whatsmyip.com Open in urlscan Pro
2606:4700:3036::ac43:d25b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://whatsmyip.com/vpn-hide-ip/best-vpn-list
Submission: On March 05 via api (March 5th 2021, 7:29:46 pm UTC) from US

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 19 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3036::ac43:d25b, located in United States and belongs to CLOUDFLARENET, US. The main domain is whatsmyip.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2020. Valid for: a year.

This is the only time whatsmyip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3036::ac43:d25b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1 1	52.210.134.198 52.210.134.198	16509 (AMAZON-02) (AMAZON-02)
1 2	104.17.49.74 104.17.49.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::ac43:cded	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 2	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	54.93.115.47 54.93.115.47	16509 (AMAZON-02) (AMAZON-02)
3	52.28.94.164 52.28.94.164	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	52.57.77.12 52.57.77.12	16509 (AMAZON-02) (AMAZON-02)
56	27

10 2606:4700:3036::ac43:d25b (United States)

ASN13335 (CLOUDFLARENET, US)

whatsmyip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.134.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-134-198.eu-west-1.compute.amazonaws.com

go.nordvpn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.49.74 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

visit.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:cded (United States)

ASN13335 (CLOUDFLARENET, US)

ads.holid.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.38 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.115.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-115-47.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.94.164 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-94-164.eu-central-1.compute.amazonaws.com

lwadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c6e81f0b13178b4b9c91ed3406273094.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.77.12 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-77-12.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	googlesyndication.com pagead2.googlesyndication.com c6e81f0b13178b4b9c91ed3406273094.safeframe.googlesyndication.com tpc.googlesyndication.com	27 KB
10	whatsmyip.com whatsmyip.com	192 KB
5	ampproject.org cdn.ampproject.org	99 KB
5	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	132 KB
4	gstatic.com fonts.gstatic.com	73 KB
3	lwadm.com lwadm.com	2 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	google.com adservice.google.com www.google.com	165 B
2	rubiconproject.com fastlane.rubiconproject.com pixel.rubiconproject.com	2 KB
2	360yield.com 1 redirects ice.360yield.com ad.360yield.com	788 B
2	adform.net adx.adform.net cm.adform.net	553 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	holid.io ads.holid.io	74 KB
2	nordvpn.com 1 redirects visit.nordvpn.com nordvpn.com	707 B
1	google.dk adservice.google.dk	799 B
1	casalemedia.com htlb.casalemedia.com	368 B
1	cloudflare.com ajax.cloudflare.com	5 KB
1	nordvpn.net 1 redirects go.nordvpn.net	2 KB
56	19

	Domain	Requested by
10	whatsmyip.com	whatsmyip.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com whatsmyip.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	securepubads.g.doubleclick.net	ads.holid.io securepubads.g.doubleclick.net whatsmyip.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	lwadm.com	ads.holid.io
3	fonts.googleapis.com	whatsmyip.com securepubads.g.doubleclick.net
2	ib.adnxs.com	1 redirects ads.holid.io
2	www.google-analytics.com	whatsmyip.com www.google-analytics.com
2	ads.holid.io	ajax.cloudflare.com ads.holid.io
1	ad.360yield.com	1 redirects
1	pixel.rubiconproject.com
1	cm.adform.net
1	www.google.com	whatsmyip.com
1	c6e81f0b13178b4b9c91ed3406273094.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.dk	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	fastlane.rubiconproject.com	ads.holid.io
1	ice.360yield.com	ads.holid.io
1	adx.adform.net	ads.holid.io
1	htlb.casalemedia.com	ads.holid.io
1	ajax.cloudflare.com	whatsmyip.com
1	nordvpn.com	whatsmyip.com
1	visit.nordvpn.com	1 redirects
1	go.nordvpn.net	1 redirects
56	27

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-08` - `2021-07-08`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-03` - `2022-02-19`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
lwadm.com Amazon	`2020-12-31` - `2022-01-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.google.dk GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.adform.net DigiCert SHA2 Secure Server CA	`2020-04-02` - `2021-06-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
Frame ID: 8FD5997E2E82155D5C20657033D52376
Requests: 39 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: FC080396CFD69940AAC407B0F295EA57
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 32F2F1DD74FDE37FECD20E46DBCAF1DB
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

56
Requests

100 %
HTTPS

57 %
IPv6

19
Domains

27
Subdomains

27
IPs

5
Countries

630 kB
Transfer

1536 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://go.nordvpn.net/aff_c?offer_id=15&aff_id=6152&url_id=902 HTTP 302
https://visit.nordvpn.com/?offer_id=15&aff_id=6152&aff_transaction_id=102b12795568ae792f77a849b9310a&source=&params[ho_asub1]=&url_id=533 HTTP 302
https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content&utm_campaign=off15&utm_source=aff6152

Request Chain 55

https://ib.adnxs.com/getuid?https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637505693687594695%26bid%3d03485854-5ae2-43d5-8d5d-cfe9b12ac08c%26lwuid%3deec984e5-08d7-4143-b81b-cd415b81b400%26buid%3d$UID HTTP 302
https://lwadm.com/usermatch/pl?cb=637505693687594695&bid=03485854-5ae2-43d5-8d5d-cfe9b12ac08c&lwuid=eec984e5-08d7-4143-b81b-cd415b81b400&buid=1283482650941721451

Request Chain 56

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&r=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637505693687594695%26bid%3d89db4e8f-e85b-4f4b-b7a2-65554038c76c%26lwuid%3deec984e5-08d7-4143-b81b-cd415b81b400%26buid%3d%7BPUB_USER_ID%7D HTTP 302
https://lwadm.com/usermatch/pl?cb=637505693687594695&bid=89db4e8f-e85b-4f4b-b7a2-65554038c76c&lwuid=eec984e5-08d7-4143-b81b-cd415b81b400&buid=f6ba6411-96a4-4c23-a13d-a378d69bc7e2

56 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request best-vpn-list Show response
whatsmyip.com/vpn-hide-ip/ 179 KB
26 KB 68ms
49ms Document
text/html 2606:4700:3036::ac43:d25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whatsmyip.com/vpn-hide-ip/best-vpn-list

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:d25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca27c1cca6a33c8404431fad1f2fbb9a26bef858bc1a4a9fe17f80cd3176c6bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

:method: GET
:authority: whatsmyip.com
:scheme: https
:path: /vpn-hide-ip/best-vpn-list
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:27 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d324092f9209b02b108c7c0b3bc76a6a61614972567; expires=Sun, 04-Apr-21 19:29:27 GMT; path=/; domain=.whatsmyip.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=1cgemo52001fl2j44j8lnbl8b2; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1
cf-cache-status: DYNAMIC
cf-request-id: 08a576d5db00004a795325d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Os0m7Pr%2B%2Fc3Ywcbxrg901qUNJHZ%2Fz2MCZUu7GKEtteQRR7FIffaRDQHAbGahKNjvBTMoQlSUjFInlYPEuP9mQtjFN4Y0mBMtSgvlLjL18dm11lQHdOXBJqDP"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62b5c0cfcf9e4a79-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 1 KB
481 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oleo+Script:400,700

Requested by

Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

26617c707ca12f2bc4c5701c44a2bbdb313d2e16febdc2f8ebc1f453d2bb7489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Mar 2021 19:16:35 GMT
server: ESF
date: Fri, 05 Mar 2021 19:29:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Mar 2021 19:29:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
558 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Teko:400,700

Requested by

Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40b663b6c46dc00dcddf46d5dd0892c9f7c8ede4fc5f329ddcad0268d0f26f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Mar 2021 19:20:53 GMT
server: ESF
date: Fri, 05 Mar 2021 19:29:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Mar 2021 19:29:27 GMT

GET
H2 200 font-awesome.min.css
whatsmyip.com/css/ 30 KB
7 KB 14ms
13ms Stylesheet
text/css 2606:4700:3036::ac43:d25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whatsmyip.com/css/font-awesome.min.css
Requested by: Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d25b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c7936bd6a8c681dfb15ae9db3f4786b8ab1af318f59364d053b81016279c7c7

Request headers

Referer: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1665263
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a576d61600004a7978120000000001
pragma: public
last-modified: Tue, 30 Oct 2018 13:41:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=isjl1I9VC4GMh4GHC%2Fh%2FKvGaELlfSMl99NQYi%2Bh%2Bd%2BWH3D7bieaO%2BlXX4RljZbIu8sLAnHd%2FfCjthULe20ID9hnGvhCIbOoPrarCUAVda1wgnP1G0QISHQ3S"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 62b5c0d0285e4a79-FRA
expires: Tue, 16 Mar 2021 12:55:04 GMT

GET
H2 200 whatsmyiplogo.png
whatsmyip.com/assets/img/ 2 KB
3 KB 15ms
12ms Image
image/png 2606:4700:3036::ac43:d25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whatsmyip.com/assets/img/whatsmyiplogo.png
Requested by: Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d25b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f689de81ed8a11c11c2332212550b74f27d8be6fa27bdcba19f212111260a84

Request headers

Referer: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1702563
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2415
cf-request-id: 08a576d62400004a7979a34000000001
pragma: public
last-modified: Tue, 24 Jul 2018 20:03:44 GMT
server: cloudflare
etag: "5b578620-96f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b31ByiiJVn%2BV8a7CmLXtuNpkwQjO3x%2Bl9HhW%2BMZ0zomqZUoVXVhkyobHfHUHaBntJ5YwsbgtD1MUOZB0C66ops%2FA%2FbrXyJmZbY9axKCas4%2BQVHbFuXRbcXP1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 62b5c0d038824a79-FRA
expires: Tue, 16 Mar 2021 02:33:24 GMT

GET
H2 200 editors_choice.gif
whatsmyip.com/assets/img/ 29 KB
29 KB 16ms
13ms Image
image/gif 2606:4700:3036::ac43:d25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whatsmyip.com/assets/img/editors_choice.gif
Requested by: Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d25b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f654f80ccb2d93eaac33c4923fa2fd769555c13dbd69b2d2c9dc9d5b6c87f9bf

Request headers

Referer: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1249
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29684
cf-request-id: 08a576d62500004a796e381000000001
pragma: public
last-modified: Fri, 25 Aug 2017 22:06:45 GMT
server: cloudflare
etag: "59a09f75-73f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tXhVLuU9pZfxpFkCBWGfEtKvBvJPGQbynmtgySyQh8iNEytkxExT0cjdwiza8XmelNjVbn0HLxbcNSvP%2FC%2FP9Sr7RncRGq2JISnS7kYtJbftYeLxGJoZh%2BlT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 62b5c0d038844a79-FRA
expires: Sun, 04 Apr 2021 19:08:38 GMT

GET
H2 200 nordvpn_logo_trans.png
whatsmyip.com/assets/img/ 5 KB
6 KB 15ms
12ms Image
image/png 2606:4700:3036::ac43:d25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whatsmyip.com/assets/img/nordvpn_logo_trans.png
Requested by: Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d25b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c7c867fcc0c3e4fdb39901d5878ebca8be9024e884a3c593fbf6d8aacf75d2

Request headers

Referer: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1249
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5388
cf-request-id: 08a576d62500004a7993bce000000001
pragma: public
last-modified: Thu, 31 Aug 2017 14:55:51 GMT
server: cloudflare
etag: "59a82377-150c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uNbYvuSewgRfwF85VQJ0CowB90Q%2B13f2tuADpm9%2F79ZC964k5rfhk0LGLqnh6FS4mUh4UR1R5NpJAPX1LBpFK%2BOqdYCviEZITcYzBzVD6T6F2z1ptsks6IoZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 62b5c0d038854a79-FRA
expires: Sun, 04 Apr 2021 19:08:38 GMT

GET
H2

200

/
nordvpn.com/special/
Redirect Chain

https://go.nordvpn.net/aff_c?offer_id=15&aff_id=6152&url_id=902
https://visit.nordvpn.com/?offer_id=15&aff_id=6152&aff_transaction_id=102b12795568ae792f77a849b9310a&source=&params[ho_asub1]=&url_id=533
https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content&utm_campaign=off15&utm_source=aff6152

0
0

692ms
686ms

Image
text/html

104.17.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content&utm_campaign=off15&utm_source=aff6152
Requested by: Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.49.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 19:29:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://nordvpn.com/special/?utm_medium=affiliate&utm_term&utm_content&utm_campaign=off15&utm_source=aff6152
cache-control: no-store, no-cache, must-revalidate
cf-ray: 62b5c0d3e89d10c5-CPH
cf-request-id: 08a576d872000010c5363b5000000001
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 router100.png
whatsmyip.com/assets/img/ 2 KB
2 KB 14ms
11ms Image
image/png 2606:4700:3036::ac43:d25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whatsmyip.com/assets/img/router100.png
Requested by: Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d25b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fc194331561a1b1f7db9c7b05425c393dc976bd5cfacf84b8676593cf7a5f3c

Request headers

Referer: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1249
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2064
cf-request-id: 08a576d62500004a796c0b3000000001
pragma: public
last-modified: Wed, 30 Aug 2017 20:54:38 GMT
server: cloudflare
etag: "59a7260e-810"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0pd449wvnFwKQvoMQJyNHciUMIlMwkeemUhSaZAQ1yGxKc6xoHGDlf2UMK1tTVWdbbIvLXrP8h09DkyEN8jJe4qX0V7wzpnNJoxmwaBCJXLWD8%2Fanswxa9ej"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 62b5c0d038864a79-FRA
expires: Sun, 04 Apr 2021 19:08:38 GMT

GET
H2 200 Logo_CG_VPN_transparent_bg.png
whatsmyip.com/assets/img/ 16 KB
16 KB 16ms
13ms Image
image/png 2606:4700:3036::ac43:d25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whatsmyip.com/assets/img/Logo_CG_VPN_transparent_bg.png
Requested by: Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d25b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3402eadb275b3b27d01d9f9b6f714eec2e918732ba2e2916706d940b4bdc7e74

Request headers

Referer: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1665263
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16286
cf-request-id: 08a576d62500004a795a119000000001
pragma: public
last-modified: Thu, 05 Jul 2018 12:37:38 GMT
server: cloudflare
etag: "5b3e1112-3f9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RWVpKw3nT8Ye70EPuD6lnoOjDT%2FUvc5UZImwrHCL3WX7or4I5B3S5sGseZsKSmsEG1sThE53hyhmOsHWE2u%2Bb66PdEkqUpCtlOsWBWjxT1sIegCDI8zD52m2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 62b5c0d038884a79-FRA
expires: Tue, 16 Mar 2021 12:55:04 GMT

GET
H2 200 bestprice.png
whatsmyip.com/assets/img/ 22 KB
22 KB 17ms
14ms Image
image/png 2606:4700:3036::ac43:d25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whatsmyip.com/assets/img/bestprice.png
Requested by: Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d25b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b103d49a53b74cd6180accdc126b2603ae8e3fb1549950585ef705f5a9c93900

Request headers

Referer: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1249
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22254
cf-request-id: 08a576d62600004a7978121000000001
pragma: public
last-modified: Thu, 31 Aug 2017 07:22:53 GMT
server: cloudflare
etag: "59a7b94d-56ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y5leQOTfykA4oVFCiaBdVDPI4kZwtDAsJ9N2bEtWs6s7aB1AiUs%2F4sAkWb4DOKLOgXK0cOw3PWVxLZQv%2BG0wHJsBenNmoq10dCayI%2B6qURgH9d%2Fc0rUVQsHM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 62b5c0d0388a4a79-FRA
expires: Sun, 04 Apr 2021 19:08:38 GMT

GET
H2 200 expressvpn-logo.png
whatsmyip.com/assets/img/ 5 KB
5 KB 21ms
18ms Image
image/png 2606:4700:3036::ac43:d25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whatsmyip.com/assets/img/expressvpn-logo.png
Requested by: Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d25b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a32ee73851c59ae18c33766427e1f3cb060571cf5bfca7453f2ec591892645

Request headers

Referer: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1248
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4717
cf-request-id: 08a576d62600004a7998b8f000000001
pragma: public
last-modified: Thu, 31 Aug 2017 14:56:35 GMT
server: cloudflare
etag: "59a823a3-126d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BC1xtzfidlFE004W8pUF%2BogvNC1eGeH7S9Yy8sDuHa3w470atplBxRZF24pbGfuRWYwB1wX6cPwOhQ6BrkDiAtdQEW%2Bv3CsnDK1MKMfe56ze5vCEUlzzDuPt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 62b5c0d0388b4a79-FRA
expires: Sun, 04 Apr 2021 19:08:39 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 27ms
8ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
cf-request-id: 08a576d63500002bc61ea4b000000001
last-modified: Thu, 04 Mar 2021 10:30:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6040b6ad-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JWqtqm5yBaN5KziiIBMHbLDTB5XlpTWhUhF09JgxCkppuJNyVt6zkfD%2B2vWLczFUhCPY2HPBPJtsnD%2BAlRXujs1INlJSFtdDnhDuS2QUtE1bL%2BuBM1mfPwjwxWDVp5gI"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 62b5c0d05a5f2bc6-FRA
expires: Sun, 07 Mar 2021 19:29:27 GMT

GET
H2 200 fontawesome-webfont.woff2
whatsmyip.com/assets/fonts/ 75 KB
76 KB 50ms
49ms Font
application/octet-stream 2606:4700:3036::ac43:d25b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whatsmyip.com/assets/fonts/fontawesome-webfont.woff2

Requested by

Host: whatsmyip.com
URL: https://whatsmyip.com/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:d25b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Origin: https://whatsmyip.com
Referer: https://whatsmyip.com/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:27 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 08a576d63600004a794425e000000001
last-modified: Tue, 30 Oct 2018 13:37:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5bd85e81-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JENNyPQZOD5C2L3axF4yT8O1T%2FOVdyiF8415oAu1lze4ZCYcOzktXNuiLUzN7bqOBdd0EufuxoCMs48q4%2F3S15udjtbw7Y8tJodHv6ywSH8aOKrhaH0jI%2Fim"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-xss-protection: 1
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 62b5c0d058c64a79-FRA

GET
H2 200 holid.js Show response
ads.holid.io/auto/whatsmyip.com/ 14 KB
3 KB 18ms
18ms Script
application/javascript 2606:4700:3036::ac43:cded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.holid.io/auto/whatsmyip.com/holid.js?v=1.2

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:cded , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f159ff2f8983eeeb15ebe11bf3167cbe179759b591c84162adfdb425cb965005

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2807
cf-polished: origSize=26193
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a576d6be000064c7e4bea000000001
last-modified: Sun, 14 Feb 2021 07:46:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6028d572-6651"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rnoQzUuJProFeL52Kb9HUKBmlhqRLAIavfCh9Sjaq686hocYCGQWA3ZKtIVIlXnCxoCQ7di38%2BEuvqaJNAtF2ezRzy%2B0AGy2ese4vxOG0gtnIbBYF9TWRPc%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 62b5c0d12aa264c7-FRA
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 62
date: Fri, 05 Mar 2021 19:28:26 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 05 Mar 2021 21:28:26 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 227ms
72ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/auto/whatsmyip.com/holid.js?v=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

a0fc86dca1c5356bec93f51727e5da4f609e4d16fc4ed5e6f80e4222f59a25a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "802 / 34 of 1000 / last-modified: 1614946432"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19858
x-xss-protection: 0
expires: Fri, 05 Mar 2021 19:29:28 GMT

GET
H2 200 prebid.js Show response
ads.holid.io/auto/ 240 KB
71 KB 29ms
28ms Script
application/javascript 2606:4700:3036::ac43:cded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.holid.io/auto/prebid.js

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/auto/whatsmyip.com/holid.js?v=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:cded , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e98372d003d6d4d09dce544380b1ab7f98d55878b789b1cdbecefbcefd7240f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3164
cf-polished: origSize=245782
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a576dbc8000064c7cf119000000001
last-modified: Tue, 13 Oct 2020 14:45:21 GMT
server: cloudflare
etag: W/"5f85bd81-3c016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Lc4z%2BdqvSIovJu9oNghtl0j8YsKCLN1O5%2FB4E2qlt1BmUAbTxOlE8VmRA8FBUAKatYQfId2MskyMocHdF8lZ7CoKv4vL7ZdsI5FfoNboxzfc69XgyUm%2FS4%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 62b5c0d93bb664c7-FRA
cf-bgj: minify

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
388 B 47ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=403126626&t=pageview&_s=1&dl=https%3A%2F%2Fwhatsmyip.com%2Fvpn-hide-ip%2Fbest-vpn-list&ul=en-us&de=UTF-8&dt=Best%20VPN%202021%20-%20Browse%20Anonymous&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1459230899&gjid=1242847753&cid=982559503.1614972569&tid=UA-104098438-1&_gid=327333277.1614972569&_r=1&_slc=1&z=1174261695

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 19:29:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://whatsmyip.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 220ms
86ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/auto/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5c6229c0156a603ff4d6041c68beafafd13e8c8563c10e05e284d6d1639994e1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 19:29:28 GMT
X-Proxy-Origin: 82.102.20.211; 82.102.20.211; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.152:80
AN-X-Request-Uuid: 46d1823b-c853-4adf-9649-776a9b1cd6b6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://whatsmyip.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
368 B 296ms
167ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=522542&v=7.2&r=%7B%22id%22%3A%223f4ab05fc11db3%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224fa4ab06d584e1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22522542%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224fa4ab06d584e1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22522542%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224fa4ab06d584e1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22522542%22%2C%22sid%22%3A%22980x240%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A240%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224fa4ab06d584e1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22522542%22%2C%22sid%22%3A%22980x300%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A300%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwhatsmyip.com%2Fvpn-hide-ip%2Fbest-vpn-list%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/auto/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 710d24afcf8961b84dec5eeb209c857d3ace6c60be8b3e758b9103be2fe2a816

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 19:29:28 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DK], RC:[], CN:[EU], CIP:[82.102.20.211], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://whatsmyip.com
x-cs-client-geo: 10
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 10
expires: Fri, 05 Mar 2021 19:29:28 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
447 B 284ms
175ms XHR
application/json 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTYxOTAzNiZyY3VyPVVTRCZ0cmFuc2FjdGlvbklkPTcxOTRjZjc3LWI4OGMtNGM5NC05ODVkLTIyMTRkNjFhNWQxOQ%3D%3D&pt=gross&stid=2126688b-bbbd-473a-9bff-1b19aed028b9&fd=1

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/auto/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 19:29:28 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://whatsmyip.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 hb Show response
ice.360yield.com/ 98 B
514 B 297ms
164ms XHR
application/json 54.93.115.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2213baf8404d38614%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwhatsmyip.com%2Fvpn-hide-ip%2Fbest-vpn-list%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2285bb0a8471496d%22%2C%22pid%22%3A%221221693%22%2C%22tid%22%3A%227194cf77-b88c-4c94-985d-2214d61a5d19%22%2C%22kvw%22%3A%7B%22hb%22%3A%5B%22true%22%5D%7D%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/auto/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.115.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-115-47.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ba01158fc2ae7c9024ec1d13f872c453a81aee7c53de3eb6a2cd6f8d0bd572c3

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://whatsmyip.com
date: Fri, 05 Mar 2021 19:29:28 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 98
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 ad Show response
lwadm.com/ 1 KB
872 B 413ms
280ms XHR
application/json 52.28.94.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lwadm.com/ad
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/auto/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.94.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-94-164.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7f493aaf3c56670386a60b8ffc29e4fc2f75bddfa1b40d23f154f58f7cccfd7f

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Mar 2021 19:29:28 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://whatsmyip.com
cache-control: no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 266 B
2 KB 372ms
159ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19172&site_id=225036&zone_id=1104998&size_id=2&alt_size_ids=57%2C78%2C79&rf=https%3A%2F%2Fwhatsmyip.com%2Fvpn-hide-ip%2Fbest-vpn-list&tk_flint=pbjs_lite_v4.11.0&x_source.tid=7194cf77-b88c-4c94-985d-2214d61a5d19&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8692363911725569
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/auto/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b5bdcf97bd9c6be5bc44c0ec02a1d65d11a4b2b423a6ac5654faaf5334d97714

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 19:29:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://whatsmyip.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 266
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
83 B 13ms
12ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-104098438-1&cid=982559503.1614972569&jid=1459230899&gjid=1242847753&_gid=327333277.1614972569&_u=IEBAAEAAAAAAAC~&z=1245236909

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Mar 2021 19:29:28 GMT
content-type: text/plain
access-control-allow-origin: https://whatsmyip.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021030201.js Show response
securepubads.g.doubleclick.net/gpt/ 282 KB
100 KB 166ms
83ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 09:37:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101677
x-xss-protection: 0
expires: Fri, 05 Mar 2021 19:29:28 GMT

GET
H2 200 integrator.js Show response
adservice.google.dk/adsid/ 107 B
799 B 35ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=whatsmyip.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Mar 2021 19:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=whatsmyip.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Mar 2021 19:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f389305bf102c24c64d10502d9b7b1eeb35530efdb4542f698a286bee607f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Mar 2021 19:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6481
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
13 KB 531ms
530ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2124519367524254&correlator=2549558032023246&output=ldjh&impl=fifs&eid=21064372%2C31060011&vrg=2021030201&ptt=17&sc=1&sfv=1-0-37&ecs=20210305&iu_parts=21756427176%2CWhatsmyIP.com_LSMB_Pano1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C980x240%7C728x90%7C980x300&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1614972569&dt=1614972569112&dlt=1614972567053&idt=2039&frm=20&biw=1600&bih=1200&oid=3&adxs=115&adys=1874&adks=2703166075&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fwhatsmyip.com%2Fvpn-hide-ip%2Fbest-vpn-list&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1370x260&msz=1370x250&ga_vid=982559503.1614972569&ga_sid=1614972569&ga_hid=403126626&ga_fc=false&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

5418841b44007506a8b93686a94687a37d889b698f42099d6bf0b43b294ca69f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12564
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://whatsmyip.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c6e81f0b13178b4b9c91ed3406273094.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 80ms
14ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c6e81f0b13178b4b9c91ed3406273094.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 05 Mar 2021 19:29:29 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame FC08 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://whatsmyip.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://whatsmyip.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 05 Mar 2021 17:43:59 GMT
expires: Sat, 05 Mar 2022 17:43:59 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6330
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js Show response
pagead2.googlesyndication.com/bg/ Frame FC08 14 KB
6 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 19:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 344210
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5643
x-xss-protection: 0
expires: Tue, 01 Mar 2022 19:52:39 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 40ms
40ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030201&jk=2124519367524254&bg=!VValVhXNAAWsVXnBrDsAKQB2-DxaN_drBFjIMtfjB9H0io4_UyZAqN0_X1L297U4QBfoPB7oWkqHAgAAAF5SAAAADWgBBwoAa4biu8GvS0Qy9Wd1FP5FnidjA9yaG2g8ruNoy2ryTIpiJ4HEZUpcxLDYBo0o2npGSVLzgXa8YndbBIze-4K_rRD2FQBmFwTvB9T7TEbbetXk-dyrnp75cfP8gZHC53hfpiGhQ1jbwUYBQMdymQIGhywRqSm0zjYoFA4M14iBtwHT6LxriZ0M_vbrhao4mXlTJUouTA4rwm_ccj_4xzgQ1htvuVsCm3axKR__xgzmBXi8wc8z5-Bo6zoJfL-MCIECTULlxBLIMLMdGChDbhLZEoi5_Ob5XAwQuC5v7-95RJoeLx6ix2YINnmg1Q5uAtJJVHGHY29H35e6WxFP-Rbyfh9X1cxGM6P06Q0HETb3CPeXiBJGkiGwPkG15LrySJbSfLL8yzAszMTZ9wq6A_WOUwqxxCZohQhhbbbAXHzsAE52mungYzzbXsbuDtZMD8u3ZoqOdZuZaRdZd9TTV7aaz-dxZ3t4cytnz8Bs8TnM6X0EjnYPX1Ycj2qG_v3tAhDw9ksjmEUGplBAz-0SWfgYN_sm2KzNL_wfFu3qcOvWvRCoyzFigGRi4NCXx0W_NJurDK7yZftCa4v_6sOda141rY_pZRZ11aD2vcbFSVU1oH3C-wUScc8vEAZFhWOox-zQs7bQaKEL6IgbVSVrEzyElrpjMJQUVNvWKAjJCYXtxj_F_gfoipIPEmjT6XaJoiTbMMovtBH8Hmhl-Gq1Mv-SzEJDBxjdRJgdYV7fzaGS9Q8bv8kM9SBLwDDtOk35sDmBxf4QXrdiTA20oVafD2-8yzgyVP8VR3qG-TrRdrrBL9cTHJBMPGB2QWSeIi0VDEoMZq3UYss

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 19:29:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame 32F2 185 KB
53 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 286556
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 11:53:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 32F2 12 KB
5 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 286556
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 11:53:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 32F2 87 KB
27 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 286556
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 11:53:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 32F2 3 KB
1 KB 44ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 286556
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 11:53:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 32F2 40 KB
13 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 286556
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 11:53:33 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 32F2 3 KB
1016 B 44ms
30ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Mar 2021 19:27:34 GMT
server: ESF
date: Fri, 05 Mar 2021 19:29:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Mar 2021 19:29:29 GMT

GET
H3-Q050 404 downsize_200k_v1
tpc.googlesyndication.com/simgad/1201118857295390305/ Frame 32F2 43 B
113 B 37ms
36ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1201118857295390305/downsize_200k_v1?w=600&h=314

Requested by

Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:29 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 05 Mar 2021 19:29:29 GMT

GET
DATA 200
OK truncated
/ Frame 32F2 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 32F2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71c0f47e4c386ba80be63e2a4cfbdca39997adb32c7edf340973d029aae4d8b5

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 32F2 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Mar 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 39992
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 06 Mar 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 32F2 295 B
389 B 7ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 72278
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 05 Mar 2021 23:24:51 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 32F2 0
0 16ms
15ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEFBWTiuG4MarRE98kjF2UrHylo0Z6jMkN7o7z47qC4xykE4AVeSXtw4y6BOclnPl616Uo
Requested by: Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 32F2 0
0 84ms
83ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAZLCmYZCYKujCsLJ3gPY0aXADqrf9tth8fW22ZsNg-W03KoJEAEgnLHvbGDRgbmC0AegAen1kdQByAEJqQKx6DZNiH6FPuACAKgDAcgDCqoE2QFP0EZbYE_0dCByBqnQHvQMkqCjxYJxYwur2yPOgmVH4Xw1IhxIASa4j2NdllCn_XPtYioxkDzN493xhkgom15POMKekEXJKEUdWE-V85cEWYJVIKsSz1hdmV4DGTRpaoCe5VYpOKNiIpYmNgFkPBRdH4NeN1YujaswimwKG7Eelmn1gKM08Rztuj8vfyYMxtDrFj8k8woXvjzw5E7n-jtYthhXDX8z4mcQSDUxSWd1YSjBwxTVgOUF3JnUtvsjwkjlWAoCNq93DgR0ZRDIbPNch-sCUpr727EXwATnu_bhqwPgBAGSBQQIBBgBkgUECAUYBKAGLoAH_4nuqwKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQsZYN0ggJCIDhgFAQARgdgAoByAsB2BMNiBQBshcaChgIABIUcHViLTQwNjg3NzUwMTE5NjAzMjc&sigh=ajHm5dx4BvU&template_id=5000&tpd=AGWhJmt0Zw68Qu9Yah59oFjzTJZueAOfJEvJM8hCIIM7ve-hrg
Requested by: Host: whatsmyip.com
URL: https://whatsmyip.com/vpn-hide-ip/best-vpn-list
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 32F2 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://whatsmyip.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 15:30:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 446316
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 28 Feb 2022 15:30:53 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94Yt9CwZ-Pw.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 32F2 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94Yt9CwZ-Pw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c4e4e0b02318697c2eb4a16c05126c5113eea9f0a4a9a6cb40c8261bbd17ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://whatsmyip.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:26 GMT
server: sffe
age: 397801
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15456
x-xss-protection: 0
expires: Tue, 01 Mar 2022 04:59:28 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 32F2 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://whatsmyip.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 05:29:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 50375
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Sat, 05 Mar 2022 05:29:54 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Awp5MKg.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 32F2 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Awp5MKg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d190b33e3768d3d52e4ace23765ec377bbb939773376813d72cc22c298a59f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://whatsmyip.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 15:00:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:20 GMT
server: sffe
age: 16121
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15620
x-xss-protection: 0
expires: Sat, 05 Mar 2022 15:00:48 GMT

GET
H2 200 cookie
cm.adform.net/ 43 B
106 B 204ms
65ms Image
image/gif 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637505693687594695%26bid%3dc14360b0-ff2f-489e-b086-be36cd097dab%26lwuid%3deec984e5-08d7-4143-b81b-cd415b81b400%26buid%3d$UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:32 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 346ms
93ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lw-rubicon&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2

200

pl
lwadm.com/usermatch/
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637505693687594695%26bid%3d03485854-5ae2-43d5-8d5d-cfe9b12ac08c%26lwuid%3deec984e5-08d7-4143-b81b-cd415b81b400%26buid%3d$UID
https://lwadm.com/usermatch/pl?cb=637505693687594695&bid=03485854-5ae2-43d5-8d5d-cfe9b12ac08c&lwuid=eec984e5-08d7-4143-b81b-cd415b81b400&buid=1283482650941721451

70 B
478 B

80ms
80ms

Image
image/gif

52.28.94.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lwadm.com/usermatch/pl?cb=637505693687594695&bid=03485854-5ae2-43d5-8d5d-cfe9b12ac08c&lwuid=eec984e5-08d7-4143-b81b-cd415b81b400&buid=1283482650941721451
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.94.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-94-164.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:32 GMT
cache-control: no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 70
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 19:29:32 GMT
X-Proxy-Origin: 82.102.20.211; 82.102.20.211; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.43:80
AN-X-Request-Uuid: 2ffafaaa-2af6-4f08-99f0-d2dcc64d12d3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://lwadm.com/usermatch/pl?cb=637505693687594695&bid=03485854-5ae2-43d5-8d5d-cfe9b12ac08c&lwuid=eec984e5-08d7-4143-b81b-cd415b81b400&buid=1283482650941721451
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pl
lwadm.com/usermatch/
Redirect Chain

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&r=https%3a%2f%2flwadm.com%2fusermatch%2fpl%3fcb%3d637505693687594695%26bid%3d89db4e8f-e85b-4f4b-b7a2-65554038c76c%26lwuid%3deec984e5-08d7-41...
https://lwadm.com/usermatch/pl?cb=637505693687594695&bid=89db4e8f-e85b-4f4b-b7a2-65554038c76c&lwuid=eec984e5-08d7-4143-b81b-cd415b81b400&buid=f6ba6411-96a4-4c23-a13d-a378d69bc7e2

70 B
562 B

97ms
95ms

Image
image/gif

52.28.94.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lwadm.com/usermatch/pl?cb=637505693687594695&bid=89db4e8f-e85b-4f4b-b7a2-65554038c76c&lwuid=eec984e5-08d7-4143-b81b-cd415b81b400&buid=f6ba6411-96a4-4c23-a13d-a378d69bc7e2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.94.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-94-164.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://whatsmyip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:29:32 GMT
cache-control: no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 70
content-type: image/gif

Redirect headers

location: https://lwadm.com/usermatch/pl?cb=637505693687594695&bid=89db4e8f-e85b-4f4b-b7a2-65554038c76c&lwuid=eec984e5-08d7-4143-b81b-cd415b81b400&buid=f6ba6411-96a4-4c23-a13d-a378d69bc7e2
date: Fri, 05 Mar 2021 19:29:32 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			whatsmyip.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1cgemo52001fl2j44j8lnbl8b2
			.whatsmyip.com/	1970-01-19 17:19:24	Name: __cfduid Value: d324092f9209b02b108c7c0b3bc76a6a61614972567

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://whatsmyip.com/vpn-hide-ip/best-vpn-list

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.holid.io
adservice.google.com
adservice.google.dk
adx.adform.net
ajax.cloudflare.com
c6e81f0b13178b4b9c91ed3406273094.safeframe.googlesyndication.com
cdn.ampproject.org
cm.adform.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go.nordvpn.net
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
lwadm.com
nordvpn.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
visit.nordvpn.com
whatsmyip.com
www.google-analytics.com
www.google.com
104.17.49.74
142.250.186.34
23.37.38.181
2606:4700:3036::ac43:cded
2606:4700:3036::ac43:d25b
2606:4700::6810:a723
2a00:1450:4001:800::2004
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:809::200a
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:400c:c0c::9c
37.157.4.28
37.157.6.246
37.252.173.38
52.210.134.198
52.28.94.164
52.57.77.12
54.93.115.47
69.173.144.138
69.173.144.141
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
26617c707ca12f2bc4c5701c44a2bbdb313d2e16febdc2f8ebc1f453d2bb7489
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3402eadb275b3b27d01d9f9b6f714eec2e918732ba2e2916706d940b4bdc7e74
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3f389305bf102c24c64d10502d9b7b1eeb35530efdb4542f698a286bee607f5a
3f689de81ed8a11c11c2332212550b74f27d8be6fa27bdcba19f212111260a84
40b663b6c46dc00dcddf46d5dd0892c9f7c8ede4fc5f329ddcad0268d0f26f9b
43c7c867fcc0c3e4fdb39901d5878ebca8be9024e884a3c593fbf6d8aacf75d2
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4c7936bd6a8c681dfb15ae9db3f4786b8ab1af318f59364d053b81016279c7c7
5418841b44007506a8b93686a94687a37d889b698f42099d6bf0b43b294ca69f
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5c6229c0156a603ff4d6041c68beafafd13e8c8563c10e05e284d6d1639994e1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
710d24afcf8961b84dec5eeb209c857d3ace6c60be8b3e758b9103be2fe2a816
71c0f47e4c386ba80be63e2a4cfbdca39997adb32c7edf340973d029aae4d8b5
7c4e4e0b02318697c2eb4a16c05126c5113eea9f0a4a9a6cb40c8261bbd17ec1
7f493aaf3c56670386a60b8ffc29e4fc2f75bddfa1b40d23f154f58f7cccfd7f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
85a32ee73851c59ae18c33766427e1f3cb060571cf5bfca7453f2ec591892645
8fc194331561a1b1f7db9c7b05425c393dc976bd5cfacf84b8676593cf7a5f3c
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
a0fc86dca1c5356bec93f51727e5da4f609e4d16fc4ed5e6f80e4222f59a25a6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b103d49a53b74cd6180accdc126b2603ae8e3fb1549950585ef705f5a9c93900
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5bdcf97bd9c6be5bc44c0ec02a1d65d11a4b2b423a6ac5654faaf5334d97714
ba01158fc2ae7c9024ec1d13f872c453a81aee7c53de3eb6a2cd6f8d0bd572c3
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
ca27c1cca6a33c8404431fad1f2fbb9a26bef858bc1a4a9fe17f80cd3176c6bd
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d190b33e3768d3d52e4ace23765ec377bbb939773376813d72cc22c298a59f3c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98372d003d6d4d09dce544380b1ab7f98d55878b789b1cdbecefbcefd7240f6
f159ff2f8983eeeb15ebe11bf3167cbe179759b591c84162adfdb425cb965005
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f654f80ccb2d93eaac33c4923fa2fd769555c13dbd69b2d2c9dc9d5b6c87f9bf

whatsmyip.com Open in urlscan Pro 2606:4700:3036::ac43:d25b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

56 Requests

100 %HTTPS

57 %IPv6

19 Domains

27 Subdomains

27 IPs

5 Countries

630 kBTransfer

1536 kBSize

2 Cookies

0 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

whatsmyip.com Open in urlscan Pro
2606:4700:3036::ac43:d25b Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

100 %
HTTPS

57 %
IPv6

19
Domains

27
Subdomains

27
IPs

5
Countries

630 kB
Transfer

1536 kB
Size

2
Cookies

56 HTTP transactions
2 data transactions