Domain > whatismyip.org

More information on this domain is in AlienVault OTX

Files that talk to whatismyip.org

MD5	A/V
e5d1ae613344e0f722716276dd71f4a1	[Win32/Sality] [Virus*Win32/Sality.G] [W32.Sality.N] [Spam-Mailbot] [W32/Sality.L]
f441285ea7c7eeda9ba73fb25abcf6b3	[Win32/Sality] [Virus*Win32/Sality.G] [W32.Sality.N] [Spam-Mailbot] [W32/Sality.L]
230376b46676460a161320f2ff8f80b1	[Win32/Sality] [Virus*Win32/Sality.G] [W32.Sality.N] [Spam-Mailbot] [W32/Sality.L]
1d5170906d3832f2a9c4425481ec5e23	[Win32/Sality] [Virus*Win32/Sality.G] [W32.Sality.N] [Spam-Mailbot] [W32/Sality.L]
53c4638175e0780050d504b883959da3	[Win32/Sality] [Virus*Win32/Sality.G] [W32.Sality.N] [Spam-Mailbot] [W32/Sality.L]
848b5ecc9b8c1c81158386c63678d2c2	[Win32/Sality] [Virus*Win32/Sality.G] [W32.Sality.N] [Spam-Mailbot] [W32/Sality.L]
a0362b3f39a0bad81291c8a404bdf5c4	[Win32/Sality] [Virus*Win32/Sality.G] [W32.Sality.N] [Spam-Mailbot] [W32/Sality.L]
bff401be5f402b2419c926b99a3c41f2	[Win32/Sality] [Virus*Win32/Sality.G] [W32.Sality.N] [Spam-Mailbot] [W32/Sality.L]
78a5c62dd271d0cd05bfcececc4e0863	[Win32/Sality] [Virus*Win32/Sality.G] [W32.Sality.N] [Spam-Mailbot] [W32/Sality.L]
e6d25ad8772b9689da0a38351b29e293	[Win32/Sality] [Virus*Win32/Sality.G] [W32.Sality.N] [Spam-Mailbot] [W32/Sality.L]
6fdb50b6826fa08c5aa79cfe24c95871	[Win32/Sality] [Virus*Win32/Sality.G] [W32.Sality.N] [Spam-Mailbot] [W32/Sality.L]
bed78017cb4ebf63cb74124e6872f401	[Win32/Sality] [Virus*Win32/Sality.G] [W32.Sality.N] [Spam-Mailbot] [W32/Sality.L]
7cea41e60ef9b96aa24d2c380dc1d853	[Win32/Sality] [Virus*Win32/Sality.G] [W32.Sality.N] [Spam-Mailbot] [W32/Sality.L]
754ba406b82571b8c7e7ddb084c95781	[Win32/Sality] [Virus*Win32/Sality.G] [W32.Sality.N] [Spam-Mailbot] [W32/Sality.L]
714e612d4790556cc19e9157e09b5b5a	[Net-Worm.Win32.Conficker.1!O] [Worm.Conficker.Win32.755] [W32/Kido.ih] [Trojan.Win32.Kido.bskusr] [Trojan.Linkoptimizer] [Win32/Conficker.AE] [WORM_DOWNAD.AD] [Worm.Downadup-92] [Net-Worm.Win32.Kido.ih] [Worm.Kido!agL7CyixXuM] [Worm.Win32.Conficker.168299[h]] [Mal/Conficker-A] [NetWorm.Win32.Kido.A] [Win32.HLLW.Shadow.based] [WORM_DOWNAD.AD] [BehavesLike.Win32.Conficker.cc] [Worm/Kido.rx] [W32/Kido.IH!tr] [Worm[Net]/Win32.Kido] [Worm.Kido.ih.(kcloud)] [Worm:Win32/Conficker.B] [W32/Conficker.worm] [Worm.Win32.kido.92] [I-Worm.Conficker.AE] [PE:Worm.Kido!1.9961[F1]] [Net-Worm.Win32.Kido] [W32/Conficker.C.worm]
2e8da5a55865a091864a4338ef4d2e44	[W32.AcpdiskDM.Trojan] [Worm/W32.Kido.167403.B] [Worm.Conficker] [NetWorm] [W32/Kido.ih] [W32/Malware!f71d] [W32.Downadup] [Conficker.HQ] [Win32/Conficker] [TROJ_SPNR.21I213] [Worm.Kido-182] [Net-Worm.Win32.Kido.ih] [Worm.Kido.KB] [Worm.Win32.Conficker.159140] [Mal/Conficker-A] [NetWorm.Win32.Kido.A] [Win32.HLLW.Shadow] [Worm/Conficker.Y.16] [Worm/Kido.p] [Worm.Kido.ih.(kcloud)] [Worm:Win32/Conficker.C] [Win32/Kido.worm.164980] [W32/Risk.RQSF-6984] [Worm.Win32.kido.123] [Win32/Conficker.AL] [Worm.Win32.Conficker] [W32/Kido.DH!worm.im] [W32/Conficker.C.worm] [Trojan.Win32.Shadow.cofebg] [Worm.Kido.Win32.893] [TROJ_WC.F0BEE05DB14] [Worm[Net]/Win3]
1d8baad83611808466995d4d4fc96fc4	[Net-Worm.Win32.Conficker.1!O] [Win32.Worm.Conficker.n] [Trojan.Linkoptimizer] [Win32/Conficker] [WORM_DOWNAD.AD] [Win.Worm.Downadup-86] [Net-Worm.Win32.Kido.ih] [Trojan.Win32.Kido.bxrxb] [NetWorm.Win32.Kido.A] [Win32.HLLW.Shadow.based] [Worm.Conficker.Win32.248] [WORM_DOWNAD.AD] [BehavesLike.Win32.Conficker.cc] [Mal/Conficker-A] [Worm/Kido.jy] [WORM/Conficker.Z.43] [Worm[Net]/Win32.Kido.ih] [Worm:Win32/Conficker.B] [Worm.Win32.kido.89] [I-Worm.Conficker.BL] [Win32/Conficker.BL] [Worm.Kido!1.9961] [Worm.Kido!I/JHngsliUI] [Worm.Win32.Conficker] [W32/Kido.IH!tr] [W32/Conficker.C.worm]
3aff8601a8a6fc1dccb836ae3e971e3e	[W32.ConfickerMT10C.Worm] [Worm/W32.Kido.158967] [W32/Conficker.worm] [Worm.Conficker] [W32/Kido.be] [Worm.Kido.ZQ] [W32/Malware!f3a2] [W32.Downadup.B] [Smalltroj.KBTU] [WORM_DOWNAD.FN] [Trojan.Win32.Kido.mgfri] [Worm.Win32.Conficker.158967] [Mal/Conficker-A] [NetWorm.Win32.Kido.A] [Win32.HLLW.Shadow.based] [Worm.Kido.Win32.13] [Worm/Conficker.B.2] [Worm[Net]/Win32.Kido] [Worm.Kido.df.(kcloud)] [Worm:Win32/Conficker.B] [Win32/Conficker.worm.158967] [W32/Risk.IBIF-0032] [Worm.Win32.kido.106] [Trj/WLT.A] [Win32/Conficker.X] [W32/Conficker!worm] [Worm/Downadup] [Win32/RootKit.Rootkit.7e5]
22d8946916e8358cbb46bd53e476b7f2	[W32.ConfickerJE.Worm] [Worm/W32.Kido.162941] [Worm.Conficker] [Trojan.Win32.Kido.qvtob] [W32/Malware!bdcb] [W32.Downadup.B] [Conficker.GO] [Win32/Tnega.AHPK] [WORM_DOWNAD.AD] [Worm.Kido-143] [Net-Worm.Win32.Kido.ih] [Worm.Kido.KC] [Worm.Win32.Conficker.121996] [Mal/Conficker-A] [NetWorm.Win32.Kido.A] [Win32.HLLW.Shadow.based] [Worm.Conficker.Win32.415] [Worm/Conficker.Z.15] [I-Worm/Kido.d] [Worm.Kido.ih.(kcloud)] [Worm:Win32/Conficker.B] [W32/Risk.ATKB-3443] [Win32/Kido.worm.162941] [Worm.Win32.kido.90] [W32/Conficker.C.worm] [Win32/Conficker.AA] [Worm.Win32.Conficker] [W32/Conficker.A!worm] [Worm/Downadup] [Worm.Win32.Kido]
5fefe9e015c70b2ef616c6c94a1e8b1f	[W32.ConfickerDAP.Worm] [Worm/W32.Kido.162854] [Net-Worm.Win32.Conficker.1!O] [Worm.Conficker.B.cw3] [Worm.Conficker] [Worm.Kido.Win32.51] [W32/Kido.ih] [Trojan.Win32.Kido.qvugv] [W32.Downadup.B] [Conficker.FA] [Win32/Tnega.ANGQ] [Trojan.Dropper-18535] [Trojan-Spy.Win32.Small.pfc] [Worm.Kido!g5lR3gm5ff4] [Worm.Win32.Conficker.162854] [Trojan.Conficker/Variant] [Mal/Conficker-A] [NetWorm.Win32.Kido.A] [Win32.HLLW.Shadow.based] [Worm/Conficker.B.47] [WORM_DOWNAD.AD] [Worm:Win32/Conficker.B] [Worm/Win32.Conficker] [Worm.Win32.kido.108] [PE:Trojan.PSW.Win32.Sorfom.k!1075303283] [Worm.Win32.Conficker] [W32/Conficker.A!worm] [Worm/Downadup] [W32/Conficker.B.worm] [Win32/Trojan.Sp]

Whois

Property	Value
Name	Whois Agent
Organization	Whois Privacy Protection Service, Inc.
Email	kyhglqbc@whoisprivacyprotect.com
Address	PO Box 639
Zip Code	98083
City	Kirkland
State	Washington
Country	US
Phone	+1.4252740657
Fax	+1.4259744730
NameServer	ns2.linode.com
Created	2002-11-18 20:13:03
Changed	2015-02-15 17:13:45
Expires	2015-11-18 20:13:03
Registrar	GoDaddy.com, LLC (R9

DNS Resolutions

Date	IP Address
2010-06-04	98.207.226.113 (ClassC)
2012-03-30	98.207.221.49 (ClassC)
2013-05-24	54.243.247.173 (ClassC)
2014-03-01	54.235.146.190 (ClassC)
2014-03-02	54.235.146.225 (ClassC)
2014-03-02	54.235.146.225 (ClassC)
2014-03-02	54.235.146.190 (ClassC)
2023-12-26	104.21.30.24 (ClassC)
2024-07-24	104.21.50.151 (ClassC)
2024-12-24	172.67.163.238 (ClassC)
2025-01-09	104.21.16.1 (ClassC)
2025-03-18	104.21.96.1 (ClassC)
2025-03-28	104.21.112.1 (ClassC)
2025-03-31	104.21.80.1 (ClassC)

HTTP/1.1 403 ForbiddenDate: Sun, 27 Aug 2023 13:26:29 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: closeCross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-P

!DOCTYPE html>html langen-US>head>title>Just a moment.../title>meta http-equivContent-Type contenttext/html; charsetUTF-8>meta http-equivX-UA-Compatible contentIEEdge>meta namerobots contentnoindex,nofollow>meta nameviewport contentwidthdevice-width,initial-scale1>link href/cdn-cgi/styles/challenges.css relstylesheet>/head>body classno-js>div classmain-wrapper rolemain>div classmain-content>noscript>div idchallenge-error-title>div classh2>span classicon-wrapper>div classheading-icon warning-icon>/div>/span>span idchallenge-error-text>Enable JavaScript and cookies to continue/span>/div>/div>/noscript>/div>/div>script>(function(){window._cf_chl_opt{cvId: 2,cZone: whatismyip.org,cType: managed,cNounce: 58916,cRay: 7fd4a5809b5a0943,cHash: ddcf002b7a83cfa,cUPMDTk: /?__cf_chl_tkKeHqTSVigFaypPMCnK6_6vNTqP_MujRxHiM.0Si8u8M-1693142789-0-gaNycGzNCJA,cFPWv: g,cTTimeMs: 1000,cMTimeMs: 0,cTplV: 5,cTplB: cf,cK: ,fa: /?__cf_chl_f_tkKeHqTSVigFaypPMCnK6_6vNTqP_MujRxHiM.0Si8u8M-1693142789-0-gaNycGzNCJA,md: gNGSzkiF.2nPpvzJD0wS5Z0npPjeTr_MSd3mRjUySPg-1693142789-0-AVVlhTECTaYRfVIBGOX6FPMXELrBM0UdSONS6v_v38618XqjqCooPqp4XiKagTQAJnciqif9zujNB2VFlKeQ-R7WEpaRtCT4y5ee-mhbdw-g_EIAsaGBrTCq6-RUWWh_vyjoNMyXMgH8qzapb88mMAfttawbKvW0fD8Dy4Dn4Ns5VT6Z94E2LQ_vO02_CEj35PAg6N_GU9n6dY6tdn1l09XGvMibQuVQsvAEk8o22bjwj90qrAelLoUHkKdG5UD8-CyJpy6TJAWareCK1_mJZ30X3N3sR53bF3tcjB81yFlZz5HVkkoGFzkjX0vMT2ydQFWPG11tb8luQvm4oZ_vxH_xZq8Z0ZZ5aNCk0QzvBk0Pf7bwt25ZBnw975mdfldonErtQmgGzxZ4eG5x2EKeNPQxPfBJxukeLSVybuu1JC-38ri-asY7kgQOiZwa9fec-uiFVaHh8IphgsjFUmF8FEVOhhbo1KCjz_LrByHQxvaoczNxVduLqF8ieu9d6fsG2F-KNJ4BqN8EH0qJHadmD5dkhdDDsZbEltVmYkwsn5m2gII_ag-eSzDPxNUFKHW2SIWd01tnHMFBkjYWRUM2zfjcd7CAD2mY0NVHbv-Gnn7tAED0uJGR9jc4FxBi_BWbCT7skU_jmd9XV1VlHq7_Gle0sqGzm9QWiYG2Su5NV29Ia1nQ484O2djg_GiVbrUDaQ3h2VWEpY9WDoQqB-KSp1b6guPNQX8USk3c4LHWf8nG1NiBdEJI6TKaDq3WQLEl8d-TjcRMJoGFBTCSFDPtXS7OGKoddRrNhMM6W3OEPxSa3ErRJHt17fkPG2tR8kZnqgv29xBOXK_cWehPCQeTMmz4XNWqNCTM00tfVwmaQSBT8ULvCoGgNSoQmg7w-MJKx3F4gHl5yehSxgngGUA-Qjp8sW72Neb4336GGezh8lA-mo_O26i6NJ9q07sOlnJU-H_LM40lq_fU5tJ6BQksu4Nqjql

Subdomains

Date	Domain	IP
cdn.whatismyip.org	2014-03-02	54.230.89.50
www.whatismyip.org	2014-06-12	173.255.234.19

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > whatismyip.org

Is this malicious?

Files that talk to whatismyip.org

Whois

DNS Resolutions

Port 443

Subdomains