urlscan.io logo urlscan.io
SecurityTrails logo

whatstheirip.tech Open in urlscan Pro
2606:4700:3035::ac43:ae56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://whatstheirip.tech/
Effective URL: https://whatstheirip.tech/
Submission: On February 12 via api from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3035::ac43:ae56, located in United States and belongs to CLOUDFLARENET, US. The main domain is whatstheirip.tech.
TLS certificate: Issued by E1 on January 9th 2024. Valid for: 3 months.
This is the only time whatstheirip.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
16 8
1    2606:4700:3035::6815:502f (United States)

ASN13335 (CLOUDFLARENET, US)
whatstheirip.tech
2    2606:4700:3035::ac43:ae56 (United States)

ASN13335 (CLOUDFLARENET, US)
whatstheirip.tech
7    2606:4700:3032::ac43:a3c0 (United States)

ASN13335 (CLOUDFLARENET, US)
maipdf.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
grabify.icu
1    2606:4700:3030::6815:aa7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.maipdf.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
8 maipdf.com
maipdf.com
www.maipdf.com
99 KB
3 whatstheirip.tech
whatstheirip.tech
8 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 114
189 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
5 KB
1 grabify.icu
grabify.icu
74 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
66 KB
0 bytecdntp.com Failed
lf26-cdn-tos.bytecdntp.com Failed
16 7
Domain Requested by
7 maipdf.com whatstheirip.tech
3 whatstheirip.tech 1 redirects whatstheirip.tech
2 pagead2.googlesyndication.com whatstheirip.tech
pagead2.googlesyndication.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.maipdf.com whatstheirip.tech
1 grabify.icu whatstheirip.tech
1 www.googletagmanager.com whatstheirip.tech
0 lf26-cdn-tos.bytecdntp.com Failed whatstheirip.tech
16 8

This site contains no links.

Subject Issuer Validity Valid
whatstheirip.tech
E1		 2024-01-09 -
2024-04-08		 3 months crt.sh
maipdf.com
GTS CA 1P5		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
grabify.icu
GTS CA 1P5		 2024-01-26 -
2024-04-25		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://whatstheirip.tech/
Frame ID: 192119D5E95ADB7E367E147F56A300D0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/zrt_lookup_fy2021.html
Frame ID: 900CAFDC691B632941FD035646290E00
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://whatstheirip.tech/ HTTP 301
    https://whatstheirip.tech/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

94 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

440 kB
Transfer

1228 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://whatstheirip.tech/ HTTP 301
    https://whatstheirip.tech/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
whatstheirip.tech/
Redirect Chain
  • http://whatstheirip.tech/
  • https://whatstheirip.tech/
24 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://whatstheirip.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ae56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fb2358f857ed81fd7da8d98135ccac963e60f9a84ebc014cba205fb52c3d7d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8547069088e40e9f-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 12 Feb 2024 18:51:54 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nQjApwrOBkCraHyC5J01%2F5aGcdH%2FxQMykiZtFSekT%2F%2B8mYaICOulhfldBJKbx%2BJlUJdmbWNRpSw9ChLG5vYQvFuMaYq38pHCOY1SznzU6p3jVaT2Nxi2Spx5y6BZG90PrO58uI6d6%2FhVciXsGkP5w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
854706900e334be7-MXP
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 12 Feb 2024 18:51:54 GMT
Expires
Mon, 12 Feb 2024 19:51:54 GMT
Location
https://whatstheirip.tech/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffLWP4hUdeBsVb6VkEizO0oaC5%2BSlEQdk1FBA8F%2Bw0IYRTV22njhrYrn%2FukZ13VLC1fWmtG6YnoFsKEv0%2FDeJBIybROBorXQZCskP43%2F9or8IIrqzVSAqNjRnxVF3jatGU42urEKRc%2F9kxJ1dwg3ug%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
jquery.min.js
maipdf.com/pdf/vendor/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maipdf.com/pdf/vendor/jquery/jquery.min.js
Requested by
Host: whatstheirip.tech
URL: https://whatstheirip.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://whatstheirip.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:51:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 13 Jun 2019 18:49:59 GMT
server
cloudflare
etag
W/"15851-58b38ff2b23c0-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJeh6FHovpnMfluodtW4m4tTHftfyOcs5qcF9DNfwJcnI2QvLzWGWGF0UYf8etnvA1NoZkkAJC4B6OAr2ZpmzB%2B%2BJTjuhn8U1idfQWNcB%2BiPkNLuNVdqtqzJT79U%2FSUZGvdUdeIFO7cw"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
access-control-max-age
3000
cache-control
max-age=31536000
x-frame-options
DENY
cf-ray
85470691cbea0e83-MXP
access-control-allow-headers
range
bootstrap.bundle.min.js
maipdf.com/pdf/vendor/bootstrap/js/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maipdf.com/pdf/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: whatstheirip.tech
URL: https://whatstheirip.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://whatstheirip.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:51:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 13 Jun 2019 18:49:59 GMT
server
cloudflare
etag
W/"1332b-58b38ff2b23c0-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yJwlZ5qCXhTrcoeMtNB8w0hKI3k6NB63iRT7zBU2NNdxPrRTv7BhGCB7WxhMAuuiK1HmmxpRfeaZgg3%2BURO75vwPOPtK5kK%2F8tA69tb95xzSndmQukntKHxN9TAsq83AONw6miLkPfZ"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
access-control-max-age
3000
cache-control
max-age=31536000
x-frame-options
DENY
cf-ray
85470691cbe40e83-MXP
access-control-allow-headers
range
jquery.easing.min.js
maipdf.com/pdf/vendor/jquery-easing/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maipdf.com/pdf/vendor/jquery-easing/jquery.easing.min.js
Requested by
Host: whatstheirip.tech
URL: https://whatstheirip.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://whatstheirip.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:51:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 13 Jun 2019 18:49:59 GMT
server
cloudflare
etag
W/"9e4-58b38ff2b23c0-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amBcWSLQPYPSSmg4e1tNmVNcDKOnRJRNur833Itw3gndtoLvfyd3LvbImLm%2BvKO0m9QD7NN2FVkQUu38tfumF2PkGH8WaxXcEZnVnAmhrdviv%2B6ZnuvGWec0Ihx3JFsilaFrzhq7LkoE"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
access-control-max-age
3000
cache-control
max-age=31536000
x-frame-options
DENY
cf-ray
85470691cbe90e83-MXP
access-control-allow-headers
range
jquery.magnific-popup.min.js
maipdf.com/pdf/vendor/magnific-popup/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maipdf.com/pdf/vendor/magnific-popup/jquery.magnific-popup.min.js
Requested by
Host: whatstheirip.tech
URL: https://whatstheirip.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://whatstheirip.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:51:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 13 Jun 2019 18:49:59 GMT
server
cloudflare
etag
W/"4ef8-58b38ff2b23c0-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euxM0FdPk2SqeQtXXvK5oJaL3psW%2FGKw1v1YQBOPYFpo5BBb11WjxhCeMVBOEqccrHm7GTo%2FDDprne%2B1mNtzu6XciKONOhiumOHhr3bQTIxphCk9PGwpdnPAKiw1vLz8p6bEgN0ZT40B"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
access-control-max-age
3000
cache-control
max-age=31536000
x-frame-options
DENY
cf-ray
85470691cbec0e83-MXP
access-control-allow-headers
range
creative.min.js
maipdf.com/pdf/js/ 		1 KB
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maipdf.com/pdf/js/creative.min.js
Requested by
Host: whatstheirip.tech
URL: https://whatstheirip.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3da72cf6ab2d55b000d23f8fc1d6e06e4c5ccc3e9da14387fae1134016fd34c4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://whatstheirip.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:51:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 13 Jun 2019 18:49:59 GMT
server
cloudflare
etag
W/"48f-58b38ff2b23c0-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1HkJrnZTZxg7rX2AXR3xq8DmWJXb%2BKlKg%2Fjm4n%2BMGZ5%2BsKnI4tWCbPYLz7jsYDrWYJCIT4i72beM9PZQmpNb5DwOaTfSleasZ60pcKz1nB3XwfnD03SXHyKS1u5k6vgLWJJHft%2FqgS%2F"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
access-control-max-age
3000
cache-control
max-age=31536000
x-frame-options
DENY
cf-ray
85470691cbe80e83-MXP
access-control-allow-headers
range
all.min.css
lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/font-awesome/6.0.0/css/ 		0
0
magnific-popup.css
maipdf.com/pdf/vendor/magnific-popup/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maipdf.com/pdf/vendor/magnific-popup/magnific-popup.css
Requested by
Host: whatstheirip.tech
URL: https://whatstheirip.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://whatstheirip.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:51:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=6951
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 13 Jun 2019 18:49:59 GMT
server
cloudflare
etag
W/"1b27-58b38ff2b23c0-gzip"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPJI%2FYVlhZBhYuUiZpqUwxfTAb42Ko4PdU03Q77%2BLHNv1B7YYxrAzk98NIod3FCLNb045Zwqw3wfm9ZYENElp9t8XVC07lrLCC3LWDeLprFnbfchKNVWfRiOK2P9Mr24vcE7NnYp7GKO"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
vary
Accept-Encoding
cache-control
max-age=31536000
x-frame-options
DENY
cf-ray
85470691cbdf0e83-MXP
access-control-allow-headers
range
creative.min.css
maipdf.com/pdf/css/ 		174 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maipdf.com/pdf/css/creative.min.css
Requested by
Host: whatstheirip.tech
URL: https://whatstheirip.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
807ad296576664fa71017f474febfceae10dea8047b3aa2cf27247a10f30ebb2
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://whatstheirip.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:51:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Jul 2019 04:47:17 GMT
server
cloudflare
etag
W/"2b7be-58dc512339f40-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlZGclzZ1ESZeGA5OvDceXMjfOUvuHUWAzbQyzxSdIMQfhKo9%2FbydRNF4Z5wzOEeVxfWSX5%2B%2FauWYD%2BBVQHTDgykmBn%2Fw9WwQSrpTTcaVXCl6YV%2F1EwulhNKXx59hBBUWvZy6XeDqhoO"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
access-control-max-age
3000
cache-control
max-age=31536000
x-frame-options
DENY
cf-ray
85470691cbe30e83-MXP
access-control-allow-headers
range
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9224406325142860
Requested by
Host: whatstheirip.tech
URL: https://whatstheirip.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae56ec67dec7233d2ac0d26e6e9ffd5a91835116399f07bd5ffb278c32612e7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://whatstheirip.tech/
Origin
https://whatstheirip.tech
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:51:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51713
x-xss-protection
0
server
cafe
etag
7785432802608630324
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 12 Feb 2024 18:51:54 GMT
js
www.googletagmanager.com/gtag/ 		179 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-149594131-6
Requested by
Host: whatstheirip.tech
URL: https://whatstheirip.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e11a505b0199822231fde6fb4d99819b1a251456fae4bde418768a29170d7c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://whatstheirip.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:51:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66782
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Feb 2024 18:51:54 GMT
step1.png
grabify.icu/pic/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grabify.icu/pic/step1.png
Requested by
Host: whatstheirip.tech
URL: https://whatstheirip.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc72ae12f81177d0de081fed6cab6fbf9a0385b4c2e369af7734f3593cd3a9d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://whatstheirip.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:51:54 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Jul 2020 03:57:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"125ac-5a9bde0cffab0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqSbwljBZJhtcoJzxP92JCzBrWPk4aErLaWaJseYRxg4dHoPrq9B0ZUcv0OTY0YU9YFWXaf8VoEtqE2%2FukP8wgLcvIMtILkh6QaR9zzHMjqNWhBI4EqgnCnZxZy7dHkL%2BR9zhOAp%2Bz4SFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
854706919df65236-MXP
alt-svc
h3=":443"; ma=86400
content-length
75180
email-decode.min.js
whatstheirip.tech/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://whatstheirip.tech/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: whatstheirip.tech
URL: https://whatstheirip.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ae56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://whatstheirip.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Feb 2024 17:53:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65c66685-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5EziA9eRPPXdIYRYqIUT8sbWy26cMArxB9qc5cdWVa6c7J64DfZisIdHrEHOmH3hx%2BsW9M2d%2B9zJMhFS9gVr24lBQZGKwbFKkU2F%2FLdSHNGZhKQwXfcm%2Bb1nRPy%2FmQ2QsgABOIDyrsMKDL2%2BSWQdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
854706913a4f0e9f-MXP
expires
Wed, 14 Feb 2024 18:51:54 GMT
qrcode.min.js
www.maipdf.com/pdf/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.maipdf.com/pdf/qrcode.min.js
Requested by
Host: whatstheirip.tech
URL: https://whatstheirip.tech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://whatstheirip.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:51:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3695
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 24 Nov 2015 18:43:20 GMT
server
cloudflare
etag
W/"4dd7-5254db7358200-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxzT4dPA%2Biqm94zUbnLPklrY2qCErWhik1CUXqGhlkNPXl0HTKaIM1BrrXUvs4CHK1zCqRQBZisdG5%2BVTdhSzxU2gDCGlbuFocr6iUfYYEbOntGfFky%2Fw4qqPd96ZpCd7tr5pNli7zZ98uHgUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
access-control-max-age
3000
cache-control
max-age=31536000
x-frame-options
DENY
cf-ray
85470691bde60e4e-MXP
access-control-allow-headers
range
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js?bust=31081078
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9224406325142860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
586832a575c73cee1433a49348aecbc5a338bd31ff1820a99d756da403a0ec17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://whatstheirip.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:51:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141179
x-xss-protection
0
server
cafe
etag
496995798764106514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 18:51:54 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/ Frame 900C 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9224406325142860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://whatstheirip.tech/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
67000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Feb 2024 00:15:14 GMT
etag
3890843268177463596
expires
Mon, 26 Feb 2024 00:15:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lf26-cdn-tos.bytecdntp.com
URL
https://lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/font-awesome/6.0.0/css/all.min.css

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| ip function| $ function| jQuery object| bootstrap object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| dataLayer function| google_sa_impl

1 Cookies

Domain/Path Name / Value
whatstheirip.tech/ Name: PHPSESSID
Value: 4vhipj0a6ubag8o7dn75ke240l

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
grabify.icu
lf26-cdn-tos.bytecdntp.com
maipdf.com
pagead2.googlesyndication.com
whatstheirip.tech
www.googletagmanager.com
www.maipdf.com
lf26-cdn-tos.bytecdntp.com
2606:4700:3030::6815:aa7
2606:4700:3032::ac43:a3c0
2606:4700:3035::6815:502f
2606:4700:3035::ac43:ae56
2a00:1450:4001:806::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2008
2a06:98c1:3121::3
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
31fb2358f857ed81fd7da8d98135ccac963e60f9a84ebc014cba205fb52c3d7d
3da72cf6ab2d55b000d23f8fc1d6e06e4c5ccc3e9da14387fae1134016fd34c4
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4e11a505b0199822231fde6fb4d99819b1a251456fae4bde418768a29170d7c9
586832a575c73cee1433a49348aecbc5a338bd31ff1820a99d756da403a0ec17
65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
807ad296576664fa71017f474febfceae10dea8047b3aa2cf27247a10f30ebb2
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
ae56ec67dec7233d2ac0d26e6e9ffd5a91835116399f07bd5ffb278c32612e7f
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
fc72ae12f81177d0de081fed6cab6fbf9a0385b4c2e369af7734f3593cd3a9d4