urlscan.io logo urlscan.io
SecurityTrails logo

account.domaintools.com Open in urlscan Pro
199.30.228.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://iris.domaintools.com/investigate/investigations/1197400/search/2090ffc3-5cb0-4997-801e-9710cad4949e/4aea0b71-2a8c-485...
Effective URL: https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2...
Submission: On August 24 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 31 HTTP transactions. The main IP is 199.30.228.26, located in Renton, United States and belongs to DOMAINTOOLS, US. The main domain is account.domaintools.com.
TLS certificate: Issued by COMODO RSA Extended Validation Secure... on January 20th 2023. Valid for: a year.
This is the only time account.domaintools.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 199.30.228.113 17318 (DOMAINTOOLS)
6 199.30.228.26 17318 (DOMAINTOOLS)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 20.122.63.128 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
31 14
3    199.30.228.113 (Renton, United States)

ASN17318 (DOMAINTOOLS, US)
iris.domaintools.com
img.domaintools.com
6    199.30.228.26 (Renton, United States)

ASN17318 (DOMAINTOOLS, US)
account.domaintools.com
5    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.clarity.ms
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
9 domaintools.com
iris.domaintools.com
account.domaintools.com
img.domaintools.com — Cisco Umbrella Rank: 645151
345 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
613 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3101
34 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 891
p.clarity.ms — Cisco Umbrella Rank: 8220
c.clarity.ms — Cisco Umbrella Rank: 1512
27 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6490
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
492 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
182 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 483
17 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
766 B
31 9
Domain Requested by
6 www.gstatic.com www.google.com
www.gstatic.com
6 account.domaintools.com account.domaintools.com
5 www.google.com 1 redirects account.domaintools.com
www.gstatic.com
www.google.com
2 c.clarity.ms 1 redirects
2 p.clarity.ms www.clarity.ms
2 region1.analytics.google.com www.googletagmanager.com
2 www.clarity.ms account.domaintools.com
www.clarity.ms
2 www.google.de account.domaintools.com
2 stats.g.doubleclick.net 1 redirects www.googletagmanager.com
2 www.googletagmanager.com account.domaintools.com
www.googletagmanager.com
2 ssl.google-analytics.com 1 redirects account.domaintools.com
2 iris.domaintools.com 2 redirects
1 c.bing.com 1 redirects
1 fonts.gstatic.com www.google.com
1 img.domaintools.com account.domaintools.com
31 15

This site contains links to these domains. Also see Links.

Domain
research.domaintools.com
www.domaintools.com
www.facebook.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
domaintools.com
COMODO RSA Extended Validation Secure Server CA		 2023-01-20 -
2024-02-20		 a year crt.sh
*.domaintools.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-06 -
2024-05-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh

This page contains 3 frames:

Primary Page: https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
Frame ID: 70524FAF770C8D4424C0232A6992444D
Requests: 24 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1LxETAAAAACx7vcORxcc3x_Cl405B24nMHNhg&co=aHR0cHM6Ly9hY2NvdW50LmRvbWFpbnRvb2xzLmNvbTo0NDM.&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=z6eoglmmp11k
Frame ID: E63CA72A8E71B9F0C5B7631BBD11990A
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Lf1LxETAAAAACx7vcORxcc3x_Cl405B24nMHNhg
Frame ID: 864E4AAE53252219C30F3B15B735E3DA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in to DomainTools

Page URL History Show full URLs

  1. https://iris.domaintools.com/investigate/investigations/1197400/search/2090ffc3-5cb0-4997-801e-9710cad494... HTTP 302
    https://iris.domaintools.com/investigate/investigations/1197400/search/2090ffc3-5cb0-4997-801e-9710cad494... HTTP 302
    https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

31
Requests

94 %
HTTPS

71 %
IPv6

9
Domains

15
Subdomains

14
IPs

4
Countries

1299 kB
Transfer

2850 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://iris.domaintools.com/investigate/investigations/1197400/search/2090ffc3-5cb0-4997-801e-9710cad4949e/4aea0b71-2a8c-485a-ab2b-20d3f3b7453b HTTP 302
    https://iris.domaintools.com/investigate/investigations/1197400/search/2090ffc3-5cb0-4997-801e-9710cad4949e/4aea0b71-2a8c-485a-ab2b-20d3f3b7453b/ HTTP 302
    https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=214808392&utmhn=account.domaintools.com&utme=8(2!UserType)9(2!Guest)11(2!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Log%20in%20to%20DomainTools&utmhid=1995071188&utmr=-&utmp=%2Flog-in%2F%3Fr%3Dhttps%25253A%25252F%25252Firis.domaintools.com%25252Finvestigate%25252Finvestigations%25252F1197400%25252Fsearch%25252F2090ffc3-5cb0-4997-801e-9710cad4949e%25252F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%25252F&utmht=1692896308671&utmac=UA-296450-1&utmcc=__utma%3D247745176.1816891742.1692896309.1692896309.1692896309.1%3B%2B__utmz%3D247745176.1692896309.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1507639436&utmredir=1&utmu=qRAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-296450-1&cid=1816891742.1692896309&jid=1507639436&_v=5.7.2&z=214808392 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-296450-1&cid=1816891742.1692896309&jid=1507639436&_v=5.7.2&z=214808392 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-296450-1&cid=1816891742.1692896309&jid=1507639436&_v=5.7.2&z=214808392&slf_rd=1&random=3606569313
Request Chain 28
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DFF37167229D40CBA1B481452C033EAA&RedC=c.clarity.ms&MXFR=25EDDE4917DC6E950159CD3E13DC6036 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFF37167229D40CBA1B481452C033EAA&MUID=31F6C7FBCF626C723C75D48CCEB06D94

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
account.domaintools.com/log-in/
Redirect Chain
  • https://iris.domaintools.com/investigate/investigations/1197400/search/2090ffc3-5cb0-4997-801e-9710cad4949e/4aea0b71-2a8c-485a-ab2b-20d3f3b7453b
  • https://iris.domaintools.com/investigate/investigations/1197400/search/2090ffc3-5cb0-4997-801e-9710cad4949e/4aea0b71-2a8c-485a-ab2b-20d3f3b7453b/
  • https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f...
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.30.228.26 Renton, United States, ASN17318 (DOMAINTOOLS, US),
Reverse DNS
Software
Chuck Norris fears nothing that is not Emily. /
Resource Hash
6b8ccf708d593448ac785ca6bfa117329ceb9ba6e762b9ea7fbd1b5e904c2b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 24 Aug 2023 16:58:26 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Chuck Norris fears nothing that is not Emily.
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-TIME
9942
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Type
text/html
Date
Thu, 24 Aug 2023 16:58:24 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
Pragma
no-cache
Server
Chuck Norris fears nothing that is not Emily.
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
imports.min.css
account.domaintools.com/images/css/ 		304 KB
157 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.domaintools.com/images/css/imports.min.css
Requested by
Host: account.domaintools.com
URL: https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.30.228.26 Renton, United States, ASN17318 (DOMAINTOOLS, US),
Reverse DNS
Software
Chuck Norris fears nothing that is not Emily. /
Resource Hash
ece651a340d3e71c11287a35e2812609f1eff7f4b716a8962eb299a52fd70eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Thu, 24 Aug 2023 16:58:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 21 Oct 2016 18:25:53 GMT
Server
Chuck Norris fears nothing that is not Emily.
ETag
W/"580a5db1-4bf65"
Transfer-Encoding
chunked
Content-Type
text/css
X-XSS-Protection
1; mode=block
style.css
account.domaintools.com/composite/ 		56 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.domaintools.com/composite/style.css?DefaultModule=master_all,master_bullets,master_float,master_forms,master_buttons&wButton=wbutton&wRoundContainer=round_container&wDtFlyout=dtflyout&wLogin=login_form&wSimpleNav=simple_nav&wCaptcha=captcha_css&wFooter=footer&mLogin=login-common&ext=css&hash=b7429bbc00d4c71dfe3a93bedaa69142
Requested by
Host: account.domaintools.com
URL: https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.30.228.26 Renton, United States, ASN17318 (DOMAINTOOLS, US),
Reverse DNS
Software
Chuck Norris fears nothing that is not Emily. /
Resource Hash
ebaf6ed3aa7a5134d66473ceea97035d820caebd5d18fab7e7fa5cd472da43b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
public
Date
Thu, 24 Aug 2023 16:58:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Chuck Norris fears nothing that is not Emily.
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
public, max-age=259200
X-TIME
11215
X-XSS-Protection
1; mode=block
Expires
Sun, 27 Aug 2023 16:58:26 GMT
jquery.min.js
img.domaintools.com/ajax/libs/jquery/1.9.1/ 		90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.domaintools.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: account.domaintools.com
URL: https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.30.228.113 Renton, United States, ASN17318 (DOMAINTOOLS, US),
Reverse DNS
Software
Chuck Norris fears nothing that is not Emily. /
Resource Hash
c848786da32417dfb650cee5070fc18e1937951fd35d8087c20d686c2ca95617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Thu, 24 Aug 2023 16:58:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 26 Aug 2015 15:26:50 GMT
Server
Chuck Norris fears nothing that is not Emily.
ETag
"55dddaba-169b0"
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=2419200, public
Accept-Ranges
bytes
Content-Length
92592
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Sep 2023 16:58:27 GMT
code.js
account.domaintools.com/composite/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.domaintools.com/composite/code.js?wAjaxHandler=Ajax.class&wRoundContainer=compiled-round_messages&wDtFlyout=compiled-jquery.dtflyout&wFieldMessenger=field-messenger&wLogin=wlogin&mLogin=Login.class&ext=js&hash=e2f46c7e5d4fde891c27a05a2ce6b381
Requested by
Host: account.domaintools.com
URL: https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.30.228.26 Renton, United States, ASN17318 (DOMAINTOOLS, US),
Reverse DNS
Software
Chuck Norris fears nothing that is not Emily. /
Resource Hash
942b9f398e28038e6b2a78dbee3f903a9e7e6d7989a12f4fc04c1b746e1bcfa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
public
Date
Thu, 24 Aug 2023 16:58:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Chuck Norris fears nothing that is not Emily.
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
text/javascript
Vary
Accept-Encoding
Cache-Control
public, max-age=259200
X-TIME
8493
X-XSS-Protection
1; mode=block
Expires
Sun, 27 Aug 2023 16:58:26 GMT
domaintools_full_logo.png
account.domaintools.com/images/logo/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.domaintools.com/images/logo/domaintools_full_logo.png
Requested by
Host: account.domaintools.com
URL: https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.30.228.26 Renton, United States, ASN17318 (DOMAINTOOLS, US),
Reverse DNS
Software
Chuck Norris fears nothing that is not Emily. /
Resource Hash
c90d7fb7bd827c2630febe82649843742bfdf80de9ee4aff7e47f48af3dc8c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Thu, 24 Aug 2023 16:58:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 04 Aug 2022 14:31:14 GMT
Server
Chuck Norris fears nothing that is not Emily.
ETag
"62ebd832-4f42"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
20290
X-XSS-Protection
1; mode=block
api.js
www.google.com/recaptcha/ 		909 B
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: account.domaintools.com
URL: https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
05d32bb2a26eed54b13c72d64d465a8922557637645b23e7357102257f01ca75
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 16:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
580
x-xss-protection
1; mode=block
expires
Thu, 24 Aug 2023 16:58:28 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: account.domaintools.com
URL: https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Aug 2023 15:51:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4010
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Thu, 24 Aug 2023 17:51:38 GMT
gtm.js
www.googletagmanager.com/ 		253 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5P2JCN
Requested by
Host: account.domaintools.com
URL: https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
524a1d6322064b81388b6fd5e4355d34c8d3e700459a3644becf74ea482cef3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 16:58:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90304
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 16:04:25 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Aug 2023 16:58:28 GMT
truncated
/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbca3fe5cf714cc3342f444b81a02397a76ef4799642994bd6207551f925aed1

Request headers

Referer
Origin
https://account.domaintools.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
fontawesome-webfont.woff2
account.domaintools.com/images/bower_components/font-awesome/fonts// 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://account.domaintools.com/images/bower_components/font-awesome/fonts//fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: account.domaintools.com
URL: https://account.domaintools.com/images/css/imports.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.30.228.26 Renton, United States, ASN17318 (DOMAINTOOLS, US),
Reverse DNS
Software
Chuck Norris fears nothing that is not Emily. /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.domaintools.com/images/css/imports.min.css
Origin
https://account.domaintools.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Thu, 24 Aug 2023 16:58:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 18 Mar 2015 19:33:14 GMT
Server
Chuck Norris fears nothing that is not Emily.
ETag
"5509d2fa-ddcc"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
56780
X-XSS-Protection
1; mode=block
truncated
/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
719f9aa8100df8afecee4fccc426551cc2e0ae3306deb6dfc39b0312370b5af7

Request headers

Referer
Origin
https://account.domaintools.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
recaptcha__de.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 		454 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.domaintools.com/
Origin
https://account.domaintools.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 12:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186637
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Aug 2024 12:16:51 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=214808392&utmhn=account.domaintools.com&utme=8(2!UserType)9(2!Guest)11(2!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-296450-1&cid=1816891742.1692896309&jid=1507639436&_v=5.7.2&z=214808392
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-296450-1&cid=1816891742.1692896309&jid=1507639436&_v=5.7.2&z=214808392
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-296450-1&cid=1816891742.1692896309&jid=1507639436&_v=5.7.2&z=214808392&slf_rd=1&random=3606569313
42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-296450-1&cid=1816891742.1692896309&jid=1507639436&_v=5.7.2&z=214808392&slf_rd=1&random=3606569313
Requested by
Host: account.domaintools.com
URL: https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
Protocol
H2
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 16:58:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 16:58:28 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-296450-1&cid=1816891742.1692896309&jid=1507639436&_v=5.7.2&z=214808392&slf_rd=1&random=3606569313
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gv4l8utopq
www.clarity.ms/tag/ 		650 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/gv4l8utopq?ref=gtm2
Requested by
Host: account.domaintools.com
URL: https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d0f8a21b2726482ef7b9ba95ef128019c0cbe4d3789952b345bf26e1b413417d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires
-1
date
Thu, 24 Aug 2023 16:58:28 GMT
x-azure-ref
20230824T165828Z-f230v5eghp2v9f87ncwa344hxg000000013000000002afqc
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
js
www.googletagmanager.com/gtag/ 		296 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RPLVMKCB3Y&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P2JCN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fdf96ac802b37f4fd253d4d7dcbd1bce2e0bf52905c7a18cd9a396c8e53b168a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 16:58:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95999
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 24 Aug 2023 16:58:28 GMT
anchor
www.google.com/recaptcha/api2/ Frame E63C 		55 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1LxETAAAAACx7vcORxcc3x_Cl405B24nMHNhg&co=aHR0cHM6Ly9hY2NvdW50LmRvbWFpbnRvb2xzLmNvbTo0NDM.&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=z6eoglmmp11k
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
08479cde77105b5c8e78cd7c276a4cafc9284aae158a3fe601072ae4050fac28
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aUnGOEgzK8KXNZQ2uJ3kwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.domaintools.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
31717
content-security-policy
script-src 'report-sample' 'nonce-aUnGOEgzK8KXNZQ2uJ3kwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 16:58:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
region1.analytics.google.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RPLVMKCB3Y&_ono=1&gtm=45je38l0&_p=1995071188&_gaz=1&cid=1723813089.1692896309&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1692896308&sct=1&seg=0&dl=https%3A%2F%2Faccount.domaintools.com%2Flog-in%2F%3Fr%3Dhttps%253A%252F%252Firis.domaintools.com%252Finvestigate%252Finvestigations%252F1197400%252Fsearch%252F2090ffc3-5cb0-4997-801e-9710cad4949e%252F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%252F&dt=Log%20in%20to%20DomainTools&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RPLVMKCB3Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 16:58:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.domaintools.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
114 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-RPLVMKCB3Y&cid=1723813089.1692896309&gtm=45je38l0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RPLVMKCB3Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 16:58:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.domaintools.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-RPLVMKCB3Y&cid=1723813089.1692896309&gtm=45je38l0&aip=1&z=1675855803
Requested by
Host: account.domaintools.com
URL: https://account.domaintools.com/log-in/?r=https%3A%2F%2Firis.domaintools.com%2Finvestigate%2Finvestigations%2F1197400%2Fsearch%2F2090ffc3-5cb0-4997-801e-9710cad4949e%2F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 16:58:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame E63C 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1LxETAAAAACx7vcORxcc3x_Cl405B24nMHNhg&co=aHR0cHM6Ly9hY2NvdW50LmRvbWFpbnRvb2xzLmNvbTo0NDM.&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=z6eoglmmp11k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 16:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
375
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Aug 2024 16:52:13 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame E63C 		454 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1LxETAAAAACx7vcORxcc3x_Cl405B24nMHNhg&co=aHR0cHM6Ly9hY2NvdW50LmRvbWFpbnRvb2xzLmNvbTo0NDM.&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=z6eoglmmp11k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 12:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186637
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Aug 2024 12:16:51 GMT
clarity.js
www.clarity.ms/s/0.7.10/ 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.10/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gv4l8utopq?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 16:58:28 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 12:51:31 GMT
etag
W/"0x8DB9E5783BA2A13"
vary
Accept-Encoding
x-azure-ref
20230824T165828Z-f230v5eghp2v9f87ncwa344hxg000000013000000002afr8
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
531bb17b-901e-0019-70a9-d4ae60000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
truncated
/ Frame E63C 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E63C 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E63C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 01:27:29 GMT
x-content-type-options
nosniff
age
142260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 30 Aug 2023 01:27:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E63C 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1LxETAAAAACx7vcORxcc3x_Cl405B24nMHNhg&co=aHR0cHM6Ly9hY2NvdW50LmRvbWFpbnRvb2xzLmNvbTo0NDM.&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=z6eoglmmp11k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:58:03 GMT
x-content-type-options
nosniff
age
482426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 02:58:03 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame E63C 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1LxETAAAAACx7vcORxcc3x_Cl405B24nMHNhg&co=aHR0cHM6Ly9hY2NvdW50LmRvbWFpbnRvb2xzLmNvbTo0NDM.&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=z6eoglmmp11k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c548ab92911cb0c3db4cbbe04248ddbfd4f50759d33b73ba54f6086cb7716b68
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1LxETAAAAACx7vcORxcc3x_Cl405B24nMHNhg&co=aHR0cHM6Ly9hY2NvdW50LmRvbWFpbnRvb2xzLmNvbTo0NDM.&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=z6eoglmmp11k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 16:58:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 24 Aug 2023 16:58:29 GMT
collect
p.clarity.ms/ 		0
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://account.domaintools.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://account.domaintools.com
Date
Thu, 24 Aug 2023 16:58:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DFF37167229D40CBA1B481452C033EAA&RedC=c.clarity.ms&MXFR=25EDDE4917DC6E950159CD3E13DC6036
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFF37167229D40CBA1B481452C033EAA&MUID=31F6C7FBCF626C723C75D48CCEB06D94
42 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFF37167229D40CBA1B481452C033EAA&MUID=31F6C7FBCF626C723C75D48CCEB06D94
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 16:58:29 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
server
Microsoft-IIS/10.0
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 16:58:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1948829BCB6848658797883F9B927890 Ref B: FRAEDGE1216 Ref C: 2023-08-24T16:58:29Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFF37167229D40CBA1B481452C033EAA&MUID=31F6C7FBCF626C723C75D48CCEB06D94
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
bframe
www.google.com/recaptcha/api2/ Frame 864E 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Lf1LxETAAAAACx7vcORxcc3x_Cl405B24nMHNhg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
102bb1bc779e589699645eec8b1d9885b5fbb563869a9e66cb3ed3f6eb972642
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q9MHfVvU2Pnv8O4W_REGuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.domaintools.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1154
content-security-policy
script-src 'report-sample' 'nonce-q9MHfVvU2Pnv8O4W_REGuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 16:58:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 864E 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Lf1LxETAAAAACx7vcORxcc3x_Cl405B24nMHNhg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 16:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Aug 2024 16:52:13 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 864E 		454 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Lf1LxETAAAAACx7vcORxcc3x_Cl405B24nMHNhg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 12:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186637
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Aug 2024 12:16:51 GMT
collect
p.clarity.ms/ 		0
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://account.domaintools.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://account.domaintools.com
Date
Thu, 24 Aug 2023 16:58:30 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
collect
region1.analytics.google.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RPLVMKCB3Y&_ono=1&gtm=45je38l0&_p=1995071188&cid=1723813089.1692896309&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1692896308&sct=1&seg=0&dl=https%3A%2F%2Faccount.domaintools.com%2Flog-in%2F%3Fr%3Dhttps%253A%252F%252Firis.domaintools.com%252Finvestigate%252Finvestigations%252F1197400%252Fsearch%252F2090ffc3-5cb0-4997-801e-9710cad4949e%252F4aea0b71-2a8c-485a-ab2b-20d3f3b7453b%252F&dt=Log%20in%20to%20DomainTools&en=scroll&ep.debug_mode=true&epn.percent_scrolled=90&_et=17
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RPLVMKCB3Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.domaintools.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 16:58:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.domaintools.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| $ function| jQuery object| Ajax object| FieldMessenger object| wLogin function| privacyMessage function| evaluateLogin object| Login boolean| auto_login function| onloadCallback function| getCSRFToken object| _gaq object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| support_email object| _gat object| gaGlobal object| google_tag_manager object| google_tag_data function| clarity object| recaptcha object| closure_lm_499501 object| googletag function| onYouTubeIframeAPIReady

19 Cookies

Domain/Path Name / Value
.domaintools.com/ Name: csrftoken
Value: 4c2ce67f915cac78ab1f05183a9dbf2e
.domaintools.com/ Name: dtsession
Value: 3e719uavd4kk59g7kqs4oo2co3lclhdfair40tmchlqt7vlsph3t86l6unlv4mtkvk832dbo5kqnuk0kobp8j3kse8ktp55vtdr34p2
.domaintools.com/ Name: __utma
Value: 247745176.1816891742.1692896309.1692896309.1692896309.1
.domaintools.com/ Name: __utmc
Value: 247745176
.domaintools.com/ Name: __utmz
Value: 247745176.1692896309.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.domaintools.com/ Name: __utmt
Value: 1
.domaintools.com/ Name: __utmb
Value: 247745176.1.10.1692896309
.domaintools.com/ Name: _ga
Value: GA1.1.1723813089.1692896309
www.clarity.ms/ Name: CLID
Value: e126b74adb0d4d5789d26683806934ce.20230824.20240823
.domaintools.com/ Name: _ga_RPLVMKCB3Y
Value: GS1.1.1692896308.1.0.1692896308.60.0.0
.domaintools.com/ Name: _clck
Value: 1b0twii|2|fef|0|1331
.bing.com/ Name: MUID
Value: 31F6C7FBCF626C723C75D48CCEB06D94
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 31F6C7FBCF626C723C75D48CCEB06D94
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 31F6C7FBCF626C723C75D48CCEB06D94
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.domaintools.com/ Name: _clsk
Value: 1jy3kkm|1692896309556|1|1|p.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.domaintools.com
c.bing.com
c.clarity.ms
fonts.gstatic.com
img.domaintools.com
iris.domaintools.com
p.clarity.ms
region1.analytics.google.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.clarity.ms
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
199.30.228.113
199.30.228.26
20.122.63.128
2001:4860:4802:34::36
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
68.219.88.97
05d32bb2a26eed54b13c72d64d465a8922557637645b23e7357102257f01ca75
08479cde77105b5c8e78cd7c276a4cafc9284aae158a3fe601072ae4050fac28
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
102bb1bc779e589699645eec8b1d9885b5fbb563869a9e66cb3ed3f6eb972642
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
524a1d6322064b81388b6fd5e4355d34c8d3e700459a3644becf74ea482cef3a
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
6b8ccf708d593448ac785ca6bfa117329ceb9ba6e762b9ea7fbd1b5e904c2b40
719f9aa8100df8afecee4fccc426551cc2e0ae3306deb6dfc39b0312370b5af7
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
942b9f398e28038e6b2a78dbee3f903a9e7e6d7989a12f4fc04c1b746e1bcfa0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
c548ab92911cb0c3db4cbbe04248ddbfd4f50759d33b73ba54f6086cb7716b68
c848786da32417dfb650cee5070fc18e1937951fd35d8087c20d686c2ca95617
c90d7fb7bd827c2630febe82649843742bfdf80de9ee4aff7e47f48af3dc8c1d
cbca3fe5cf714cc3342f444b81a02397a76ef4799642994bd6207551f925aed1
d0f8a21b2726482ef7b9ba95ef128019c0cbe4d3789952b345bf26e1b413417d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebaf6ed3aa7a5134d66473ceea97035d820caebd5d18fab7e7fa5cd472da43b9
ece651a340d3e71c11287a35e2812609f1eff7f4b716a8962eb299a52fd70eeb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdf96ac802b37f4fd253d4d7dcbd1bce2e0bf52905c7a18cd9a396c8e53b168a