urlscan.io logo urlscan.io
SecurityTrails logo

blogwhirlpool.net Open in urlscan Pro
185.196.8.122  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://blogwhirlpool.net/
Effective URL: http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
Submission: On September 07 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 34 HTTP transactions. The main IP is 185.196.8.122, located in Switzerland and belongs to SIMPLECARRER2, IT. The main domain is blogwhirlpool.net.
This is the only time blogwhirlpool.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

2    185.196.8.122 (Switzerland)

ASN34888 (SIMPLECARRER2, IT)
PTR: cphost20.qhoster.net
blogwhirlpool.net
4    104.22.64.113 (United States)

ASN13335 (CLOUDFLARENET, US)
forums.whirlpool.net.au
4    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
2    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
6    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pagead2.googlesyndication.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com blogwhirlpool.net
pagead2.googlesyndication.com
4 forums.whirlpool.net.au blogwhirlpool.net
forums.whirlpool.net.au
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com blogwhirlpool.net
2 blogwhirlpool.net
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
34 9

This site contains links to these domains. Also see Links.

Domain
forums.whirlpool.net.au
whirlpool.net.au
bc.whirlpool.net.au
www.bulletproof.net.au
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-30 -
2021-07-30		 a year crt.sh
*.google.de
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
Frame ID: 2802138E686DD522FFCB781E922F42C4
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200831/r20190131/zrt_lookup.html
Frame ID: 913AE82797D2FDA3788B2C2183DE2AEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2360152809826010&output=html&h=280&slotname=8848646413&adk=3946844071&adf=540199910&w=1000&fwrn=4&fwrnh=100&lmt=1599141526&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&channel=5571972505%2B4240364611%2B4224412214%2B3428730015%2B1919656811&format=1000x280&url=http%3A%2F%2Fblogwhirlpool.net%2Fforums.whirlpool%2Farchive%2FeAutoExotic%2520Traders-general-discussion-thread332-YY54.html&region=main&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1599519172023&bpp=16&bdt=2017&idt=140&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8624155545344&frm=20&pv=2&ga_vid=258363299.1599519172&ga_sid=1599519172&ga_hid=22528683&ga_fc=0&iag=0&icsg=2210&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=403&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1883457214516631&pem=691&ref=http%3A%2F%2Fblogwhirlpool.net%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ytrCiTAnQK&p=http%3A//blogwhirlpool.net&dtd=157
Frame ID: 85F5133D7662645D8B8628CB469869EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2360152809826010&output=html&h=280&slotname=8848646413&adk=3946844071&adf=4051576890&w=1000&fwrn=4&fwrnh=100&lmt=1599141526&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&channel=5571972505%2B6472394737%2B4224412214%2B3428730015%2B1919656811&format=1000x280&url=http%3A%2F%2Fblogwhirlpool.net%2Fforums.whirlpool%2Farchive%2FeAutoExotic%2520Traders-general-discussion-thread332-YY54.html&region=main&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1599519172039&bpp=4&bdt=2033&idt=153&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=8624155545344&pv_ch=5571972505%2B4224412214%2B3428730015%2B1919656811%2B&frm=20&pv=1&ga_vid=258363299.1599519172&ga_sid=1599519172&ga_hid=22528683&ga_fc=0&iag=0&icsg=10402&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=403&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1883457214516631&pem=691&ref=http%3A%2F%2Fblogwhirlpool.net%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JhQTlV4rXF&p=http%3A//blogwhirlpool.net&dtd=157
Frame ID: 274FA01736F9BABCCB5D488074F7D9EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2360152809826010&output=html&h=280&slotname=8848646413&adk=3946844071&adf=3053199787&w=1000&fwrn=4&fwrnh=100&lmt=1599141526&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&channel=5571972505%2B6005358010%2B4224412214%2B3428730015%2B1919656811&format=1000x280&url=http%3A%2F%2Fblogwhirlpool.net%2Fforums.whirlpool%2Farchive%2FeAutoExotic%2520Traders-general-discussion-thread332-YY54.html&region=main&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1599519172057&bpp=1&bdt=2051&idt=159&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280%2C1000x280&correlator=8624155545344&pv_ch=5571972505%2B4224412214%2B3428730015%2B1919656811%2B&frm=20&pv=1&ga_vid=258363299.1599519172&ga_sid=1599519172&ga_hid=22528683&ga_fc=1&iag=0&icsg=10402&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=403&ady=4217&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1883457214516631&pem=691&ref=http%3A%2F%2Fblogwhirlpool.net%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bOOhAzXOJA&p=http%3A//blogwhirlpool.net&dtd=163
Frame ID: 70B231738DBB407636CDDD16F5963831
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2360152809826010&output=html&adk=1812271804&adf=3025194257&lmt=1599141526&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fblogwhirlpool.net%2Fforums.whirlpool%2Farchive%2FeAutoExotic%2520Traders-general-discussion-thread332-YY54.html&ea=0&region=main&flash=0&pra=7&wgl=1&adsid=NT&dt=1599519172139&bpp=1&bdt=2133&idt=87&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280%2C1000x280%2C1000x280&nras=1&correlator=8624155545344&frm=20&pv=1&ga_vid=258363299.1599519172&ga_sid=1599519172&ga_hid=22528683&ga_fc=1&iag=0&icsg=10402&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1883457214516631&pem=691&ref=http%3A%2F%2Fblogwhirlpool.net%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=95
Frame ID: 8977A72D5C51E56D99A458EA49BE5CAB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 8CE77CBED49E234B4BF1384EE4316C83
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://blogwhirlpool.net/ Page URL
  2. http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

34
Requests

56 %
HTTPS

71 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

339 kB
Transfer

827 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://blogwhirlpool.net/ Page URL
  2. http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://forums.whirlpool.net.au/skin/style.css?4630 HTTP 307
  • https://forums.whirlpool.net.au/skin/style.css?4630
Request Chain 2
  • http://forums.whirlpool.net.au/skin/script.js?4630 HTTP 307
  • https://forums.whirlpool.net.au/skin/script.js?4630
Request Chain 15
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 19
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1046237449&utmhn=blogwhirlpool.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Has%20anyone%20purchased%20from%20eAutoExotic%20Traders%20%3F&utmhid=22528683&utmr=0&utmp=%2Fforums.whirlpool%2Farchive%2FeAutoExotic%252520Traders-general-discussion-thread332-YY54.html&utmht=1599519172209&utmac=UA-55820-1&utmcc=__utma%3D157492329.258363299.1599519172.1599519172.1599519172.1%3B%2B__utmz%3D157492329.1599519172.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=10220336&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1046237449&utmhn=blogwhirlpool.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Has%20anyone%20purchased%20from%20eAutoExotic%20Traders%20%3F&utmhid=22528683&utmr=0&utmp=%2Fforums.whirlpool%2Farchive%2FeAutoExotic%252520Traders-general-discussion-thread332-YY54.html&utmht=1599519172209&utmac=UA-55820-1&utmcc=__utma%3D157492329.258363299.1599519172.1599519172.1599519172.1%3B%2B__utmz%3D157492329.1599519172.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=10220336&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
blogwhirlpool.net/ 		213 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
http://blogwhirlpool.net/
Protocol
HTTP/1.1
Server
185.196.8.122 , Switzerland, ASN34888 (SIMPLECARRER2, IT),
Reverse DNS
cphost20.qhoster.net
Software
Apache /
Resource Hash
f7aa30d2eaa039a41e9c0bbcd84e188424e5530a57ce68970a4231976257f388

Request headers

Host
blogwhirlpool.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Sep 2020 22:52:50 GMT
Server
Apache
Last-Modified
Thu, 03 Sep 2020 13:58:26 GMT
Accept-Ranges
bytes
Content-Length
213
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html
Primary Request eAutoExotic%20Traders-general-discussion-thread332-YY54.html
blogwhirlpool.net/forums.whirlpool/archive/ 		81 KB
81 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
Protocol
HTTP/1.1
Server
185.196.8.122 , Switzerland, ASN34888 (SIMPLECARRER2, IT),
Reverse DNS
cphost20.qhoster.net
Software
Apache /
Resource Hash
2fe63ad9373042cd24ae627d7c33213af2c5ce80d5104ce48db542333d0edee8

Request headers

Host
blogwhirlpool.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://blogwhirlpool.net/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://blogwhirlpool.net/

Response headers

Date
Mon, 07 Sep 2020 22:52:50 GMT
Server
Apache
Last-Modified
Thu, 03 Sep 2020 13:58:46 GMT
Accept-Ranges
bytes
Content-Length
83113
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html
style.css
forums.whirlpool.net.au/skin/
Redirect Chain
  • http://forums.whirlpool.net.au/skin/style.css?4630
  • https://forums.whirlpool.net.au/skin/style.css?4630
106 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forums.whirlpool.net.au/skin/style.css?4630
Requested by
Host: blogwhirlpool.net
URL: http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.64.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e55829177b4a213582af987f8760382121c136a18ad37b5e3e89c7f380228389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 22:52:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
050c5eb60e0000fc9d2b8a1200000001
last-modified
Fri, 04 Sep 2020 01:08:50 GMT
server
cloudflare
etag
W/"108658-1599181730292"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
vary
accept-encoding
cache-control
max-age=691200
cf-ray
5cf4009ce9cafc9d-VIE
expires
Thu, 10 Sep 2020 22:52:51 GMT

Redirect headers

Location
https://forums.whirlpool.net.au/skin/style.css?4630
Non-Authoritative-Reason
HSTS
script.js
forums.whirlpool.net.au/skin/
Redirect Chain
  • http://forums.whirlpool.net.au/skin/script.js?4630
  • https://forums.whirlpool.net.au/skin/script.js?4630
132 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.whirlpool.net.au/skin/script.js?4630
Requested by
Host: blogwhirlpool.net
URL: http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.64.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9f3fe2d64e72327ee19769f8a71b88be6dad43a16d54ee56943d8fb0ba1591d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 22:52:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
050c5eb60e0000fc9d2b8a2200000001
last-modified
Fri, 04 Sep 2020 01:08:19 GMT
server
cloudflare
etag
W/"134773-1599181699223"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
vary
accept-encoding
cache-control
max-age=691200
cf-ray
5cf4009ce9ccfc9d-VIE
expires
Thu, 10 Sep 2020 22:52:51 GMT

Redirect headers

Location
https://forums.whirlpool.net.au/skin/script.js?4630
Non-Authoritative-Reason
HSTS
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		127 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: blogwhirlpool.net
URL: http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6171718c1c9b29b11db5884f25477cbd78bb0921aae51a610bbd4fda1dbb7399
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 07 Sep 2020 22:52:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
9876772588155102676
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
44926
X-XSS-Protection
0
Expires
Mon, 07 Sep 2020 22:52:51 GMT
whirlpool-2015-header.svg
forums.whirlpool.net.au/skin/image/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forums.whirlpool.net.au/skin/image/whirlpool-2015-header.svg
Requested by
Host: forums.whirlpool.net.au
URL: https://forums.whirlpool.net.au/skin/style.css?4630
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.64.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d297077bc69ac6d0518aa1e10f9f7dd72db4dcce0b24b200cee7ff2c6201138d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://forums.whirlpool.net.au/skin/style.css?4630
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 22:52:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
050c5ebd5f0000fc9d2b8b2200000001
last-modified
Fri, 04 Sep 2020 01:08:19 GMT
server
cloudflare
etag
W/"6968-1599181699219"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
max-age=691200
cf-ray
5cf400a89b28fc9d-VIE
expires
Thu, 10 Sep 2020 22:52:52 GMT
truncated
/ 		671 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bba5708b5f78afd251d0700f717ae47228cc2b0fc391656f5fd04dd72db58135

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
slabo27px-108.woff2
forums.whirlpool.net.au/skin/font/slabo27/ 		0
0
OpenSans-Regular-r1.woff2
forums.whirlpool.net.au/skin/font/opensans-r1/ 		0
0
OpenSans-Semibold-r1.woff2
forums.whirlpool.net.au/skin/font/opensans-r1/ 		0
0
OpenSans-Bold-r1.woff2
forums.whirlpool.net.au/skin/font/opensans-r1/ 		0
0
integrator.js
adservice.google.de/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=blogwhirlpool.net
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Sep 2020 22:52:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=blogwhirlpool.net
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Sep 2020 22:52:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/ 		228 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab1bc0fc9d97fbc0dbeb5170601f9e3ec9d35545f900f174bfe9390ac009f6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 22:52:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
87707
x-xss-protection
0
server
cafe
etag
3465727129889255062
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Sep 2020 22:52:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200831/r20190131/ Frame 913A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200831/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200831/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 07 Sep 2020 09:04:54 GMT
expires
Mon, 21 Sep 2020 09:04:54 GMT
content-type
text/html; charset=UTF-8
etag
9704104221650600920
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4744
x-xss-protection
0
age
49678
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
whirlpool-2015-footer.svg
forums.whirlpool.net.au/skin/image/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forums.whirlpool.net.au/skin/image/whirlpool-2015-footer.svg
Requested by
Host: forums.whirlpool.net.au
URL: https://forums.whirlpool.net.au/skin/style.css?4630
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.64.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbec898258b5ff1fe0d92e23c57df5d07acec4f648bc9ca5e3d007a7fefa5c24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://forums.whirlpool.net.au/skin/style.css?4630
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 22:52:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
050c5ebe0c0000fc9d2b8b7200000001
last-modified
Fri, 04 Sep 2020 01:08:50 GMT
server
cloudflare
etag
W/"5723-1599181730284"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
max-age=691200
cf-ray
5cf400a9abf5fc9d-VIE
expires
Thu, 10 Sep 2020 22:52:53 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: blogwhirlpool.net
URL: http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 20:46:40 GMT
server
Golfe2
age
6262
date
Mon, 07 Sep 2020 21:08:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 07 Sep 2020 23:08:30 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
ads
googleads.g.doubleclick.net/pagead/ Frame 85F5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2360152809826010&output=html&h=280&slotname=8848646413&adk=3946844071&adf=540199910&w=1000&fwrn=4&fwrnh=100&lmt=1599141526&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&channel=5571972505%2B4240364611%2B4224412214%2B3428730015%2B1919656811&format=1000x280&url=http%3A%2F%2Fblogwhirlpool.net%2Fforums.whirlpool%2Farchive%2FeAutoExotic%2520Traders-general-discussion-thread332-YY54.html&region=main&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1599519172023&bpp=16&bdt=2017&idt=140&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8624155545344&frm=20&pv=2&ga_vid=258363299.1599519172&ga_sid=1599519172&ga_hid=22528683&ga_fc=0&iag=0&icsg=2210&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=403&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1883457214516631&pem=691&ref=http%3A%2F%2Fblogwhirlpool.net%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ytrCiTAnQK&p=http%3A//blogwhirlpool.net&dtd=157
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2360152809826010&output=html&h=280&slotname=8848646413&adk=3946844071&adf=540199910&w=1000&fwrn=4&fwrnh=100&lmt=1599141526&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&channel=5571972505%2B4240364611%2B4224412214%2B3428730015%2B1919656811&format=1000x280&url=http%3A%2F%2Fblogwhirlpool.net%2Fforums.whirlpool%2Farchive%2FeAutoExotic%2520Traders-general-discussion-thread332-YY54.html&region=main&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1599519172023&bpp=16&bdt=2017&idt=140&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8624155545344&frm=20&pv=2&ga_vid=258363299.1599519172&ga_sid=1599519172&ga_hid=22528683&ga_fc=0&iag=0&icsg=2210&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=403&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1883457214516631&pem=691&ref=http%3A%2F%2Fblogwhirlpool.net%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ytrCiTAnQK&p=http%3A//blogwhirlpool.net&dtd=157
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 07 Sep 2020 22:52:52 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 07-Sep-2020 23:07:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
330798625ce3468cc078ba28574ec8651fd742c9f70673c29333f9a9683a2a21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 22:52:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1599152861011880"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27492
x-xss-protection
0
expires
Mon, 07 Sep 2020 22:52:52 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 274F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2360152809826010&output=html&h=280&slotname=8848646413&adk=3946844071&adf=4051576890&w=1000&fwrn=4&fwrnh=100&lmt=1599141526&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&channel=5571972505%2B6472394737%2B4224412214%2B3428730015%2B1919656811&format=1000x280&url=http%3A%2F%2Fblogwhirlpool.net%2Fforums.whirlpool%2Farchive%2FeAutoExotic%2520Traders-general-discussion-thread332-YY54.html&region=main&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1599519172039&bpp=4&bdt=2033&idt=153&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=8624155545344&pv_ch=5571972505%2B4224412214%2B3428730015%2B1919656811%2B&frm=20&pv=1&ga_vid=258363299.1599519172&ga_sid=1599519172&ga_hid=22528683&ga_fc=0&iag=0&icsg=10402&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=403&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1883457214516631&pem=691&ref=http%3A%2F%2Fblogwhirlpool.net%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JhQTlV4rXF&p=http%3A//blogwhirlpool.net&dtd=157
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2360152809826010&output=html&h=280&slotname=8848646413&adk=3946844071&adf=4051576890&w=1000&fwrn=4&fwrnh=100&lmt=1599141526&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&channel=5571972505%2B6472394737%2B4224412214%2B3428730015%2B1919656811&format=1000x280&url=http%3A%2F%2Fblogwhirlpool.net%2Fforums.whirlpool%2Farchive%2FeAutoExotic%2520Traders-general-discussion-thread332-YY54.html&region=main&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1599519172039&bpp=4&bdt=2033&idt=153&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=8624155545344&pv_ch=5571972505%2B4224412214%2B3428730015%2B1919656811%2B&frm=20&pv=1&ga_vid=258363299.1599519172&ga_sid=1599519172&ga_hid=22528683&ga_fc=0&iag=0&icsg=10402&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=403&ady=1415&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1883457214516631&pem=691&ref=http%3A%2F%2Fblogwhirlpool.net%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JhQTlV4rXF&p=http%3A//blogwhirlpool.net&dtd=157
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 07 Sep 2020 22:52:52 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 07-Sep-2020 23:07:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1046237449&utmhn=blogwhirlpool.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Has...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1046237449&utmhn=blogwhirlpool.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ha...
35 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1046237449&utmhn=blogwhirlpool.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Has%20anyone%20purchased%20from%20eAutoExotic%20Traders%20%3F&utmhid=22528683&utmr=0&utmp=%2Fforums.whirlpool%2Farchive%2FeAutoExotic%252520Traders-general-discussion-thread332-YY54.html&utmht=1599519172209&utmac=UA-55820-1&utmcc=__utma%3D157492329.258363299.1599519172.1599519172.1599519172.1%3B%2B__utmz%3D157492329.1599519172.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=10220336&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~
Requested by
Host: blogwhirlpool.net
URL: http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Sep 2020 22:52:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1046237449&utmhn=blogwhirlpool.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Has%20anyone%20purchased%20from%20eAutoExotic%20Traders%20%3F&utmhid=22528683&utmr=0&utmp=%2Fforums.whirlpool%2Farchive%2FeAutoExotic%252520Traders-general-discussion-thread332-YY54.html&utmht=1599519172209&utmac=UA-55820-1&utmcc=__utma%3D157492329.258363299.1599519172.1599519172.1599519172.1%3B%2B__utmz%3D157492329.1599519172.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=10220336&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~
Non-Authoritative-Reason
HSTS
ads
googleads.g.doubleclick.net/pagead/ Frame 70B2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2360152809826010&output=html&h=280&slotname=8848646413&adk=3946844071&adf=3053199787&w=1000&fwrn=4&fwrnh=100&lmt=1599141526&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&channel=5571972505%2B6005358010%2B4224412214%2B3428730015%2B1919656811&format=1000x280&url=http%3A%2F%2Fblogwhirlpool.net%2Fforums.whirlpool%2Farchive%2FeAutoExotic%2520Traders-general-discussion-thread332-YY54.html&region=main&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1599519172057&bpp=1&bdt=2051&idt=159&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280%2C1000x280&correlator=8624155545344&pv_ch=5571972505%2B4224412214%2B3428730015%2B1919656811%2B&frm=20&pv=1&ga_vid=258363299.1599519172&ga_sid=1599519172&ga_hid=22528683&ga_fc=1&iag=0&icsg=10402&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=403&ady=4217&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1883457214516631&pem=691&ref=http%3A%2F%2Fblogwhirlpool.net%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bOOhAzXOJA&p=http%3A//blogwhirlpool.net&dtd=163
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2360152809826010&output=html&h=280&slotname=8848646413&adk=3946844071&adf=3053199787&w=1000&fwrn=4&fwrnh=100&lmt=1599141526&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&channel=5571972505%2B6005358010%2B4224412214%2B3428730015%2B1919656811&format=1000x280&url=http%3A%2F%2Fblogwhirlpool.net%2Fforums.whirlpool%2Farchive%2FeAutoExotic%2520Traders-general-discussion-thread332-YY54.html&region=main&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1599519172057&bpp=1&bdt=2051&idt=159&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280%2C1000x280&correlator=8624155545344&pv_ch=5571972505%2B4224412214%2B3428730015%2B1919656811%2B&frm=20&pv=1&ga_vid=258363299.1599519172&ga_sid=1599519172&ga_hid=22528683&ga_fc=1&iag=0&icsg=10402&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=403&ady=4217&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1883457214516631&pem=691&ref=http%3A%2F%2Fblogwhirlpool.net%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bOOhAzXOJA&p=http%3A//blogwhirlpool.net&dtd=163
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 07 Sep 2020 22:52:52 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 07-Sep-2020 23:07:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 8977 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2360152809826010&output=html&adk=1812271804&adf=3025194257&lmt=1599141526&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fblogwhirlpool.net%2Fforums.whirlpool%2Farchive%2FeAutoExotic%2520Traders-general-discussion-thread332-YY54.html&ea=0&region=main&flash=0&pra=7&wgl=1&adsid=NT&dt=1599519172139&bpp=1&bdt=2133&idt=87&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280%2C1000x280%2C1000x280&nras=1&correlator=8624155545344&frm=20&pv=1&ga_vid=258363299.1599519172&ga_sid=1599519172&ga_hid=22528683&ga_fc=1&iag=0&icsg=10402&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1883457214516631&pem=691&ref=http%3A%2F%2Fblogwhirlpool.net%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=95
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2360152809826010&output=html&adk=1812271804&adf=3025194257&lmt=1599141526&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fblogwhirlpool.net%2Fforums.whirlpool%2Farchive%2FeAutoExotic%2520Traders-general-discussion-thread332-YY54.html&ea=0&region=main&flash=0&pra=7&wgl=1&adsid=NT&dt=1599519172139&bpp=1&bdt=2133&idt=87&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280%2C1000x280%2C1000x280&nras=1&correlator=8624155545344&frm=20&pv=1&ga_vid=258363299.1599519172&ga_sid=1599519172&ga_hid=22528683&ga_fc=1&iag=0&icsg=10402&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1883457214516631&pem=691&ref=http%3A%2F%2Fblogwhirlpool.net%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=95
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 07 Sep 2020 22:52:52 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUmjByHGw55c9F3BJ6dTSlyL9eVyH9O2OEkqby5pYk_s5q-GuOz9QDyEbDjh; expires=Sat, 02-Oct-2021 22:52:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Sep 2020 22:52:52 GMT
cache-control
private
slabo27px-108.woff
forums.whirlpool.net.au/skin/font/slabo27/ 		0
0
OpenSans-Bold-r1.woff
forums.whirlpool.net.au/skin/font/opensans-r1/ 		0
0
OpenSans-Regular-r1.woff
forums.whirlpool.net.au/skin/font/opensans-r1/ 		0
0
OpenSans-Semibold-r1.woff
forums.whirlpool.net.au/skin/font/opensans-r1/ 		0
0
OpenSans-Semibold-r1.ttf
forums.whirlpool.net.au/skin/font/opensans-r1/ 		0
0
OpenSans-Bold-r1.ttf
forums.whirlpool.net.au/skin/font/opensans-r1/ 		0
0
OpenSans-Regular-r1.ttf
forums.whirlpool.net.au/skin/font/opensans-r1/ 		0
0
slabo27px-108.ttf
forums.whirlpool.net.au/skin/font/slabo27/ 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200831&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a88f952bb4e8d476002936adf8358dc08a118ea43d9909c9007a669eb9b755e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Sep 2020 22:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6261
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 22:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Mon, 07 Sep 2020 22:52:56 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 8CE7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Mon, 07 Sep 2020 21:46:29 GMT
expires
Tue, 07 Sep 2021 21:46:29 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3987
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200831&jk=1883457214516631&bg=!7u2l7fVYiGOt5k2gEOICAAAAUFIAAAALCgEc99qONVf8WvcTASBNtKDbexy_gmVjdGD0tTVhnOB5s2D5HDGE7lQhCRsBZ3ZIrPohPluwNYfIcIrBuSKNmMEeYnf6Yig2L-a52tLYaFqzb1b2kJTbrBcdOgPLyxbrp_LNAMZArABQ6AC5OaI7PmhJe1w9D-XyBoP-F8O932rqQZWEiJCxtaLJ_imz2jmcQXzKjDSWhbL0ycb012WV9pMDXPeWqA9KHN1DGy1yPXt7EE2j3SAHbGvPQid477ntd9DwTtnuP6PkQgKu_GYUS496cg6qoEycoG6_UTbdgZM_doIsD3qHPQQV9xvKc-08Jq2MK3iCACR_Vuzm5Y4LGoHENG2T1NSYhzwR5rKgHLihkt9fqNuZgjaFzflTKS6ZAakWqdKL1VLaX4whCPPwgpeb4uvbE9TxOKKEZUlQof2ZgY1LtRH8FufJzo51LeLUMXQ5oQSU7hTfOrlKjoHKuXzpDwlnHbgxFd-0PD6-_o0cPdMxA6ahBrOCpsc4MdIRz09YyQh1PKGZzgbqmUt6h8AZn37xMeAJjAsCynKghLltB9hasYWEP3eBpADGdx1KU0-73UelC3AK1qgMHpvtvrG0qHiOolPTH9_D04pipwxvF3yXahcZzX73vIEYamucNKK_xOZvYHahPEYYdjwALoyDYk8lYbzYqhlIL0dT-hS6yCIJ8h971S04yVwBpgep2ZZYcquVm8nP-NK3YyjQyKZ1y_acBxWLo1j_PKR5UcyqGhO9SY23tZtVTYW9cg6uCxxElFuMSCUHXIordGxIMh9nbgwp153yOdSWtWWP2asaWTXI3sfiu3Wbc9wS4bjjf83ASrSETsd5zeSBLWDSNB0euy3SwoK5IRxU9OMzeXObeAm809_2jP2NCDij9Kb81jYEe9RK-5UaGO1fxIg9zOLjlGKuGfODwX1MBBKr77jEZ5aTBuKK_kMMdQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://blogwhirlpool.net/forums.whirlpool/archive/eAutoExotic%20Traders-general-discussion-thread332-YY54.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Sep 2020 22:52:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
forums.whirlpool.net.au
URL
https://forums.whirlpool.net.au/skin/font/slabo27/slabo27px-108.woff2
Domain
forums.whirlpool.net.au
URL
https://forums.whirlpool.net.au/skin/font/opensans-r1/OpenSans-Regular-r1.woff2
Domain
forums.whirlpool.net.au
URL
https://forums.whirlpool.net.au/skin/font/opensans-r1/OpenSans-Semibold-r1.woff2
Domain
forums.whirlpool.net.au
URL
https://forums.whirlpool.net.au/skin/font/opensans-r1/OpenSans-Bold-r1.woff2
Domain
forums.whirlpool.net.au
URL
https://forums.whirlpool.net.au/skin/font/slabo27/slabo27px-108.woff
Domain
forums.whirlpool.net.au
URL
https://forums.whirlpool.net.au/skin/font/opensans-r1/OpenSans-Bold-r1.woff
Domain
forums.whirlpool.net.au
URL
https://forums.whirlpool.net.au/skin/font/opensans-r1/OpenSans-Regular-r1.woff
Domain
forums.whirlpool.net.au
URL
https://forums.whirlpool.net.au/skin/font/opensans-r1/OpenSans-Semibold-r1.woff
Domain
forums.whirlpool.net.au
URL
https://forums.whirlpool.net.au/skin/font/opensans-r1/OpenSans-Semibold-r1.ttf
Domain
forums.whirlpool.net.au
URL
https://forums.whirlpool.net.au/skin/font/opensans-r1/OpenSans-Bold-r1.ttf
Domain
forums.whirlpool.net.au
URL
https://forums.whirlpool.net.au/skin/font/opensans-r1/OpenSans-Regular-r1.ttf
Domain
forums.whirlpool.net.au
URL
https://forums.whirlpool.net.au/skin/font/slabo27/slabo27px-108.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| escape object| trustedTypes function| diffString function| randomColor function| diffString2 function| diff function| whirlcode2 function| thread_page_list object| replyHighlightTimer function| jumpToElement function| jumpToReplyId function| selectText number| sad_attempt_cnt number| sad_attempt_user function| userVote function| $ function| jQuery object| html5 object| Modernizr function| autosize object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| _gaq function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| _gat function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
blogwhirlpool.net
forums.whirlpool.net.au
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
forums.whirlpool.net.au
104.22.64.113
185.196.8.122
2a00:1450:4001:800::200e
2a00:1450:4001:817::2002
2a00:1450:4001:821::2001
2a00:1450:4001:821::2002
2a00:1450:4001:824::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2fe63ad9373042cd24ae627d7c33213af2c5ce80d5104ce48db542333d0edee8
330798625ce3468cc078ba28574ec8651fd742c9f70673c29333f9a9683a2a21
3ab1bc0fc9d97fbc0dbeb5170601f9e3ec9d35545f900f174bfe9390ac009f6b
6171718c1c9b29b11db5884f25477cbd78bb0921aae51a610bbd4fda1dbb7399
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a88f952bb4e8d476002936adf8358dc08a118ea43d9909c9007a669eb9b755e0
b9f3fe2d64e72327ee19769f8a71b88be6dad43a16d54ee56943d8fb0ba1591d
bba5708b5f78afd251d0700f717ae47228cc2b0fc391656f5fd04dd72db58135
bbec898258b5ff1fe0d92e23c57df5d07acec4f648bc9ca5e3d007a7fefa5c24
d297077bc69ac6d0518aa1e10f9f7dd72db4dcce0b24b200cee7ff2c6201138d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55829177b4a213582af987f8760382121c136a18ad37b5e3e89c7f380228389
f7aa30d2eaa039a41e9c0bbcd84e188424e5530a57ce68970a4231976257f388