www.domaintools.com Open in urlscan Pro
141.193.213.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
Submission Tags: falconsandbox
Submission: On August 11 via api (August 11th 2024, 3:43:07 pm UTC) from US — Scanned from CA

Summary HTTP 56 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 24 IPs in 2 countries across 19 domains to perform 56 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.domaintools.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 25th 2024. Valid for: a year.

This is the only time www.domaintools.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	172.217.13.138 172.217.13.138	15169 (GOOGLE) (GOOGLE)
1	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.201.177.77 23.201.177.77	16625 (AKAMAI-AS) (AKAMAI-AS)
3	172.217.13.136 172.217.13.136	15169 (GOOGLE) (GOOGLE)
1	104.22.0.204 104.22.0.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.107.246.40 13.107.246.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.80.3 142.250.80.3	15169 (GOOGLE) (GOOGLE)
1	104.22.1.204 104.22.1.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.200.3.26 23.200.3.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.204.6.193 23.204.6.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.36.196 104.18.36.196	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	152.199.2.76 152.199.2.76	15133 (EDGECAST) (EDGECAST)
1	216.239.38.181 216.239.38.181	15169 (GOOGLE) (GOOGLE)
1	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
2	172.217.13.131 172.217.13.131	15169 (GOOGLE) (GOOGLE)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 6	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	172.217.13.164 172.217.13.164	15169 (GOOGLE) (GOOGLE)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.21.237 13.107.21.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
56	24

16 141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.domaintools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.138 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

info.domaintools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.177.77 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-177-77.deploy.static.akamaitechnologies.com

cdn-4.convertexperiments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.13.136 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.0.204 (None, )

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.3 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.1.204 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.200.3.26 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-3-26.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.204.6.193 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-6-193.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.196 (None, )

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.199.2.76 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.131 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

132-ohd-785.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.164 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	domaintools.com www.domaintools.com info.domaintools.com	418 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 x.clarity.ms — Cisco Umbrella Rank: 8333 c.clarity.ms — Cisco Umbrella Rank: 1838	30 KB
6	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 www.linkedin.com — Cisco Umbrella Rank: 914	4 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 17231	26 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 66995 ibc-flow.techtarget.com — Cisco Umbrella Rank: 63746	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	300 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 9677	127 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	2 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 238 www.google.com — Cisco Umbrella Rank: 10	64 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 8471	6 KB
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 7038 cdn.acsbapp.com — Cisco Umbrella Rank: 7605	95 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 341	772 B
1	mktoresp.com 132-ohd-785.mktoresp.com	318 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 26454	181 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	gstatic.com fonts.gstatic.com	19 KB
1	convertexperiments.com cdn-4.convertexperiments.com — Cisco Umbrella Rank: 12596	67 KB
0	freegeoip.app Failed freegeoip.app Failed
56	19

	Domain	Requested by
16	www.domaintools.com	www.domaintools.com
5	px.ads.linkedin.com	2 redirects snap.licdn.com www.domaintools.com
4	cdn.bizible.com	www.googletagmanager.com www.domaintools.com cdn.bizible.com
3	x.clarity.ms	www.clarity.ms cdn.bizible.com
3	www.clarity.ms	www.domaintools.com www.clarity.ms
3	www.googletagmanager.com	www.domaintools.com www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	ibc-flow.techtarget.com	trk.techtarget.com
2	www.google.ca	www.domaintools.com
2	munchkin.marketo.net	www.domaintools.com munchkin.marketo.net
2	fonts.googleapis.com	www.domaintools.com
1	c.bing.com	1 redirects
1	www.google.com	www.domaintools.com
1	132-ohd-785.mktoresp.com	munchkin.marketo.net
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	cdn.bizibly.com	www.domaintools.com
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	trk.techtarget.com	www.domaintools.com
1	snap.licdn.com	www.googletagmanager.com
1	cdn.acsbapp.com	acsbapp.com
1	fonts.gstatic.com	fonts.googleapis.com
1	acsbapp.com	www.domaintools.com
1	cdn-4.convertexperiments.com	www.domaintools.com
1	info.domaintools.com	www.domaintools.com
0	freegeoip.app Failed	www.domaintools.com
56	27

This site contains links to these domains. Also see Links.

Domain
accessibe.com
domaintools.com
research.domaintools.com
account.domaintools.com
domaintools.allbound.com
www.facebook.com
twitter.com
www.linkedin.com
cookie-bar.eu
ico.org.uk
support.google.com
support.mozilla.org
windows.microsoft.com
help.opera.com
support.apple.com

Subject Issuer	Validity	Valid
domaintools.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-25` - `2025-08-24`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
info.domaintools.com E6	`2024-07-19` - `2024-10-17`	3 months	crt.sh
*.convertexperiments.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-09` - `2024-11-09`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
acsbapp.com WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
trk.techtarget.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-07` - `2025-07-08`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.ca WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
ibc-flow.techtarget.com WR3	`2024-07-02` - `2024-09-30`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
Frame ID: 82D394BECE80307A579AA5E125ED076D
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - DomainTools | Start Here. Know Now.

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Page Statistics

56
Requests

93 %
HTTPS

0 %
IPv6

19
Domains

27
Subdomains

24
IPs

2
Countries

983 kB
Transfer

2514 kB
Size

31
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Accessibility Screen-Reader Guide, Feedback, and Issue Reporting

Search URL Search Domain Scan URL

URL: https://domaintools.com/products/platform/
Title: Iris Intelligence Platform

Search URL Search Domain Scan URL

URL: https://research.domaintools.com/
Title: -

Search URL Search Domain Scan URL

URL: https://account.domaintools.com/log-in/?r=http%3A/whois.domaintools.com
Title: Login

Search URL Search Domain Scan URL

URL: https://domaintools.com/integrations/?_integration=siem
Title: SIEM

Search URL Search Domain Scan URL

URL: https://domaintools.com/integrations/?_integration=soar
Title: SOAR

Search URL Search Domain Scan URL

URL: https://domaintools.com/integrations/?_integration=threat-intelligence
Title: Threat Intelligence

Search URL Search Domain Scan URL

URL: http://domaintools.allbound.com/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://domaintools.com/rss
Title: Rss

Search URL Search Domain Scan URL

URL: https://www.facebook.com/domaintoolsllc/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/domaintools/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/domaintools/
Title: Linkedin

Search URL Search Domain Scan URL

URL: http://cookie-bar.eu/
Title: cookie bar

Search URL Search Domain Scan URL

URL: https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/
Title: Information Commissioner's Office

Search URL Search Domain Scan URL

URL: https://support.google.com/accounts/answer/61416?hl=en
Title: Chrome

Search URL Search Domain Scan URL

URL: https://support.mozilla.org/en-GB/kb/enable-and-disable-cookies-website-preferences
Title: Firefox

Search URL Search Domain Scan URL

URL: http://windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies#ie=ie-11
Title: Internet Explorer

Search URL Search Domain Scan URL

URL: https://help.opera.com/en/latest/web-preferences/#cookies
Title: Opera

Search URL Search Domain Scan URL

URL: https://support.apple.com/kb/PH17191?viewlocale=en_GB
Title: Safari

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1818588&time=1723390982050&li_adsId=7fe026d4-edcc-42d4-91e3-bc43ed13859a&url=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1818588&time=1723390982050&li_adsId=7fe026d4-edcc-42d4-91e3-bc43ed13859a&url=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1818588%26time%3D1723390982050%26li_adsId%3D7fe026d4-edcc-42d4-91e3-bc43ed13859a%26url%3Dhttps%253A%252F%252Fwww.domaintools.com%252Fresources%252Fblog%252Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1818588&time=1723390982050&li_adsId=7fe026d4-edcc-42d4-91e3-bc43ed13859a&url=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&tm=gtmv2&cookiesTest=true&liSync=true

Request Chain 51

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2D4941F0DAC8428BA3AD379102027FF9&RedC=c.clarity.ms&MXFR=3BEA187644AA669E251A0CAE40AA682F HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2D4941F0DAC8428BA3AD379102027FF9&MUID=220D3ADB7C1C62E611E52E037DB66331

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request covidlock-mobile-coronavirus-tracking-app-coughs-upransomware Show response
www.domaintools.com/resources/blog/ 124 KB
19 KB 214ms
130ms Document
text/html 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 8a79770835ce924841589a3287ccf9f066fddcfabf65f0749a24972223cee3d5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b1956bf2d7cabdc-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 11 Aug 2024 15:43:01 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: non200
x-powered-by: WP Engine

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
397 B 147ms
60ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Outfit:wght@300;400;500;600;700&display=swap&text=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789.,!?;()%5B%5D%C2%AE%C2%A9

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

3f253210ebe1c9498cf483a3593addda4e2e2f3f8ba2cf41684c7324b31a5335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 11 Aug 2024 15:43:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Aug 2024 15:43:01 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
769 B 146ms
60ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Code+Pro:wght@400;500;600;700;800&display=swap&text=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789.,!?;()%5B%5D%C2%AE%C2%A9

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

556edb23e11387170c5ac590af4775f8518da6443373c4cc64c3299009906782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 11 Aug 2024 15:43:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Aug 2024 15:43:01 GMT

GET
H2 200 avia-merged-styles-e63263b390aa94abb081e79efa3c7dfe---66b5b409ad488.css
www.domaintools.com/wp-content/uploads/dynamic_avia/ 139 KB
17 KB 43ms
41ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.domaintools.com/wp-content/uploads/dynamic_avia/avia-merged-styles-e63263b390aa94abb081e79efa3c7dfe---66b5b409ad488.css

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c963ece022070ba714ca1e4567e16ab6e71ab816cfa9102e724826b5b09a750

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Aug 2024 06:15:37 GMT
server: cloudflare
age: 173286
etag: W/"66b5b409-22bce"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: ALLOW-FROM https://info.domaintools.com
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b1956c00e59abdc-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookiebar-latest.js Show response
www.domaintools.com/wp-content/plugins/punch-cookie-bar/ 15 KB
4 KB 41ms
39ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.domaintools.com/wp-content/plugins/punch-cookie-bar/cookiebar-latest.js?1&ver=1.7.3

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

af3edbeed792a9beed2183a7c0284c7d8f23d66df362feff6587e696d813d196

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Feb 2024 17:10:16 GMT
server: cloudflare
age: 173286
etag: W/"65cf96f8-3a28"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: ALLOW-FROM https://info.domaintools.com
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b1956c00e5babdc-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 avia-head-scripts-9c03b4ff95698b2f6186b3b97242b340---66b5b409d4ed8.js Show response
www.domaintools.com/wp-content/uploads/dynamic_avia/ 2 KB
829 B 38ms
37ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.domaintools.com/wp-content/uploads/dynamic_avia/avia-head-scripts-9c03b4ff95698b2f6186b3b97242b340---66b5b409d4ed8.js

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

58ff9eb6df900abfb969d968f46db835fb8e2b351dc4d7af98a278d195fc5ec8

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Aug 2024 06:15:37 GMT
server: cloudflare
age: 173286
etag: W/"66b5b409-651"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: ALLOW-FROM https://info.domaintools.com
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b1956c00e5cabdc-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 forms2.min.js Show response
info.domaintools.com/js/forms2/js/ 199 KB
67 KB 186ms
72ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.domaintools.com/js/forms2/js/forms2.min.js

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 19 Jul 2024 20:11:11 GMT
server: cloudflare
etag: "22145b-31b30-61d9f4beb95c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8b1956c0cefc36fe-YYZ
expires: Sun, 11 Aug 2024 19:43:01 GMT

GET
H2 200 10042613-10043457.js Show response
cdn-4.convertexperiments.com/js/ 218 KB
67 KB 240ms
142ms Script
application/javascript 23.201.177.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-4.convertexperiments.com/js/10042613-10043457.js
Requested by: Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.177.77 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-177-77.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d592d086900215aebcb24a74a80c53f76b19a1d7d2be6b401e260077252f0f22

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,POST,OPTIONS
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=300
access-control-allow-headers: *
expires: Sun, 11 Aug 2024 15:48:01 GMT

GET
H2 200 avia-footer-scripts-75b4a20032f001b192ed41b9bc6f5865---66b5b40a27a82.js Show response
www.domaintools.com/wp-content/uploads/dynamic_avia/ 15 KB
3 KB 44ms
44ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.domaintools.com/wp-content/uploads/dynamic_avia/avia-footer-scripts-75b4a20032f001b192ed41b9bc6f5865---66b5b40a27a82.js

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f8947aaefc5c927806f087a4ee28b914995154457d9570abe1d80abd3fc942d

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Aug 2024 06:15:38 GMT
server: cloudflare
age: 173286
etag: W/"66b5b40a-3cf5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: ALLOW-FROM https://info.domaintools.com
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b1956c00e5eabdc-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 lazyload.min.js Show response
www.domaintools.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 41ms
41ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.domaintools.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Aug 2024 13:53:55 GMT
server: cloudflare
age: 179308
etag: W/"66ace4f3-22bc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: ALLOW-FROM https://info.domaintools.com
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b1956c16da554c1-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
102 KB 163ms
77ms Script
application/javascript 172.217.13.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5P2JCN

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6ed52f58be718466c83543da9ba7a41764bf88989c91079d6039ca7a5539e3d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104029
x-xss-protection: 0
last-modified: Sun, 11 Aug 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 11 Aug 2024 15:43:01 GMT

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 311 KB
95 KB 148ms
85ms Script
application/javascript 104.22.0.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf636da973a0c1c1e1555db34ec87b37a93a710da338dcfa5058e5165edd91cc

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: AHxI1nMHdbQQaY1_6cfN834xDMZJKB17gjywm0Rdeatbuep7jeSAo6cl-WKLBXFyVDGnALdAtAQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Sun, 11 Aug 2024 08:54:25 GMT
server: cloudflare
etag: W/"e33f888f316a5239fad724cdb08f093c"
vary: Accept-Encoding
x-goog-generation: 1723366465424203
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=Fzg2qA==, md5=4z+IjzFqUjn61yTNsI8JPA==
access-control-expose-headers: *
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 318527
cf-ray: 8b1956c25badabfd-YYZ
expires: Mon, 11 Aug 2025 15:43:01 GMT

GET
H2 200 gv4l8utopq Show response
www.clarity.ms/tag/ 687 B
1 KB 274ms
149ms Script
application/x-javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gv4l8utopq
Requested by: Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d391d18e86fe34bdfa1d0f768fd93e0267d2e444d3cbba7ec846dee2edb75ea3

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
date: Sun, 11 Aug 2024 15:43:01 GMT
x-azure-ref: 20240811T154301Z-17fd6bb7c96j7jqtx85cehvfew0000000tyg000000003trz
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 687
expires: -1

GET
H2 200 font
fonts.gstatic.com/l/ 18 KB
19 KB 213ms
125ms Font
text/html 142.250.80.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=QGYvz_MVcBeNP4N5tlkkWqjFs9Z40MrFH7SiIRAQmJicYWKOBYYZbBiMoh_MZoplNGQ46Z5lB6H8lJlhAOoOC6aykZFDj-s1RjTzHZRLzqwesFeRA1L34FK_&skey=bafc0b239d492b2c&v=v11

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Outfit:wght@300;400;500;600;700&display=swap&text=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789.,!?;()%5B%5D%C2%AE%C2%A9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f3.1e100.net

Software

ESF /

Resource Hash

35e66760cc48df7e87965080635f8c433327fa923f2c16bdd28c182cbfb4ba13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.domaintools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18892
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 19:18:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 11 Aug 2024 15:43:01 GMT

GET
H3 200 domaintools-icons.woff2
www.domaintools.com/wp-content/uploads/dynamic_avia/avia_icon_fonts/domaintools-icons/ 24 KB
24 KB 40ms
39ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.domaintools.com/wp-content/uploads/dynamic_avia/avia_icon_fonts/domaintools-icons/domaintools-icons.woff2

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

08732018287969c027d90f0b1d56587fe14f42f964aa2a76a4cca24ffdc85246

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
Origin: https://www.domaintools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
cf-cache-status: HIT
last-modified: Fri, 19 Jan 2024 21:23:33 GMT
server: cloudflare
age: 179308
etag: "65aae855-60ec"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://info.domaintools.com
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b1956c25e2954c1-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 24812

GET
H3 200 fa-fontello.woff2
www.domaintools.com/wp-content/plugins/enfold-fast/assets/fonts/ 4 KB
5 KB 63ms
62ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.domaintools.com/wp-content/plugins/enfold-fast/assets/fonts/fa-fontello.woff2

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

82c512c982d75150bb51f97cb89c9aa15f84dff4fa6a079e844e6e3578aef839

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
Origin: https://www.domaintools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
cf-cache-status: HIT
last-modified: Mon, 15 May 2023 15:52:56 GMT
server: cloudflare
age: 179308
etag: "64625558-11b0"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://info.domaintools.com
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b1956c25e2a54c1-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 4528

GET
H3 200 dev-DomainTools-Logo-RC.png
www.domaintools.com/wp-content/uploads/ 5 KB
5 KB 60ms
60ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.domaintools.com/wp-content/uploads/dev-DomainTools-Logo-RC.png

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e7c56fcfd3fd5be03a756f808711048256eded2745c4462851cb1d296a10b65

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
cf-cache-status: HIT
age: 177348
cf-polished: origFmt=png, origSize=5767
content-disposition: inline; filename="dev-DomainTools-Logo-RC.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4838
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Apr 2024 15:46:11 GMT
server: cloudflare
etag: "661562c3-1687"
vary: Accept
x-frame-options: ALLOW-FROM https://info.domaintools.com
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b1956c26e2c54c1-YYZ

GET
H3 200 body.css
www.domaintools.com/wp-content/plugins/enfold-fast/assets/css/ 25 KB
3 KB 57ms
56ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.domaintools.com/wp-content/plugins/enfold-fast/assets/css/body.css?v=1.2.26

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5f2deb77413dba50b4e4ff391c008ad5e2b9d8c6ba68e5f52879147a2b1335b

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 May 2023 15:52:56 GMT
server: cloudflare
age: 173286
etag: W/"64625558-648a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: ALLOW-FROM https://info.domaintools.com
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b1956c26e3054c1-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 body.css
www.domaintools.com/wp-content/themes/domaintools/assets/css/ 43 KB
7 KB 40ms
40ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.domaintools.com/wp-content/themes/domaintools/assets/css/body.css?v=63

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

194ed3a7e950ea5cacecb16f24979e531accb8735de1144f4b166cbfa45d0e4b

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Jun 2024 20:21:43 GMT
server: cloudflare
age: 173286
etag: W/"665e25d7-abd5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: ALLOW-FROM https://info.domaintools.com
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b1956c2ee6a54c1-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/domaintools.com/ 163 B
700 B 143ms
76ms Fetch
application/json 104.22.1.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/domaintools.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86dace5f891f6506939221b4316aad44784ce4b51601c98838eab673cf1fb474

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPr5zLNfXerAeM9MzxL8UxWbS1aAbSUBJpJXSeHp9_PPQDFMkuaJEmvKK6YGA1CZBdcizNM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Fri, 14 Jun 2024 18:24:47 GMT
server: cloudflare
etag: W/"1722643a616802ae601a27ecd0104656"
vary: Accept-Encoding
x-goog-generation: 1718389487242304
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=qAx4aQ==, md5=FyJkOmFoAq5gGifs0BBGVg==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 163
cf-ray: 8b1956c48fbbac4c-YYZ
expires: Mon, 11 Aug 2025 15:43:01 GMT

GET
H3 200 Domaintools-bg-wave-dots.png
www.domaintools.com/wp-content/themes/domaintools/assets/img/png/ 213 KB
213 KB 41ms
41ms Image
image/png 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.domaintools.com/wp-content/themes/domaintools/assets/img/png/Domaintools-bg-wave-dots.png

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/wp-content/themes/domaintools/assets/css/body.css?v=63

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f287f505972ec0d36cbd733df8758dce0b069be04870428d63291dcd9ed9535f

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/wp-content/themes/domaintools/assets/css/body.css?v=63
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
cf-cache-status: HIT
age: 173973
cf-polished: origSize=217799, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 217798
cf-bgj: imgq:100,h2pri
last-modified: Mon, 01 Aug 2022 23:59:56 GMT
server: cloudflare
etag: "62e868fc-352c7"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://info.domaintools.com
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b1956c42ed454c1-YYZ

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 330 KB
107 KB 75ms
74ms Script
application/javascript 172.217.13.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RPLVMKCB3Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P2JCN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3ad68f3a199f7f89eed5953a7d32f7c39e6be10bda4458083c5efee773b71119

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109096
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 11 Aug 2024 15:43:01 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 135ms
39ms Script
application/javascript 23.200.3.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P2JCN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.3.26 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-200-3-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

cb31bb53eefec5a74b7e7271abd4e97e0735174d7d0b0dec0f2217462573d1f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 28 Jul 2024 07:35:22 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=21622
accept-ranges: bytes
content-length: 14597

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 144ms
47ms Script
application/x-javascript 23.204.6.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.6.193 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-6-193.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 15:43:01 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 127ms
51ms Script
text/javascript 104.18.36.196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk.techtarget.com/tracking.js

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.36.196 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
age: 24676
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 8b1956c4fa7eab72-YYZ
expires: Sun, 11 Aug 2024 16:03:01 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 160ms
37ms Script
application/x-javascript 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P2JCN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/81BC) /

Resource Hash

1475fb54c3fb536fa21290c893f1822fd7f3215f71c00d35cd1f4674327a6407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Thu, 08 Aug 2024 20:19:09 GMT
server: ECS (cha/81BC)
age: 66457
etag: "e348f639d0e9da1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25392

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
92 KB 82ms
82ms Script
application/javascript 172.217.13.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1031849120

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P2JCN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

da5f97177bf795fd63dd5d776ccf032221da70c03be17c3366e6cc0cf58d67cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93867
x-xss-protection: 0
last-modified: Sun, 11 Aug 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 11 Aug 2024 15:43:01 GMT

GET
H2 200 gv4l8utopq Show response
www.clarity.ms/tag/ 637 B
891 B 105ms
104ms Script
application/x-javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gv4l8utopq?ref=gtm2
Requested by: Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b5c4fc783a448f70da7a7dbdc6fb0c368df81151acb0c2fb514c23745f8bbdb0

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
date: Sun, 11 Aug 2024 15:43:01 GMT
x-azure-ref: 20240811T154301Z-17fd6bb7c96j7jqtx85cehvfew0000000tyg000000003tsa
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 637
expires: -1

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.43/ 62 KB
26 KB 78ms
78ms Script
application/javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.43/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gv4l8utopq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: br
last-modified: Fri, 09 Aug 2024 04:07:28 GMT
etag: W/"0x8DCB828C8E14F24"
vary: Accept-Encoding
x-azure-ref: 20240811T154301Z-17fd6bb7c96j7jqtx85cehvfew0000000tyg000000003tsb
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: ede54f0c-901e-0009-2052-ea6b08000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET /
freegeoip.app/json/ 0
0

GET
H3 200 cookiebar.css
www.domaintools.com/wp-content/plugins/punch-cookie-bar/themes/ 6 KB
2 KB 43ms
42ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.domaintools.com/wp-content/plugins/punch-cookie-bar/themes/cookiebar.css

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/wp-content/plugins/punch-cookie-bar/cookiebar-latest.js?1&ver=1.7.3

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

113828d122094355d328f9468ea9e714b349b74a212597df3548b5f951583900

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Feb 2024 17:10:16 GMT
server: cloudflare
age: 173286
etag: W/"65cf96f8-1755"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: ALLOW-FROM https://info.domaintools.com
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b1956c50f2054c1-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 en.html Show response
www.domaintools.com/wp-content/plugins/punch-cookie-bar/lang/ 3 KB
1 KB 109ms
109ms XHR
text/html 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.domaintools.com/wp-content/plugins/punch-cookie-bar/lang/en.html

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/wp-content/plugins/punch-cookie-bar/cookiebar-latest.js?1&ver=1.7.3

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7db53fb5b0cf106b88040c3f8e123d448c0a914856db0baab9477019c6258b9e

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:02 GMT
x-cache-group: normal
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 16 Feb 2024 17:10:16 GMT
x-cacheable: SHORT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-cache: HIT: 2
content-type: text/html
x-frame-options: ALLOW-FROM https://info.domaintools.com
cache-control: max-age=600, must-revalidate
cf-ray: 8b1956c50f2154c1-YYZ
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
analytics.google.com/g/ 0
0 126ms
47ms Fetch
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-RPLVMKCB3Y&gtm=45je4880v9100015935z86364254za200zb6364254&_p=1723390981351&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=2030733453.1723390982&ul=en-ca&sr=1600x1200&_ng=1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1723390982&sct=1&seg=0&dl=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&dt=Page%20not%20found%20-%20DomainTools%20%7C%20Start%20Here.%20Know%20Now.&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&tfd=1137
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RPLVMKCB3Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 15:43:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.domaintools.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 142ms
51ms Ping
text/plain 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-RPLVMKCB3Y&cid=2030733453.1723390982&gtm=45je4880v9100015935z86364254za200zb6364254&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RPLVMKCB3Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 15:43:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.domaintools.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 150ms
101ms Image
image/gif 172.217.13.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-RPLVMKCB3Y&cid=2030733453.1723390982&gtm=45je4880v9100015935z86364254za200zb6364254&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=314430165

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 15:43:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
446 B 66ms
64ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1243430&r=1723390982028&ref=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 1243430
Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:02 GMT
via: 1.1 google
x-guploader-uploadid: AHxI1nMweC-CWAREo68-_-5FvSVwsg01S5tkP-Bo4prbzM7zvqEN-Qti2F3Yq_eCDmgHLxktj0HMgIG7FA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Sun, 11 Aug 2024 16:43:02 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ 0
0 114ms
56ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1243430&r=1723390982028&ref=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.domaintools.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 11 Aug 2024 15:43:02 GMT
expires: Sun, 11 Aug 2024 15:43:02 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: AHxI1nN7SBjfe_TSYsaodGMHdGtPxVGjMwU6L2QmN-L6KX5TiMAx7M6bBWkXPA0mvXpkMD1ZQgnn9w186w

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 39ms
38ms Script
application/x-javascript 23.204.6.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.6.193 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-6-193.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 15:43:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Tue, 19 Nov 2024 15:43:02 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
309 B 211ms
124ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9A084125EEC24B1D99579FB6DDCB6736 Ref B: YTO01EDGE0712 Ref C: 2024-08-11T15:43:02Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.domaintools.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYfajtNSa+LBTCUVukNrw==

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
763 B 274ms
191ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=1818588&time=1723390982050&url=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: BD5E382A733B443EA8BE1B14EA8886ED Ref B: YTO01EDGE0511 Ref C: 2024-08-11T15:43:02Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYfajtNYI38Ml0LdY+yOg==
x-fs-uuid: 00061f6a3b4d608dfc325d0b758fb23a

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1818588&time=1723390982050&li_adsId=7fe026d4-edcc-42d4-91e3-bc43ed13859a&url=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobi...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1818588&time=1723390982050&li_adsId=7fe026d4-edcc-42d4-91e3-bc43ed13859a&url=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobi...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1818588%26time%3D1723390982050%26li_adsId%3D7fe026d4-edcc-42d4-91e3-bc43ed13859a%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1818588&time=1723390982050&li_adsId=7fe026d4-edcc-42d4-91e3-bc43ed13859a&url=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobi...

0
384 B

107ms
107ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1818588&time=1723390982050&li_adsId=7fe026d4-edcc-42d4-91e3-bc43ed13859a&url=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&tm=gtmv2&cookiesTest=true&liSync=true
Requested by: Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:01 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: ECC9E7EF59684165BAB417D469D9E1B9 Ref B: YTO01EDGE0712 Ref C: 2024-08-11T15:43:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYfajtSt+7lke9LWz4FXw==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Sun, 11 Aug 2024 15:43:01 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYfajtQ6jxGgcm5lubiRA==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6550325081AD4AF887F3797A4622DA9D Ref B: YTO01EDGE0712 Ref C: 2024-08-11T15:43:02Z
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1818588&time=1723390982050&li_adsId=7fe026d4-edcc-42d4-91e3-bc43ed13859a&url=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&tm=gtmv2&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
283 B 145ms
44ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.domaintools.com
Date: Sun, 11 Aug 2024 15:43:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 ipv
cdn.bizible.com/ 43 B
328 B 39ms
38ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=f22f777d4dcc4013ae072183e34e2a24&_biz_l=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&_biz_t=1723390982061&_biz_i=Page%20not%20found%20-%20DomainTools%20%7C%20Start%20Here.%20Know%20Now.&_biz_n=0&rnd=48271&cdn_o=a&_biz_z=1723390982062

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/80E6) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 15:43:02 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 09 Aug 2024 21:15:24 GMT
server: ECS (cha/80E6)
age: 152858
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
181 B 50ms
37ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=f22f777d4dcc4013ae072183e34e2a24&_biz_l=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&_biz_t=1723390982063&_biz_i=Page%20not%20found%20-%20DomainTools%20%7C%20Start%20Here.%20Know%20Now.&rnd=608710&cdn_o=a&_biz_z=1723390982063

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/818C) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 15:43:02 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 09 Aug 2024 21:15:24 GMT
server: ECS (cha/818C)
age: 152858
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1031849120/ 3 KB
1 KB 135ms
61ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1031849120/?random=1723390982080&cv=11&fst=1723390982080&bg=ffffff&guid=ON&async=1&gtm=45be4880v9135521212za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20DomainTools%20%7C%20Start%20Here.%20Know%20Now.&npa=0&pscdl=noapi&auid=1681535783.1723390982&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1031849120

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

05be68c1da7ba5dbef1f42b09cb2076bbfff9d9d2ea3fb19fa88570d27b79942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 15:43:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1453
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
132-ohd-785.mktoresp.com/webevents/ 2 B
318 B 1227ms
1095ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://132-ohd-785.mktoresp.com/webevents/visitWebPage?_mchNc=1723390982102&_mchCn=&_mchId=132-OHD-785&_mchTk=_mch-domaintools.com-1723390982101-24103&_mchHo=www.domaintools.com&_mchPo=&_mchRu=%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 15:43:03 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 2094b1b2-65b8-4000-9d84-25a3e1d7c929

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 111 B
320 B 43ms
43ms Script
text/javascript 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=f22f777d4dcc4013ae072183e34e2a24&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.08.08

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/8123) /

Resource Hash

793804f1d6a97aa1a3df481c272f42b18d2e56570259ec9445d6f983663a6fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
server: ECS (cha/8123)
etag: F3090030
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 214

GET
BLOB 200
OK 89d8e813-ad59-497d-87c9-5adaa9dfa51f
https://www.domaintools.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.domaintools.com/89d8e813-ad59-497d-87c9-5adaa9dfa51f
Requested by: Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
283 B 96ms
89ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.domaintools.com
Date: Sun, 11 Aug 2024 15:43:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 /
www.google.com/pagead/1p-user-list/1031849120/ 42 B
64 B 129ms
63ms Image
image/gif 172.217.13.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1031849120/?random=1723390982080&cv=11&fst=1723388400000&bg=ffffff&guid=ON&async=1&gtm=45be4880v9135521212za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20DomainTools%20%7C%20Start%20Here.%20Know%20Now.&npa=0&pscdl=noapi&auid=1681535783.1723390982&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfpK6rQLnVHuMX81sRTDJs8NsPu7xOHQ&random=1136079177&rmt_tld=0&ipr=y

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 15:43:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/1031849120/ 42 B
64 B 66ms
64ms Image
image/gif 172.217.13.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1031849120/?random=1723390982080&cv=11&fst=1723388400000&bg=ffffff&guid=ON&async=1&gtm=45be4880v9135521212za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20DomainTools%20%7C%20Start%20Here.%20Know%20Now.&npa=0&pscdl=noapi&auid=1681535783.1723390982&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfpK6rQLnVHuMX81sRTDJs8NsPu7xOHQ&random=1136079177&rmt_tld=1&ipr=y

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 15:43:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 header-lazy.css
www.domaintools.com/wp-content/themes/domaintools/assets/css/ 12 KB
2 KB 40ms
39ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.domaintools.com/wp-content/themes/domaintools/assets/css/header-lazy.css?63

Requested by

Host: www.domaintools.com
URL: https://www.domaintools.com/wp-content/uploads/dynamic_avia/avia-footer-scripts-75b4a20032f001b192ed41b9bc6f5865---66b5b40a27a82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c38e74d88de9415d161acd160d1a6cbd67f164f36545e4bd41b8351c7c7a22d4

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Apr 2024 15:00:46 GMT
server: cloudflare
age: 179307
etag: W/"6616a99e-2f15"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: ALLOW-FROM https://info.domaintools.com
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b1956c868a154c1-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2D4941F0DAC8428BA3AD379102027FF9&RedC=c.clarity.ms&MXFR=3BEA187644AA669E251A0CAE40AA682F
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2D4941F0DAC8428BA3AD379102027FF9&MUID=220D3ADB7C1C62E611E52E037DB66331

42 B
442 B

44ms
43ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2D4941F0DAC8428BA3AD379102027FF9&MUID=220D3ADB7C1C62E611E52E037DB66331
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 15:43:02 GMT
last-modified: Thu, 01 Aug 2024 17:49:37 GMT
server: Microsoft-IIS/10.0
etag: "3f6e7b2d3be4da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 11 Aug 2024 15:43:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 653A3FCE46C94E0A82EB9AC9FF2A2C05 Ref B: YTO01EDGE0706 Ref C: 2024-08-11T15:43:02Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2D4941F0DAC8428BA3AD379102027FF9&MUID=220D3ADB7C1C62E611E52E037DB66331
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 DomainTools-Favicon.png
www.domaintools.com/wp-content/uploads/ 40 KB
40 KB 39ms
39ms Other
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.domaintools.com/wp-content/uploads/DomainTools-Favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d390194de974b6790720b2ee804affcd68f850ad9f7a3cd0ea4e1b97d7cf84a3

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://info.domaintools.com

Request headers

Referer: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 15:43:02 GMT
cf-cache-status: HIT
age: 179308
cf-polished: origFmt=png, origSize=48859
content-disposition: inline; filename="DomainTools-Favicon.webp"
alt-svc: h3=":443"; ma=86400
content-length: 41042
cf-bgj: imgq:100,h2pri
last-modified: Tue, 09 Apr 2024 15:44:18 GMT
server: cloudflare
etag: "66156252-bedb"
vary: Accept
x-frame-options: ALLOW-FROM https://info.domaintools.com
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b1956c9590854c1-YYZ

GET
H2 200 u
cdn.bizible.com/ 43 B
109 B 38ms
37ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A132-OHD-785%26token%3A_mch-domaintools.com-1723390982101-24103&_biz_u=f22f777d4dcc4013ae072183e34e2a24&_biz_l=https%3A%2F%2Fwww.domaintools.com%2Fresources%2Fblog%2Fcovidlock-mobile-coronavirus-tracking-app-coughs-upransomware&_biz_t=1723390983064&_biz_i=Page%20not%20found%20-%20DomainTools%20%7C%20Start%20Here.%20Know%20Now.&_biz_n=1&rnd=316476&cdn_o=a&_biz_z=1723390983064

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.2.76 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/818C) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 15:43:03 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 09 Aug 2024 21:15:24 GMT
server: ECS (cha/818C)
age: 152859
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
283 B 47ms
45ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.domaintools.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.domaintools.com
Date: Sun, 11 Aug 2024 15:43:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: freegeoip.app
URL: https://freegeoip.app/json/

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.info.domaintools.com/	1970-01-20 22:43:12	Name: __cf_bm Value: WB3sg2avhQ2v1X5MtiAew.enWY5DDRiXrhrNVinzfpA-1723390981-1.0.1.1-0cr2EgEq56qTekqjmQviRADqDoSgGcRtaLgO.kvKBeHXsl7hDITxAHE3DJ2OVXlqnAr.whnWfA6N7BXY4XQd.g
.domaintools.com/	1970-01-21 03:05:58	Name: _conv_v Value: vi%3A1sc%3A1cs%3A1723390981fs%3A1723390981pv%3A1
.domaintools.com/	1970-01-20 22:43:12	Name: _conv_s Value: si%3A1sh%3A1723390981430-0.4347752965265792pv%3A1
www.clarity.ms/	1970-01-21 07:28:46	Name: CLID Value: 5600ed18f9a34c0f9f7ce628b9d903cc.20240811.20250811
.domaintools.com/	1970-01-21 00:52:46	Name: _gcl_au Value: 1.1.1681535783.1723390982
.domaintools.com/	1970-01-21 07:28:46	Name: _clck Value: e34ae1%7C2%7Cfo8%7C0%7C1684
.techtarget.com/	1970-01-20 22:43:12	Name: __cf_bm Value: Pb1miKgUV6vb9UcR6IG1JalaLn0WGP8GA1._0SlocEs-1723390981-1.0.1.1-rdr0q9Tyedf7J9ALz_d94rJSI1kqBHTUrKA._FeCeOdQcINaj7S8X39z6Ge3tYHwB9m9buTOWP.4JUYGIQKhtA
.domaintools.com/	1970-01-21 08:19:10	Name: _ga_RPLVMKCB3Y Value: GS1.1.1723390982.1.0.1723390982.60.0.0
.domaintools.com/	1970-01-21 08:19:10	Name: _ga Value: GA1.1.2030733453.1723390982
.domaintools.com/	1970-01-21 07:28:46	Name: _biz_uid Value: f22f777d4dcc4013ae072183e34e2a24
.domaintools.com/	1970-01-21 08:19:10	Name: _mkto_trk Value: id:132-OHD-785&token:_mch-domaintools.com-1723390982101-24103
.bizible.com/	1970-01-21 07:28:46	Name: _BUID Value: f22f777d4dcc4013ae072183e34e2a24
.bizibly.com/	1970-01-21 07:28:46	Name: _BUID Value: 870263f30a2ec8b2434e19ad3aba4b7b
.domaintools.com/	1970-01-20 22:44:37	Name: _clsk Value: 16zqulb%7C1723390982201%7C1%7C1%7Cx.clarity.ms%2Fcollect
.doubleclick.net/	1970-01-20 22:43:11	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-21 00:52:46	Name: li_sugr Value: b9e87ccc-2261-45a8-949c-923d7160edf0
.linkedin.com/	1970-01-20 22:44:37	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2907:u=1:x=1:i=1723390982:t=1723477382:v=2:sig=AQHqCFJCSU-SWVgVW5bM-OC4UAXxCOcx"
.linkedin.com/	1970-01-20 23:26:22	Name: UserMatchHistory Value: AQIw78QQa6HBGAAAAZFCG3iojLfvT1JNBL5MKAfwPq4zZqXQ_MNswy2q0EmJkygWheibanZ4YlutNQ
.linkedin.com/	1970-01-20 23:26:22	Name: AnalyticsSyncHistory Value: AQJu17gRLPzL9QAAAZFCG3io8ECrZQ7Xk-wWErkMmkqhBrUS8v2rmfYStE9M7rqvNi9MjhKgq8ea6DzXkE7TfQ
.linkedin.com/	1970-01-21 07:28:46	Name: bcookie Value: "v=2&38156c1c-2ece-46e3-8fe7-d5a8399b13b1"
.www.linkedin.com/	1970-01-21 07:28:46	Name: bscookie Value: "v=1&20240811154302e8506400-5770-45d6-8cfd-d5a571e7f2acAQFvHD45tn3ej4dgxTxFpYI0yiPC58Mn"
.bing.com/	1970-01-21 08:04:46	Name: MUID Value: 220D3ADB7C1C62E611E52E037DB66331
.c.bing.com/	1970-01-20 22:53:15	Name: MR Value: 0
.c.bing.com/	1970-01-21 08:04:46	Name: SRM_B Value: 220D3ADB7C1C62E611E52E037DB66331
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 08:04:46	Name: MUID Value: 220D3ADB7C1C62E611E52E037DB66331
.c.clarity.ms/	1970-01-20 22:53:15	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:43:11	Name: ANONCHK Value: 0
.domaintools.com/	1970-01-21 07:28:46	Name: _biz_nA Value: 2
.domaintools.com/	1970-01-21 07:28:46	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%2C%22Mkto%22%3A%221%22%7D
.domaintools.com/	1970-01-21 07:28:46	Name: _biz_pendingA Value: %5B%5D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.domaintools.com/resources/blog/covidlock-mobile-coronavirus-tracking-app-coughs-upransomware Message: Access to XMLHttpRequest at 'https://freegeoip.app/json/' from origin 'https://www.domaintools.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://freegeoip.app/json/ Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

132-ohd-785.mktoresp.com
acsbapp.com
analytics.google.com
c.bing.com
c.clarity.ms
cdn-4.convertexperiments.com
cdn.acsbapp.com
cdn.bizible.com
cdn.bizibly.com
fonts.googleapis.com
fonts.gstatic.com
freegeoip.app
googleads.g.doubleclick.net
ibc-flow.techtarget.com
info.domaintools.com
munchkin.marketo.net
px.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
trk.techtarget.com
www.clarity.ms
www.domaintools.com
www.google.ca
www.google.com
www.googletagmanager.com
www.linkedin.com
x.clarity.ms
freegeoip.app
104.17.71.206
104.18.36.196
104.22.0.204
104.22.1.204
13.107.21.237
13.107.246.40
13.107.42.14
141.193.213.20
142.250.80.3
142.250.80.34
152.199.2.76
172.217.13.131
172.217.13.136
172.217.13.138
172.217.13.164
172.253.115.155
192.28.144.124
20.110.205.119
20.114.190.119
216.239.38.181
23.200.3.26
23.201.177.77
23.204.6.193
34.111.208.231
0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88
05be68c1da7ba5dbef1f42b09cb2076bbfff9d9d2ea3fb19fa88570d27b79942
08732018287969c027d90f0b1d56587fe14f42f964aa2a76a4cca24ffdc85246
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
113828d122094355d328f9468ea9e714b349b74a212597df3548b5f951583900
1475fb54c3fb536fa21290c893f1822fd7f3215f71c00d35cd1f4674327a6407
194ed3a7e950ea5cacecb16f24979e531accb8735de1144f4b166cbfa45d0e4b
1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76
1e7c56fcfd3fd5be03a756f808711048256eded2745c4462851cb1d296a10b65
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
35e66760cc48df7e87965080635f8c433327fa923f2c16bdd28c182cbfb4ba13
3ad68f3a199f7f89eed5953a7d32f7c39e6be10bda4458083c5efee773b71119
3f253210ebe1c9498cf483a3593addda4e2e2f3f8ba2cf41684c7324b31a5335
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4f8947aaefc5c927806f087a4ee28b914995154457d9570abe1d80abd3fc942d
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
556edb23e11387170c5ac590af4775f8518da6443373c4cc64c3299009906782
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58ff9eb6df900abfb969d968f46db835fb8e2b351dc4d7af98a278d195fc5ec8
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6ed52f58be718466c83543da9ba7a41764bf88989c91079d6039ca7a5539e3d8
793804f1d6a97aa1a3df481c272f42b18d2e56570259ec9445d6f983663a6fe6
7db53fb5b0cf106b88040c3f8e123d448c0a914856db0baab9477019c6258b9e
82c512c982d75150bb51f97cb89c9aa15f84dff4fa6a079e844e6e3578aef839
86dace5f891f6506939221b4316aad44784ce4b51601c98838eab673cf1fb474
8a79770835ce924841589a3287ccf9f066fddcfabf65f0749a24972223cee3d5
8c963ece022070ba714ca1e4567e16ab6e71ab816cfa9102e724826b5b09a750
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
af3edbeed792a9beed2183a7c0284c7d8f23d66df362feff6587e696d813d196
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b5c4fc783a448f70da7a7dbdc6fb0c368df81151acb0c2fb514c23745f8bbdb0
b5f2deb77413dba50b4e4ff391c008ad5e2b9d8c6ba68e5f52879147a2b1335b
c38e74d88de9415d161acd160d1a6cbd67f164f36545e4bd41b8351c7c7a22d4
cb31bb53eefec5a74b7e7271abd4e97e0735174d7d0b0dec0f2217462573d1f1
cf636da973a0c1c1e1555db34ec87b37a93a710da338dcfa5058e5165edd91cc
d390194de974b6790720b2ee804affcd68f850ad9f7a3cd0ea4e1b97d7cf84a3
d391d18e86fe34bdfa1d0f768fd93e0267d2e444d3cbba7ec846dee2edb75ea3
d592d086900215aebcb24a74a80c53f76b19a1d7d2be6b401e260077252f0f22
da5f97177bf795fd63dd5d776ccf032221da70c03be17c3366e6cc0cf58d67cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f287f505972ec0d36cbd733df8758dce0b069be04870428d63291dcd9ed9535f
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

www.domaintools.com Open in urlscan Pro 141.193.213.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

93 %HTTPS

0 %IPv6

19 Domains

27 Subdomains

24 IPs

2 Countries

983 kBTransfer

2514 kBSize

31 Cookies

19 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.domaintools.com Open in urlscan Pro
141.193.213.20 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

93 %
HTTPS

0 %
IPv6

19
Domains

27
Subdomains

24
IPs

2
Countries

983 kB
Transfer

2514 kB
Size

31
Cookies

56 HTTP transactions
0 data transactions