urlscan.io logo urlscan.io
SecurityTrails logo

www.faxwine.ru.com Open in urlscan Pro
2606:4700:3031::6815:4b57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJF...
Effective URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZ...
Submission: On July 28 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 7 countries across 18 domains to perform 116 HTTP transactions. The main IP is 2606:4700:3031::6815:4b57, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.faxwine.ru.com.
This is the only time www.faxwine.ru.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
57 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 151.101.193.44 54113 (FASTLY)
1 23.35.237.86 16625 (AKAMAI-AS)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
4 23.36.163.228 20940 (AKAMAI-ASN1)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 2620:1ec:27::... 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 70.42.32.191 13789 (INTERNAP-...)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:200... 54113 (FASTLY)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 212.82.100.181 34010 (YAHOO-IRD)
2 20.75.32.255 8075 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
4 141.226.228.48 200478 (TABOOLA-AS)
116 25
57    2606:4700:3031::6815:4b57 (United States)

ASN13335 (CLOUDFLARENET, US)
www.faxwine.ru.com
4    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700:3030::6815:1134 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lumbarcorrect.com
go.lumbarcorrect.com
4    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
1    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
1    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
amplify.outbrain.com
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
4    23.36.163.228 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2620:1ec:27::cafe:1834 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
tr.outbrain.com
5    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
2    20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
b.clarity.ms
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
57 ru.com
www.faxwine.ru.com
3 MB
7 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 922
trc.taboola.com — Cisco Umbrella Rank: 629
trc-events.taboola.com — Cisco Umbrella Rank: 1495
22 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 542
b.clarity.ms — Cisco Umbrella Rank: 5292
c.clarity.ms — Cisco Umbrella Rank: 1008
25 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5701
978 B
5 google.com
www.google.com — Cisco Umbrella Rank: 10
756 B
5 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
5 KB
5 gstatic.com
fonts.gstatic.com
64 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
region1.google-analytics.com — Cisco Umbrella Rank: 2841
40 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 919
89 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
208 KB
3 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 1916
tr.outbrain.com — Cisco Umbrella Rank: 1753
4 KB
3 lumbarcorrect.com
www.lumbarcorrect.com
go.lumbarcorrect.com
8 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
428 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
111 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 381
7 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 192
554 B
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 861
633 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
15 KB
116 18
Domain Requested by
57 www.faxwine.ru.com www.faxwine.ru.com
5 www.google.de www.faxwine.ru.com
5 www.google.com www.faxwine.ru.com
5 fonts.gstatic.com www.faxwine.ru.com
4 trc-events.taboola.com cdn.taboola.com
4 analytics.tiktok.com www.faxwine.ru.com
analytics.tiktok.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.faxwine.ru.com
4 www.googletagmanager.com www.faxwine.ru.com
3 googleads.g.doubleclick.net www.googleadservices.com
2 c.clarity.ms 1 redirects
2 go.lumbarcorrect.com 1 redirects www.faxwine.ru.com
2 b.clarity.ms www.clarity.ms
2 www.facebook.com www.faxwine.ru.com
2 trc.taboola.com cdn.taboola.com
2 tr.outbrain.com amplify.outbrain.com
www.faxwine.ru.com
2 stats.g.doubleclick.net www.google-analytics.com
2 www.clarity.ms www.faxwine.ru.com
www.clarity.ms
2 connect.facebook.net www.faxwine.ru.com
connect.facebook.net
2 s.yimg.com www.faxwine.ru.com
s.yimg.com
1 c.bing.com 1 redirects
1 sp.analytics.yahoo.com www.faxwine.ru.com
1 region1.google-analytics.com www.googletagmanager.com
1 amplify.outbrain.com www.faxwine.ru.com
1 cdn.taboola.com www.faxwine.ru.com
1 www.googleadservices.com www.faxwine.ru.com
1 www.lumbarcorrect.com www.faxwine.ru.com
116 26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
api.whatsapp.com
www.pinterest.com
gadgetronixs.com
popularhitech.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.lumbarcorrect.com
E1		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-07-25 -
2022-09-14		 2 months crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-07 -
2022-08-05		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-15 -
2022-09-07		 6 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh

This page contains 5 frames:

Primary Page: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Frame ID: 148FBA4DC13CE26FD1EA247BB505E6BF
Requests: 111 HTTP requests in this frame

Frame: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/blank.htm
Frame ID: 2C78E0BB716E496F1BEC91F503231AE6
Requests: 2 HTTP requests in this frame

Frame: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/universalJSRequest.htm
Frame ID: AD97228AE4E80236CE1F51B5077043C1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2EE5C477FD64C354445A130D3DCD2506
Requests: 1 HTTP requests in this frame

Frame: https://go.lumbarcorrect.com/tracking/universalJSRequest.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ffq=set|ff|flux_url|ff|http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag|ff|set|ff|flux_ref|ff|http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag|ff|set|ff|flux_f|ff|1588987096746216423|ff|set|ff|flux_inject|ff|%7B%22intoUrl%22%3Afalse%2C%22intoForms%22%3A%7B%22selector%22%3Anull%7D%2C%22intoLinks%22%3A%7B%22selector%22%3Anull%7D%2C%22tokens%22%3A%7B%7D%7D&frameId=_ffq_track_
Frame ID: 75ACE056252A9B87DB3832AFCD383D71
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

st - Lumbar Correct

Page URL History Show full URLs

  1. http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJ... Page URL
  2. http://www.faxwine.ru.com/offer.php?id=434&sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2N... Page URL
  3. http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1Sy... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

116
Requests

43 %
HTTPS

64 %
IPv6

18
Domains

26
Subdomains

25
IPs

7
Countries

3731 kB
Transfer

5686 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag Page URL
  2. http://www.faxwine.ru.com/offer.php?id=434&sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag Page URL
  3. http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • http://www.googletagmanager.com/gtag/js?id=G-ESSM5KG8PE&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=G-ESSM5KG8PE&l=dataLayer&cx=c
Request Chain 64
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 107
  • http://go.lumbarcorrect.com/tracking/universalJSRequest.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ffq=set|ff|flux_url|ff|http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag|ff|set|ff|flux_ref|ff|http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag|ff|set|ff|flux_f|ff|1588987096746216423|ff|set|ff|flux_inject|ff|%7B%22intoUrl%22%3Afalse%2C%22intoForms%22%3A%7B%22selector%22%3Anull%7D%2C%22intoLinks%22%3A%7B%22selector%22%3Anull%7D%2C%22tokens%22%3A%7B%7D%7D&frameId=_ffq_track_ HTTP 301
  • https://go.lumbarcorrect.com/tracking/universalJSRequest.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ffq=set|ff|flux_url|ff|http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag|ff|set|ff|flux_ref|ff|http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag|ff|set|ff|flux_f|ff|1588987096746216423|ff|set|ff|flux_inject|ff|%7B%22intoUrl%22%3Afalse%2C%22intoForms%22%3A%7B%22selector%22%3Anull%7D%2C%22intoLinks%22%3A%7B%22selector%22%3Anull%7D%2C%22tokens%22%3A%7B%7D%7D&frameId=_ffq_track_
Request Chain 109
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=1BA7184586CC42C699E6DB6811EABEF4&RedC=c.clarity.ms&MXFR=1CEDF4F533466AB7186BE51A3746649F HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=1BA7184586CC42C699E6DB6811EABEF4&MUID=2DF635BC5AF4642C057324535B9F6520

116 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
731fe9cebb1083ac-MXP
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Jul 2022 19:10:09 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67PqPDamgVQLUCWYlMAvlUCk5gVi2aa1LoQ6BRb2cjP0ikfgzVHPY0BNPpUf4jeNfyfrmYRu5FEF7ggw2cVfre34%2Fbv3%2BNyZrv0ozodyiPvJLys0AG%2B4BxREJo1mBI6VYrbeeMqIFDQg64IccNLt8WA%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Powered-By
PHP/7.3.25
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-1.11.0.min.js
www.faxwine.ru.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/jquery-1.11.0.min.js
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:09 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2698
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Fri, 11 Feb 2022 18:18:35 GMT
Server
cloudflare
ETag
W/"6206a87b-1787d"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3Ma7ei%2BVLVX8QUaHc8MXT2sDkXQTpMWv3ig2DpnlYuk%2FGHbGZehLNOq7UHw341dpiFnzRpy22cYgd0Y96K7YNhVyyeVLJPYYw2%2B8W19SRTkXfDM5Vg5YVkToMZmadef18jpDcAMIrlHGX7qYiNMRoE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
731fe9cf7c2c83ac-MXP
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 19:10:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41627
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 18:24:42 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Jul 2022 19:10:09 GMT
offer.php
www.faxwine.ru.com/ 		440 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/offer.php?id=434&sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash

Request headers

Referer
http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
731fe9cfccd283ac-MXP
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Jul 2022 19:10:10 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8B%2BK%2F6Enbsrq%2BzolFUbE0q92jJxv%2FttRKcWzhaSYQCd4w9Dtgyn97LWJgyQUi8wsypc4ERq1%2FJbe9LOPRDthNp8jrW7hKSjR4VQPcw8bIsN2ww%2BtOcX0x%2F47TFoSZIEPCkZWGm8ri%2FWvA5DNMXOcyoA%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Powered-By
PHP/7.3.25
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request LumbarCorrect.php
www.faxwine.ru.com/clicks/ 		82 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
4b9555eb4fb01c3cf18b8329e4ae62705042833cd447d4e7cb57cd6545e6d4ca

Request headers

Referer
http://www.faxwine.ru.com/offer.php?id=434&sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
731fe9d0ee8983ac-MXP
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Jul 2022 19:10:10 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2F%2FhGRYTJRg6OuB%2BDFjafb0JAy3yEjto%2FJbt07IGH34PSxCNTkNH4X4AqzE4ZhSzA8J5pJ960Rbyd%2F2Qs4wj9mI9Pb75iICc4Fg7zGR0KMohftxfL%2BaBc6kMndAtov4PhWlosvdSWpBvvRs8BnuFBpY%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Powered-By
PHP/7.3.25
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b815ca3e581c38075e85d6056c7c5ce17aa406e382a54ebcc411437faec750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 19:10:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41627
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 18:24:42 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Jul 2022 19:10:10 GMT
gtm
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		141 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/gtm
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bc5b1a06bdb8aa5df2b4a105fbadaaf5d182b93949c824771b677ebf210b567

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:23 GMT
Server
cloudflare
ETag
"62d02807-23298"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5M%2BK5AaiufL2NF43i6rYHk7bAdv95k1kdeHgjptlOTzjsE8b2kIaHX2gI2K76e9iaxAIj%2BGYzsx4xG0e9mAhcvD6WJGkuxQP%2F3drVzRlhTv5KQeTa34wPZjDVz005Mumeo1oOC2zc34ANzv7FSmS8Qg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d2ef4ebaf4-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
144024
wp-emoji-release.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/wp-emoji-release.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:12 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:48 GMT
Server
cloudflare
ETag
"62d02820-48b9"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PtDe9ALLHUUrLrdz0%2Bfl62ty4xc30gYBPgFez2o2fdt7t%2F7LgnfTE7SwyJIqAKQmJOpFXFZ%2FWtoysmXrYz2vANxC1R65ZDDwBkdXYPCYV105ag1LcO1rpOBNQYthmVS1ZeBkBv5pLU7Eu01jmPQ4r8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9dbfe96375f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
18617
elementor-icons.min.css
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/elementor-icons.min.css
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1163
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 14 Jul 2022 14:28:18 GMT
Server
cloudflare
ETag
W/"62d02802-4ab8"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fc%2F0xaKITQnrYqPYHzcyjnm2KYx2%2F%2BYvfyxbJ2Am9fRGnkVsbD8qF0nc3JzimkHpwr32Rd866%2BuYkEwkZohzeVm5AQJfakMrVwgCOkoUy7QfmFZhG9%2F6f9%2F0INBSu9osk%2FTr743HVagaoMpN%2BY8K7SY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
731fe9d218f4375f-MXP
frontend-legacy.min.css
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/frontend-legacy.min.css
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e8e7cd4193c77cb73c879d8435af78b3fc7614181f1e7d3760641b7778b7400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2704
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 14 Jul 2022 14:28:19 GMT
Server
cloudflare
ETag
W/"62d02803-35ed"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXe%2F7w7sfzIMJmHoCJPq0kBuDzR6caGYNCkrCtMDUhbK86HluKIgE1NxiGCnCBWIzH1fUqDR8OJd3YQxjWXz4SxjToojlQPQ%2F3NDYNIEmmaTFO2ediG5k7jVpyVoMkSxJtKqBRy716amFtnlih9uoQ4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
731fe9d21c3dbb20-MXP
frontend.min.css
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		159 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/frontend.min.css
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
888937b853414182608e6ed76b574497748b1954de47389bf4b2018f90b9d324

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Thu, 14 Jul 2022 14:28:21 GMT
Server
cloudflare
ETag
W/"62d02805-27dfe"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80kg8%2BRdTd15BhNTPqYm7kOy3NnmLdpYRNq5VsSLeNycxeT2EEBNe7LImLb%2B5aPJ0gPtgx9DmbWXSvdZ%2BXOhrLXkIRCQlPX%2B8R0pt2DQ0Cy3JmceQ4U67urCxccJjVTlI0J12BB2tX8HmQ%2FfOM995TY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
731fe9d22ec6f917-MXP
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
post-440.css
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/post-440.css
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454035b45ee3e226dc99f42ead59db11ebd7274ed4c9889478249eea194a97d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2704
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 14 Jul 2022 14:28:39 GMT
Server
cloudflare
ETag
W/"62d02817-51c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUEDguitJRwWH5o51P%2FyrauGwNts8bfhOg2r41w2IOQx%2Bf88tzifxWs1BtXJV7BdxFLuBTzuCyi7%2F7%2FMsImDbxtNXiqr2NZpvVrHoPxUq6vrh12Q9t0eYKoPPaQ9mvSP5pKFeQ6F%2FPzAPq3bH3dpBUQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
731fe9d22dc2baf4-MXP
frontend.min_002.css
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		470 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/frontend.min_002.css
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3da40985846d59ff1eabc798bcfe3ae9328981858fb2d8a07426aa17855f3de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1163
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 14 Jul 2022 14:28:22 GMT
Server
cloudflare
ETag
W/"62d02806-756b1"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWihIwLHFmXGy%2FI%2FdMp8qLENKnS0y3vQMsBXarUv5zNy8N4QeJmnMFSnFJjrrAVIU9LS2%2BgC%2F%2F%2FtCJVkbX2nK4Kp6KLbQs7k4uJwvSeYKgWjRUdkVpPSjnB0mj79NBsHsKPA6dAe1LZttVM2af258s0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
731fe9d21f9683be-MXP
global.css
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		39 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/global.css
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a445b2415af181c03ea9b3d20714b2eb5d35e5e746673ece30df87916164876

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2703
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 14 Jul 2022 14:28:23 GMT
Server
cloudflare
ETag
W/"62d02807-9b5c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYAtUoFo2hGb7ZZo1gNJMYwxb4vgddMh8y7TUemq03jYZLu3HWf2%2FU%2Bm7Irv3VLSMHIVrZikHw%2FJsgiQzYEgOtH8qgrMtjQYJSEXYM2UCJogtoAma0%2FOWOWyKhLD%2Ba0kLTqkpkcrYUgrUChRD%2Fns1JQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
731fe9d26e3abaf4-MXP
post-486.css
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		27 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/post-486.css
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
445e7300950f57d74dc7582ef3fde3f7a19f8fe72347fae5dc2bb8dac9d70dc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1163
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 14 Jul 2022 14:28:40 GMT
Server
cloudflare
ETag
W/"62d02818-6d40"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YL32%2B4NNtI0Q1d8E9T1FXXkfhujj80%2FOTSp6iTJzGdmeHUosQWU0oj4LuVXwuV8T9IzsKroiyMVCLcWBunjyIWti6ZVjBxkXNPmQEybkmoEmOSYWTZrVRQkwGE%2FSD2wJsFkOo%2FkaxZ7A%2BAeY%2Fm%2FGNc8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
731fe9d26940375f-MXP
css.css
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		26 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/css.css
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a778d1aeb3888c56b5c930f8f343bbe2014a0f9b5c874af061bd6b18e1eafe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2703
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 14 Jul 2022 14:28:17 GMT
Server
cloudflare
ETag
W/"62d02801-683e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTHbK7esb%2BRT992%2Fe%2BJ0tKh3CrE%2BP5ZkTOYd7u4tgcpIH%2B3J2nSIMzRjr2q%2BSLIrMemOdfK24NeA%2BWttzoQ3qjivKL9zxxIG7HXyfm4wigYi%2BDaPV20t0fVt1DkNN6wNR8udo00PrkyuUcbJZ87rDto%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
731fe9d26cfebb20-MXP
fontawesome.min.css
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/fontawesome.min.css
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2645
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 14 Jul 2022 14:28:19 GMT
Server
cloudflare
ETag
W/"62d02803-e238"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KKkzpU4hqTgFlYLWf2r2Vy61fIdxDO582pJTi88hZiaiiz29J3Vn42QOzaNaTzSWuTaWBZ7RGAL2VFGJ7yXUTLv2bPZkR231XFq2shiHN6gdEosr7KFdq3Ytm1wHRljz86YEIWh5Jkxjhzrt1%2BsVvw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
731fe9d29999375f-MXP
brands.min.css
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		675 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/brands.min.css
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2703
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 14 Jul 2022 14:28:16 GMT
Server
cloudflare
ETag
W/"62d02800-2a3"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HYVI%2FFdLuDkG0Pffnofjl0u%2FX%2F27eEofmwuF3Q%2BgZXE7qRHLXaj%2BOLZbFYQlqAs29dT%2BPXaVVnPMyhQpyhX8%2Fl6r3vLL2TmWbn63SKQr91vLUrFNG8gyWGl7ISJBXykMcmq05terLzAFDUk%2BfWHYO8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
731fe9d2aebfbaf4-MXP
bootstrap.min.css
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/bootstrap.min.css
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1163
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 14 Jul 2022 14:28:16 GMT
Server
cloudflare
ETag
W/"62d02800-1d9ac"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFTPT4Cl7BSHb6Ms4ZJ%2BMNCuLyBhwinqeEV8mQg0lJw1BFNWPU0kCOFOHmxMKvXkEKvrql%2FrKntH%2BcrJ3CURUD1Noov1SKjS1bXE%2BkzSLjGzG9puislp6DNIyjeTC3NpQUUFxRYWPejPZPt3g32j3Ms%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
731fe9d2a8a983be-MXP
style.css
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/style.css
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f29bb4b2be455ba77cc7ea9f2dcc89108cae0c9c54fc4cbb79c98b9c76a5c29

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2703
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 14 Jul 2022 14:28:43 GMT
Server
cloudflare
ETag
W/"62d0281b-99c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cc%2BGMZEWYGzwwMGkajx3geUu4gVtGdPtHcdF5m6Zz1JGg00f2hPy1bgm4ZRaK%2FIvHVnjj6N3GuWvvGsVjbF67SExy%2BqHczVy1QoqzM2mjPcnpvvfTmK6XIQDN2QukXgDX%2Bw6uQIYzRwFgb2CmgccAr4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
731fe9d2ada2bb20-MXP
wp-emoji-release.min.js
www.lumbarcorrect.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lumbarcorrect.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 19:10:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Jun 2022 08:58:15 GMT
server
cloudflare
etag
W/"48b9-5e05f16f25081"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvVJZqxyochgJdHCndfyf68Oi6Q8Go%2BQNTIjBf5MttBN%2FdSWMv4Y23KhkjG7Zjcl4bLAEwrPBYLU6DYLYU%2BIUEaLv8et5QOpi987wtvyHgFIk5RwxWzMq7MWSm8h1mx7SWfTPW17tNAEnr0u8m1PK6KUdjg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
731fe9d5de6ebaed-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
490
date
Thu, 28 Jul 2022 19:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 28 Jul 2022 21:02:00 GMT
2705.svg
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		482 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/2705.svg
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f026beb67630abcdbc341651b1c17591aa76261296a9fb118793765964eb4e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2702
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 14 Jul 2022 14:28:13 GMT
Server
cloudflare
ETag
W/"62d027fd-1e2"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbu694KRPIaAF5pVUYpfFl4%2FoIbJFs6LlnOFjrdeaW%2Ff2QkowrhMjuw1PuplKS3QdIc1HTkqHNDtjiReHTtBMVbhgCZNxaCLlRxH2YCK65vWnUcnRu7n4dS2Hq5DUkL76i01afdJEqt0S5z2%2F2drPKw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Cache-Control
max-age=14400
CF-RAY
731fe9dc2ea1baf4-MXP
lumbar-correct-4-1-ppq6fa5ulaqyrr2eiswm6knme5gthu1907pwc7gjz.png
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/lumbar-correct-4-1-ppq6fa5ulaqyrr2eiswm6knme5gthu1907pwc7gjz.png
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1de95d838adf8d6c99feca2d3f2860490ee90f90a92651dcadd2b2d64a19e927

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2644
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
10758
Last-Modified
Thu, 14 Jul 2022 14:28:34 GMT
Server
cloudflare
ETag
"62d02812-2a06"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2UZv0vJub6YBMaxxMsu88fkB5EjKWPgZoaBMC7FMY2NDyB34wdSYJzRATRIFsKpDQN1nfoQhRbT4B2BcOEETh9pZjJnPrf%2FdTk9fuzvpcWl8OJawFIIkQFqxwSq%2FAtgifxBPPNyO9MSZZ5%2BuI78Xqs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
731fe9dc5b4283ac-MXP
lumbar-correct-3-1-ppq6fdx7cmw426wxwuj4gjpgroyacmg6cqbu9bazb.png
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/lumbar-correct-3-1-ppq6fdx7cmw426wxwuj4gjpgroyacmg6cqbu9bazb.png
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbdaf71f10296ca38756cf0c3ca1a44dab3420bb88ce6d55372da5bff22c1bf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2702
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
13504
Last-Modified
Thu, 14 Jul 2022 14:28:31 GMT
Server
cloudflare
ETag
"62d0280f-34c0"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynF9GsGCH1%2BNCxJnrM9EmengFspAodai6z5oxUs9MqUZ6WR2Nu28RYleuuM5xt%2BkRYsfTPXgWoJ%2FlrSPqhSE1RSXtnb%2FTH7c0R8ZZ6opv1sqwpJLX8uWp%2BVP%2Fxdb1WbaSVPIb86mMtOqf%2BT9KRnhN%2BY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
731fe9dc58c5bb20-MXP
lumbar-correct-ppq6qggrue1osuu19msxtr4wn2dx0aed7ixpqmw20s.webp
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/lumbar-correct-ppq6qggrue1osuu19msxtr4wn2dx0aed7ixpqmw20s.webp
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b8c2236b437217e3b41357ddced7fde1478e466c4002a924bb91130ec1dfe28

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2702
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1478
Last-Modified
Thu, 14 Jul 2022 14:28:38 GMT
Server
cloudflare
ETag
"62d02816-5c6"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bs0PL28irm7r090HUhXM%2FKTXQEJ45Vp%2Fpa0fduR8vLZkpuf5Cqa2IbcykvWL0hjZLdibt7Cz4EnlEtozrbfGSqbnVVvxyahBDjDlUCYrLsr%2BTKCrauq6W7J1r3FFSWTtgUEdaJyI7o0wq4ioIWJrf%2Fc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
731fe9dc5ef3baf4-MXP
animations.min.css
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/animations.min.css
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Thu, 14 Jul 2022 14:28:13 GMT
Server
cloudflare
ETag
W/"62d027fd-4824"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmjoZoYNjQJVT2pnwIG0bK0cm0G9AX1ihzwg4wxfw0xHUwnGgykRxdWIWJJ51jqr17aMnczff3gP89NF5QdpEXf0bXWG4uRnQa27JoX%2BIJ%2FEzp2rLzI7d8ReIfPxwwxW8MQJAinQi6feDfWNbk5YHBM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
731fe9d538ccf917-MXP
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
jquery.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/jquery.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:25 GMT
Server
cloudflare
ETag
"62d02809-176f8"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKpYN6yxHxbFGYCWpI6FAm6jpJXYfnKcgvR0iddH%2F0c4e%2FF7efLbClEL3E4vjE5knmBjSSfJdsM%2B5HlqHOEt1GRf5TSNVbMTYXzo2M09iG%2B8%2B6E1a%2FE6RH2dtWbGvtYcsy9e%2FwQZgs01aIX2eTCVHeE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d6bd36bb20-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
95992
bootstrap.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/bootstrap.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:15 GMT
Server
cloudflare
ETag
"62d027ff-9004"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isV%2FnRPPrSTUCXxrQZHlkHJGbbhUDidVUCpHVpmNk63h%2FAeBum%2F%2BP%2BCXICgFKWGLW7PBUGRQrDTDvJ05h64PgCMdkL%2FyIcFUzeU%2Bqh2L5me%2Bietwj7EG7VjKn0p59pXhPlkn7NC2r9NlGa3ssCyNivs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d54e2883ac-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
36868
main
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		17 B
727 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/main
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e9b2258b5383cd80acc415960b62c979d06f45af9ea4d59ee328ed76e8a69ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:39 GMT
Server
cloudflare
ETag
"62d02817-11"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQ5ndDRhS9wwFmHFc9cf9hmRhaj7Lbf7gMdKGYFuFwdYNUXpxDNswjq%2FeQBaM6SQrtzoYUkhxhdeszVWubT0nQ8SFXyKGNS2lpv2NrwVlOP3HN0eIJVNW0TiAGLmb%2BxW52%2Fn%2BOkCH5NFTwv%2BrTBo%2BBo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d54e5283be-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
17
webpack-pro.runtime.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/webpack-pro.runtime.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5286f59b39642363e8242db6560752945adb073358d26f5f688c3b3d77e8c35

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:10 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:46 GMT
Server
cloudflare
ETag
"62d0281e-1429"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpOYRjftv7JdCtABd2Qrv%2FjedQNyYdBaSERm%2BUTdHK5QV1h5pmhz0PnfVFPTfQR9NkQxbnR9i%2FhFDVv3X7T8Yn9Qj4Y8wkbAU6l2iZ17LA2e69LSLYj%2B4Jf%2FaDYVZ2PKvF%2F0nN4cTk8qw5opUA9jV3Y%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d54d13375f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5161
webpack.runtime.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/webpack.runtime.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d39822e34f949768c8aa5d6c99e4cde5013f2221990bf58137e8e2913d4ba7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:47 GMT
Server
cloudflare
ETag
"62d0281f-1360"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNrKdfHaukt0g85%2FlhID%2FncPi3CAfI%2B04oH627e1Emfl8El3E2o6P0q%2Ft1oEK%2FY%2F3yY99jJ1FR1UtWc35wzf26Tu7bfqbfExxukFzjJk5JLxNiiIBlYjfcERP3eazpz65enbw2SiNRrb3jXvpIQv5U0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d70f4a375f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4960
frontend-modules.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/frontend-modules.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eebb7c9b62d8028d702b547bcef97e776ada693cbafa64161471b1f96f5d0556

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:20 GMT
Server
cloudflare
ETag
"62d02804-37c5"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6LnkIq%2Bx0XDTrd3SFOdQdVrrI61t%2BRLRRo%2FRaO8%2FRPE57zhk1TwYj%2BSG2ou5d0OgrZ0F75CZASwqfMHTz%2BZQYjuXOvVDrmVLV4egyZ6ekLxu6ccHuismxTwkx9J9HRtMQO8srAXZXwMYf1qbKgvAuo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d7bafe83be-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
14277
regenerator-runtime.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/regenerator-runtime.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:42 GMT
Server
cloudflare
ETag
"62d0281a-194b"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gd4CRqrzfI1u8QWwn2RjwEw2E00iSQ0JLlxTAOMQfav85qodSRDPZptEyl6dNnID2P3GI1SbEf9pgyE8Bi%2BzbbJvVPMFW668WxHWauBQF4kgZ09AzKslR86SBIK%2BHFp57T5TeKPrvzvrJkKadHxkklU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d84867bb20-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6475
wp-polyfill.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/wp-polyfill.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:48 GMT
Server
cloudflare
ETag
"62d02820-4ac6"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aztxvddb1Sj6ROCbl4LyqOT13uNrOmttfDVBgtFbTTa106P0NJWfhfYYPp%2BSX0wc3PCj%2BaFd%2BqdAaT2dgCwThcbiW8NoXICBS3iZEVeKl5TfwrgWSF%2BhfLq4FGUnHCKe%2BNXctIZ6KLNszBRdWxbXK00%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d9dc54f917-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
19142
hooks.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/hooks.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:24 GMT
Server
cloudflare
ETag
"62d02808-132e"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkP8JomHMZwWEVSV%2BbQ2DHsabyQK0T6DEj%2BF6eOJH8h%2F%2F3qGYDuRAV6n74zxBYcRZpxfJckDDsjYA1JyyB6vfU52QXEcoc7JAogCHJnZMspl1%2F%2BCMJIzzBkA980YUQyFiZVgBlxL%2Bwcu5AQKKFUW8NI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d8681abaf4-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4910
i18n.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/i18n.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:24 GMT
Server
cloudflare
ETag
"62d02808-27ee"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7I92mEwQwkyZK6aX2onpaBQEGKbIohzGCZIJZ75tiQXosLwSIunP6XgtAVjJFkgFeq%2BdgWANhEK4SdmCzcPKQ%2Fy7x0Yf2VbR3TdISyc7iQ%2FV4tcEIcuEpp%2BOeetS%2Bnh58Rs6oEzRko1y1bh1McqJgG4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d8fcc083ac-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
10222
frontend_002.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/frontend_002.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
806ea6d54f56778e10fa44bcb14755440cdccaa5f038d570d86a55cc125f9a40

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:22 GMT
Server
cloudflare
ETag
"62d02806-522a"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2CpNBMj5uLKPe%2F2JnSYMs5isHT7IRle8tNhCKVLEVopqDzms3e0a2pbWTXillFOMv47kgxq6yaLoeTGdRy0M0ByskVQGElHeud8KvcwU4zdzeZzYs9rlMxFNnFljOX8tBforFMVoofU4nD%2FSM5NIY0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d91a56375f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
21034
waypoints.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/waypoints.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:46 GMT
Server
cloudflare
ETag
"62d0281e-2fa6"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcQuMPL25a5%2F5ify2LCiaJhRjQYSsOeAn5%2FjqIvHMPOaGTMLf1WZOHX9xFgWuwzsr%2BAe5sOQIM0DtzeKg2XB1UYOD54%2F8JPCoG6U9bSAbItURdqtBKW2tuyusqbCQUAED79hQrtm5nf49nd29GQoopg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d91dac83be-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
12198
core.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		20 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/core.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:17 GMT
Server
cloudflare
ETag
"62d02801-50eb"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BrvodJSeZNn4%2BNMUvPYVgoMYJyIKqy7fXotjsac%2Besi%2BMfC87FZP4GRrWzqozvIpOoVmT3sCVGcO1V6%2B2odlGEloi7ZGW4Jc%2FtfzqvKZ07F8hZbqnyUamAWkfBZDrO1slzgWkxAmRlkWGSk9EtsHKU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d9ba93baf4-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
20715
swiper.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		136 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/swiper.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:43 GMT
Server
cloudflare
ETag
"62d0281b-21f91"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjjtGjqK0nB%2BUUhO3IWHNZfxgOB6TTkCszpLHHUgvVjKSifxzLStaywqoGQNU8QZWHGwvyi5GYAb6m8I5AqXVQGkPblNFnLqkmWtkwCeM4teZ1xaSSfHH86JA9lDBUGPTElyjMx%2FOK%2FUXn70bkNuo7A%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d9eeaf83ac-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
139153
share-link.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/share-link.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:42 GMT
Server
cloudflare
ETag
"62d0281a-a12"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6FwdRY1cxEpJhxSDE9Hqd5pnFlBXfJPx1EhmMsdyXM53%2BdaG78QPvYZomd5Gaslqt9oiBfTRI4C5OzgAVQ3TLmnpMZoG%2BpFY18LJWmBPzFqRWS2RFDoWgtKTlII06zphwxKZds9%2BRcGg6m9A%2BNQM1g%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9da8c73375f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2578
dialog.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/dialog.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:18 GMT
Server
cloudflare
ETag
"62d02802-29ba"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jQMkjJKEXYt0DyFugpmeEJaDv7M66m2kQtPv%2BSIQ0HnNUBCmNhlP4E53gGgqfX3qx4DvqExhvFkKcRCgg9K7TaKKpl7CFNci9N%2B8KpnhDmH0airwKYpquf8YelxhmQ3yFNM1gz0zCadRAM25KU3o4I%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9da885883be-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
10682
frontend.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		37 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/frontend.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bccb715aeac8a50b19f527b17f3a1e86142e1b8ad8711c3195ce297696feb490

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:20 GMT
Server
cloudflare
ETag
"62d02804-936d"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nFGpAmp53etObL9IYWBWwPGFQHSiN7YUuuDr9Cq9x8HJhmdq02nrQGdx7f3T%2Bqwmbm6ZQi72CZSjnpTVrxHPntozjhDmxEWCLmoXqx06aihytBbhlsiJR9sbt0kAv4h1t0Y6NHJb2ELo8ccAWFGtMo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9da9cb9bb20-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
37741
preloaded-elements-handlers.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		132 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/preloaded-elements-handlers.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f511d7aced97e2d82ace2a24e1bdc4475a7d57bb4902c71c78b3db3d81b3961

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:41 GMT
Server
cloudflare
ETag
"62d02819-20eb1"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUk8DG3aMypmDbwPtraqoVRk9LGMWN04QRszS9qCgDzc%2Bhu6SLBB%2Bm4wzmX%2BSVrn5IXW9pmkO3Ivz3URS9ITYOuvgNO8JzVv%2FU%2BD7wRDHWcTQBRuYjwiMPoN2ZIRVszVzkoUGHGZEjyZQjnLI3f%2FckE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9dacc56baf4-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
134833
preloaded-modules.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/preloaded-modules.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3b168c097d61acde0e2bdf43e11db394006f4ba38f8e61b93b8c71f54af484a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:41 GMT
Server
cloudflare
ETag
"62d02819-a980"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyGJOCVMBtUF6jf3fAJytWnvIxKD4AKJtsCcQP2yR2T0SipypwjRyiKyZeZpioK3QMR8xOurYR1iclTMZTa5PTcuK94pwpht5V53hbKnGdqBD6QrSFqilITK4EZMsaj7a6Kn3QGp1SanBzL0nFLSc%2Fk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9db8d74f917-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
43392
jquery.sticky.min
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/jquery.sticky.min
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10a2cf3d16091fbc89cc987160b62093515cd31f0762a751775999311c7313f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 14 Jul 2022 14:28:25 GMT
Server
cloudflare
ETag
"62d02809-ca4"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6j6ntlCAsJAJ0TlJ8dIxLci7781H2FxTeojqkMvBF7t2zMhNEwaim8MTHDlPAcW21RFp8B%2FOr5D6tKrQrzEFUAcxf6O5h6ywUi646VSW5qlPkEWwWMjDJLDIOHrhW8VbRdIoIYl0GEIkgs0REJrV%2FmU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9db9a8a83be-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
3236
gtm.js
www.googletagmanager.com/ 		144 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KZNX7WB
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
57a26327c2c444cdd055ca0eb158a177747156f72b991bab46a222156256fe33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 19:10:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55837
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 18:24:42 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Jul 2022 19:10:10 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.faxwine.ru.com/
Origin
http://www.faxwine.ru.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 16:24:40 GMT
x-content-type-options
nosniff
age
182730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jul 2023 16:24:40 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.faxwine.ru.com/
Origin
http://www.faxwine.ru.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 08:45:13 GMT
x-content-type-options
nosniff
age
123897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12408
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:54:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 08:45:13 GMT
6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce6b49ca9fc6bce7548c2f246f67d66f98722c0c626c2256a40473c79f817c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.faxwine.ru.com/
Origin
http://www.faxwine.ru.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 16:24:41 GMT
x-content-type-options
nosniff
age
182729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12612
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:08:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jul 2023 16:24:41 GMT
eicons.woff2
www.faxwine.ru.com/clicks/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/fonts/eicons.woff2?5.15.0
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/elementor-icons.min.css
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/elementor-icons.min.css
Origin
http://www.faxwine.ru.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgmaEt5WTNENPGNQdlr1%2Fr2JIV89VVnEnLCF12fu%2FMVzCp3mesx2wXFKOQTUXFojhdzuV4CLV8dMPPk2HZd9rsMyIsoyNVju4K0zlsVG2NlUyIHtW7QqzJozKS67mbV%2FyIm%2FG%2FFZBz9y8HpflipuZI8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
731fe9d5cbd3baf4-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.faxwine.ru.com/
Origin
http://www.faxwine.ru.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 19:25:00 GMT
x-content-type-options
nosniff
age
85510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 19:25:00 GMT
logo.png
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/logo.png
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6641e56e303519e7169059871e96240a07ad32fae6419d06c9d6cdc20376889

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2645
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6258
Last-Modified
Thu, 14 Jul 2022 14:28:26 GMT
Server
cloudflare
ETag
"62d0280a-1872"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rj49762VUMMKrrqtsm4kQq5I%2BpiZ4lOriOydTMeJpSEe4EW85dboGDjLDv7xh2vSQyAeLjra3TEAK1PBvsc8rKXHHJr6v21gxy3JWfpeT7D4vTM0VyVJ6YPVkBLvz7qvj6nG%2FfdavvjC23ka5APsbss%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
731fe9d6cf10375f-MXP
world.png
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/world.png
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7250cf579c74e9677165c2bdc2dd5a180d632b6f8780c09dc2231c28e1fe88de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
MISS
Last-Modified
Thu, 14 Jul 2022 14:28:47 GMT
Server
cloudflare
ETag
"62d0281f-400"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHLn6pJFOTH5D%2Fo8x0mFBD4kBB2wr3tiRnTX6yrPSHCpL5SAZp5vjeyTYJqNs3a4vQAuJbwvBocsqdioqMbZNtWn8Ve7BvNveNKeZGTJhPYUFsGo9UwLnzS%2BCSGjAd50qBg12f%2F3cx8pWDntQJtHALo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
731fe9d6ea29f917-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1024
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.faxwine.ru.com/
Origin
http://www.faxwine.ru.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 19:24:52 GMT
x-content-type-options
nosniff
age
85518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 19:24:52 GMT
fa-brands-400.woff2
www.faxwine.ru.com/clicks/webfonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/webfonts/fa-brands-400.woff2
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/brands.min.css
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/brands.min.css
Origin
http://www.faxwine.ru.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8k2bmCvRLo1RIQH%2B3BzxI4r7zM5aum2mfp5RE%2FNVh9HwMQ7bb024XnBi9wRNmqeT5M5eLaju3r5ZHONSUW1or352uMFwlPd%2FXyzudSJeN0c45oN9NBaLfKo%2BRqOhJ9fqPprzanjIVeKdK12LatBpXk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
731fe9d6587183be-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
this-pain-is-so-distracting-picture-id1126458496.jpg
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/this-pain-is-so-distracting-picture-id1126458496.jpg
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72e4371cb8341d49a74779e54441e66f8853fc82685022b1761e654e90a203b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2645
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
57502
Last-Modified
Thu, 14 Jul 2022 14:28:45 GMT
Server
cloudflare
ETag
"62d0281d-e09e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsKPYThPYg%2B6HzgPwU2l5IsMc0vpfSdm%2FlDjRTMskPD9urSHdkgJOIUdclhTLAnrBcTR55FhUHMv1XXOdXZBJypvSDxR9pf16IA8Crd8epVtvjZrQooZMOecp2zfSDWz4zt72yzpm1R1Md9ldg7BFiM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
731fe9d6f91283ac-MXP
lumbar-correct-2.png
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		191 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/lumbar-correct-2.png
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0457acb68c2e9d32413d1d9933c45a60f83f0885225c59beec9095d67d5c4255

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:12 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2702
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
195233
Last-Modified
Thu, 14 Jul 2022 14:28:30 GMT
Server
cloudflare
ETag
"62d0280e-2faa1"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5JpZiK3oUaynf2kGz%2BscBeFFLGgYIVrIFLz3TzwE0hI0ixrvWcRWT3nekrjdtOhu7g2I2Gvb3zZUwaWz%2Bv%2BvSLIQk%2BK6ScsKUUmsVxWOyZ1dJptRAhKznR2%2BTR9SqwcM3N5ISc1hRRveFSvMc7ohLY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
731fe9dc8926bb20-MXP
lumbar-correct-3.png
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		287 KB
288 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/lumbar-correct-3.png
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73ab51302ca6e1586aa7d2f86422f9fe228ab991329bf9b646c371d834d08208

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2759
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
293948
Last-Modified
Thu, 14 Jul 2022 14:28:34 GMT
Server
cloudflare
ETag
"62d02812-47c3c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDVflibzXfQVbpoXCVBk9hwZIJ8jveClXpgEmwrM5Hcnqv5xcKhNpGeXC7lAYFjzowOTHl1hXtQHA5OgFlvw7qBHXMY9Y0NFh0bfzX%2FLYk2hgJmXEILCXpRfVnaDLPCgUIKAjBMRdMGZjCUqTPKK%2BGU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
731fe9dc9f4dbaf4-MXP
lumbar-correct-1.gif
www.faxwine.ru.com/clicks/LumbarCorrect_files/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/lumbar-correct-1.gif
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d616b938ef2b5905d2aa79d8431250cd6940fb4178b7bfecc2c10351670e4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2703
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1642955
Last-Modified
Thu, 14 Jul 2022 14:28:32 GMT
Server
cloudflare
ETag
"62d02810-1911cb"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AuKk%2BORe3zEyjflesklZaUyE7WPCf7sjjqrOsbinQaPS5SzHLdjjZXNgF6xFiFMF0oAyWNZBYUCVL%2BZ%2BRwMYTHQrCJ%2FZuu2moUIvRUyJX570ehpAsHKBqCaux%2F1Trf%2Br8T%2BxUiSzecy6mXZJ3eRX%2FU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
731fe9d70df8baf4-MXP
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=564116884&t=pageview&_s=1&dl=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ul=en-us&de=UTF-8&dt=st%20-%20Lumbar%20Correct&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=479049256&gjid=940604170&cid=1181379071.1659035417&tid=UA-22484186-3&_gid=769618761.1659035417&_r=1&gtm=2ou7p0&z=1721416035
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.faxwine.ru.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.faxwine.ru.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=G-ESSM5KG8PE&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=G-ESSM5KG8PE&l=dataLayer&cx=c
200 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ESSM5KG8PE&l=dataLayer&cx=c
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H3
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1cbcd07b6a0b43a03daff5f8f8af32d96c56d26b1493f48258dfa1ac27beedb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 19:10:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72718
x-xss-protection
0
expires
Thu, 28 Jul 2022 19:10:11 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=G-ESSM5KG8PE&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/gtm
Protocol
HTTP/1.1
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Thu, 28 Jul 2022 19:10:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
9823212955285023900
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
15160
X-XSS-Protection
0
Expires
Thu, 28 Jul 2022 19:10:11 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=564116884&t=pageview&_s=1&dl=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ul=en-us&de=UTF-8&dt=st%20-%20Lumbar%20Correct&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1709246582&gjid=41591338&cid=1181379071.1659035417&tid=UA-230445376-1&_gid=769618761.1659035417&_r=1&gtm=2wg7d0KZNX7WB&z=1635850082
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.faxwine.ru.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.faxwine.ru.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H3
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
491
date
Thu, 28 Jul 2022 19:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 28 Jul 2022 21:02:00 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
tfa.js
cdn.taboola.com/libtrc/unip/1169954/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taboola.com/libtrc/unip/1169954/tfa.js
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d8595fb7ffa0e0887cde86881029a8908b57878a7234db9fc871cdbae4c79ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
NHXXDf5iWicvyVrRNtbn_6FBcqOEsWOB
Content-Encoding
gzip
ETag
"fc60da22a53924e7325c666f168d1634"
Age
0
X-Cache
HIT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
17850
x-amz-id-2
xMk/+y9WGbtwl+fJoG7xsdCywJu/9N6Fm5VoCq6TIE0V23VXkb9IWBIxGNQrVyf50eZ0dn2sMKg=
X-Served-By
cache-cdg20728-CDG
Last-Modified
Tue, 26 Jul 2022 09:50:15 GMT
Server
AmazonS3
X-Timer
S1659035411.040485,VS0,VE170
Date
Thu, 28 Jul 2022 19:10:11 GMT
Vary
Accept-Encoding
x-amz-request-id
XXTDN6VNWMW70AQJ
Via
1.1 varnish
Cache-Control
private,max-age=14401
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
abp
58
X-Cache-Hits
1
obtp.js
amplify.outbrain.com/cp/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jun 2022 14:06:31 GMT
Server
AkamaiNetStorage
ETag
"51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3249
Expires
Thu, 28 Jul 2022 19:30:11 GMT
ytc.js
s.yimg.com/wi/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 19:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
x-amz-request-id
N2S0T94BVD7DPRVW
x-amz-id-2
Qn8AEJ41zjQV68YHLEkJo3k1tcX0joBFk0T4EEswOVwQ6jckA1i9qytR8PkaJ1byMW3wjiEtPXQ=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
accept-ranges
bytes
content-type
application/javascript
events.js
analytics.tiktok.com/i18n/pixel/ 		127 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1M10MK1A94IMCA16570&lib=ttq
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5f7aa90ade630ed2d5d0f980c8cee038f489af8bd0012dd6f60b18a7bd456dca

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
2022072819101101000400300773500201910A35D1C
vary
Accept-Encoding
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
98,23.36.161.200
x-tt-trace-host
01f9c6aa52149cb8ffebedc841aca80cd2c4d45ab8ad5e1cf93a2fc6dcfe2028d9b60d1f88cacb24a73062d213421cb8dcf8a12ae668106678e80abc2b15f792862abe26b50127ce8dfbe2ed36ec26f309
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=97
x-akamai-request-id
9bc39380
expires
Thu, 28 Jul 2022 19:10:11 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f4f6e3e53177c08ab6c846bcb9873aac07bc77b76e56c21c45436d7a0c6d245f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26140
x-xss-protection
0
pragma
public
x-fb-debug
VfBGsLJj/7kyK23lPlFYvB9RS6baAd1iiAEta/tlU93FZNI9OT2s00xZoEHLisltCmBvnWxn9MQdlb9NTtTMtQ==
x-fb-trip-id
720026100
x-frame-options
DENY
date
Thu, 28 Jul 2022 19:10:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
c5go1441i0
www.clarity.ms/tag/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/c5go1441i0
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/Lbsai/roigox867796xsoaqmgaa/GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1834 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e3fa15dd4956392addb5a78a808fe5f1f966314a8d4638aa24b5283adf7e2291

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 19:10:10 GMT
x-powered-by
ASP.NET
x-azure-ref
0E9/iYgAAAADdda6swQViTZEItDu+cvzoVExWMzBFREdFMDIxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
content-length
1363
expires
-1
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22484186-3&cid=1181379071.1659035417&jid=479049256&gjid=940604170&_gid=769618761.1659035417&_u=YEBAAUAAAAAAAC~&z=755785747
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.faxwine.ru.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 28 Jul 2022 19:10:11 GMT
content-type
text/plain
access-control-allow-origin
http://www.faxwine.ru.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
eicons.woff
www.faxwine.ru.com/clicks/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/fonts/eicons.woff?5.15.0
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/elementor-icons.min.css
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/elementor-icons.min.css
Origin
http://www.faxwine.ru.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLIpPAAPGaipHr%2F0JqXa0RoHYNOXm5FKAqleiGVC6pkl76sNQ0Uxki8KzQ5h3EE0HjGWW9Aag1NrPwctVPsYfVX1HTccRpuRH0sCPHCWU5T6eP%2F7T92qDHejg3NkiQ2u2lM1nYnOtBsMSSZwbcGuZFc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
731fe9d759b783ac-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-230445376-1&cid=1181379071.1659035417&jid=1709246582&gjid=41591338&_gid=769618761.1659035417&_u=aEDAAUABAAAAAC~&z=1609248624
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.faxwine.ru.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 28 Jul 2022 19:10:11 GMT
content-type
text/plain
access-control-allow-origin
http://www.faxwine.ru.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/730905238/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/730905238/?random=1659035416876&cv=9&fst=1659035416876&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7d0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ref=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&tiba=st%20-%20Lumbar%20Correct&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
103ce383e1c6fd6d5afb710d11d7dd9869fa1010b5df5980ffe9dc3c4bda15d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1253
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/730863180/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/730863180/?random=1659035416879&cv=9&fst=1659035416879&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7d0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ref=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&tiba=st%20-%20Lumbar%20Correct&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c18b245879dbff50f7852741e172d57e54d5c7b530224286ad19f23a5cb984b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1253
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/730868448/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/730868448/?random=1659035416880&cv=9&fst=1659035416880&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7d0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ref=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&tiba=st%20-%20Lumbar%20Correct&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cbbd377fcb65c375b51395caef82c107bd5ef92b467cbff968fd5ddaa30e362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ESSM5KG8PE&gtm=2oe7p0&_p=564116884&_z=ccd.v9B&cid=1181379071.1659035417&ul=en-us&sr=1600x1200&_s=1&sid=1659035416&sct=1&seg=0&dl=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&dr=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&dt=st%20-%20Lumbar%20Correct&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-ESSM5KG8PE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.faxwine.ru.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
http://tr.outbrain.com/cachedClickId?marketerId=009b74c6dfb3aac732f2d9802baf74a036,00e2c33b6090597c1b3848a826695da780,009e68a101d91dfd675236075e2ec2f813,0093a19d58aada85afcae5de59e637c3c9,001fc32f7fd6e519dd56b7fcd6d9a30898,00cf42d5f381b62164a341f707f244ef5d,00644fb217ea4c849ca0b3ae5a5fe297b8,00ba3cf63ffe9cf8da7a27ecfaae06b79d,006bcc9a533bdfc7092ceed316275b6f58,00f406a1dc562af646d50fa16c6a6ae8c6,00f21a9a03d08e7f87b307712af6b2af0c,0031db15219907534e351750b78d00b030,005cd90848c2dfb6aee5062c9780487965,00f82a1f85fb38d26a4ac9c4a1858c3b46,0037632de48bd03c0c873b2943d8abafba,00d71dc4ebfcd358f2a8246d43d6d89025,00e032f122902760cc2c735a56c8e4ca6c,0000733900887b215a8a97a5adfd06cc61,002d8ee844a0668c44800efd526a4675b9,00d1ca56b6fb20c05a00ad0a19bb7af2b1,00ddf160acaf9d1b6e9ba0fffa42769704,00d0bb4e21b5c077af977e10bc02c17cc1,0067d2db8ecfac8dc6af7f7ddf28edd4d0,0078dcf48d8f90fd28af36474aa2f21cfd,00ca3fa2c8d43354b2c2a95f11659eabb2,000f2bacb3edb2d9b8cc4d5c9913ebf13a,00ddf09f747003bc0a25ada9986985ceee,00c6d76220f3a39c45604aab8b87d715ca,0054096d2b331cabfc9b7d6b557e24fda2,008a4cd63d0cdb0081dab7453ed1d0536e,0000aed81541e62bc42b337c93f512d374,0049491f7c3bfbabbdd12fc083b2943ec8,00089e651353284dd9c75784a8744b176d,00efe76b38216f21fb23950db8e6453936,000cf99b4e788e59717e24288c42edd477,0068251217c6e7641eae8fd901728b90e6,00fc06acb0547012d3dced376d10ecb9e9,000cf57065881cdf8614ef327b6eb69fcd,000459d769afb98b324df8df7626bc5206,00561696d3d96c237458ab0f284ae33956,00be43c78de04b25bc3b110557a6f8e6de
Requested by
Host: amplify.outbrain.com
URL: http://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
content-encoding
gzip
X-TraceId
81319af783a7be1d108fc29b7184934a
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tr.outbrain.com/unifiedPixel?marketerId=009b74c6dfb3aac732f2d9802baf74a036,00e2c33b6090597c1b3848a826695da780,009e68a101d91dfd675236075e2ec2f813,0093a19d58aada85afcae5de59e637c3c9,001fc32f7fd6e519dd56b7fcd6d9a30898,00cf42d5f381b62164a341f707f244ef5d,00644fb217ea4c849ca0b3ae5a5fe297b8,00ba3cf63ffe9cf8da7a27ecfaae06b79d,006bcc9a533bdfc7092ceed316275b6f58,00f406a1dc562af646d50fa16c6a6ae8c6,00f21a9a03d08e7f87b307712af6b2af0c,0031db15219907534e351750b78d00b030,005cd90848c2dfb6aee5062c9780487965,00f82a1f85fb38d26a4ac9c4a1858c3b46,0037632de48bd03c0c873b2943d8abafba,00d71dc4ebfcd358f2a8246d43d6d89025,00e032f122902760cc2c735a56c8e4ca6c,0000733900887b215a8a97a5adfd06cc61,002d8ee844a0668c44800efd526a4675b9,00d1ca56b6fb20c05a00ad0a19bb7af2b1,00ddf160acaf9d1b6e9ba0fffa42769704,00d0bb4e21b5c077af977e10bc02c17cc1,0067d2db8ecfac8dc6af7f7ddf28edd4d0,0078dcf48d8f90fd28af36474aa2f21cfd,00ca3fa2c8d43354b2c2a95f11659eabb2,000f2bacb3edb2d9b8cc4d5c9913ebf13a,00ddf09f747003bc0a25ada9986985ceee,00c6d76220f3a39c45604aab8b87d715ca,0054096d2b331cabfc9b7d6b557e24fda2,008a4cd63d0cdb0081dab7453ed1d0536e,0000aed81541e62bc42b337c93f512d374,0049491f7c3bfbabbdd12fc083b2943ec8,00089e651353284dd9c75784a8744b176d,00efe76b38216f21fb23950db8e6453936,000cf99b4e788e59717e24288c42edd477,0068251217c6e7641eae8fd901728b90e6,00fc06acb0547012d3dced376d10ecb9e9,000cf57065881cdf8614ef327b6eb69fcd,000459d769afb98b324df8df7626bc5206,00561696d3d96c237458ab0f284ae33956,00be43c78de04b25bc3b110557a6f8e6de&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&optOut=false&bust=08884135726310527&referrer=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
Cache-Control
no-cache
X-TraceId
890e5880f657aab5cc47d64c172da99a
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
fa-brands-400.woff
www.faxwine.ru.com/clicks/webfonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/webfonts/fa-brands-400.woff
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/brands.min.css
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/brands.min.css
Origin
http://www.faxwine.ru.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SODWct2sZ0TNqwNjmAAU9sJTKJg%2FSQbRZe5lRWQ6CHbvquQEcpTmWl0pDQfQ6BCKJBnE8AD7I4n2gLWRZv4XW6dI%2BTkrDEWoCuDFoRF%2F6ih2DNwTey5IoCytcuR1BnP2FhD%2FT%2BESjKagx1ErSqL2Q1s%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
731fe9d808e8375f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22484186-3&cid=1181379071.1659035417&jid=479049256&_u=YEBAAUAAAAAAAC~&z=1934396364
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22484186-3&cid=1181379071.1659035417&jid=479049256&_u=YEBAAUAAAAAAAC~&z=1934396364
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-230445376-1&cid=1181379071.1659035417&jid=1709246582&_u=aEDAAUABAAAAAC~&z=981253071
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-230445376-1&cid=1181379071.1659035417&jid=1709246582&_u=aEDAAUABAAAAAC~&z=981253071
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10141746.json
s.yimg.com/wi/config/ 		46 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10141746.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
c5d3efce28e1e4b610068a3bbced4986ea0281028cc3fef3458a4b9c241c1da3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 19:10:12 GMT
x-content-type-options
nosniff
age
0
x-amz-server-side-encryption
AES256
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
6N0YVM0V8N5H819W
x-amz-id-2
a/GwOr1A+9d41rThgsiUTzxyDByb6e6XwCKimqHakTIk/oZugnRWySGKR1ySW8kUHrrtfwSKdkQ=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Wed, 13 Jul 2022 12:57:15 GMT
server
ATS
etag
"30ed61bd14cb90ac9fc0b14709d892b8"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-version-id
rtrgFCJeOY7XeDJM.FhR8ZSfB9_GHv5M
access-control-allow-origin
*
x-xss-protection
1; mode=block
content-length
46
content-type
application/json
eicons.ttf
www.faxwine.ru.com/clicks/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/fonts/eicons.ttf?5.15.0
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/elementor-icons.min.css
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/elementor-icons.min.css
Origin
http://www.faxwine.ru.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ef5zfo%2FtPlG0C4P%2FCzJ1wowasc1iHVWwc042ymkBoLubeFF9yaJDMYqgJuz7QmsJYZuTobLFLhngETZRasGYXmy2Fz3ak9X7yeU%2F1kKPyt1HKDkh8RH6fHFmiiW%2BNQY8JozHkwcsSMNlGGw8aM35Wc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
731fe9d82b4f83ac-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
www.google.com/pagead/1p-user-list/730863180/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/730863180/?random=1659035416879&cv=9&fst=1659034800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7d0&sendb=1&frm=0&url=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ref=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&tiba=st%20-%20Lumbar%20Correct&async=1&fmt=3&is_vtc=1&random=1296516727&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/730863180/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/730863180/?random=1659035416879&cv=9&fst=1659034800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7d0&sendb=1&frm=0&url=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ref=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&tiba=st%20-%20Lumbar%20Correct&async=1&fmt=3&is_vtc=1&random=1296516727&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/730868448/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/730868448/?random=1659035416880&cv=9&fst=1659034800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7d0&sendb=1&frm=0&url=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ref=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&tiba=st%20-%20Lumbar%20Correct&async=1&fmt=3&is_vtc=1&random=2552871509&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/730868448/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/730868448/?random=1659035416880&cv=9&fst=1659034800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7d0&sendb=1&frm=0&url=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ref=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&tiba=st%20-%20Lumbar%20Correct&async=1&fmt=3&is_vtc=1&random=2552871509&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/730905238/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/730905238/?random=1659035416876&cv=9&fst=1659034800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7d0&sendb=1&frm=0&url=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ref=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&tiba=st%20-%20Lumbar%20Correct&async=1&fmt=3&is_vtc=1&random=1817391553&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/730905238/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/730905238/?random=1659035416876&cv=9&fst=1659034800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7d0&sendb=1&frm=0&url=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ref=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&tiba=st%20-%20Lumbar%20Correct&async=1&fmt=3&is_vtc=1&random=1817391553&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1169954/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1169954/trc/3/json?tim=1659035417071&data=%7B%22id%22%3A205%2C%22ii%22%3A%22%2Fst%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1659035417061%2C%22cv%22%3A%2220220726-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.lumbarcorrect.com%2Fst%2F%22%2C%22e%22%3A%22http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-network-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1659035417069%2C%22ref%22%3A%22http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag%22%2C%22item-url%22%3A%22http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A14%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/unip/1169954/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
08ba95c17175cdff2785654bd5a6b7555bfe3a668a4a54ea40022c01397b655a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-vcl-time-ms
40
date
Thu, 28 Jul 2022 19:10:11 GMT
content-encoding
gzip
server
nginx
x-timer
S1659035411.398031,VS0,VE40
x-served-by
cache-mxp6982-MXP
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1M10MK1A94IMCA16570&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
20220728191011010004003007735002041067B318C
vary
Accept-Encoding
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
94,23.36.161.200
x-tt-trace-host
01f9c6aa52149cb8ffebedc841aca80cd2c4d45ab8ad5e1cf93a2fc6dcfe2028d95510ebb31b6d755fbfd99a952f297fdcf0de3de615b17b7a8bed95679801dcb684aecf33bedb92fc143fae9fb1930413
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=94
x-akamai-request-id
9bc39701
expires
Thu, 28 Jul 2022 19:10:11 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C1M10MK1A94IMCA16570&hostname=www.faxwine.ru.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1M10MK1A94IMCA16570&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3acf85778968539721f33c13d7b3d5338a6d2b7892c3d7e6644a7c491a6a73c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202207281910110100020077350020280795B5BD
vary
Accept-Encoding
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
97,23.36.161.200
x-tt-trace-host
01f9c6aa52149cb8ffebedc841aca80cd2c4d45ab8ad5e1cf93a2fc6dcfe2028d9e6cfe4ebea88a06963938cbfaa5e3a7fb9ec88f41a97a49eb1fcb331bf82373ce516058a2d25515b4ec1d6f3835e8798
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=97
x-akamai-request-id
9bc3981a
expires
Thu, 28 Jul 2022 19:10:11 GMT
fa-brands-400.ttf
www.faxwine.ru.com/clicks/webfonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/webfonts/fa-brands-400.ttf
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/brands.min.css
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/brands.min.css
Origin
http://www.faxwine.ru.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:11 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4qWCq1ft4t8aB5pEqTCYwa98qkZ9fkxgzHPNbBsdwwpH3PQw9LkDrOVNGl%2B3uAlSh5LI0BdgmSt%2FuWQoPKzZPrCaWJYSxhAKN42a8sezGoA83fs8P7lfpnjKvtSo3jkqNDD0RTzeUf9BTx7s809JK4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
731fe9d96a71bb20-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
204263710978995
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/204263710978995?v=2.9.66&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8cbd823d39c45a939dd43d5a1e97daffe61a754f923a00715029a2deeb2c2198
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86303
x-xss-protection
0
pragma
public
x-fb-debug
mOqThLEj1AcvqXLuyryKJ4LpmOI7fGmG9JToiLbFHZWB05cOLMqicItLlAWrZh3z4fuoy+P12OYZy8j4giXi2g==
x-frame-options
DENY
date
Thu, 28 Jul 2022 19:10:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
json
trc.taboola.com/1307114/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1307114/trc/3/json?tim=1659035417276&data=%7B%22id%22%3A472%2C%22ii%22%3A%22%2Fst%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1659035417061%2C%22cv%22%3A%2220220726-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.lumbarcorrect.com%2Fst%2F%22%2C%22e%22%3A%22http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag%22%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcodefunnels-network-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1659035417074%2C%22ref%22%3A%22http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag%22%2C%22item-url%22%3A%22http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A14%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/unip/1169954/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9a175735baf33059f02532b9ef678b12d867a0969753af044ce1615440a6b9ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-vcl-time-ms
34
date
Thu, 28 Jul 2022 19:10:11 GMT
content-encoding
gzip
server
nginx
x-timer
S1659035411.490091,VS0,VE34
x-served-by
cache-mxp6982-MXP
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
clarity.js
www.clarity.ms/eus2/s/0.6.36/ 		52 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/s/0.6.36/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/c5go1441i0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1834 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 19:10:10 GMT
content-encoding
br
etag
"1d8a0e15023e426"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0E9/iYgAAAAAVrqni8sFXRa7igV90BwmFVExWMzBFREdFMDIxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
pixel
analytics.tiktok.com/api/v2/ 		0
695 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1M10MK1A94IMCA16570&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.faxwine.ru.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
24369813.9bc39b5c
date
Thu, 28 Jul 2022 19:10:11 GMT
x-cache-remote
TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
106,23.36.161.200
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=19, inner; dur=15
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2022072819101101000200600500500600305808E18E73
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
19,23.220.104.7
x-tt-trace-host
01f9c6aa52149cb8ffebedc841aca80cd2c8923cceac6a7b95e1b47a984657d2a02c960fb56a2171be3a87e2ab6990e223073e88bbb9b28fb242533e30178cdfe3031bbfd84659167a09d977f59e6449e9f5a53167bcfbe0e2d4708fb5fdf552e8
expires
Thu, 28 Jul 2022 19:10:11 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=204263710978995&ev=PageView&dl=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&rl=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&if=false&ts=1659035417370&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.2.1659035417364.950188794&it=1659035417220&coo=false&rqm=GET
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 19:10:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 28 Jul 2022 19:10:11 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2028%20Jul%202022%2019%3A10%3A17%20GMT&n=0&b=st%20-%20Lumbar%20Correct&.yp=10141746&f=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&e=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:11 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Thu, 28 Jul 2022 19:10:11 GMT
collect
b.clarity.ms/ 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.36/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
http://www.faxwine.ru.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
http://www.faxwine.ru.com
date
Thu, 28 Jul 2022 19:10:11 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
blank.htm
www.faxwine.ru.com/clicks/LumbarCorrect_files/ Frame 2C78 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/blank.htm
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464ef11010894c28dabb29776eb35fe7f3da5ba57ed10189d6489268ac00af35

Request headers

Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
731fe9dd7eb6f917-MXP
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 28 Jul 2022 19:10:12 GMT
Last-Modified
Thu, 14 Jul 2022 14:28:14 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cunB2TaY%2BaYRnbmdaaMO0ecNc0%2BIf9SnIU2LsOWu83hAKdJPfSlw%2BgUok8dMMWMy5FLWvhwsxvDAYpvZHRAQE4OAdUzSoiNTPVKqL1ZH2d1XiVYmnebfaxJvM7KRT1G8ErvmFuzPicrTkm8QVwRu5QI%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
universalJSRequest.htm
www.faxwine.ru.com/clicks/LumbarCorrect_files/ Frame AD97 		0
0
/
www.facebook.com/tr/ Frame 2EE5 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://www.faxwine.ru.com
Referer
http://www.faxwine.ru.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
http://www.faxwine.ru.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 19:10:12 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
universalJSRequest.php
go.lumbarcorrect.com/tracking/ Frame 75AC
Redirect Chain
  • http://go.lumbarcorrect.com/tracking/universalJSRequest.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGm...
  • https://go.lumbarcorrect.com/tracking/universalJSRequest.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaG...
82 B
944 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.lumbarcorrect.com/tracking/universalJSRequest.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ffq=set|ff|flux_url|ff|http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag|ff|set|ff|flux_ref|ff|http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag|ff|set|ff|flux_f|ff|1588987096746216423|ff|set|ff|flux_inject|ff|%7B%22intoUrl%22%3Afalse%2C%22intoForms%22%3A%7B%22selector%22%3Anull%7D%2C%22intoLinks%22%3A%7B%22selector%22%3Anull%7D%2C%22tokens%22%3A%7B%7D%7D&frameId=_ffq_track_
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
12a8d7fa57087e124203af4c4c95c90c6baaa9e6e38937d3a016b6b6a183f152

Request headers

Referer
http://www.faxwine.ru.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Credentials, Access-Control-Allow-Origin, Access-Control-Allow-Methods
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
731fe9de1e2dbaed-MXP
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 28 Jul 2022 19:10:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Mon, 26 Jul 1997 05:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFSUsRHrpxSXqdOvMfab8j52Vyp%2FBBq6FcmtoWteEKZGCSjfbUPM5mYI9n54tjw%2BOwjClpvCpl6EwAo%2F2%2BXFYBqnAkMgzhLvq4JMej4qmmsu%2BmUq2YFNu37nUElaGhp%2FR%2FZO0KBWzae%2Bcq2W8PHXm3oL3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.33

Redirect headers

CF-RAY
731fe9dddf33baa0-MXP
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 28 Jul 2022 19:10:12 GMT
Expires
Thu, 28 Jul 2022 20:10:12 GMT
Location
https://go.lumbarcorrect.com/tracking/universalJSRequest.php?sid=983882&h=GhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg/2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&ffq=set|ff|flux_url|ff|http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag|ff|set|ff|flux_ref|ff|http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag|ff|set|ff|flux_f|ff|1588987096746216423|ff|set|ff|flux_inject|ff|%7B%22intoUrl%22%3Afalse%2C%22intoForms%22%3A%7B%22selector%22%3Anull%7D%2C%22intoLinks%22%3A%7B%22selector%22%3Anull%7D%2C%22tokens%22%3A%7B%7D%7D&frameId=_ffq_track_
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HZGdZKpeQPLrt%2FLl%2FaDigY%2FsVk8aOhdfDdT5u4sNwzgb%2BYvP0UcAfT1yFIFE4G47yvew9z13TSUJqkCvWeTVz7Sv0Deb6M2W9r%2Btz5IoteiuS7ExhKRcwvt%2BfDHYFZVl3erMVYflxlxHqqnfbFaNtIl3g%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
inject.css
www.faxwine.ru.com/clicks/LumbarCorrect_files/blank_data/ Frame 2C78 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/blank_data/inject.css
Requested by
Host: www.faxwine.ru.com
URL: http://www.faxwine.ru.com/clicks/LumbarCorrect_files/blank.htm
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:4b57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/blank.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 19:10:12 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Thu, 14 Jul 2022 14:28:52 GMT
Server
cloudflare
ETag
W/"62d02824-f28"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqzLQFxT5BDgy1mOvyoWEz6deX25bJfjmGGC%2BSPsC0n%2FQId1O9oZvQIU0%2BsxI9nQhE8tUIGfv35M9HPFLmINAVWh0uY1QkNFvbfC6vuz1qA010D5%2FM6682cQ35GwXYRNKqZiJS695xKVuGnGqACqAgg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
731fe9de7f8ef917-MXP
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=1BA7184586CC42C699E6DB6811EABEF4&RedC=c.clarity.ms&MXFR=1CEDF4F533466AB7186BE51A3746649F
  • https://c.clarity.ms/c.gif?CtsSyncId=1BA7184586CC42C699E6DB6811EABEF4&MUID=2DF635BC5AF4642C057324535B9F6520
42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=1BA7184586CC42C699E6DB6811EABEF4&MUID=2DF635BC5AF4642C057324535B9F6520
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:12 GMT
last-modified
Wed, 13 Jul 2022 17:48:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"96611cd5e096d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 28 Jul 2022 19:10:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 75C64F02ADA14A3699E5F8D709693DD0 Ref B: FRAEDGE1417 Ref C: 2022-07-28T19:10:12Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=1BA7184586CC42C699E6DB6811EABEF4&MUID=2DF635BC5AF4642C057324535B9F6520
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
unip
trc-events.taboola.com/1169954/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1169954/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=14&ssd=1&est=1659035417067&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1659035418620&vi=1659035417061&ri=a96b77fc83e39f8d36faa51d7b6aad58&ref=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&cv=20220726-7-RELEASE&item-url=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/unip/1169954/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
http://www.faxwine.ru.com
pragma
no-cache
date
Thu, 28 Jul 2022 19:10:12 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1307114/log/3/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1307114/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=14&ssd=1&est=1659035417067&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1659035418621&vi=1659035417061&ri=a639f7321b2a3b61adc1b123de58088a&ref=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&cv=20220726-7-RELEASE&item-url=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/unip/1169954/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
http://www.faxwine.ru.com
pragma
no-cache
date
Thu, 28 Jul 2022 19:10:12 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
b.clarity.ms/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.36/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
http://www.faxwine.ru.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
http://www.faxwine.ru.com
date
Thu, 28 Jul 2022 19:10:11 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
unip
trc-events.taboola.com/1169954/log/3/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1169954/log/3/unip?en=pre_d_eng_tb&tos=4556&scd=14&ssd=1&est=1659035417067&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1659035421624&vi=1659035417061&ri=a96b77fc83e39f8d36faa51d7b6aad58&ref=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&cv=20220726-7-RELEASE&item-url=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/unip/1169954/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
http://www.faxwine.ru.com
pragma
no-cache
date
Thu, 28 Jul 2022 19:10:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1307114/log/3/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1307114/log/3/unip?en=pre_d_eng_tb&tos=4556&scd=14&ssd=1&est=1659035417067&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1659035421624&vi=1659035417061&ri=a639f7321b2a3b61adc1b123de58088a&ref=http%3A%2F%2Fwww.faxwine.ru.com%2Foffer.php%3Fid%3D434%26sid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag&cv=20220726-7-RELEASE&item-url=http%3A%2F%2Fwww.faxwine.ru.com%2Fclicks%2FLumbarCorrect.php%3Fsid%3D983882%26h%3DGhQqSG37yZaOLsOo876lqQUoYBpR03INCiP1SynFdzg%2F2NbJnLlq6J6IeZA9N6yCNJJFGyDefIRvVR3HpNKm0j8Y4ABMzriZEKgagMGTcAkL8TLe9OuwVNiwNaGmlvSZfk_az5XDl_7akSQT-fUY-4bYbDCzjn9WBMHM8TYGP2NNKxwvZwbCU6iCjg5_mhTJag
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/unip/1169954/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.faxwine.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
http://www.faxwine.ru.com
pragma
no-cache
date
Thu, 28 Jul 2022 19:10:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.faxwine.ru.com
URL
http://www.faxwine.ru.com/clicks/LumbarCorrect_files/universalJSRequest.htm

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| gtag object| dataLayer object| _wpemojiSettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| ffluxQuery object| fflux object| gaplugins object| gaGlobal object| gaData object| _tfa function| obApi object| dotq string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq function| clarity object| twemoji object| wp function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| onYouTubeIframeAPIReady object| YAHOO function| $ function| jQuery object| jQuery1113044804200614893674 object| webpackChunkelementor_pro object| webpackChunkelementor function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| elementorModules object| runtime object| regeneratorRuntime function| TiktokJelly object| _jelly_sdks function| setImmediate function| clearImmediate function| sprintf function| vsprintf object| ElementorProFrontendConfig object| elementorProFrontend function| Waypoint function| Swiper function| ShareLink object| DialogsManager object| elementorFrontendConfig object| elementorFrontend function| Sticky string| searchQuery

22 Cookies

Domain/Path Name / Value
.faxwine.ru.com/ Name: _gid
Value: GA1.3.769618761.1659035417
.faxwine.ru.com/ Name: _gat_gtag_UA_22484186_3
Value: 1
.faxwine.ru.com/ Name: _gat_UA-230445376-1
Value: 1
.faxwine.ru.com/ Name: _ga_ESSM5KG8PE
Value: GS1.1.1659035416.1.0.1659035416.0
.faxwine.ru.com/ Name: _ga
Value: GA1.1.1181379071.1659035417
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.clarity.ms/ Name: CLID
Value: f45b880a8644440687dc5430a69a6cd9.20220728.20230728
www.faxwine.ru.com/ Name: outbrain_cid_fetch
Value: true
.tiktok.com/ Name: _ttp
Value: 2CaKm6kueNXnEbtokaRYJmlaQMi
.faxwine.ru.com/ Name: _tt_enable_cookie
Value: 1
.faxwine.ru.com/ Name: _ttp
Value: 8c7e882c-3bc2-4bbc-91b4-e9ee3aa74c7a
.faxwine.ru.com/ Name: _fbp
Value: fb.2.1659035417364.950188794
.facebook.com/ Name: fr
Value: 0jyQUoGWgiIVMNASK..Bi4t8T...1.0.Bi4t8T.
.faxwine.ru.com/ Name: _clck
Value: nww25m|1|f3j|0
.yahoo.com/ Name: A3
Value: d=AQABBBPf4mICEFKsL_HPa6I7KK9QeTE0vZEFEgEBAQEw5GLsYgAAAAAA_eMAAA&S=AQAAAoJFK5GZlhMYeZa5U-CezGM
.faxwine.ru.com/ Name: _clsk
Value: 863nn5|1659035418087|1|1|b.clarity.ms/collect
go.lumbarcorrect.com/ Name: PHPSESSID
Value: 8e4be53fcf828f859823ab7c29572c78
go.lumbarcorrect.com/ Name: csid3
Value: 8e4be53fcf828f859823ab7c29572c78
.c.bing.com/ Name: SRM_B
Value: 2DF635BC5AF4642C057324535B9F6520
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2DF635BC5AF4642C057324535B9F6520
.c.clarity.ms/ Name: ANONCHK
Value: 0

6 Console Messages

Source Level URL
Text
network error URL: http://www.faxwine.ru.com/clicks/fonts/eicons.woff2?5.15.0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.faxwine.ru.com/clicks/webfonts/fa-brands-400.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.faxwine.ru.com/clicks/fonts/eicons.woff?5.15.0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.faxwine.ru.com/clicks/fonts/eicons.ttf?5.15.0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.faxwine.ru.com/clicks/webfonts/fa-brands-400.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.faxwine.ru.com/clicks/webfonts/fa-brands-400.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
analytics.tiktok.com
b.clarity.ms
c.bing.com
c.clarity.ms
cdn.taboola.com
connect.facebook.net
fonts.gstatic.com
go.lumbarcorrect.com
googleads.g.doubleclick.net
region1.google-analytics.com
s.yimg.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
www.clarity.ms
www.facebook.com
www.faxwine.ru.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.lumbarcorrect.com
www.faxwine.ru.com
141.226.228.48
142.250.186.66
151.101.193.44
20.234.93.27
20.75.32.255
2001:4860:4802:32::36
212.82.100.181
23.35.237.86
23.36.163.228
2606:4700:3030::6815:1134
2606:4700:3031::6815:4b57
2620:1ec:27::cafe:1834
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:801::2008
2a00:1450:4001:809::2004
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:400c:c0c::9d
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::300
70.42.32.191
0457acb68c2e9d32413d1d9933c45a60f83f0885225c59beec9095d67d5c4255
06d616b938ef2b5905d2aa79d8431250cd6940fb4178b7bfecc2c10351670e4d
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
08ba95c17175cdff2785654bd5a6b7555bfe3a668a4a54ea40022c01397b655a
0a445b2415af181c03ea9b3d20714b2eb5d35e5e746673ece30df87916164876
0d8595fb7ffa0e0887cde86881029a8908b57878a7234db9fc871cdbae4c79ed
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f511d7aced97e2d82ace2a24e1bdc4475a7d57bb4902c71c78b3db3d81b3961
0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b
103ce383e1c6fd6d5afb710d11d7dd9869fa1010b5df5980ffe9dc3c4bda15d9
10a2cf3d16091fbc89cc987160b62093515cd31f0762a751775999311c7313f4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12a8d7fa57087e124203af4c4c95c90c6baaa9e6e38937d3a016b6b6a183f152
1cbcd07b6a0b43a03daff5f8f8af32d96c56d26b1493f48258dfa1ac27beedb8
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
1de95d838adf8d6c99feca2d3f2860490ee90f90a92651dcadd2b2d64a19e927
1f026beb67630abcdbc341651b1c17591aa76261296a9fb118793765964eb4e9
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2c18b245879dbff50f7852741e172d57e54d5c7b530224286ad19f23a5cb984b
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3acf85778968539721f33c13d7b3d5338a6d2b7892c3d7e6644a7c491a6a73c6
3bc5b1a06bdb8aa5df2b4a105fbadaaf5d182b93949c824771b677ebf210b567
3da40985846d59ff1eabc798bcfe3ae9328981858fb2d8a07426aa17855f3de5
445e7300950f57d74dc7582ef3fde3f7a19f8fe72347fae5dc2bb8dac9d70dc8
454035b45ee3e226dc99f42ead59db11ebd7274ed4c9889478249eea194a97d3
464ef11010894c28dabb29776eb35fe7f3da5ba57ed10189d6489268ac00af35
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4b9555eb4fb01c3cf18b8329e4ae62705042833cd447d4e7cb57cd6545e6d4ca
4e8e7cd4193c77cb73c879d8435af78b3fc7614181f1e7d3760641b7778b7400
4f29bb4b2be455ba77cc7ea9f2dcc89108cae0c9c54fc4cbb79c98b9c76a5c29
57a26327c2c444cdd055ca0eb158a177747156f72b991bab46a222156256fe33
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5f7aa90ade630ed2d5d0f980c8cee038f489af8bd0012dd6f60b18a7bd456dca
62a778d1aeb3888c56b5c930f8f343bbe2014a0f9b5c874af061bd6b18e1eafe
6b8c2236b437217e3b41357ddced7fde1478e466c4002a924bb91130ec1dfe28
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
7250cf579c74e9677165c2bdc2dd5a180d632b6f8780c09dc2231c28e1fe88de
72e4371cb8341d49a74779e54441e66f8853fc82685022b1761e654e90a203b5
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
73ab51302ca6e1586aa7d2f86422f9fe228ab991329bf9b646c371d834d08208
806ea6d54f56778e10fa44bcb14755440cdccaa5f038d570d86a55cc125f9a40
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
888937b853414182608e6ed76b574497748b1954de47389bf4b2018f90b9d324
8cbbd377fcb65c375b51395caef82c107bd5ef92b467cbff968fd5ddaa30e362
8cbd823d39c45a939dd43d5a1e97daffe61a754f923a00715029a2deeb2c2198
8e9b2258b5383cd80acc415960b62c979d06f45af9ea4d59ee328ed76e8a69ab
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a175735baf33059f02532b9ef678b12d867a0969753af044ce1615440a6b9ac
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6641e56e303519e7169059871e96240a07ad32fae6419d06c9d6cdc20376889
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f
b6d39822e34f949768c8aa5d6c99e4cde5013f2221990bf58137e8e2913d4ba7
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bccb715aeac8a50b19f527b17f3a1e86142e1b8ad8711c3195ce297696feb490
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c5d3efce28e1e4b610068a3bbced4986ea0281028cc3fef3458a4b9c241c1da3
ce6b49ca9fc6bce7548c2f246f67d66f98722c0c626c2256a40473c79f817c1a
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d5286f59b39642363e8242db6560752945adb073358d26f5f688c3b3d77e8c35
dbdaf71f10296ca38756cf0c3ca1a44dab3420bb88ce6d55372da5bff22c1bf0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b815ca3e581c38075e85d6056c7c5ce17aa406e382a54ebcc411437faec750
e3fa15dd4956392addb5a78a808fe5f1f966314a8d4638aa24b5283adf7e2291
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
eebb7c9b62d8028d702b547bcef97e776ada693cbafa64161471b1f96f5d0556
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3b168c097d61acde0e2bdf43e11db394006f4ba38f8e61b93b8c71f54af484a
f4f6e3e53177c08ab6c846bcb9873aac07bc77b76e56c21c45436d7a0c6d245f
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c