cf-priority-change":"260:30/0,740:20/1,3658:10/1","cf-ray":"7ac77c58a612d957-HEL","connection":"keep-alive","content-digest":"adler32=2156669706","content-length":"6538","content-type":"image/jpeg","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:15 GMT","last-modified":"Tue, 21 Mar 2023 23:56:15 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept-Encoding","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-haystack-needlechecksum":"422393015","x-needle-checksum":"1092051673","x-storage-error-category":"dfs:none;hs_p:200:HS_ESUCCESS"}
GET DATA	200 OK	truncated / Frame DEB3	44 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated / Frame DEB3	215 B 0		Image image/jpg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/jpg
GET H2	200	/ lizaonair.com/cors/	7 KB 8 KB	323ms 323ms	Image image/jpeg	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqDgl79Krhn/media/?size=t&v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd7a729c6a24bf6d00a7f8812edf5a1a1678d25793d03a75e844b768854dbba4 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:16 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 age 31936 content-digest adler32=297448728 cross-origin-resource-policy same-origin content-length 6667 x-fb-trip-id 1814657579 last-modified Tue, 21 Mar 2023 14:43:15 GMT x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET server cloudflare geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding x-frame-options DENY content-type image/jpeg access-control-allow-origin null access-control-expose-headers accept-ranges,age,alt-svc,cache-control,cf-cache-status,cf-ray,connection,content-digest,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 11964619 accept-ranges bytes cf-ray 7ac77c587a50d957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","age":"31936","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-cache-status":"HIT","cf-ray":"7ac77c5a272ad957-HEL","connection":"keep-alive","content-digest":"adler32=297448728","content-length":"6667","content-type":"image/jpeg","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:16 GMT","last-modified":"Tue, 21 Mar 2023 14:43:15 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept-Encoding","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-needle-checksum":"11964619","x-storage-error-category":"dfs:none;sc_p:200:WSE_NOT_SET"}
GET H2	200	top100.js Show response st.top100.ru/top100/	102 KB 32 KB	281ms 159ms	Script application/javascript	81.19.89.16 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://st.top100.ru/top100/top100.js?_=1679583013409 Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash 248ea38076975c35bc87b2f74436445fa2a28439983c0a6d11c65e9b1cbe790d Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:15 GMT content-encoding gzip last-modified Thu, 23 Mar 2023 11:41:28 GMT server nginx/1.19.4 x-amz-request-id tx00000000000023baf33fe-00641c6727-f85be6-default etag W/"8cf2d7ea9256dd766bd88e59724fd6fe" vary Accept-Encoding content-type application/javascript p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" x-rgw-object-type Normal cache-control max-age=3600 expires Thu, 23 Mar 2023 15:50:15 GMT
GET H2	200	tr www.facebook.com/	0 185 B	200ms 66ms	Image text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr?ev=PageView&id=1721597771236106&noscript=1&client_user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36&ud%5Bclient_ip_address%5D=2a0c%3Af040%3A0%3A2790%3A%3A7e&ud%5Bcountry%5D=fi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 23 Mar 2023 14:50:15 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H/1.1	200 OK	hit counter.yadro.ru/ Redirect Chain https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//lizaonair.com/giveaway/;0.21874557135890904 https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//lizaonair.com/giveaway/;0.21874557135890904	43 B 528 B	56ms 55ms	Image image/gif	88.212.201.204 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//lizaonair.com/giveaway/;0.21874557135890904 Protocol HTTP/1.1 Server 88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host204.rax.ru Software nginx/1.17.9 / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Pragma no-cache Date Thu, 23 Mar 2023 14:50:15 GMT Strict-Transport-Security max-age=86400 Server nginx/1.17.9 Content-Type image/gif P3P policyref="/w3c/p3p.xml", CP="UNI" Access-Control-Allow-Origin * Cache-control no-cache Connection keep-alive Content-Length 43 Expires Tue, 22 Mar 2022 21:00:00 GMT Redirect headers Pragma no-cache Date Thu, 23 Mar 2023 14:50:15 GMT Strict-Transport-Security max-age=86400 Server nginx/1.17.9 Content-Type text/html Location https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//lizaonair.com/giveaway/;0.21874557135890904 P3P policyref="/w3c/p3p.xml", CP="UNI" Cache-control no-cache Connection keep-alive Content-Length 32 Expires Tue, 22 Mar 2022 21:00:00 GMT
GET H2	200	counter2 top-fwz1.mail.ru/ Redirect Chain https://top-fwz1.mail.ru/counter?id=2482748;js=na https://top-fwz1.mail.ru/counter2?id=2482748;js=na	43 B 960 B	56ms 56ms	Image image/gif	95.163.52.67 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://top-fwz1.mail.ru/counter2?id=2482748;js=na Protocol H2 Server 95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:15 GMT x-content-type-options nosniff p3p CP="NOI DSP COR NID CUR PSA OUR NOR" content-length 43 pragma no-cache amp-access-control-allow-source-origin * server nginx accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS content-type image/gif access-control-allow-origin * accept-ch-lifetime 86400 access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control private, no-cache, no-store, max-age=0 access-control-allow-credentials true timing-allow-origin * access-control-allow-headers * Redirect headers date Thu, 23 Mar 2023 14:50:15 GMT x-content-type-options nosniff p3p CP="NOI DSP COR NID CUR PSA OUR NOR" content-length 0 pragma no-cache amp-access-control-allow-source-origin * server nginx accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS accept-ch-lifetime 86400 location https://top-fwz1.mail.ru/counter2?id=2482748;js=na access-control-allow-origin * access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control private, no-cache, no-store, max-age=0 access-control-allow-credentials true timing-allow-origin * access-control-allow-headers *
GET DATA	200 OK	truncated / Frame DEB3	82 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated / Frame DEB3	90 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated / Frame DEB3	38 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/webp
GET H3	200	info Show response chat.chatra.io/sockjs/ Frame DEB3	79 B 354 B	95ms 95ms	XHR application/json	2606:4700:10::6816:28e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://chat.chatra.io/sockjs/info?cb=iin75s57_r Requested by Host: static.chatra.io URL: https://static.chatra.io/jscss/9a3dd9408ba92325dee4f179c7bf424dac820dd8.js?meteor_js_resource=true Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:28e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3e83b2fd966d0b29ab65f921b228286e85b41fe0c57d342a9ed398bf9127de3 Request headers accept-language fi-FI,fi;q=0.9 Referer https://chat.chatra.io/?isModern=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:15 GMT cf-cache-status MISS last-modified Thu, 23 Mar 2023 14:50:15 GMT server cloudflare vary Origin, Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, no-transform, must-revalidate, max-age=0 cf-ray 7ac77c588889d912-HEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	/ lizaonair.com/cors/	5 KB 6 KB	199ms 199ms	Image image/jpeg	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqDWIyAjs8H/media/?size=t&v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bbc7d7fe2ffa4b50e8d6a90ac5eb7382f6a6e55163df51b34234998a2a7886b3 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:16 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 age 31010 content-digest adler32=3194851012 cross-origin-resource-policy same-origin content-length 5542 x-fb-trip-id 1814657579 last-modified Tue, 21 Mar 2023 12:44:02 GMT x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET server cloudflare geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding x-frame-options DENY content-type image/jpeg access-control-allow-origin null access-control-expose-headers accept-ranges,age,alt-svc,cache-control,cf-cache-status,cf-ray,connection,content-digest,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 4019355508 accept-ranges bytes cf-ray 7ac77c59fd91d957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","age":"31010","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-cache-status":"HIT","cf-ray":"7ac77c5ad784d957-HEL","connection":"keep-alive","content-digest":"adler32=3194851012","content-length":"5542","content-type":"image/jpeg","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:16 GMT","last-modified":"Tue, 21 Mar 2023 12:44:02 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept-Encoding","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-needle-checksum":"4019355508","x-storage-error-category":"dfs:none;sc_p:200:WSE_NOT_SET"}
GET H2	200	userip Show response kraken.rambler.ru/	15 B 420 B	182ms 57ms	XHR text/plain	81.19.89.18 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://kraken.rambler.ru/userip Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash 5655477c114cfd59c879ced8cc4f475c3584edc70eb08e8773640a636863b54f Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers access-control-allow-origin https://lizaonair.com date Thu, 23 Mar 2023 14:50:16 GMT content-type application/octet-stream, text/plain server nginx/1.19.4 x-srv 2kraken-prod0002.ad.rambler.tech content-length 15 p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
GET H2	200	usability.js Show response st.top100.ru/top100/3.13.11/	14 KB 4 KB	59ms 58ms	Script application/javascript	81.19.89.16 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://st.top100.ru/top100/3.13.11/usability.js Requested by Host: widget.yeps.io URL: https://widget.yeps.io/yeps.js?_=1679583013406 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash d83bca758ed10f3df0db934a90d1fe236580289575bd8861d34140054b24d1a0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:16 GMT content-encoding gzip last-modified Thu, 23 Mar 2023 11:41:28 GMT server nginx/1.19.4 x-amz-request-id tx00000000000023bae36aa-00641c6558-f85be6-default etag W/"251161787b64b462add9a5fb4f620a20" vary Accept-Encoding content-type application/javascript p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" x-rgw-object-type Normal cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	ecommerce.js Show response st.top100.ru/top100/3.13.11/	4 KB 2 KB	59ms 59ms	Script application/javascript	81.19.89.16 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://st.top100.ru/top100/3.13.11/ecommerce.js Requested by Host: widget.yeps.io URL: https://widget.yeps.io/yeps.js?_=1679583013406 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash c674cbe5a26c3dc34bfdc12d2fa832e90733d4c0b1f87d7f4853aa0fb1e6f439 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:16 GMT content-encoding gzip last-modified Thu, 23 Mar 2023 11:41:28 GMT server nginx/1.19.4 x-amz-request-id tx00000000000023bae3b07-00641c6560-f85be6-default etag W/"8bb675b6749541fea48c2bbe1eb968bc" vary Accept-Encoding content-type application/javascript p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" x-rgw-object-type Normal cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	media.js Show response st.top100.ru/top100/3.13.11/	14 KB 5 KB	60ms 59ms	Script application/javascript	81.19.89.16 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://st.top100.ru/top100/3.13.11/media.js Requested by Host: widget.yeps.io URL: https://widget.yeps.io/yeps.js?_=1679583013406 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash a5a0e639a410c84f0986fa84f8cfe826aa087b3c038390b2089b0feec49f1aa4 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:16 GMT content-encoding gzip last-modified Thu, 23 Mar 2023 11:41:28 GMT server nginx/1.19.4 x-amz-request-id tx00000000000023bae2f4b-00641c654a-f85be6-default etag W/"57f770e178c923b5f4d74edf6f1b3501" vary Accept-Encoding content-type application/javascript p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" x-rgw-object-type Normal cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	/ kraken.rambler.ru/cnt/	43 B 589 B	176ms 59ms	Image image/gif	81.19.89.18 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kraken.rambler.ru/cnt/?et=pv&v=3.13.11&pid=4440832&tid=t1.4440832.264400790.1679583016044&rid=1679583016.043-774273300&fid=pA8AAENKs1dPOYZ4Aday%2FgA%3D&fip=pA8AAENKs1fQpn%2FjAa7ungA%3D&eid=247630162289745&aduid=66e526ec-3ece-4c55-adb3-7b58a8d358f7&aduidsc=lizaonair.com&stid=1310676607_1679583016045&sn=1&sen=1&ce=1&bs=1600x1200&rf&en=UTF-8&pt=%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BF%D0%BE%D0%B1%D0%B5%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%20%D0%B2%20%D0%98%D0%BD%D1%81%D1%82%D0%B0%D0%B3%D1%80%D0%B0%D0%BC%2C%20Youtube%20%D0%B8%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%80%D0%B0%D0%BD%D0%B4%D0%BE%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%E2%84%961&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&ct=web&url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=182689735 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:16 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.19.4 x-srv 2kraken-prod0001.ad.rambler.tech access-control-allow-methods GET, POST, OPTIONS content-type image/gif, image/gif p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" cache-control no-cache access-control-allow-credentials true access-control-allow-headers content-type content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	/ lizaonair.com/cors/	10 KB 10 KB	260ms 260ms	Image image/jpeg	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqDGt9woIb5/media/?size=t&v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff0f119998d93fe762e9c94767d9c2d48781b90c3915528ccb8d1bf9072ded3f Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:16 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 age 14299 content-digest adler32=3007087482 cross-origin-resource-policy same-origin content-length 9731 x-fb-trip-id 1814657579 last-modified Tue, 21 Mar 2023 10:53:32 GMT x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET server cloudflare geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding x-frame-options DENY content-type image/jpeg access-control-allow-origin null access-control-expose-headers accept-ranges,age,alt-svc,cache-control,cf-cache-status,cf-ray,connection,content-digest,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 2782881557 accept-ranges bytes cf-ray 7ac77c5b88eed957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","age":"14299","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-cache-status":"HIT","cf-ray":"7ac77c5cc0aad957-HEL","connection":"keep-alive","content-digest":"adler32=3007087482","content-length":"9731","content-type":"image/jpeg","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:16 GMT","last-modified":"Tue, 21 Mar 2023 10:53:32 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept-Encoding","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-needle-checksum":"2782881557","x-storage-error-category":"dfs:none;sc_p:200:WSE_NOT_SET"}
GET H2	200	/ kraken.rambler.ru/cnt/v2/	43 B 487 B	59ms 59ms	Image image/gif	81.19.89.18 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=4440832&session_id=1310676607_1679583016045&session_number=1&session_event_number=1&version=3.13.11&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.4440832.264400790.1679583016044&adtech_uid=66e526ec-3ece-4c55-adb3-7b58a8d358f7&adtech_uid_scope=lizaonair.com&fingerprint=pA8AAENKs1dPOYZ4Aday%2FgA%3D&fingerprint_ip=pA8AAENKs1fQpn%2FjAa7ungA%3D&url=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&request_id=1679583016.043-774273300&event_id=247630162289745&meta=%7B%22title%22%3A%22%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BF%D0%BE%D0%B1%D0%B5%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%20%D0%B2%20%D0%98%D0%BD%D1%81%D1%82%D0%B0%D0%B3%D1%80%D0%B0%D0%BC%2C%20Youtube%20%D0%B8%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%80%D0%B0%D0%BD%D0%B4%D0%BE%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%E2%84%961%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%220%22%7D&rn=1492983388 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:16 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.19.4 x-srv 2kraken-prod0001.ad.rambler.tech access-control-allow-methods GET, POST, OPTIONS content-type image/gif, image/gif p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" cache-control no-cache access-control-allow-credentials true access-control-allow-headers content-type content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	/ lizaonair.com/cors/	3 KB 5 KB	289ms 288ms	Image image/webp	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqC_ytFNR4i/media/?size=t&v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a325669d059c85c5236c1617d8b57e15201368815bc7efec8a3f034ffc15985 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers x-haystack-needlechecksum 1872397036 date Thu, 23 Mar 2023 14:50:16 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 age 2187 cf-polished qual=85, origFmt=jpeg, origSize=4630 content-digest adler32=1136837380 cross-origin-resource-policy same-origin content-disposition inline; filename="336517395_6095899840495968_717392514025558641_n.webp" content-length 3552 x-fb-trip-id 1814657579 last-modified Tue, 21 Mar 2023 09:59:44 GMT cf-bgj imgq:85,h2pri server cloudflare x-storage-error-category dfs:none;hs_p:200:HS_ESUCCESS geo-city Helsinki geo-lon 24.87080 vary Accept, Accept-Encoding x-frame-options DENY content-type image/webp access-control-allow-origin null access-control-expose-headers accept-ranges,age,alt-svc,cache-control,cf-bgj,cf-cache-status,cf-polished,cf-ray,connection,content-digest,content-disposition,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-edge-debug,x-fb-trip-id,x-frame-options,x-haystack-needlechecksum,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-fb-edge-debug o2ZoEqZXf3eKC_hFYAwpKaYxtkEWC7wDHsIzXCIvbfV27UJgw7ifx_g7ZdyQiJJMl70DKkqC0BrILLesXAOcZyVvM3ennhlJyI7S-FXnbb0 x-needle-checksum 1620721672 accept-ranges bytes cf-ray 7ac77c5d1c53d957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","age":"2187","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-bgj":"imgq:85,h2pri","cf-cache-status":"HIT","cf-polished":"qual=85, origFmt=jpeg, origSize=4630","cf-ray":"7ac77c5e7184d957-HEL","connection":"keep-alive","content-digest":"adler32=1136837380","content-disposition":"inline; filename=\"336517395_6095899840495968_717392514025558641_n.webp\"","content-length":"3552","content-type":"image/webp","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:16 GMT","last-modified":"Tue, 21 Mar 2023 09:59:44 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept","x-fb-edge-debug":"o2ZoEqZXf3eKC_hFYAwpKaYxtkEWC7wDHsIzXCIvbfV27UJgw7ifx_g7ZdyQiJJMl70DKkqC0BrILLesXAOcZyVvM3ennhlJyI7S-FXnbb0","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-haystack-needlechecksum":"1872397036","x-needle-checksum":"1620721672","x-storage-error-category":"dfs:none;hs_p:200:HS_ESUCCESS"}
GET H2	200	/ lizaonair.com/cors/	4 KB 5 KB	302ms 301ms	Image image/webp	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqC-2I2A3ud/media/?size=t&v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74a91cd0d046c412a229224345b2d576f2498ac48249559f90df86b10a386bda Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:17 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 cf-polished qual=85, origFmt=jpeg, origSize=4817 content-digest adler32=2700961887 cross-origin-resource-policy same-origin content-disposition inline; filename="336470325_1193437454689929_1763126219711870826_n.webp" content-length 4164 x-fb-trip-id 1814657579 last-modified Tue, 21 Mar 2023 09:58:24 GMT cf-bgj imgq:85,h2pri server cloudflare x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET geo-city Helsinki geo-lon 24.87080 vary Accept, Accept-Encoding x-frame-options DENY content-type image/webp access-control-allow-origin null access-control-expose-headers accept-ranges,alt-svc,cache-control,cf-bgj,cf-cache-status,cf-polished,cf-ray,connection,content-digest,content-disposition,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 1176720292 accept-ranges bytes cf-ray 7ac77c5eaf90d957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-bgj":"imgq:85,h2pri","cf-cache-status":"HIT","cf-polished":"qual=85, origFmt=jpeg, origSize=4817","cf-ray":"7ac77c5fc223d957-HEL","connection":"keep-alive","content-digest":"adler32=2700961887","content-disposition":"inline; filename=\"336470325_1193437454689929_1763126219711870826_n.webp\"","content-length":"4164","content-type":"image/webp","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:16 GMT","last-modified":"Tue, 21 Mar 2023 09:58:24 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-needle-checksum":"1176720292","x-storage-error-category":"dfs:none;sc_p:200:WSE_NOT_SET"}
GET H2	200	bundle.js Show response yastatic.net/q/set/s/rsya-tag-users/ Frame 7709	105 KB 37 KB	77ms 77ms	Script application/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Requested by Host: lizaonair.com URL: https://lizaonair.com/giveaway/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:16 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; last-modified Fri, 29 Oct 2021 11:19:01 GMT server nginx/1.17.9 nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} etag W/"82bdc8db563d3e71c35534315f8a9fd5" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31556952 x-nginx-request-id 95cf34599535b9c5 timing-allow-origin * expires Sun, 26 Mar 2023 02:45:21 GMT
GET H2	200	watch.js Show response mc.yandex.ru/metrika/ Frame 7709	162 KB 57 KB	119ms 118ms	Script application/javascript	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/watch.js Requested by Host: yastatic.net URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 5d5364d405cc4770c6d101aed0dd9e6e0b5e54d4a60ee4f4fe2f32d2c6907818 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:17 GMT content-encoding br strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 13:00:21 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "641c2335-e402" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 58370 expires Thu, 23 Mar 2023 15:50:17 GMT
GET H2	200	data Show response yandex.ru/set/s/rsya-tag-users/ Frame 7709	403 B 780 B	82ms 82ms	Fetch application/json	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F Requested by Host: yastatic.net URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 5d7cc6e7b59e7fa7c6da28aadb218054704883f31b920d55ebd1b21b214e6cbe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:17 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679583017022398-14019886883499115415-vla1-3230-vla-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type application/json; charset=utf-8 access-control-allow-origin https://yastatic.net cache-control public,max-age=300 access-control-allow-credentials true x-xss-protection 1; mode=block
GET H2	200	/ lizaonair.com/cors/	2 KB 3 KB	265ms 264ms	Image image/webp	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqCrz3MDY0i/media/?size=t&v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c46b478ef55ab726bb82742662380050fd3dc7f973d06b5c6a587a6a899a779 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:17 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 cf-polished qual=85, origFmt=jpeg, origSize=2931 content-digest adler32=3873161342 cross-origin-resource-policy same-origin content-disposition inline; filename="337467784_711856000519571_1290480999868580524_n.webp" content-length 1910 x-fb-trip-id 1814657579 last-modified Tue, 21 Mar 2023 07:18:15 GMT cf-bgj imgq:85,h2pri server cloudflare x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET geo-city Helsinki geo-lon 24.87080 vary Accept, Accept-Encoding x-frame-options DENY content-type image/webp access-control-allow-origin null access-control-expose-headers accept-ranges,alt-svc,cache-control,cf-bgj,cf-cache-status,cf-polished,cf-ray,connection,content-digest,content-disposition,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 3873142179 accept-ranges bytes cf-ray 7ac77c606bfdd957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-bgj":"imgq:85,h2pri","cf-cache-status":"HIT","cf-polished":"qual=85, origFmt=jpeg, origSize=2931","cf-ray":"7ac77c616303d957-HEL","connection":"keep-alive","content-digest":"adler32=3873161342","content-disposition":"inline; filename=\"337467784_711856000519571_1290480999868580524_n.webp\"","content-length":"1910","content-type":"image/webp","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:17 GMT","last-modified":"Tue, 21 Mar 2023 07:18:15 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-needle-checksum":"3873142179","x-storage-error-category":"dfs:none;sc_p:200:WSE_NOT_SET"}
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/ Frame 7709	43 KB 16 KB	317ms 152ms	Script text/javascript	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: yastatic.net URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software cafe / Resource Hash 29e53a9e7a6907aaf4d2a3cad95c7d09726afd98cfdfbe6a4ca7829a1b79cb58 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15941 x-xss-protection 0 server cafe etag 13081576379604003182 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 23 Mar 2023 14:50:17 GMT
GET H2	200	/ www.google.fi/pagead/1p-user-list/1014923426/ Frame 7709 Redirect Chain https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KWccZMysEdrLmwfzz5CABQ... https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2093642808&crd=&is_vtc=1&random=3944551668 https://www.google.fi/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2093642808&crd=&is_vtc=1&random=3944551668&ipr=y	42 B 108 B	82ms 82ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fi/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2093642808&crd=&is_vtc=1&random=3944551668&ipr=y Protocol H2 Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.fi/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2093642808&crd=&is_vtc=1&random=3944551668&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.fi/pagead/1p-user-list/1014923426/ Frame 7709 Redirect Chain https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KWccZLOtEcKsmLAPqdqN-A... https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1619687636&crd=&is_vtc=1&random=1625553786 https://www.google.fi/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1619687636&crd=&is_vtc=1&random=1625553786&ipr=y	42 B 108 B	82ms 82ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fi/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1619687636&crd=&is_vtc=1&random=1625553786&ipr=y Protocol H2 Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.fi/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1619687636&crd=&is_vtc=1&random=1625553786&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	3 Show response mc.yandex.ru/watch/ Frame 7709	256 B 403 B	67ms 66ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A41za72whyvnym2kdotke5b%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A1%3Adp%3A0%3Als%3A476676347744%3Ahid%3A15495112%3Az%3A0%3Ai%3A20230323145017%3Aet%3A1679583017%3Ac%3A1%3Arn%3A971082690%3Arqn%3A1%3Au%3A1679583017557129361%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C109%2C57%2C1%2C0%2C0%2C%2C17%2C0%2C186%2C186%2C0%2C186%3Aco%3A0%3Acpf%3A1%3Ans%3A1679583014918%3Ast%3A1679583017&t=clc(0-0-0)rqnt(1)aw(1)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash b34a5749d32492cacfdfb2931bc275658b78071bf46265858121b62ea4652706 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Thu, 23-Mar-2023 14:50:17 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://yastatic.net cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 256 x-xss-protection 1; mode=block expires Thu, 23-Mar-2023 14:50:17 GMT
GET H2	200	advert.gif mc.yandex.ru/metrika/ Frame 7709	43 B 125 B	62ms 61ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/metrika/advert.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:17 GMT strict-transport-security max-age=31536000 last-modified Thu, 23 Mar 2023 10:00:21 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "641c2335-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Thu, 23 Mar 2023 15:50:17 GMT
GET H2	200	/ lizaonair.com/cors/	3 KB 4 KB	275ms 274ms	Image image/webp	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqCQ6rnIDV4/media/?size=t&v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 350575e0ad2339429be68ecb70538c620f23cdadd268dd1ac957331bce4eafc5 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:17 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 cf-polished qual=85, origFmt=jpeg, origSize=3389 content-digest adler32=3339361552 cross-origin-resource-policy same-origin content-disposition inline; filename="336263359_3490687347876312_2020055608194032662_n.webp" content-length 2690 x-fb-trip-id 1814657579 last-modified Tue, 21 Mar 2023 03:10:55 GMT cf-bgj imgq:85,h2pri server cloudflare x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET geo-city Helsinki geo-lon 24.87080 vary Accept, Accept-Encoding x-frame-options DENY content-type image/webp access-control-allow-origin null access-control-expose-headers accept-ranges,alt-svc,cache-control,cf-bgj,cf-cache-status,cf-polished,cf-ray,connection,content-digest,content-disposition,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 2669764593 accept-ranges bytes cf-ray 7ac77c61dff1d957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-bgj":"imgq:85,h2pri","cf-cache-status":"HIT","cf-polished":"qual=85, origFmt=jpeg, origSize=3389","cf-ray":"7ac77c62f3bad957-HEL","connection":"keep-alive","content-digest":"adler32=3339361552","content-disposition":"inline; filename=\"336263359_3490687347876312_2020055608194032662_n.webp\"","content-length":"2690","content-type":"image/webp","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:17 GMT","last-modified":"Tue, 21 Mar 2023 03:10:55 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-needle-checksum":"2669764593","x-storage-error-category":"dfs:none;sc_p:200:WSE_NOT_SET"}
GET H2	200	WOuejI_zOEK09Gm0P1GvuV1glrSpemK0vG4GW8200J4cPnna000003Y6eZo80W6v0dMr4wwSiHNty0AnjhJnu3lm1G6W1lgZ0Sa69Y_wir0URZof1-q9_H6gfwuJ-0S2q0Y2W8200jsY8eJj2G40gkFpP9Bty0i6u0s2W821W820Y0IO3gRUw9-BoeUtFAWFxPEqw... Show response yandex.ru/an/count/	43 B 317 B	65ms 65ms	XHR image/gif	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/an/count/WOuejI_zOEK09Gm0P1GvuV1glrSpemK0vG4GW8200J4cPnna000003Y6eZo80W6v0dMr4wwSiHNty0AnjhJnu3lm1G6W1lgZ0Sa69Y_wir0URZof1-q9_H6gfwuJ-0S2q0Y2W8200jsY8eJj2G40gkFpP9Bty0i6u0s2W821W820Y0IO3gRUw9-BoeUtFAWFxPEqwg7rgTSJa131mCA4sx6YZGhu40Mm-f6o4l0I1GJW507m5S6AzkoZZxpyOvWMaEJbe0QWoHRmFzWMWHUe5mdG627u6DxfmkY-vx-9qm606OaPXUYm6RWP_m706QQsii2RZlF0WG7I6H9vOM9pNtDbSdPbSYzoE30nBJ7e6SW2y1d70PWQyS2q0R0RNBWR188S3L8tHJfaQ6n7Cp1tPpVf703mFu0T_t-080A880pG8Vy1rIB__t__WIC00000003mFnC0W22Gce1syETifjlSZgm9XU4GJE92Qec1gGmjMEQN3cCaZ3vg3cArQW71sZcKawZco7NdA2uSFe910G00~1=WOeejI_zOBy01Gm0v1HgQzJ5lm66_-JaxDUidUe1W07-rFFKxBUvgXI80URzzU-X0P01W8k6v-I0W802c060YuRdPBW1ufVoeIRO0VZjcgu1u07sxPgk0UW1Og02beEb6x03pG-81Rti0P05mjeHi0Nax0Mu1UJi1S05zgS8o0M-tmBG1QMw0QW6-gC1gGVj2VqHggUk4xW7W0N2W806u0ZBmT8Dw0a7W0e1w0oJ0fWDcv4neQ02c17XeYsXkQWJpk2RogNxnASNW1I0W83e58m2c1QGvEMW1g395l0_c1VCsuink1S1m1UrrW6W6VgZ0RWP_m616l__byTfRL98e1gYnB7IgBwsX1se7W6m7m787_osZLUu8E_bB90Ytg8ja2BWeYsG8k6YBP0Yug8ja2BaeYsG8kQYBTKY__z__u4ZYIFMFv0ZZysU-_NBu_wm0PWZZlggxSEufRCt3W2n7mzqx43EheXG9aPJ6IXWK0zW68R9qC9EypBPvv8OTyOBfIGZxqTKIkSOR1D5~1?stat-id=1&test-tag=2514583092779537&banner-sizes=eyI3MjA1NzYwNzU2Nzc1MzkyMCI6IjMyOHgxOTkifQ%3D%3D&format-type=118&actual-format=13&pcodever=741854&banner-test-tags=eyI3MjA1NzYwNzU2Nzc1MzkyMCI6IjU3MzkzIn0%3D&constructor-rendered-assets=eyI3MjA1NzYwNzU2Nzc1MzkyMCI6MTI5fQ&pcode-active-testids=740570%2C0%2C4&width=328&height=199&confirmTime=2100000&confirmRatio=1000000&wmode=0 Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://lizaonair.com/giveaway/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 23 Mar 2023 14:50:17 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679583017367841-11916844896787228608-vla1-3230-vla-l7-balancer-8080-BAL p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-xss-protection 1; mode=block pragma no-cache last-modified Thu, 23 Mar 2023 14:50:17 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type image/gif access-control-allow-origin https://lizaonair.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Thu, 23 Mar 2023 14:50:17 GMT
GET H2	200	37412095 Show response mc.yandex.ru/watch/ Frame 7709	439 B 475 B	64ms 64ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A41za72whyvnym2kdotke5b%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A2%3Adp%3A1%3Als%3A620336451328%3Ahid%3A15495112%3Aphid%3A727852081%3Az%3A0%3Ai%3A20230323145017%3Aet%3A1679583017%3Ac%3A1%3Arn%3A64744128%3Arqn%3A1%3Au%3A1679583017557129361%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C109%2C57%2C1%2C0%2C0%2C%2C17%2C0%2C186%2C186%2C0%2C186%3Aco%3A0%3Acpf%3A1%3Ans%3A1679583014918%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679583017%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)lt(7900)aw(1)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 492b9e8d15fa7f48a641dbfa47af13f50226d9147cee64ebc31602727e8d9ac1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Thu, 23-Mar-2023 14:50:17 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://yastatic.net cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 439 x-xss-protection 1; mode=block expires Thu, 23-Mar-2023 14:50:17 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 7709	3 KB 2 KB	170ms 116ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1679583017429&cv=9&fst=1679583017429&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a8c165eddf79f3801123942dc02e00417ee9dc16902493c60c15f9782b7f0274 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1389 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel Show response bid.g.doubleclick.net/xbbe/ Frame A6ED	0 466 B	309ms 143ms	Document text/html	74.125.133.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/xbbe/pixel?d=KAE Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.133.155 Nashville, United States, ASN15169 (GOOGLE, US), Reverse DNS wo-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 23 Mar 2023 14:50:17 GMT expires Thu, 23 Mar 2023 14:50:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 7709	3 KB 2 KB	160ms 110ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1679583017434&cv=9&fst=1679583017434&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 11d2460a02c100153d4b5091cbbdb5ff71e7d5f31168e8639d170c330690f09e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1400 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel Show response bid.g.doubleclick.net/xbbe/ Frame B181	0 149 B	341ms 178ms	Document text/html	74.125.133.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/xbbe/pixel?d=KAE Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.133.155 Nashville, United States, ASN15169 (GOOGLE, US), Reverse DNS wo-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 23 Mar 2023 14:50:17 GMT expires Thu, 23 Mar 2023 14:50:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 7709	3 KB 2 KB	159ms 114ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1679583017440&cv=9&fst=1679583017440&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7d8aabc7a58e8bced7afdbb0a04f9a4cdb3081f7cd84ba4ae169003f60bc0808 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1381 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 7709	3 KB 2 KB	155ms 112ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1679583017441&cv=9&fst=1679583017441&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 423c3f6dc87d5cca3ab4c35f20cf9fd4dcb37a468b176814535b675e7875de2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1398 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	404	/ lizaonair.com/cors/	18 KB 18 KB	71ms 70ms	Image text/html	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqBO9TUtNp5/media/?size=t&v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aca122400d9a57cf4ba28f8c84c51cada14b0d672920ae672ec3e12524926d7e Security Headers Name Value Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers content-security-policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests content-encoding br geo-lat 60.21880 age 63548 pragma no-cache x-ig-request-elapsed-time-ms 45 cross-origin-embedder-policy-report-only require-corp;report-to="coep" x-ig-origin-region cln geo-city Helsinki vary Accept-Language, Cookie, Accept-Encoding x-frame-options SAMEORIGIN content-language ru access-control-allow-origin null content-type text/html; charset=utf-8 cache-control private, max-age=31536000, must-revalidate access-control-expose-headers access-control-expose-headers,age,alt-svc,cache-control,cf-cache-status,cf-ray,connection,content-language,content-security-policy,content-type,cross-origin-embedder-policy-report-only,cross-origin-opener-policy,date,expires,origin-trial,pragma,report-to,server,strict-transport-security,transfer-encoding,vary,x-aed,x-content-type-options,x-fb-trip-id,x-frame-options,x-ig-cache-control,x-ig-origin-region,x-ig-peak-time,x-ig-push-state,x-ig-request-elapsed-time-ms,x-xss-protection,cors-received-headers origin-trial AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0= expires Sat, 01 Jan 2000 00:00:00 GMT date Thu, 23 Mar 2023 14:50:17 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff cf-cache-status HIT x-aed 77 x-xss-protection 0 x-fb-trip-id 1679558926 server cloudflare cross-origin-opener-policy same-origin-allow-popups;report-to="coop" geo-lon 24.87080 x-ig-peak-time 1 x-ig-push-state c2 report-to {"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]} x-ig-cache-control no-cache cf-ray 7ac77c633ab5d957-HEL cors-received-headers {"access-control-expose-headers":"X-IG-Set-WWW-Claim","age":"63548","alt-svc":"h3=\":443\"; ma=86400","cache-control":"private, max-age=31536000, must-revalidate","cf-cache-status":"HIT","cf-ray":"7ac77c6353ddd957-HEL","connection":"keep-alive","content-language":"ru","content-security-policy":"report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests","content-type":"text/html; charset=utf-8","cross-origin-embedder-policy-report-only":"require-corp;report-to=\"coep\"","cross-origin-opener-policy":"same-origin-allow-popups;report-to=\"coop\"","date":"Thu, 23 Mar 2023 14:50:17 GMT","expires":"Sat, 01 Jan 2000 00:00:00 GMT","origin-trial":"AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=","pragma":"no-cache","report-to":"{\"group\": \"coep\", \"max_age\": 86400, \"endpoints\": [{\"url\": \"/security/coep_report/\"}]},{\"group\": \"coop\", \"max_age\": 86400, \"endpoints\": [{\"url\": \"/security/coop_report/\"}]}","server":"cloudflare","strict-transport-security":"max-age=15552000","transfer-encoding":"chunked","vary":"Accept-Language, Cookie, Accept-Encoding","x-aed":"77","x-content-type-options":"nosniff","x-fb-trip-id":"1679558926","x-frame-options":"SAMEORIGIN","x-ig-cache-control":"no-cache","x-ig-origin-region":"cln","x-ig-peak-time":"1","x-ig-push-state":"c2","x-ig-request-elapsed-time-ms":"45","x-xss-protection":"0"}
GET H2	400	CqBO9TUtNp5 Show response lizaonair.com/giveaway/api/oembed/	524 B 653 B	335ms 335ms	XHR application/json	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lizaonair.com/giveaway/api/oembed/CqBO9TUtNp5 Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 150a837ee2afa4318f838cae8876d0d7f40dafdddacbbddf8efb712086213448 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://lizaonair.com/giveaway/ X-Requested-With XMLHttpRequest accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:17 GMT strict-transport-security max-age=15552000 geo-lat 60.21880 server cloudflare geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding content-type application/json access-control-allow-origin null cf-ray 7ac77c63aba2d957-HEL content-length 524
GET H2	200	/ www.google.com/pagead/1p-user-list/693627671/ Frame 7709	42 B 108 B	83ms 82ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/693627671/?random=1679583017434&cv=9&fst=1679580000000&num=1&guid=ON&eid=376635471%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&async=1&fmt=3&is_vtc=1&random=2527309305&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.fi/pagead/1p-user-list/693627671/ Frame 7709	42 B 154 B	85ms 84ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fi/pagead/1p-user-list/693627671/?random=1679583017434&cv=9&fst=1679580000000&num=1&guid=ON&eid=376635471%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&async=1&fmt=3&is_vtc=1&random=2527309305&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/693627671/ Frame 7709	42 B 108 B	83ms 82ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/693627671/?random=1679583017441&cv=9&fst=1679580000000&num=1&guid=ON&eid=376635470%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&async=1&fmt=3&is_vtc=1&random=2859069515&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.fi/pagead/1p-user-list/693627671/ Frame 7709	42 B 108 B	103ms 103ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fi/pagead/1p-user-list/693627671/?random=1679583017441&cv=9&fst=1679580000000&num=1&guid=ON&eid=376635470%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&async=1&fmt=3&is_vtc=1&random=2859069515&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/947884341/ Frame 7709	42 B 108 B	82ms 82ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/947884341/?random=1679583017440&cv=9&fst=1679580000000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&async=1&fmt=3&is_vtc=1&random=2313905220&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.fi/pagead/1p-user-list/947884341/ Frame 7709	42 B 108 B	83ms 83ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fi/pagead/1p-user-list/947884341/?random=1679583017440&cv=9&fst=1679580000000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&async=1&fmt=3&is_vtc=1&random=2313905220&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/947884341/ Frame 7709	42 B 108 B	88ms 87ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/947884341/?random=1679583017429&cv=9&fst=1679580000000&num=1&guid=ON&eid=376635471%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&async=1&fmt=3&is_vtc=1&random=811712978&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.fi/pagead/1p-user-list/947884341/ Frame 7709	42 B 108 B	85ms 84ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fi/pagead/1p-user-list/947884341/?random=1679583017429&cv=9&fst=1679580000000&num=1&guid=ON&eid=376635471%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&async=1&fmt=3&is_vtc=1&random=811712978&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:17 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ lizaonair.com/cors/	7 KB 8 KB	446ms 446ms	Image image/jpeg	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqBL2HroKpR/media/?size=t&v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa14926d850a6ba3b1856a5627ba603decaf45618a8f516fcb331d2afa6e8ead Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers x-haystack-needlechecksum 1008178918 date Thu, 23 Mar 2023 14:50:18 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 age 14300 cf-polished degrade=85, origSize=7087, status=webp_bigger content-digest adler32=2958615930 cross-origin-resource-policy same-origin content-length 6891 x-fb-trip-id 1814657579 last-modified Mon, 20 Mar 2023 17:07:15 GMT cf-bgj imgq:85,h2pri server cloudflare x-storage-error-category dfs:none;hs_p:200:HS_ESUCCESS geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding x-frame-options DENY content-type image/jpeg access-control-allow-origin null access-control-expose-headers accept-ranges,age,alt-svc,cache-control,cf-bgj,cf-cache-status,cf-polished,cf-priority,cf-priority-change,cf-ray,connection,content-digest,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-haystack-needlechecksum,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 513434455 accept-ranges bytes cf-ray 7ac77c64cdebd957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","age":"14300","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-bgj":"imgq:85,h2pri","cf-cache-status":"HIT","cf-polished":"degrade=85, origSize=7087, status=webp_bigger","cf-priority":"50/0","cf-priority-change":"260:30/0,790:20/1,3000:10/1","cf-ray":"7ac77c6715ccd957-HEL","connection":"keep-alive","content-digest":"adler32=2958615930","content-length":"6891","content-type":"image/jpeg","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:18 GMT","last-modified":"Mon, 20 Mar 2023 17:07:15 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept-Encoding","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-haystack-needlechecksum":"1008178918","x-needle-checksum":"513434455","x-storage-error-category":"dfs:none;hs_p:200:HS_ESUCCESS"}
GET H2	200	1IOskpAo0VK100000000U9nJLDF_jJb0Bi_6y2sdh-ogvUk4BTNIPL8OWC0J9XAQzU6XPMnp1pj3AYDGFFCjvrz1a7WfY5VxLuE1ePKHH7Q2-430n32JyPyPXBsGyGOBXBMISI9KVY_ZNJi9XgDW_bb6aE1LC7cNaK66WU4luomc1eQvJ22Hiqp_WU0Lay3THKejR... Show response yandex.ru/an/rtbcount/	43 B 618 B	61ms 61ms	XHR image/gif	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/an/rtbcount/1IOskpAo0VK100000000U9nJLDF_jJb0Bi_6y2sdh-ogvUk4BTNIPL8OWC0J9XAQzU6XPMnp1pj3AYDGFFCjvrz1a7WfY5VxLuE1ePKHH7Q2-430n32JyPyPXBsGyGOBXBMISI9KVY_ZNJi9XgDW_bb6aE1LC7cNaK66WU4luomc1eQvJ22Hiqp_WU0Lay3THKejRpaP6LOz_fmowJihmrycPg1qApChaEnbLWIIKvb16kOoCu6i0f8A89jODZAdvqcNbZ2dT9vaXldqAbZbNJ3vazd1YH_YK1RMeaOmQmNBlzmDB8mxM9WEi31TO3dtOFQffR-FB1U_2VN81_k7B1C_tdfwSiCL-xSi84yiOEKyoThwWWiiVO6reQ61vIQhscoU7OLd6Xk_ieByqC7Mm3A1RTcz5_ExJxLljvd1zl705iO5RFjdJ9bmU-6FJg6LR30Z3x35d61ZUSJ66sJkQfMIaUDkR52URlwI3MRvJpXh8hjaPAp7zRwtzhFOsSnD32rCJJQmC-rWvpd1Blw0VUMrttC-BkizRlI3dMS1nx_S5HmtE3TmJ6JUmS4806W7eIW0?confirmTime=2100000&confirmRatio=1000000&test-tag=262783279038466&format-type=118&actual-format=13&rnd=1701500012866&pcode-active-testids=740570%2C0%2C4&banner-sizes=eyI3MjA1NzYwNzU2Nzc1MzkyMCI6IjMyOHgxOTkifQ%3D%3D&width=328&height=199 Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://lizaonair.com/giveaway/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 23 Mar 2023 14:50:17 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679583017976715-17534969153781231705-vla1-3230-vla-l7-balancer-8080-BAL p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-xss-protection 1; mode=block pragma no-cache last-modified Thu, 23 Mar 2023 14:50:17 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type image/gif access-control-allow-origin https://lizaonair.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Thu, 23 Mar 2023 14:50:17 GMT
GET H2	200	/ lizaonair.com/cors/	9 KB 10 KB	304ms 304ms	Image image/jpeg	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqBAar0MScH/media/?size=t&v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ed0d0e8bd8538f33af71b5cd0c291a3fa42e056c3b77830223e7a9466c2c62a Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:18 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 age 18960 cf-polished degrade=85, origSize=9360, status=webp_bigger content-digest adler32=1178941352 cross-origin-resource-policy same-origin content-length 8954 x-fb-trip-id 1814657579 last-modified Mon, 20 Mar 2023 15:25:50 GMT cf-bgj imgq:85,h2pri server cloudflare x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding x-frame-options DENY content-type image/jpeg access-control-allow-origin null access-control-expose-headers accept-ranges,age,alt-svc,cache-control,cf-bgj,cf-cache-status,cf-polished,cf-priority,cf-priority-change,cf-ray,connection,content-digest,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 1061598967 accept-ranges bytes cf-ray 7ac77c66aa44d957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","age":"18960","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-bgj":"imgq:85,h2pri","cf-cache-status":"HIT","cf-polished":"degrade=85, origSize=9360, status=webp_bigger","cf-priority":"50/0","cf-priority-change":"261:30/0,792:20/1,3349:10/1","cf-ray":"7ac77c683647d957-HEL","connection":"keep-alive","content-digest":"adler32=1178941352","content-length":"8954","content-type":"image/jpeg","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:18 GMT","last-modified":"Mon, 20 Mar 2023 15:25:50 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept-Encoding","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-needle-checksum":"1061598967","x-storage-error-category":"dfs:none;sc_p:200:WSE_NOT_SET"}
GET H2	200	/ lizaonair.com/cors/	9 KB 10 KB	311ms 310ms	Image image/jpeg	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqA-ZZloxnY/media/?size=t&v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab89bb0494bf2869bfde7531405d9198cc189b6928336953b3e16613d640970c Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:18 GMT strict-transport-security max-age=15552000 cf-cache-status MISS geo-lat 60.21880 content-digest adler32=1875676213 cross-origin-resource-policy same-origin content-length 9577 x-fb-trip-id 1814657579 last-modified Mon, 20 Mar 2023 15:05:07 GMT x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET server cloudflare geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding x-frame-options DENY content-type image/jpeg access-control-allow-origin null access-control-expose-headers accept-ranges,alt-svc,cache-control,cf-cache-status,cf-ray,connection,content-digest,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 326390861 accept-ranges bytes cf-ray 7ac77c682d9fd957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-cache-status":"MISS","cf-ray":"7ac77c6936c4d957-HEL","connection":"keep-alive","content-digest":"adler32=1875676213","content-length":"9577","content-type":"image/jpeg","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:18 GMT","last-modified":"Mon, 20 Mar 2023 15:05:07 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept-Encoding","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-needle-checksum":"326390861","x-storage-error-category":"dfs:none;sc_p:200:WSE_NOT_SET"}
GET H2	404	/ lizaonair.com/cors/	19 KB 19 KB	83ms 83ms	Image text/html	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqA6_DBNivc/media/?size=t&v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bcb3b990ebd41d9eb2f9b74c90b635a0bc24bd74df427e45b107aa9c9312121e Security Headers Name Value Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers content-security-policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests content-encoding br geo-lat 60.21880 age 38920 pragma no-cache x-ig-request-elapsed-time-ms 79 cross-origin-embedder-policy-report-only require-corp;report-to="coep" x-ig-origin-region nao geo-city Helsinki vary Accept-Language, Cookie, Accept-Encoding x-frame-options SAMEORIGIN content-language ru access-control-allow-origin null content-type text/html; charset=utf-8 cache-control private, max-age=31536000, must-revalidate access-control-expose-headers access-control-expose-headers,age,alt-svc,cache-control,cf-cache-status,cf-ray,connection,content-language,content-security-policy,content-type,cross-origin-embedder-policy-report-only,cross-origin-opener-policy,date,expires,origin-trial,pragma,report-to,server,strict-transport-security,transfer-encoding,vary,x-aed,x-content-type-options,x-fb-trip-id,x-frame-options,x-ig-cache-control,x-ig-origin-region,x-ig-peak-time,x-ig-push-state,x-ig-request-elapsed-time-ms,x-xss-protection,cors-received-headers origin-trial AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0= expires Sat, 01 Jan 2000 00:00:00 GMT date Thu, 23 Mar 2023 14:50:18 GMT strict-transport-security max-age=15552000 x-content-type-options nosniff cf-cache-status HIT x-aed 77 x-xss-protection 0 x-fb-trip-id 1679558926 server cloudflare cross-origin-opener-policy same-origin-allow-popups;report-to="coop" geo-lon 24.87080 x-ig-peak-time 1 x-ig-push-state c2 report-to {"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]} x-ig-cache-control no-cache cf-ray 7ac77c69a908d957-HEL cors-received-headers {"access-control-expose-headers":"X-IG-Set-WWW-Claim","age":"38920","alt-svc":"h3=\":443\"; ma=86400","cache-control":"private, max-age=31536000, must-revalidate","cf-cache-status":"HIT","cf-ray":"7ac77c69c704d957-HEL","connection":"keep-alive","content-language":"ru","content-security-policy":"report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests","content-type":"text/html; charset=utf-8","cross-origin-embedder-policy-report-only":"require-corp;report-to=\"coep\"","cross-origin-opener-policy":"same-origin-allow-popups;report-to=\"coop\"","date":"Thu, 23 Mar 2023 14:50:18 GMT","expires":"Sat, 01 Jan 2000 00:00:00 GMT","origin-trial":"AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=","pragma":"no-cache","report-to":"{\"group\": \"coep\", \"max_age\": 86400, \"endpoints\": [{\"url\": \"/security/coep_report/\"}]},{\"group\": \"coop\", \"max_age\": 86400, \"endpoints\": [{\"url\": \"/security/coop_report/\"}]}","server":"cloudflare","strict-transport-security":"max-age=15552000","transfer-encoding":"chunked","vary":"Accept-Language, Cookie, Accept-Encoding","x-aed":"77","x-content-type-options":"nosniff","x-fb-trip-id":"1679558926","x-frame-options":"SAMEORIGIN","x-ig-cache-control":"no-cache","x-ig-origin-region":"nao","x-ig-peak-time":"1","x-ig-push-state":"c2","x-ig-request-elapsed-time-ms":"79","x-xss-protection":"0"}
GET H2	200	CqA6_DBNivc Show response lizaonair.com/giveaway/api/oembed/	448 B 476 B	394ms 394ms	XHR application/json	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lizaonair.com/giveaway/api/oembed/CqA6_DBNivc Requested by Host: lizaonair.com URL: https://lizaonair.com/proxy/browser.sentry-cdn.com/7.12.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07e0cbee3980c4d951beeace0a48305aca43979090daa6583dcd4005efeb8b53 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://lizaonair.com/giveaway/ X-Requested-With XMLHttpRequest accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:18 GMT strict-transport-security max-age=15552000 content-encoding br geo-lat 60.21880 server cloudflare geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding content-type application/json access-control-allow-origin null cf-ray 7ac77c6a3a35d957-HEL
GET H2	200	/ lizaonair.com/cors/	8 KB 10 KB	297ms 296ms	Image image/jpeg	2606:4700:10::6816:89f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lizaonair.com/cors/?https://www.instagram.com/p/CqArWtfo82s/media/?size=t&v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:89f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 556a85b1595b13ed8a7885f626e7d7f2b36eb85dbc36571ee155e33261d91031 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Frame-Options DENY Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:19 GMT strict-transport-security max-age=15552000 cf-cache-status HIT geo-lat 60.21880 age 14290 cf-polished degrade=85, origSize=9144, status=webp_bigger content-digest adler32=2940163027 cross-origin-resource-policy same-origin content-length 8680 x-fb-trip-id 1814657579 last-modified Mon, 20 Mar 2023 12:08:33 GMT cf-bgj imgq:85,h2pri server cloudflare x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET geo-city Helsinki geo-lon 24.87080 vary Accept-Encoding x-frame-options DENY content-type image/jpeg access-control-allow-origin null access-control-expose-headers accept-ranges,age,alt-svc,cache-control,cf-bgj,cf-cache-status,cf-polished,cf-priority,cf-priority-change,cf-ray,connection,content-digest,content-length,content-type,cross-origin-resource-policy,date,last-modified,server,strict-transport-security,timing-allow-origin,vary,x-fb-trip-id,x-frame-options,x-needle-checksum,x-storage-error-category,cors-received-headers cache-control max-age=31536000, no-transform x-needle-checksum 1277073769 accept-ranges bytes cf-ray 7ac77c6b3c4bd957-HEL timing-allow-origin * cors-received-headers {"accept-ranges":"bytes","age":"14290","alt-svc":"h3=\":443\"; ma=86400","cache-control":"max-age=31536000, no-transform","cf-bgj":"imgq:85,h2pri","cf-cache-status":"HIT","cf-polished":"degrade=85, origSize=9144, status=webp_bigger","cf-priority":"50/0","cf-priority-change":"260:30/0,798:20/1,3898:10/1","cf-ray":"7ac77c6ca039d957-HEL","connection":"keep-alive","content-digest":"adler32=2940163027","content-length":"8680","content-type":"image/jpeg","cross-origin-resource-policy":"same-origin","date":"Thu, 23 Mar 2023 14:50:19 GMT","last-modified":"Mon, 20 Mar 2023 12:08:33 GMT","server":"cloudflare","strict-transport-security":"max-age=15552000","timing-allow-origin":"*","vary":"Accept-Encoding","x-fb-trip-id":"1814657579","x-frame-options":"DENY","x-needle-checksum":"1277073769","x-storage-error-category":"dfs:none;sc_p:200:WSE_NOT_SET"}
GET H2	200	336335310_6195255787208846_5823185317015882008_n.jpg scontent.cdninstagram.com/v/t51.2885-15/	22 KB 22 KB	208ms 67ms	Image image/jpeg	2a03:2880:f21c:81c4:face:b00c:0:43fe FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://scontent.cdninstagram.com/v/t51.2885-15/336335310_6195255787208846_5823185317015882008_n.jpg?stp=dst-jpg_e35_s320x320&_nc_ht=scontent.cdninstagram.com&_nc_cat=102&_nc_ohc=DbkaMS42JYkAX-Vuf6h&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfBBrw1qA_NZfUfXPZKAWkaKseOJQKQx5fPF4YhXSHNqVw&oe=641CBDD8&_nc_sid=b9f2ee Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f21c:81c4:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 12fadb03fefffe186dcfc31a95fa45acc0f79da3815f7f08a721616b0d5c361c Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Thu, 23 Mar 2023 14:50:19 GMT x-fb-trip-id 1425083115 x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET last-modified Mon, 20 Mar 2023 14:37:16 GMT content-type image/jpeg access-control-allow-origin * content-digest adler32=3382025612 cache-control max-age=1209600, no-transform cross-origin-resource-policy cross-origin x-needle-checksum 3089003677 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=86400 content-length 22271
POST H2	204	collect region1.google-analytics.com/g/	0 45 B	46ms 45ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-6TX4G0QLVH&gtm=45je33k0&_p=1436632764&cid=823113174.1679583014&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1679583014&sct=1&seg=0&dl=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&dt=%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BF%D0%BE%D0%B1%D0%B5%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%20%D0%B2%20%D0%98%D0%BD%D1%81%D1%82%D0%B0%D0%B3%D1%80%D0%B0%D0%BC%2C%20Youtube%20%D0%B8%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%80%D0%B0%D0%BD%D0%B4%D0%BE%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%E2%84%961&en=scroll&epn.percent_scrolled=90&_et=6 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6TX4G0QLVH&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:19 GMT server Golfe2 content-type text/plain access-control-allow-origin https://lizaonair.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 45 B	46ms 45ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-JCCFKRW5MH&gtm=45je33k0&_p=1436632764&cid=823113174.1679583014&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1679583014&sct=1&seg=0&dl=https%3A%2F%2Flizaonair.com%2Fgiveaway%2F&dt=%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BF%D0%BE%D0%B1%D0%B5%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%20%D0%B2%20%D0%98%D0%BD%D1%81%D1%82%D0%B0%D0%B3%D1%80%D0%B0%D0%BC%2C%20Youtube%20%D0%B8%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5.%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%80%D0%B0%D0%BD%D0%B4%D0%BE%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%E2%84%961&en=scroll&epn.percent_scrolled=90&_et=8 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-JCCFKRW5MH&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://lizaonair.com/giveaway/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Thu, 23 Mar 2023 14:50:19 GMT server Golfe2 content-type text/plain access-control-allow-origin https://lizaonair.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

mitdmp.whiteboxdigital.ru

URL

https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Domain

sonar.semantiqo.com

URL

https://sonar.semantiqo.com/dmp/scr.php