unilateralword.com Open in urlscan Pro
2606:4700:3032::ac43:c65d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://suivi.lnk01.com/c/443/455821e0de7ce0979639388f85096e913a6048e377de7d0385f38532a6d9e9f423f1f694ea285081#exnyg.l1p...
Effective URL:
https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
Submission: On September 27 via api (September 27th 2021, 7:57:55 am UTC) from BE — Scanned from DE

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 11 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3032::ac43:c65d, located in United States and belongs to CLOUDFLARENET, US. The main domain is unilateralword.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 21st 2021. Valid for: a year.

This is the only time unilateralword.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.114.137.232 167.114.137.232	16276 (OVH) (OVH)
2 3	195.154.49.155 195.154.49.155	12876 (Online SAS) (Online SAS)
1	172.99.173.238 172.99.173.238	398343 (BAXET-GROUP) (BAXET-GROUP)
1 1	2606:4700:303... 2606:4700:3035::6815:369b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700:303... 2606:4700:3032::ac43:c65d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::ac43:d32b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	13.225.78.49 13.225.78.49	16509 (AMAZON-02) (AMAZON-02)
2	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2606:4700:303... 2606:4700:3035::6815:4dbd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	10

1 167.114.137.232 (Montreal, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip232.ip-167-114-137.net

suivi.lnk01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.154.49.155 (Lavardac, France) 2 redirects

ASN12876 (Online SAS, FR)
PTR: 195-154-49-155.rev.poneytelecom.eu

outlookboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.99.173.238 (United States)

ASN398343 (BAXET-GROUP, US)
PTR: 172-99-173-238.telecomgroupdesign.com

plusgrowths.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:369b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

segretosdici.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3032::ac43:c65d (United States)

ASN13335 (CLOUDFLARENET, US)

unilateralword.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:d32b (United States)

ASN13335 (CLOUDFLARENET, US)

trk-aliquando.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-49.fra2.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3035::6815:4dbd (United States)

ASN13335 (CLOUDFLARENET, US)

event.trk-aliquando.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	unilateralword.com unilateralword.com	582 KB
5	trk-aliquando.com trk-aliquando.com event.trk-aliquando.com	3 KB
3	facebook.com www.facebook.com	785 B
3	snapchat.com tr.snapchat.com	654 B
3	outlookboard.com 2 redirects outlookboard.com	1 KB
2	mgid.com a.mgid.com	4 KB
2	sc-static.net sc-static.net	15 KB
2	facebook.net connect.facebook.net	170 KB
1	segretosdici.com 1 redirects segretosdici.com	816 B
1	plusgrowths.com plusgrowths.com	527 B
1	lnk01.com 1 redirects suivi.lnk01.com	195 B
36	11

	Domain	Requested by
17	unilateralword.com	plusgrowths.com unilateralword.com
4	event.trk-aliquando.com	trk-aliquando.com
3	www.facebook.com	unilateralword.com
3	tr.snapchat.com	unilateralword.com
3	outlookboard.com	2 redirects
2	a.mgid.com	unilateralword.com
2	sc-static.net	unilateralword.com sc-static.net
2	connect.facebook.net	unilateralword.com connect.facebook.net
1	trk-aliquando.com	unilateralword.com
1	segretosdici.com	1 redirects
1	plusgrowths.com	outlookboard.com
1	suivi.lnk01.com	1 redirects
36	12

This site contains no links.

Subject Issuer	Validity	Valid
plusgrowths.com R3	`2021-08-29` - `2021-11-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-07` - `2021-10-05`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
Frame ID: 9FF1CEDFBFA4EFCE27522A2C6A5DB971
Requests: 31 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
Frame ID: 33BA253C0FD2A1895EE132094E90F5D5
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 465EF05F03A35AB90B582FAE818EC82F
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 70E990AD16A264B17ACD9C949EABC75B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bild

Page URL History Show full URLs

https://suivi.lnk01.com/c/443/455821e0de7ce0979639388f85096e913a6048e377de7d0385f38532a6d9e9f423f1f6... HTTP 302
http://outlookboard.com/anchor HTTP 301
http://outlookboard.com/anchor/ Page URL
http://outlookboard.com/exnyg.l1ps?KGDGHKGHKMWRX=CpbSRJRNZFcCz1dz6q1h014wh901inu5011rc080j6s2rx4ihs HTTP 302
https://plusgrowths.com/0/0/0/368a766267aa449c5a3071eeee716041/1_210592_2550317/2280_1908333_0j6s2rx... Page URL
https://segretosdici.com/index2.php?id=103&s1=350524&s2=611959835&s3=3134&s4=0&p=de7bit3a HTTP 301
https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

36
Requests

97 %
HTTPS

50 %
IPv6

11
Domains

12
Subdomains

10
IPs

5
Countries

777 kB
Transfer

1307 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://suivi.lnk01.com/c/443/455821e0de7ce0979639388f85096e913a6048e377de7d0385f38532a6d9e9f423f1f694ea285081 HTTP 302
http://outlookboard.com/anchor HTTP 301
http://outlookboard.com/anchor/ Page URL
http://outlookboard.com/exnyg.l1ps?KGDGHKGHKMWRX=CpbSRJRNZFcCz1dz6q1h014wh901inu5011rc080j6s2rx4ihs HTTP 302
https://plusgrowths.com/0/0/0/368a766267aa449c5a3071eeee716041/1_210592_2550317/2280_1908333_0j6s2rx_8/845160533 Page URL
https://segretosdici.com/index2.php?id=103&s1=350524&s2=611959835&s3=3134&s4=0&p=de7bit3a HTTP 301
https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://suivi.lnk01.com/c/443/455821e0de7ce0979639388f85096e913a6048e377de7d0385f38532a6d9e9f423f1f694ea285081 HTTP 302
http://outlookboard.com/anchor HTTP 301
http://outlookboard.com/anchor/

Request Chain 1

http://outlookboard.com/exnyg.l1ps?KGDGHKGHKMWRX=CpbSRJRNZFcCz1dz6q1h014wh901inu5011rc080j6s2rx4ihs HTTP 302
https://plusgrowths.com/0/0/0/368a766267aa449c5a3071eeee716041/1_210592_2550317/2280_1908333_0j6s2rx_8/845160533

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
outlookboard.com/anchor/
Redirect Chain

https://suivi.lnk01.com/c/443/455821e0de7ce0979639388f85096e913a6048e377de7d0385f38532a6d9e9f423f1f694ea285081
http://outlookboard.com/anchor
http://outlookboard.com/anchor/

614 B
861 B

45ms
39ms

Document
text/html

195.154.49.155
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://outlookboard.com/anchor/
Protocol: HTTP/1.1
Server: 195.154.49.155 Lavardac, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-49-155.rev.poneytelecom.eu
Software: Apache /
Resource Hash

Request headers

Host: outlookboard.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 27 Sep 2021 07:57:48 GMT
Server: Apache
Last-Modified: Tue, 12 Jan 2021 16:35:51 GMT
ETag: "266-5b8b69d9ec1f7"
Accept-Ranges: bytes
Content-Length: 614
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 27 Sep 2021 07:57:48 GMT
Server: Apache
Location: http://outlookboard.com/anchor/
Content-Length: 239
Connection: close
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

845160533
plusgrowths.com/0/0/0/368a766267aa449c5a3071eeee716041/1_210592_2550317/2280_1908333_0j6s2rx_8/
Redirect Chain

http://outlookboard.com/exnyg.l1ps?KGDGHKGHKMWRX=CpbSRJRNZFcCz1dz6q1h014wh901inu5011rc080j6s2rx4ihs
https://plusgrowths.com/0/0/0/368a766267aa449c5a3071eeee716041/1_210592_2550317/2280_1908333_0j6s2rx_8/845160533

152 B
527 B

1381ms
601ms

Document
text/html

172.99.173.238
BAXET-GROUP

General

Check archive.org

Show headers Download Go to

Full URL: https://plusgrowths.com/0/0/0/368a766267aa449c5a3071eeee716041/1_210592_2550317/2280_1908333_0j6s2rx_8/845160533
Requested by: Host: outlookboard.com
URL: http://outlookboard.com/anchor/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.99.173.238 , United States, ASN398343 (BAXET-GROUP, US),
Reverse DNS: 172-99-173-238.telecomgroupdesign.com
Software: Apache /
Resource Hash

Request headers

Host: plusgrowths.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://outlookboard.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://outlookboard.com/anchor/#exnyg.l1ps?KGDGHKGHKMWRX=CpbSRJRNZFcCz1dz6q1h014wh901inu5011rc080j6s2rx4ihs

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
content-type: text/html; charset=UTF-8
server: Apache
set-cookie: uid3134=611959835-20210927035750-f70b78f1499b6958c87bd4b873f4f067-; domain=; expires=Wed, 27-Oct-2021 07:57:50 GMT; path=/; SameSite=None; Secure
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding

Redirect headers

Date: Mon, 27 Sep 2021 07:57:48 GMT
Server: Apache
Location: https://plusgrowths.com/0/0/0/368a766267aa449c5a3071eeee716041/1_210592_2550317/2280_1908333_0j6s2rx_8/845160533
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2

200

Primary Request / Show response
unilateralword.com/
Redirect Chain

https://segretosdici.com/index2.php?id=103&s1=350524&s2=611959835&s3=3134&s4=0&p=de7bit3a
https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

23 KB
7 KB

67ms
30ms

Document
text/html

2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Requested by

Host: plusgrowths.com
URL: https://plusgrowths.com/0/0/0/368a766267aa449c5a3071eeee716041/1_210592_2550317/2280_1908333_0j6s2rx_8/845160533

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c31bd388ed6aa58ec4f83bc45b81c942d4c17a73030b93ea74a3e9d113f1e82c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: unilateralword.com
:scheme: https
:path: /?0c5105db982186508efe40a0ac0f8c7e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://plusgrowths.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://plusgrowths.com/0/0/0/368a766267aa449c5a3071eeee716041/1_210592_2550317/2280_1908333_0j6s2rx_8/845160533

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAdC%2Bqvd6h2JDiJVnvq%2BOGfAv%2FJVtgNJjWeTEOGHMHbGI4%2BowgWf%2Ba0QlVBR0%2F1FDrMW%2F5495zpK86pa6kYhIMZdwJswL2P4oqH%2FTOmKcOwxiEIpKd7b40hHYaW8qpMSTNH8ny9qaUGrrHkhLx%2BUDP4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69532ef71cd46963-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 27 Sep 2021 07:57:50 GMT
content-type: text/html; charset=UTF-8
location: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
set-cookie: PHPSESSID=09aa68363f65b54cbb04afd9840a5f0c; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6jl8SEKs%2FjrWLIOPf%2Frv9B4klQ5kQjyG5SAz67cc8McFMHdPfx7TsXbWnQJKwj4BUlybZNtkqQqLUxFmqCru1Cs0sgfZ4nHzukmhT6cdO%2F26FZ%2FxEqVp2h3MrlcJkkYcRdlkUPEOPrwdwJLIA2O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69532ef65cea2bf6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 styles.main.css
unilateralword.com/master/de05/css/ 13 KB
3 KB 16ms
15ms Stylesheet
text/css 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unilateralword.com/master/de05/css/styles.main.css

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e330e84f6c6a27b1a44645dcdc03989b78af0979f0dc0726d989c12b85c1151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/de05/css/styles.main.css
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232515
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 09 May 2020 04:52:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAiXeFmlIHKny1fJDR2FGhmIj1StMeFRGEgLu5ko21mYqPV6fygkUNIQgSbkLRJUfgp9KJ2eyKnjDpJQ%2BwoGRFmOeaKKXiC65aR2AMJ5AAn50tFq8ZRNzGalnv0Z2nGVUj5NeBk0YSxMm%2BYdkUKYKao%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 69532ef76d8f6963-FRA
expires: Fri, 01 Oct 2021 15:22:35 GMT

GET
H2 200 all.css
unilateralword.com/master/de05/css/ 72 KB
12 KB 19ms
18ms Stylesheet
text/css 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unilateralword.com/master/de05/css/all.css

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14f59a08023a686505d0ab2fc8a93fc6eba4b7b729df74b459343439d12550e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/de05/css/all.css
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232515
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 11 May 2020 14:26:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiFrrCuWSqQICfzsAyZ9Z2gPmp2GAuBipEI1rLTbFgwEy464tZ4sYLw4O%2BjLQ3rGdS0AApSH%2BLsfW6gNETFaSUqHIdqCWKU5bAyB6szn8AszA7fhB2FyW6hEm5Evbpy3IFR21XY4MNSYBPiuXuvhH6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 69532ef76d916963-FRA
expires: Fri, 01 Oct 2021 15:22:35 GMT

GET
H2 200 msg.js Show response
unilateralword.com/inc/ 849 B
740 B 20ms
19ms Script
application/javascript 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unilateralword.com/inc/msg.js

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b3a277980f5493f1feca82a6493c8dc83f5a43dff796736559be1077ccec1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /inc/msg.js
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232528
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Mar 2021 17:15:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FX4OA43Dk02ZFolZIQFeRBt1S9ljN14CLbkqAKuMrdtRZDNf4bWEc8tpYTyCK4QDcQNhNQs2qcprUOpilxHlfP%2Bl8tdNjBUZG31SD2ZhKxfiauK8NAFkfIXc3sitTSDT9BcRwAsmzY%2FSn1q2s5p%2FsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 69532ef76d926963-FRA
expires: Fri, 01 Oct 2021 15:22:22 GMT

GET
H2 200 fbcode1.js Show response
unilateralword.com/inc/ 2 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unilateralword.com/inc/fbcode1.js

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /inc/fbcode1.js
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232528
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Oct 2020 23:35:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErtrA%2FzSWMQrUW1qlKxRq%2BRvWhSJv6uQoJDuLxlnFeXcDjt3NZ9CFclih79B5gdb%2BNxliiASEubsQ6Yu9e6dnMpsFgjeOCiuybN%2FthGkmJNK0pdyad1YTCEVND7i6LuXKS7tBH63iiYPDqCU5jo0vM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 69532ef76d936963-FRA
expires: Fri, 01 Oct 2021 15:22:22 GMT

GET
H2 200 35.bild.png
unilateralword.com/master/de05/images/ 656 B
1014 B 13ms
13ms Image
image/png 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unilateralword.com/master/de05/images/35.bild.png

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e867182fe5ddcea7ff1946dc2c3b3536e29800fcba3923743eba4fa6fed574a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/de05/images/35.bild.png
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232515
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 656
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jan 2020 19:14:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMmgmlWPXqCf0ChjzJTZgqEv2RUAFuNXENUh%2B%2B0Jt3iw%2FY2Ias%2B0BNv4tsSiTlj3c46dZAyg%2FGRROs17mgiM2cayq2MR7kd4SOpCk7RV%2FFJlJfxSPrWI%2BZfgkNaHshmLyGToBXnFrnD2Noj6Ih2Q9jA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 69532ef78dea6963-FRA
expires: Fri, 01 Oct 2021 15:22:35 GMT

GET
H2 200 header-right.png
unilateralword.com/master/de05/images/ 12 KB
12 KB 42ms
42ms Image
image/png 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unilateralword.com/master/de05/images/header-right.png

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac920e9f9259346b52f2ae4fde1d18e65317f0928e202af296295324881d996d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/de05/images/header-right.png
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232515
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12145
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jan 2020 19:14:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nAXtbPorVzDmwiaI%2BiMVx5L2%2Bvr4vnmA4LOpEzT54WpHlLOOsGjgp0ZNUCN%2BYVWKnPefdsqQ1qtrsnKgSTFejzB5h6CUt%2FLCC18uV1ikMcmmQPHdA5mCs9zcU2GJp8gquLrrcvCLaUnYJl7Ch8aBfE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 69532ef78df56963-FRA
expires: Fri, 01 Oct 2021 15:22:35 GMT

GET
H2 200 2018-03-28_12.06.25.jpg
unilateralword.com/master/de05/images/ 71 KB
71 KB 14ms
12ms Image
image/jpeg 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unilateralword.com/master/de05/images/2018-03-28_12.06.25.jpg

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30c4f2a06b46d153de2d1bbb71ac78058ff5aaebf2a01adb7915b7fd7605e90c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/de05/images/2018-03-28_12.06.25.jpg
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232515
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 72371
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jan 2020 19:14:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8g3OFNZ%2FwQdgOuboMS4dnOC%2F5VOL0BC%2FUvo1%2B0Zz1rTBpKrT67QsHKtibwd50bSfqWQvM7nSxEmb%2BoEPrd9liltNfiO6JDx1PnKcCs1mQy9ehOd9Z0I5Win984ATY4jyicl1jTR5%2FpqN4gjFoGvXXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 69532ef78dfc6963-FRA
expires: Fri, 01 Oct 2021 15:22:35 GMT

GET
H2 200 2018-03-28_12.06.48.jpg
unilateralword.com/master/de05/images/ 188 KB
189 KB 23ms
21ms Image
image/jpeg 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unilateralword.com/master/de05/images/2018-03-28_12.06.48.jpg

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ef18c874e412f0827a0830ddf7f9f6ace52e3ba01e85dfb0de890601d085b30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/de05/images/2018-03-28_12.06.48.jpg
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232515
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 192930
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jan 2020 19:14:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wl9Et5Tg6d61MjYHBwR87rxHwfHiqUMILSvQxMMnbTsRYIHF1LReblrzCcVb8rbwixf6LLq8eH2dRhM9Mi57sriNPWxJ1Mxe%2BgYmPEeVzz693vwreSUeLVJKlP15wdl8j%2FPNEW4K2WXyRK1F42HIK3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 69532ef78dff6963-FRA
expires: Fri, 01 Oct 2021 15:22:35 GMT

GET
H2 200 carsten-maschmeyer-und-judith-williams.jpg
unilateralword.com/master/de05/images/ 71 KB
72 KB 31ms
28ms Image
image/jpeg 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unilateralword.com/master/de05/images/carsten-maschmeyer-und-judith-williams.jpg

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c155aa91c885690a76b7980782929e024d0a9c1c0eb718467f1984b190e91e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/de05/images/carsten-maschmeyer-und-judith-williams.jpg
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232515
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 72905
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jan 2020 19:14:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGkpcWXeSQujnzLTZu6tfAawSgzHy0j5ghWHbUZdkdK6AqnaR6NTj0Wzt9LKJYl%2FJM7Qej9B6yImC5PBcLDhWf7ldiWJMMuobGbntSZNj41Ue3Q1O16V2IKvX1bJtwy0WUWRQq3XeAu2INQOM5Fvwd8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 69532ef78e016963-FRA
expires: Fri, 01 Oct 2021 15:22:35 GMT

GET
H2 200 ccccc.jpg
unilateralword.com/master/de05/images/ 138 KB
138 KB 30ms
28ms Image
image/jpeg 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unilateralword.com/master/de05/images/ccccc.jpg

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f51b53dba3c024c6ddb381aa17367a54be11c30b3a9411d9b0691aa3493882e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/de05/images/ccccc.jpg
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232514
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 140925
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jan 2020 19:14:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VR1DHGtR9SA9HDvX22DhDB8WhirLnE9l8cEBWZQq35oOGXfC1RCn3EXx14Me0SLH93VEjepo3lrrguzWkCDOl8483ZTCpCw4Cr9cZ222SjWQS%2BQycwFlx3B4jwa82oVKoBKZd0xsHic70Rh%2FQfuSxw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 69532ef78e026963-FRA
expires: Fri, 01 Oct 2021 15:22:36 GMT

GET
H2 200 prof1.jpg
unilateralword.com/master/de05/images/ 2 KB
3 KB 28ms
26ms Image
image/jpeg 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unilateralword.com/master/de05/images/prof1.jpg

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/de05/images/prof1.jpg
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232514
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2197
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jan 2020 19:14:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdECvGixa0Kd6XLHD%2FnmVqZxvpOQa7iJ8F%2BtVG6jJbd5JTWOdFgNY%2BBmDk13tOoLy65xJxc0kBkl0ix9qYyP0pQLjTQyyeSUC5Z5nFBTb0bss8E9Ez7x2PCmDSLulopG0tpoSWEVjqfj1NoWabX2acE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 69532ef78e036963-FRA
expires: Fri, 01 Oct 2021 15:22:36 GMT

GET
H2 200 prof2.jpg
unilateralword.com/master/de05/images/ 3 KB
3 KB 28ms
26ms Image
image/jpeg 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unilateralword.com/master/de05/images/prof2.jpg

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/de05/images/prof2.jpg
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232514
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2833
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jan 2020 19:14:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoCmfICc2iSQDj9nrC%2Fm5rDFUXMRwcnRHBvoV7y1mhBBJTTNVFUY5jwyVIYzv4B1Dff5RzuIiXDsAtXqCc2wrldwLNGL62rf822Mgz%2BCEguASL6gkv%2Bo%2FnMgIlVUZya2kZExCkbRspzx4igXY0GBEvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 69532ef79e046963-FRA
expires: Fri, 01 Oct 2021 15:22:36 GMT

GET
H2 200 prof3.jpg
unilateralword.com/master/de05/images/ 2 KB
3 KB 35ms
33ms Image
image/jpeg 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unilateralword.com/master/de05/images/prof3.jpg

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/de05/images/prof3.jpg
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232514
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1977
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jan 2020 19:14:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMPXD4rj7gpobVhi4aGQ3yRorwvKfLcXowURGnZ4dODW6Aug5g5VgJ3ITim%2FSbU%2BzVbpaB2RTi9pCBTptEvbIQuU9eB7NszCH7QkLnHeNz69XZosCI0T45azu%2Bh%2BjlR%2F5YKUB2AIwI5tzdivozK5oRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 69532ef79e066963-FRA
expires: Fri, 01 Oct 2021 15:22:36 GMT

GET
H2 200 prof4.jpg
unilateralword.com/master/de05/images/ 2 KB
2 KB 35ms
33ms Image
image/jpeg 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unilateralword.com/master/de05/images/prof4.jpg

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/de05/images/prof4.jpg
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232514
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2208
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jan 2020 19:14:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vEY8QNjB1mqlJZtQ2V%2FhLVHyJsSMdVnu0Vl3nfXAgVQTSr0H2UUAVn98PmG5O6EKmLzYrjEaK4I%2B8WUvlqM42Bdkn1kw4VmKacVpO%2B2PbF1isV6oBmIaAX5ULGudl0AP3UVtQAqDqwGhZdL7gyvVHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 69532ef79e076963-FRA
expires: Fri, 01 Oct 2021 15:22:36 GMT

GET
H2 200 prof5.jpg
unilateralword.com/master/de05/images/ 2 KB
2 KB 29ms
28ms Image
image/jpeg 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unilateralword.com/master/de05/images/prof5.jpg

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/de05/images/prof5.jpg
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232514
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1597
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jan 2020 19:14:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fh6ixCXszV1DkcyBIvzbKAcK5vDcnIZU%2BbMo%2FgDJm%2BS7TwzDqhX2HlXrRQYoxzypqkeIJmr61pKZdhAOsjPWfhV6U0kKGscW%2Fo%2F1VUJoT%2Bg2tny0kVdl%2FWKD0xpvs8ZVF7arj9Ms7Us2ZHxpSbkohw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 69532ef79e086963-FRA
expires: Fri, 01 Oct 2021 15:22:36 GMT

GET
H2 200 184dc9ab-6565-4fbf-a6a5-27cb70a870e3.jpg
unilateralword.com/master/de05/images/ 62 KB
62 KB 39ms
38ms Image
image/jpeg 2606:4700:3032::ac43:c65d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unilateralword.com/master/de05/images/184dc9ab-6565-4fbf-a6a5-27cb70a870e3.jpg

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c65d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d81524ff46cf40ab5b8dafa8597489819bed792aeffde58837e55b99013464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/de05/images/184dc9ab-6565-4fbf-a6a5-27cb70a870e3.jpg
pragma: no-cache
cookie: PHPSESSID=3e9ba2a3d2636ce626a33b5aa7c21085
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: unilateralword.com
referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232514
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 63131
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jan 2020 19:14:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96bqthPTJ37fh8yLGooHPMQAfebZ9kxrAGAofdoWoLnUoTi7mGvceCWLRKXoGnN7Ctk3winb1G3VXMrtbLhJW9QLuxGxJIjKroG43gogUcWy7%2FoKiUXQm85y7lBvulkpWQfQXU60vH4UcuyNz7RdYi0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 69532ef79e0b6963-FRA
expires: Fri, 01 Oct 2021 15:22:36 GMT

GET
H2 200 v9e118mez8 Show response
trk-aliquando.com/scripts/push/ 7 KB
3 KB 165ms
120ms Script
application/javascript 2606:4700:3034::ac43:d32b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-aliquando.com/scripts/push/v9e118mez8

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/inc/msg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:d32b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb491e2aca01081c812645fa7c5c20e8f379f3f49dfe88c938b5cdf6d7c9b918

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzowVhLy7eE0j9MhyoDJTY6s6W3jad78hiAYa3oyP%2F019V4JVA8oeB%2FfSJEH2CdVcMOVzUuCcxMZb3ArR%2FwfI8hgoWua6u%2BS2fDTJPqoLCtxmre9lvDNbanc4QioYyhzmCk6JdEL0H70sgSEFFZYKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray: 69532ef7d98b5c98-FRA
expires: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/inc/fbcode1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: gHBFWL6XVtewxuCDi4PWjTahTd+5OVE4hY/9TujYK78cPH1XQl1nkLG/RJmRFqv6KGpA6+VrPXRItwzFBAQtPQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 27 Sep 2021 07:57:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 15 KB
6 KB 68ms
23ms Script
application/javascript 13.225.78.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: unilateralword.com
URL: https://unilateralword.com/inc/fbcode1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-49.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
content-encoding: gzip
server: CloudFront
x-edge-origin-shield-skipped: 0
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: Content-Type
content-length: 5873
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
x-amz-cf-id: bpQbXC0-SdAjG8Q1z5oQRSfVUhJOQlT0sBGwi05I74Ek_wHfbQgbGA==

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 12 KB
4 KB 160ms
104ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1632729470644
Requested by: Host: unilateralword.com
URL: https://unilateralword.com/inc/fbcode1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b127181486c082afd048feabd5f69153c3993ccccc57085e4018609ed68f43c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 07:57:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 48dc646e-3c95-4092-ac18-a9d9b5feee6b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69532ef7f92fedff-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 399694290689525 Show response
connect.facebook.net/signals/config/ 490 KB
144 KB 69ms
68ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/399694290689525?v=2.9.46&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dcad4e540b077a7b7b705f177cea01553d25256a487fed9f05edd359d15dba45

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: R8+BIcEXR608g3f92ECjxnU+lun93MNyJGVwxhTTKX5Vk8V57B0Lv/T6ZVCarNcjS0LRGqopzgMy9ICtAxDGoA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 27 Sep 2021 07:57:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 33BA 0
262 B 52ms
20ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://unilateralword.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/

Response headers

server: nginx/1.17.3
date: Mon, 27 Sep 2021 07:57:50 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js-sha256-v1.min.js Show response
sc-static.net/ 22 KB
9 KB 25ms
8ms Script
application/javascript 13.225.78.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/js-sha256-v1.min.js
Requested by: Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-49.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Referer: https://unilateralword.com/
Origin: https://unilateralword.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:19:24 GMT
content-encoding: gzip
age: 31107
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
server: AmazonS3
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Type
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: YVVjF_JJt5SmkQK0WzF1BOzwb84bwZp3JSqIIGyBrAUAi2tB_hZgVg==

POST
H2 200 p Show response
tr.snapchat.com/ Frame 465E 0
205 B 26ms
25ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 357
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://unilateralword.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://unilateralword.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://unilateralword.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/

Response headers

server: nginx/1.17.3
date: Mon, 27 Sep 2021 07:57:50 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBiQ3AMAgEsImQAsejG4eSbsHwsf0LXv1HmjXi1BTmhJgCjVbUjV1NWBm9zp4HueH47jIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 p Show response
tr.snapchat.com/ Frame 70E9 0
187 B 26ms
26ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 360
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://unilateralword.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://unilateralword.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://unilateralword.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/

Response headers

server: nginx/1.17.3
date: Mon, 27 Sep 2021 07:57:50 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgRHAQAQEwIrMeC45ypHhq1B8di/9gfkIZ1qAKCk1CPNmH42Kr3fP60ZLUFd/fp+aPTIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
435 B 135ms
112ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=507061&type=c&tg=&r=https%3A%2F%2Funilateralword.com%2F%3F0c5105db982186508efe40a0ac0f8c7e&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1632729470816
Requested by: Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 07:57:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69532ef8ca1b4037-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 44 B
425 B 23ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=PageView&dl=https%3A%2F%2Funilateralword.com%2F%3F0c5105db982186508efe40a0ac0f8c7e&rl=https%3A%2F%2Fplusgrowths.com%2F&if=false&ts=1632729470851&sw=1600&sh=1200&v=2.9.46&r=stable&ec=0&o=30&fbp=fb.1.1632729470850.708616922&it=1632729470717&coo=false&exp=p0&rqm=GET

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 27 Sep 2021 07:57:50 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 23ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=ViewContent&dl=https%3A%2F%2Funilateralword.com%2F%3F0c5105db982186508efe40a0ac0f8c7e&rl=https%3A%2F%2Fplusgrowths.com%2F&if=false&ts=1632729470856&sw=1600&sh=1200&v=2.9.46&r=stable&ec=1&o=30&fbp=fb.1.1632729470850.708616922&it=1632729470717&coo=false&exp=p0&rqm=GET

Requested by

Host: unilateralword.com
URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 27 Sep 2021 07:57:50 GMT

POST
H2 200 v9e118mez8
event.trk-aliquando.com/register/event_log/ 0
0 413ms
111ms Fetch 2606:4700:3035::6815:4dbd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-aliquando.com/register/event_log/v9e118mez8

Requested by

Host: trk-aliquando.com
URL: https://trk-aliquando.com/scripts/push/v9e118mez8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:4dbd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://unilateralword.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 27 Sep 2021 07:57:52 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiaLoWeFxIE2ilI3odVSe%2FwLA9EeR2tqM90YGa96L3NbDwB4FORidGCcOsui7FHAl59HQ366Obt9xFnpx2v%2BhwnuD2VOS6qdsdQxSGrDPcEFo19e19cVdFScaBQuhGolWUxwwREhShLNiDz8yNFER9kHbhhW%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://unilateralword.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 69532effbdd716ea-FRA
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-aliquando.com/register/event_log/ Frame 0
0 156ms
113ms Preflight 2606:4700:3035::6815:4dbd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-aliquando.com/register/event_log/v9e118mez8
Protocol: H2
Server: 2606:4700:3035::6815:4dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://unilateralword.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 27 Sep 2021 07:57:51 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://unilateralword.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MeIEPwhRCb51QVd1zxotqwUWl%2Bn4TpAoIU%2BUd34aQnmzERYPqDjryXpJ%2F1C2FZuNadejtyKFLclNbso0o2EIltvDWlXKoGov2UsxKZMk%2FsK8tnIbl6pSq810zEGkkt0%2BgwNVkab4Byn1GjLbJy%2BmUzLqRNPEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69532efd2a8f16ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 v9e118mez8
event.trk-aliquando.com/register/event_log/ 0
0 418ms
119ms Fetch 2606:4700:3035::6815:4dbd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-aliquando.com/register/event_log/v9e118mez8

Requested by

Host: trk-aliquando.com
URL: https://trk-aliquando.com/scripts/push/v9e118mez8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:4dbd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://unilateralword.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 27 Sep 2021 07:57:52 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eMqDrc1y4m0obgmYmXJRbKPmT0w429UT2h%2FLJebEYa8vTGG7MBZdnx9TViZ%2Bx4UPt8dPOsWYDfsmlVJpaRQSbzYhBtkJXpjAFxf7UCx1FpSxBEjzlI%2B1siKD1kgZLEBfinAa73gS%2FjrBW8R1O1%2FV0O%2BUGLi1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://unilateralword.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 69532effbdd816ea-FRA
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-aliquando.com/register/event_log/ Frame 0
0 158ms
116ms Preflight 2606:4700:3035::6815:4dbd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-aliquando.com/register/event_log/v9e118mez8
Protocol: H2
Server: 2606:4700:3035::6815:4dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://unilateralword.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 27 Sep 2021 07:57:51 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://unilateralword.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WnylAhfL81hiAdCdi9L692HarJ8MFysdROsfJx%2BnGc0eE0nA4dshZoefdiec9K1Y%2F%2BaN3ch75lpJ8L8dKTmIvMoXtLjyxVLCkFjRzmCwW4IrSLkTKDS6%2B%2FSvPX%2FTNSKPr7KXQ%2FnBA4BxyFYOErcnx4uNj9waA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69532efd2a9016ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=Microdata&dl=https%3A%2F%2Funilateralword.com%2F%3F0c5105db982186508efe40a0ac0f8c7e&rl=https%3A%2F%2Fplusgrowths.com%2F&if=false&ts=1632729472354&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bild%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.46&r=stable&ec=2&o=30&fbp=fb.1.1632729470850.708616922&it=1632729470717&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unilateralword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:57:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 27 Sep 2021 07:57:52 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-19 21:33:35	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
plusgrowths.com/	1970-01-19 22:15:21	Name: uid3134 Value: 611959835-20210927035750-f70b78f1499b6958c87bd4b873f4f067-
segretosdici.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 09aa68363f65b54cbb04afd9840a5f0c
unilateralword.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3e9ba2a3d2636ce626a33b5aa7c21085
.unilateralword.com/	1970-01-20 07:01:56	Name: _scid Value: 51b0b000-29f9-475a-a21d-5e1a37e9b960
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: l8rO5LJfJ7V0
.mgid.com/	1970-01-19 21:32:11	Name: __cf_bm Value: cbcb59c8fa76fae7723a5fbc5979281cfc84a228-1632729470-0-AeUjordE2URnNt/pmGzdR2d2GC+UWwmQjkKA0sx4q9h321VZHqoK61WpkVJ/WqpJuK9TghaIhjy9Qm/VQsK/1aE=
.snapchat.com/	1970-01-20 06:53:45	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgRHAQAQEwIrMeC45ypHhq1B8di/9gfkIZ1qAKCk1CPNmH42Kr3fP60ZLUFd/fp+aPTIAAAA=
unilateralword.com/	1970-01-19 23:41:45	Name: MgidSensorNVis Value: 1
unilateralword.com/	1970-01-19 23:41:45	Name: MgidSensorHref Value: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e
.unilateralword.com/	1970-01-19 23:41:45	Name: _fbp Value: fb.1.1632729470850.708616922
.facebook.com/	1970-01-19 23:41:45	Name: fr Value: 0smyfbKIqd6Kn6FuM..BhUXl-...1.0.BhUXl-.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://unilateralword.com/?0c5105db982186508efe40a0ac0f8c7e Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
connect.facebook.net
event.trk-aliquando.com
outlookboard.com
plusgrowths.com
sc-static.net
segretosdici.com
suivi.lnk01.com
tr.snapchat.com
trk-aliquando.com
unilateralword.com
www.facebook.com
104.19.136.78
13.225.78.49
167.114.137.232
172.99.173.238
195.154.49.155
2606:4700:3032::ac43:c65d
2606:4700:3034::ac43:d32b
2606:4700:3035::6815:369b
2606:4700:3035::6815:4dbd
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
35.186.226.184
05b3a277980f5493f1feca82a6493c8dc83f5a43dff796736559be1077ccec1f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f59a08023a686505d0ab2fc8a93fc6eba4b7b729df74b459343439d12550e3
1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8
2e330e84f6c6a27b1a44645dcdc03989b78af0979f0dc0726d989c12b85c1151
30c4f2a06b46d153de2d1bbb71ac78058ff5aaebf2a01adb7915b7fd7605e90c
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
4f51b53dba3c024c6ddb381aa17367a54be11c30b3a9411d9b0691aa3493882e
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1
6ef18c874e412f0827a0830ddf7f9f6ace52e3ba01e85dfb0de890601d085b30
70d81524ff46cf40ab5b8dafa8597489819bed792aeffde58837e55b99013464
a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
ac920e9f9259346b52f2ae4fde1d18e65317f0928e202af296295324881d996d
b127181486c082afd048feabd5f69153c3993ccccc57085e4018609ed68f43c3
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
c155aa91c885690a76b7980782929e024d0a9c1c0eb718467f1984b190e91e39
c31bd388ed6aa58ec4f83bc45b81c942d4c17a73030b93ea74a3e9d113f1e82c
dcad4e540b077a7b7b705f177cea01553d25256a487fed9f05edd359d15dba45
df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e867182fe5ddcea7ff1946dc2c3b3536e29800fcba3923743eba4fa6fed574a6
f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4
f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91
fb491e2aca01081c812645fa7c5c20e8f379f3f49dfe88c938b5cdf6d7c9b918

unilateralword.com Open in urlscan Pro 2606:4700:3032::ac43:c65d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

97 %HTTPS

50 %IPv6

11 Domains

12 Subdomains

10 IPs

5 Countries

777 kBTransfer

1307 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

unilateralword.com Open in urlscan Pro
2606:4700:3032::ac43:c65d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

97 %
HTTPS

50 %
IPv6

11
Domains

12
Subdomains

10
IPs

5
Countries

777 kB
Transfer

1307 kB
Size

12
Cookies

36 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!