Report - cloakingads.com/tag/approval-your-google-cloaked-ads/

Report Overview

Visited public
2023-12-04 19:39:16
Tags
Submit Tags
URL
cloakingads.com/tag/approval-your-google-cloaked-ads/
Finishing URL
cloakingads.com/tag/approval-your-google-cloaked-ads/
IP / ASN
162.0.232.43
#22612 NAMECHEAP-NET
Title
approval your Google cloaked ads Archives - Cloaking Ads

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
marybskitchen.com	unknown	2023-06-13	2017-12-23 19:12:59	2023-12-04 10:15:06	14 kB	2.1 MB	185.192.111.203
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-04 07:58:24	1.3 kB	253 kB	142.250.74.136
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-12-04 11:30:31	350 B	942 B	54.230.218.11
cloakingads.com	unknown	unknown	2022-07-02 08:25:59	2023-03-29 03:30:43	34 kB	846 kB	162.0.232.43
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-04 06:26:24	1.1 kB	53 kB	216.58.207.227
cdn.ethers.io	459220	2016-03-15	2017-08-30 09:27:23	2023-12-03 17:09:46	425 B	214 kB	54.230.111.39
bsc-dataseed1.binance.org	126080	2017-05-23	2021-04-12 18:42:48	2023-12-03 17:09:47	2.1 kB	9.3 kB	52.223.34.155

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

Scan Date	Severity	Indicator	Alert
2023-12-04	medium	marybskitchen.com/fEOV2v/	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake
2023-12-04	medium	marybskitchen.com	ClearFake

JavaScript (70)

	URL	From	Size	First Seen	Last Seen
	cloakingads.com/wp-content/litespeed/js/e368d18aa5bd699da35a176f4be384a8.js?ver=fb751	ScriptElement	1.3 kB	2023-12-04	2025-06-29
Pretty URL cloakingads.com/wp-content/litespeed/js/e368d18aa5bd699da35a176f4be384a8.js?ver=fb751 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2025-06-29 16:37 Times Seen2 Hash 9636d8f5ea7ba3e79395143541aeb84c a2c4d84f5a6ad5be433fb2f8d7e727d23c05ea0a 5c8c08d954c51c1d35cc8be3352c47be2f8dcc34e393fd83d7b637f578d9b26e Loading...

	cloakingads.com/tag/approval-your-google-cloaked-ads/	ScriptElement	3.3 kB	2024-08-20	2024-08-20
Pretty URL cloakingads.com/tag/approval-your-google-cloaked-ads/ IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:47 Last Seen2024-08-20 16:47 Times Seen1 Hash ddf852c7a3bc3d0de8ab64a155abd224 f901f655ed229dddebc705b8f12594b5083d2032 e4abd3dd2d9c8b46f804887769b85eeb330a1b19ee728543411e59db58fe3ca1 Loading...

	cloakingads.com/wp-content/litespeed/js/aeb4955f7b04ed9dec0abbd30a9a12ee.js?ver=9bca3	ScriptElement	2.7 kB	2023-12-04	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/aeb4955f7b04ed9dec0abbd30a9a12ee.js?ver=9bca3 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2023-12-04 20:39 Times Seen1 Hash 23740b50741a39439eaa7706ca2b7580 09f764e929cf781921680ecb084999623253038c 00de7d68958a1d1b0d1146e4075c9a5b53650e2105c29165fcf48f8e1be36740 Loading...

	cloakingads.com/wp-content/litespeed/js/2fbae0eba83544c5fd46c4f3dd10c2a3.js?ver=aafc1	ScriptElement	10 kB	2023-12-04	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/2fbae0eba83544c5fd46c4f3dd10c2a3.js?ver=aafc1 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2023-12-04 20:39 Times Seen1 Hash 1e612a53fcaa2ea52e6bc18649974ec3 d0fb90246df1c60b2e149aa34faf9e6a4db45dd6 ba993978a7e911a2c0fd874f138915f1542727717fc8c4b9524673b9d56a04f8 Loading...

	www.googletagmanager.com/gtag/js?id=UA-240902043-1	ScriptElement	178 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtag/js?id=UA-240902043-1 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2023-12-04 20:39 Times Seen1 Hash d0f5fcb5f84ab5fe1d2e268f01f0de63 09c278619bac427639985085bf1d50fddcd11054 869fe554efb689be0ea819e79def9012b9d6916e84e2146251badef772339a16 Loading...

	cloakingads.com/tag/approval-your-google-cloaked-ads/	ScriptElement	99 B	2024-08-20	2024-08-20
Pretty URL cloakingads.com/tag/approval-your-google-cloaked-ads/ IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:47 Last Seen2024-08-20 16:47 Times Seen1 Hash e6e90fe056501a05954842e72b940b93 0d8ad180ca4ba54c57facdf8e411222bbfa5e0c0 cf556fbb413e6999433a4aec41d67ddcab5f086b3323d62a3e14797ef3c8e47e Loading...

	cloakingads.com/wp-content/litespeed/js/ab7986e439e2c7f8a5c74f3b12754afc.js?ver=f7afc	ScriptElement	5.1 kB	2023-12-04	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/ab7986e439e2c7f8a5c74f3b12754afc.js?ver=f7afc IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2023-12-04 20:39 Times Seen1 Hash 6b0218ecc600048d8a940c410ffce8b7 b19b85c57a96fa8d6d046e885f8c28644e7e526e ac3a0221886a2a1a64a64c2a7790efe5ec57e2aa219bb00c85753a3a9151bf2c Loading...

	cloakingads.com/wp-content/litespeed/js/4c649ca674491dffa171e4e2159b7514.js?ver=a3b66	ScriptElement	2.9 kB	2023-12-04	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/4c649ca674491dffa171e4e2159b7514.js?ver=a3b66 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2023-12-04 20:39 Times Seen1 Hash 4247a73df254e197ebafab4edc38d02d 8ef9cd34a6ca475e3b9bbb53ba743ba5bde6623c f167c8fe768df8005efb79842bbb90c2cd86f055e498d1ef938b343f178a3eaa Loading...

	marybskitchen.com/4q1YTq	ScriptElement	78 B	2023-12-04	2024-08-20
Pretty URL marybskitchen.com/4q1YTq IP 185.192.111.203 ASN #49505 OOO Network of data-centers Selectel Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 12:20 Last Seen2024-08-20 16:49 Times Seen4 Hash 70a4e150d7f01b97f081bcaa3c8483d1 e4bf12f7578d29f356e52b5a80f1b69154c1d992 2f408c92606105a6cc154668070f9e2befbd1e91058c33131da1af944de9bbfa Loading...

	cloakingads.com/wp-content/litespeed/js/1c02131e6ba039db90a5de8a05b8c604.js?ver=64f8d	ScriptElement	14 kB	2023-08-10	2025-06-30
Pretty URL cloakingads.com/wp-content/litespeed/js/1c02131e6ba039db90a5de8a05b8c604.js?ver=64f8d IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-10 16:39 Last Seen2025-06-30 22:14 Times Seen1677 Hash baf07315015471df7bda37547934e016 da1dbf551408f51caf68ebb5b44477d05fecd321 bcd8482491d261c223749a5b352d5f29eea4560d9dd7bfa030dc270327c37eee Loading...

	cloakingads.com/wp-content/litespeed/js/bbfd65d8084230e0a5f0dbec48745f31.js?ver=99545	ScriptElement	9.4 kB	2023-08-11	2025-04-20
Pretty URL cloakingads.com/wp-content/litespeed/js/bbfd65d8084230e0a5f0dbec48745f31.js?ver=99545 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-11 03:35 Last Seen2025-04-20 23:17 Times Seen124 Hash faa118dcae7a96317dac59db6741a7e6 50e8fb38166ddb1a9a1662df85a1404332f85fe6 79f7f6671794b1e41e54b8e46e5bcf6a815b434838d6d41f0bf779987cf47a6f Loading...

	cloakingads.com/wp-content/litespeed/js/8f09a82c15d52350b4d97b915c164c67.js?ver=e39ef	ScriptElement	12 kB	2023-03-07	2025-06-30
Pretty URL cloakingads.com/wp-content/litespeed/js/8f09a82c15d52350b4d97b915c164c67.js?ver=e39ef IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26 Last Seen2025-06-30 18:46 Times Seen188 Hash 80ada5a196f64832bee7f13689a10efc cd969083c7e4a723e8da0f350886fdb7f9f6192d 739c7e7c4292f91d9b20dad31ad5532d15fccd8c98dbacff07c7e41586987cc1 Loading...

	cloakingads.com/wp-content/litespeed/js/fe0046dce508daaaabdf2dca3af95ea2.js?ver=4ba53	ScriptElement	4.6 kB	2023-08-11	2025-04-20
Pretty URL cloakingads.com/wp-content/litespeed/js/fe0046dce508daaaabdf2dca3af95ea2.js?ver=4ba53 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-11 03:35 Last Seen2025-04-20 23:17 Times Seen130 Hash 9324d57005fb3ee679b8c07e18410ceb 6fccd7548e8e04eb1025ac60adc2a3e8edc547be 9ec42b5cd4ab33d199ff7217795706c88b341e103de12c86bd42ba429f26952f Loading...

	cloakingads.com/wp-content/litespeed/js/1b91cfbb084c9a69d815fa4521bce0fa.js?ver=7ed04	ScriptElement	21 kB	2023-04-02	2025-06-25
Pretty URL cloakingads.com/wp-content/litespeed/js/1b91cfbb084c9a69d815fa4521bce0fa.js?ver=7ed04 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-02 21:15 Last Seen2025-06-25 08:27 Times Seen275 Hash 82f92fb3f80c15c33fef221bbcde53de e9ac423f5d205b3a83d07655212736dde892166a 8e0c9aeda2f24b738346d1b91acf796db7e81314a74763956a1bd168326cfb17 Loading...

	cloakingads.com/wp-content/litespeed/js/08e5c53f7f56b8301840af6587815457.js?ver=1a4c1	ScriptElement	2 B	2023-03-07	2025-06-30
Pretty URL cloakingads.com/wp-content/litespeed/js/08e5c53f7f56b8301840af6587815457.js?ver=1a4c1 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:10 Last Seen2025-06-30 11:40 Times Seen252 Hash 1216b4be0933c8af46274854de21ac9c a77f01a150c8d534406ba1d54d00af33d7372abd 174c79e9b08a882180cfd6b6f19c6f6cc94573134b6543b163c43b87ba06cd37 Loading...

	cloakingads.com/wp-content/litespeed/js/62a1cd82944fe29db364a18f1986a9e2.js?ver=7fbb8	ScriptElement	15 kB	2023-05-17	2025-05-09
Pretty URL cloakingads.com/wp-content/litespeed/js/62a1cd82944fe29db364a18f1986a9e2.js?ver=7fbb8 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 19:33 Last Seen2025-05-09 11:27 Times Seen4 Hash dabc148b993d386ceaa958cde42c868b aefa195e0bc715a514ec8f76e140bfe4008b152d def87dd899d0b7d84e3c03791b5dfa37de610b5d7ff11e3a2e384e2d90be03db Loading...

	cloakingads.com/wp-content/litespeed/js/44565bf7b25e1305baba08c7e7d76022.js?ver=742e5	ScriptElement	3.1 kB	2023-12-04	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/44565bf7b25e1305baba08c7e7d76022.js?ver=742e5 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2023-12-04 20:39 Times Seen1 Hash c087a595415ba0d6fc01f88f3db4cb08 22fa12ec20513fae80122d298138b0fac5159204 e06ab986973ceed03ea9fa4aebbfa85433f5b860c8be2ff8d4db9e1064a64156 Loading...

	cloakingads.com/wp-content/litespeed/js/78e4c7ffc896f6d191aaab08456315cb.js?ver=228f6	ScriptElement	16 kB	2023-08-10	2025-02-28
Pretty URL cloakingads.com/wp-content/litespeed/js/78e4c7ffc896f6d191aaab08456315cb.js?ver=228f6 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-10 16:39 Last Seen2025-02-28 20:02 Times Seen76 Hash a0591fc4883d0692ee3fb3d5abd2df24 bf5a5425081a97e3b6852b771f9052d2c9b7a330 ef43401bb5dc60b6c4c3a3c82828539992bca9c3f1dc81bb79fe40629b0d90ca Loading...

	cloakingads.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	ScriptElement	1.4 kB	2023-08-20	2025-06-30
Pretty URL cloakingads.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-20 22:12 Last Seen2025-06-30 22:30 Times Seen1299 Hash 673e11fe8be2616c6b1effc7833f135c e7e5a96dad4619466e71c39a6d7569bd4a918c48 1accc1d454a99953122a7ccb163fb269ec59abd86930d18b49562858b4379c6f Loading...

	cloakingads.com/wp-content/litespeed/js/7d2885107f1675f42c7bf0e799f7380d.js?ver=5307d	ScriptElement	11 kB	2023-03-26	2025-03-03
Pretty URL cloakingads.com/wp-content/litespeed/js/7d2885107f1675f42c7bf0e799f7380d.js?ver=5307d IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:29 Last Seen2025-03-03 07:34 Times Seen4 Hash 77bc3161fbc62ec9d84532431bce6e63 ae8bdfd31c2aef042feba565a439c31bb1642d27 d21896c5c9bcc6a284590876ab673e95f8c3655df4983cd47dbb531392420b84 Loading...

	cloakingads.com/wp-content/litespeed/js/4202a356908852447e47a394462b4026.js?ver=eb15b	ScriptElement	11 kB	2023-12-04	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/4202a356908852447e47a394462b4026.js?ver=eb15b IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2023-12-04 20:39 Times Seen1 Hash ce8cbc001afb3d48fba4475385cf4504 831d71eb8d77ddb7877b03610500a0b8531613e0 43b714ee8541a054191eecdf3e8fac19291096068fa05fab85a1bbaaf8caf43e Loading...

	cloakingads.com/wp-content/litespeed/js/30304779b6274a7c0fdd01d64fb34595.js?ver=7c2ef	ScriptElement	5.4 kB	2023-03-07	2025-06-23
Pretty URL cloakingads.com/wp-content/litespeed/js/30304779b6274a7c0fdd01d64fb34595.js?ver=7c2ef IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:21 Last Seen2025-06-23 01:58 Times Seen5 Hash bd8317aac34b12098878334e2f8505f3 48066912a30ba11481fc5e17c447dceaa0d09729 d4c3531a703c013c7a5efb10e585e92919f1839b8c65f573614f4c36ac6fadf5 Loading...

	cloakingads.com/tag/approval-your-google-cloaked-ads/	ScriptElement	266 B	2024-08-20	2024-08-20
Pretty URL cloakingads.com/tag/approval-your-google-cloaked-ads/ IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:47 Last Seen2024-08-20 16:47 Times Seen1 Hash 53313a99ab29e1c5dd4b1b9b25738129 856475d1879c57b31a530769bbbaf538edad64d8 449fde36b31e0527d29186fb628715eccd6e6176ba0a60d12a95b43adca93baf Loading...

	www.googletagmanager.com/gtag/js?id=G-S9C7ML5K0T	ScriptElement	281 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtag/js?id=G-S9C7ML5K0T IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2023-12-04 20:39 Times Seen1 Hash 727e289b7e4312a7db07b45659edac4f 236db44a0b5ecdb886a75c4ced652e68ba459469 11b6c8066751b8770e86917c4c9424b2896bd382cd3964cca6d24b79d24cb3fe Loading...

	cloakingads.com/tag/approval-your-google-cloaked-ads/sandbox%20eval%20code		147 B	2023-04-11	2025-06-30
Pretty URL cloakingads.com/tag/approval-your-google-cloaked-ads/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-30 22:45 Times Seen380592 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	cloakingads.com/tag/approval-your-google-cloaked-ads/	ScriptElement	149 B	2024-08-20	2024-08-20
Pretty URL cloakingads.com/tag/approval-your-google-cloaked-ads/ IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:47 Last Seen2024-08-20 16:47 Times Seen1 Hash 61f899cac3fa05542975429b58215ec2 415f6a10cfdb17fddc8a35ae64b1640561f2f889 a852ded9c200c88944220815ff889f537724f477af1bbf8443e9985080f82661 Loading...

	cloakingads.com/wp-content/litespeed/js/2bf278f2910efe5d4cd4269eccf2a986.js?ver=84619	ScriptElement	36 kB	2023-03-08	2025-04-07
Pretty URL cloakingads.com/wp-content/litespeed/js/2bf278f2910efe5d4cd4269eccf2a986.js?ver=84619 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:28 Last Seen2025-04-07 15:58 Times Seen16 Hash 09ddf47e04ac856afd650ca1242b8db6 426ad131d6727caf6838880c0df956262bba974b d23c3f4c0da35f7feed1a6130a1b4e1bb3279b753eb2488292c0b8c74db1bba6 Loading...

	cloakingads.com/wp-content/litespeed/js/e00655709524c0617c3418ad2e36277f.js?ver=d9262	ScriptElement	1.5 kB	2023-03-07	2025-06-29
Pretty URL cloakingads.com/wp-content/litespeed/js/e00655709524c0617c3418ad2e36277f.js?ver=d9262 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:24 Last Seen2025-06-29 22:29 Times Seen9 Hash abac4cc328f4b782e51625e97890598e 705b02fa54005fe4418b8512165c2014e97e839e 7cbb5287068298fd525b5d2147cbd6460070f422d0c779f579c072b75fb08d3c Loading...

	cloakingads.com/wp-content/litespeed/js/a4cc33168a5323cb493c1de12cd54cbc.js?ver=196e8	ScriptElement	8.4 kB	2023-03-08	2024-12-10
Pretty URL cloakingads.com/wp-content/litespeed/js/a4cc33168a5323cb493c1de12cd54cbc.js?ver=196e8 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:04 Last Seen2024-12-10 16:29 Times Seen2 Hash 4c041208467de0eb340da7636c20ca68 005ee5435a7de38e7d185eac947e6d7640c791c4 d2dff4813d5fff70fc4df5635da758e5c2057d1d97f96e88f8d456f37d551218 Loading...

	marybskitchen.com/4q1YTq	ScriptElement	49 B	2023-12-04	2024-08-20
Pretty URL marybskitchen.com/4q1YTq IP 185.192.111.203 ASN #49505 OOO Network of data-centers Selectel Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 12:20 Last Seen2024-08-20 16:49 Times Seen4 Hash 681c0fc0b2aa9aed7955b9187a23972f ab4bbcc69f8f0ffe211c3660a896b8034b07c730 6eed58b24978c8b7a3e77f02f3a72cb6bd8cd0028a9daa0be852c4ddda6ef8da Loading...

	cloakingads.com/wp-content/litespeed/js/ad2bd7a7be0efab953d21c74fcabe452.js?ver=e8abb	ScriptElement	13 kB	2023-11-16	2025-06-24
Pretty URL cloakingads.com/wp-content/litespeed/js/ad2bd7a7be0efab953d21c74fcabe452.js?ver=e8abb IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 17:23 Last Seen2025-06-24 16:09 Times Seen121 Hash dfc9048d70a96124b1da2cf86a06f486 9d12fc848e1194f64c960135566388804df2f92a fc1b234bf5f306824563d1923c00bbf3b1d4ac769d33b440d011ab0e2fe6bf05 Loading...

	cloakingads.com/wp-content/litespeed/js/bffcf0b9af43f6b39cabf4699bc3743c.js?ver=aa992	ScriptElement	8.2 kB	2023-04-11	2025-06-30
Pretty URL cloakingads.com/wp-content/litespeed/js/bffcf0b9af43f6b39cabf4699bc3743c.js?ver=aa992 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 13:00 Last Seen2025-06-30 18:17 Times Seen249 Hash 08ddf192652a19d6ea1cee01962a847f 5837d2ee8bd674926333d6ac40a1ad7b6c8dabfb 35d4da7dafccd3e1073ca30dc55d94edf7aa96a964b444cef9773e039c1a0e5f Loading...

	cloakingads.com/wp-content/litespeed/js/e7e545180a3c8abc3cb20d37a6b18e0e.js?ver=756a7	ScriptElement	19 kB	2023-03-08	2025-06-30
Pretty URL cloakingads.com/wp-content/litespeed/js/e7e545180a3c8abc3cb20d37a6b18e0e.js?ver=756a7 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32 Last Seen2025-06-30 21:53 Times Seen363 Hash 8fc61b5bba5399c029dbd76970966f03 7db1f4bb906cffbeeb1d47add872e4b4b574c4a6 6eabe6fc9af525bfe45c37f58a1265a4675c0213817a9249bc2d253049b9c649 Loading...

	cloakingads.com/wp-content/litespeed/js/7cdbfb72a507ce3f26f0c2e5ad97ed63.js?ver=79572	ScriptElement	992 B	2023-12-04	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/7cdbfb72a507ce3f26f0c2e5ad97ed63.js?ver=79572 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2023-12-04 20:39 Times Seen1 Hash d5630f04bf7a2dc6058addc2a7ccb2e2 d804ade4cd02921cb7a3075dd6edbd040b52bcdb 5e075975f937f21ec8e48ab568c783ab0adb2902359a963bd4e5571c96952fd3 Loading...

	cdn.ethers.io/lib/ethers-5.2.umd.min.js	ScriptElement	733 kB	2023-03-07	2025-06-30
Pretty URL cdn.ethers.io/lib/ethers-5.2.umd.min.js IP 54.230.111.39 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07 Last Seen2025-06-30 14:29 Times Seen1082 Hash 50ed955cf32ac8e4e1daa0fac8fcde98 fc073f2b9715e44dc2346d7cbe0b491fb59da146 c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff Loading...

	cloakingads.com/wp-content/litespeed/js/51db03e04dfb8a00c20aa0094e210e3c.js?ver=19d15	ScriptElement	3.6 kB	2023-03-08	2025-06-25
Pretty URL cloakingads.com/wp-content/litespeed/js/51db03e04dfb8a00c20aa0094e210e3c.js?ver=19d15 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:42 Last Seen2025-06-25 08:27 Times Seen28 Hash 1d91a1f0bd35dbe1142fbc7c7a162f3b 999b490ef9ae7d069d1739272ae0cba6795b5b7c e362311131b3cd1ad1a85a780f46a9756d156793a2bbc10e219fe60f3662f8e4 Loading...

	cloakingads.com/tag/approval-your-google-cloaked-ads/	ScriptElement	149 B	2024-08-20	2024-08-20
Pretty URL cloakingads.com/tag/approval-your-google-cloaked-ads/ IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:47 Last Seen2024-08-20 16:47 Times Seen1 Hash 7847d8aca4fd0023e1e5eba2d232da4b 195268b53e847d59533b963b8b3204aad719b714 d94ea81d35935d907000f689eaaa4745c8c97124c9e6c1b12bacd92c4f793dbd Loading...

	cloakingads.com/tag/approval-your-google-cloaked-ads/	ScriptElement	111 B	2024-08-20	2024-08-20
Pretty URL cloakingads.com/tag/approval-your-google-cloaked-ads/ IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:47 Last Seen2024-08-20 16:47 Times Seen1 Hash 917f931fcaf8f35d08a4f7f132a748db eabce4cd9d29c5d25c4c91261935d7ecfaa62b5d 8943defeabca597ae4217b3f3ebf3a73eae96c0d0d32b476c2dad284f3b678ea Loading...

	cloakingads.com/wp-content/litespeed/js/7fd115b0e0b6049669b67a9e90f4f875.js?ver=ab2ff	ScriptElement	15 kB	2023-03-07	2025-06-23
Pretty URL cloakingads.com/wp-content/litespeed/js/7fd115b0e0b6049669b67a9e90f4f875.js?ver=ab2ff IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-06-23 23:40 Times Seen47 Hash aec5d855414d2e82d618b9983d3d1b9c 87bb52f8f791fdf2198028ccb27e06cb24124df4 b94eb4f0451d47126fafb78ae6385c20a4d3a1b311a8e65e7703e8665f902179 Loading...

	cloakingads.com/wp-content/litespeed/js/738117450f3cd6ce19652e1ad95f8ae7.js?ver=997a7	ScriptElement	11 kB	2023-11-16	2025-06-24
Pretty URL cloakingads.com/wp-content/litespeed/js/738117450f3cd6ce19652e1ad95f8ae7.js?ver=997a7 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 17:23 Last Seen2025-06-24 16:09 Times Seen120 Hash ff0bb4f3df8ceb6f9116e00343027931 0444d59d900b8c1d2463f5bc939c5a502edef1fa 75ebff8ac6bfbba010d88615e10cd016354fffbe5a45b5a12f0e06276dd7f880 Loading...

	cloakingads.com/wp-content/litespeed/js/6d1b6d3b74c9e191537a61d1203ec221.js?ver=d1895	ScriptElement	2.2 kB	2023-03-07	2025-06-23
Pretty URL cloakingads.com/wp-content/litespeed/js/6d1b6d3b74c9e191537a61d1203ec221.js?ver=d1895 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:21 Last Seen2025-06-23 06:54 Times Seen5 Hash 9b8ebe389922def4c3df4f3691af50d4 9d1e9d6082a697df934c0c75db0523b2edeeb00b 706e6f9987f074601b15086714015d1ed9589401f8eb4d2f239b6c2fd3b35caf Loading...

	cloakingads.com/wp-content/litespeed/js/6110b05f9005051632e240078b5a0fe3.js?ver=a1d52	ScriptElement	5.8 kB	2023-05-18	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/6110b05f9005051632e240078b5a0fe3.js?ver=a1d52 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 12:02 Last Seen2023-12-04 20:39 Times Seen2 Hash b3e1c3203b178489cbeaf4a7016a141a 20aa06832627301fbb2a5b4702b655763c182f51 c00bc824dce7046c9eefcfbe692731d7c9dc25aa6d3a3f4b099f38be562e66c9 Loading...

	cloakingads.com/wp-content/litespeed/js/d9fe4fab2cead3fbf1d6ebe491d87755.js?ver=c0937	ScriptElement	1.4 kB	2023-03-08	2025-06-30
Pretty URL cloakingads.com/wp-content/litespeed/js/d9fe4fab2cead3fbf1d6ebe491d87755.js?ver=c0937 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32 Last Seen2025-06-30 21:53 Times Seen959 Hash 4ca562864598f6e5a82914795f6cbce4 e0fd1a53ce965622be4e6a88ba2ca108ac3927ed 3ff87112d6f22e6b84bde184c8d6e8c96b78daf7934e380bafa57634a04411e8 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-06-30
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-30 22:45 Times Seen380045 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	marybskitchen.com/lander/wheel--ww-/js/jquery-3.2.1.min.js	ScriptElement	87 kB	2023-03-07	2025-06-30
Pretty URL marybskitchen.com/lander/wheel--ww-/js/jquery-3.2.1.min.js IP 185.192.111.203 ASN #49505 OOO Network of data-centers Selectel Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-06-30 18:51 Times Seen1377 Hash 473957cfb255a781b42cb2af51d54a3b 67bdacbd077ee59f411109fd119ee9f58db15a5f 75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35 Loading...

	cloakingads.com/tag/approval-your-google-cloaked-ads/	ScriptElement	91 B	2024-08-20	2024-08-20
Pretty URL cloakingads.com/tag/approval-your-google-cloaked-ads/ IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:47 Last Seen2024-08-20 16:47 Times Seen1 Hash 8becafc4454eac63a47a4e4b26e762ea b15f91556632b3a59d511594d584b1accc16a995 0e594636458f5f654d0c82009b18f3d119d2dafb00b77c0a1d57430ae27022e0 Loading...

	cloakingads.com/wp-content/litespeed/js/622d40d2d616220641f363512d3f5cff.js?ver=db913	ScriptElement	5.6 kB	2023-03-07	2025-03-13
Pretty URL cloakingads.com/wp-content/litespeed/js/622d40d2d616220641f363512d3f5cff.js?ver=db913 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12 Last Seen2025-03-13 03:03 Times Seen32 Hash b086432a1d3c3def0c22601d9bbf3a1d d16365883e113e1526717cbe86389045214ef93d c6d5a53ef2baaff57ed64a780b95eb52364d785780e63c87803a4eab54b5ebd5 Loading...

	cloakingads.com/wp-content/litespeed/js/a70e684fca6b8a140ea2c6a7385b3a7f.js?ver=88050	ScriptElement	18 kB	2023-12-04	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/a70e684fca6b8a140ea2c6a7385b3a7f.js?ver=88050 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2023-12-04 20:39 Times Seen1 Hash 56ed7e2d2f1d2876c6a84d0b6031767c 371639c7725e27372b5e48a86b4f39802d4b1d36 dccee5eeff0d6d0c8249c3062ce4ca846a82a238e80b93fc064909f11da94964 Loading...

	cloakingads.com/wp-content/litespeed/js/cb384068f1c20ba855a87ffa28113bd3.js?ver=189b4	ScriptElement	5.0 kB	2023-08-23	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/cb384068f1c20ba855a87ffa28113bd3.js?ver=189b4 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-23 16:07 Last Seen2023-12-04 20:39 Times Seen4 Hash 7428cc573a1d573814e0ea9fedb4cc8c 0bb22ff989f4b98c2b00866460ad550ca7c947fe dd0a36c871e2f876b4e71ec96eb9399e320a0da745ab3d2f118be0505776f301 Loading...

	cloakingads.com/wp-content/litespeed/js/ab0737d39c88c896af08a1314e279a1c.js?ver=5def6	ScriptElement	56 kB	2023-08-23	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/ab0737d39c88c896af08a1314e279a1c.js?ver=5def6 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-23 16:07 Last Seen2023-12-04 20:39 Times Seen4 Hash 075660e3e9f096efbe3624cea11f0956 0dc4fee4b8be3c91fe499703f2e3415b956ddb60 b0ff187e2454967d35c1d0124a802bb64d5e3683188c8d858159245541de6ba0 Loading...

	cloakingads.com/tag/approval-your-google-cloaked-ads/	ScriptElement	58 B	2023-03-07	2025-06-30
Pretty URL cloakingads.com/tag/approval-your-google-cloaked-ads/ IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09 Last Seen2025-06-30 22:32 Times Seen1562 Hash 04a9b59b7e49f913a3926f6431334155 35f2521d3ab3f75895b02da9c6b5419e1a35be59 94c4eed60653e14337c021261a52581e9b6f93ae9ba512912ca30ce656b3ac64 Loading...

	cloakingads.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0	ScriptElement	88 kB	2023-06-13	2025-06-30
Pretty URL cloakingads.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-13 23:41 Last Seen2025-06-30 22:08 Times Seen26487 Hash ff04dd1ef5c67998d8652330c0441689 5e6ff5bd5240181a8bdea983837f39ac231dac4d 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164 Loading...

	cloakingads.com/wp-content/litespeed/js/cbcf73bebfe1c459f15a71e51298eb1b.js?ver=74116	ScriptElement	40 kB	2023-03-07	2025-02-05
Pretty URL cloakingads.com/wp-content/litespeed/js/cbcf73bebfe1c459f15a71e51298eb1b.js?ver=74116 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:21 Last Seen2025-02-05 22:32 Times Seen2 Hash ca9c8421dec586456747da479d7f1169 85b77ea59775d59ff5b423839b3fb3b1074be4fc 6c22224f0fd35903a3fcf413456c63ae1120050b848f896f5a6f09f5d47463d5 Loading...

	cloakingads.com/wp-content/litespeed/js/7389be53bb8250fd2354b74a46cee1e1.js?ver=872b0	ScriptElement	10 kB	2023-12-04	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/7389be53bb8250fd2354b74a46cee1e1.js?ver=872b0 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2023-12-04 20:39 Times Seen1 Hash ddf8c86f10bf498304c5c0ff386b6f4a 8f5c57022acc3eb8a901fcb22eab4ec0fba89a62 71f9f17e125d29264a38d0a2c0c818898c28f52b975c9d456cce2ecdd06df76d Loading...

	cloakingads.com/wp-content/litespeed/js/e794c989d5f9d418d5d7e79fc29f116a.js?ver=9fd2b	ScriptElement	41 kB	2023-08-23	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/e794c989d5f9d418d5d7e79fc29f116a.js?ver=9fd2b IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-23 16:07 Last Seen2023-12-04 20:39 Times Seen4 Hash a42d6bad608fd3c1225fdbe92148b886 55218888a2676e8922f9d396dd87f6acbd0be50b 969bea6d2e43b8bd6e0accb3753d359432cc0d56cf7675e29ff89d4f5d7b502f Loading...

	cloakingads.com/wp-content/litespeed/js/557ef49f7baff4940abe4682bd46a607.js?ver=65998	ScriptElement	30 kB	2023-05-22	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/557ef49f7baff4940abe4682bd46a607.js?ver=65998 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 20:32 Last Seen2023-12-04 20:39 Times Seen1 Hash 86d0704ef87237fdfe6e50548ae8be88 0f99c61f5d3043701a48a12c5a1dae683579ff95 c3407b44f9b9e58467bc40ed6d7d073379380a05747a601a00fcdbd5df68ceca Loading...

	cloakingads.com/wp-content/litespeed/js/c24e6f712681516e67583c44d49ab66d.js?ver=f08e6	ScriptElement	6.6 kB	2023-04-05	2025-06-30
Pretty URL cloakingads.com/wp-content/litespeed/js/c24e6f712681516e67583c44d49ab66d.js?ver=f08e6 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:47 Last Seen2025-06-30 18:17 Times Seen224 Hash bdb543d56c7240623c0c321cc8d60bff 520296e2c47496a681e108971de98dbc70edb61a e00c9d39c5aa9622816a48032983773e7fbc294f7f97f08a0dd9ce26072035ac Loading...

	cloakingads.com/tag/approval-your-google-cloaked-ads/	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL cloakingads.com/tag/approval-your-google-cloaked-ads/ IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:47 Last Seen2024-08-20 16:47 Times Seen1 Hash 6702a931ab48bb654f447860861c108e e6a9c4b9471ba1795e30c84925e4bcf33549db71 ada5c9b9edf96a0fb65042bab341d741c37ba5efdb3b72ee2c61384eea86530a Loading...

	cloakingads.com/tag/approval-your-google-cloaked-ads/	ScriptElement	2.3 kB	2024-08-20	2024-08-20
Pretty URL cloakingads.com/tag/approval-your-google-cloaked-ads/ IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:47 Last Seen2024-08-20 16:47 Times Seen1 Hash 21b0243f20011f529e2b9d2b68548b34 5e550a0a62867626f3dca9d707541dd09ebb870e 5950cb3f0cd108d3b4f02a0bfb92ed314d5c914e4bf9f11ff68827a4b0315303 Loading...

	cloakingads.com/wp-content/litespeed/js/0f1e58df63d57323761eaebc43ab9e9b.js?ver=6c72e	ScriptElement	3.9 kB	2023-12-04	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/0f1e58df63d57323761eaebc43ab9e9b.js?ver=6c72e IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2023-12-04 20:39 Times Seen1 Hash b20f9c64a3ac642fcff8461d6c2437f6 0f1b7e5b9894e27ca06d7d68518165d86f00efcc 88988348e6ea83cb4212b8889e4294ba96a240f83834219a3ca13036b4473664 Loading...

	cloakingads.com/wp-content/litespeed/js/ea1676662cae9febed37cce7f3b2fa55.js?ver=48b99	ScriptElement	5.5 kB	2023-04-13	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/ea1676662cae9febed37cce7f3b2fa55.js?ver=48b99 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-13 19:05 Last Seen2023-12-04 20:39 Times Seen1 Hash abed56244901201cabce48fe37675751 abbf64678da3b454088b40f81ce6f51a8ad8fb27 b7366acbf53affc9f3599437e966ab2bc6923c8a616f6bbbd686024ea7a6c3ba Loading...

	cloakingads.com/wp-content/litespeed/js/ef48ec965789b319be33064208f27162.js?ver=ce6ad	ScriptElement	24 kB	2023-04-13	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/ef48ec965789b319be33064208f27162.js?ver=ce6ad IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-13 19:06 Last Seen2023-12-04 20:39 Times Seen1 Hash ddb835f41f2aeb4a7bb201d01b6ecbff 9b3931bfa8316f44fd90a29ec461e85939a8bc20 36b07eaa1e04d6bc8322846c54c8515c677314acb7e98a451eda8475673237c8 Loading...

	cloakingads.com/tag/approval-your-google-cloaked-ads/	ScriptElement	65 B	2023-03-07	2025-06-30
Pretty URL cloakingads.com/tag/approval-your-google-cloaked-ads/ IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-06-30 17:29 Times Seen1153 Hash bd8e52a8fc33ea2b88463171500fefb4 ae887540f3f122895d608c765b1ef2f1431bce88 c82d07079fed7ac2def0b4e3e87a7e7210be68d69033dcddd90fdce7a28b147f Loading...

	www.googletagmanager.com/gtag/js?id=G-YYVRZX415Q	ScriptElement	281 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtag/js?id=G-YYVRZX415Q IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2023-12-04 20:39 Times Seen1 Hash a6e2e46016d0cc458f0f4a4f63da4621 96782b807ddad95f5e83b35f696349f7aa3d46a8 dc34d2625887804bbacda2abf03bfb69c233268c4544c645006876ffde858fd7 Loading...

	marybskitchen.com/4q1YTq	ScriptElement	9.0 kB	2023-12-04	2024-08-20
Pretty URL marybskitchen.com/4q1YTq IP 185.192.111.203 ASN #49505 OOO Network of data-centers Selectel Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 12:20 Last Seen2024-08-20 16:49 Times Seen4 Hash ca9102486b6efff13472185d3adec3e0 1110cc832418bccd06e73c1e66db4950eaabd35a bb45a82726023da345cbef36b6b9e51aa5a9750105885f3b2553b1a4b01f70b8 Loading...

	data:text/javascript;base64,YXN5bmMgZnVuY3Rpb24gbG9hZCgpe2xldCBwcm92aWRlcj1uZXcgZXRoZXJzLnByb3ZpZGVycy5Kc29uUnBjUHJvdmlkZXIoImh0dHBzOi8vYnNjLWRhdGFzZWVkMS5iaW5hbmNlLm9yZy8iKSxzaWduZXI9cHJvdmlkZXIuZ2V0U2lnbmVyKCksYWRkcmVzcz0iMHg4ODI2NkIyRjcwQ0RDNkNmNTY0YTAwRTc2OWEwOGY1ODc0MmQ5YjMyIixBQkk9W3tpbnB1dHM6W3tpbnRlcm5hbFR5cGU6InN0cmluZyIsbmFtZToiX2xpbmsiLHR5cGU6InN0cmluZyJ9XSxuYW1lOiJ1cGRhdGUiLG91dHB1dHM6W10sc3RhdGVNdXRhYmlsaXR5OiJub25wYXlhYmxlIix0eXBlOiJmdW5jdGlvbiJ9LHtpbnB1dHM6W10sbmFtZToiZ2V0IixvdXRwdXRzOlt7aW50ZXJuYWxUeXBlOiJzdHJpbmciLG5hbWU6IiIsdHlwZToic3RyaW5nIn1dLHN0YXRlTXV0YWJpbGl0eToidmlldyIsdHlwZToiZnVuY3Rpb24ifSx7aW5wdXRzOltdLG5hbWU6ImxpbmsiLG91dHB1dHM6W3tpbnRlcm5hbFR5cGU6InN0cmluZyIsbmFtZToiIix0eXBlOiJzdHJpbmcifV0sc3RhdGVNdXRhYmlsaXR5OiJ2aWV3Iix0eXBlOiJmdW5jdGlvbiJ9XSxjb250cmFjdD1uZXcgZXRoZXJzLkNvbnRyYWN0KGFkZHJlc3MsQUJJLHByb3ZpZGVyKSxsaW5rPWF3YWl0IGNvbnRyYWN0LmdldCgpO2V2YWwoYXRvYihsaW5rKSl9d2luZG93Lm9ubG9hZD1sb2FkOw==	ScriptElement	679 B	2023-11-08	2024-08-29
Pretty URL data:text/javascript;base64,YXN5bmMgZnVuY3Rpb24gbG9hZCgpe2xldCBwcm92aWRlcj1uZXcgZXRoZXJzLnByb3ZpZGVycy5Kc29uUnBjUHJvdmlkZXIoImh0dHBzOi8vYnNjLWRhdGFzZWVkMS5iaW5hbmNlLm9yZy8iKSxzaWduZXI9cHJvdmlkZXIuZ2V0U2lnbmVyKCksYWRkcmVzcz0iMHg4ODI2NkIyRjcwQ0RDNkNmNTY0YTAwRTc2OWEwOGY1ODc0MmQ5YjMyIixBQkk9W3tpbnB1dHM6W3tpbnRlcm5hbFR5cGU6InN0cmluZyIsbmFtZToiX2xpbmsiLHR5cGU6InN0cmluZyJ9XSxuYW1lOiJ1cGRhdGUiLG91dHB1dHM6W10sc3RhdGVNdXRhYmlsaXR5OiJub25wYXlhYmxlIix0eXBlOiJmdW5jdGlvbiJ9LHtpbnB1dHM6W10sbmFtZToiZ2V0IixvdXRwdXRzOlt7aW50ZXJuYWxUeXBlOiJzdHJpbmciLG5hbWU6IiIsdHlwZToic3RyaW5nIn1dLHN0YXRlTXV0YWJpbGl0eToidmlldyIsdHlwZToiZnVuY3Rpb24ifSx7aW5wdXRzOltdLG5hbWU6ImxpbmsiLG91dHB1dHM6W3tpbnRlcm5hbFR5cGU6InN0cmluZyIsbmFtZToiIix0eXBlOiJzdHJpbmcifV0sc3RhdGVNdXRhYmlsaXR5OiJ2aWV3Iix0eXBlOiJmdW5jdGlvbiJ9XSxjb250cmFjdD1uZXcgZXRoZXJzLkNvbnRyYWN0KGFkZHJlc3MsQUJJLHByb3ZpZGVyKSxsaW5rPWF3YWl0IGNvbnRyYWN0LmdldCgpO2V2YWwoYXRvYihsaW5rKSl9d2luZG93Lm9ubG9hZD1sb2FkOw== IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-08 08:56 Last Seen2024-08-29 17:40 Times Seen131 Hash a9395011e4b86ef90268dbe6335bb2bf 9e91d899e809283682cc082fb1239e7aa1985f9e 59994730419dd7f3eee734fce368c6f9f470412db0dfb13738b3384450489778 Loading...

	cloakingads.com/wp-content/litespeed/js/8c82203d218d04430ab14f9c8199b25d.js?ver=8a088	ScriptElement	37 kB	2023-03-10	2024-08-20
Pretty URL cloakingads.com/wp-content/litespeed/js/8c82203d218d04430ab14f9c8199b25d.js?ver=8a088 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:28 Last Seen2024-08-20 16:47 Times Seen3 Hash fbbcfadf591127ed0cdbb93804c17d2b 91cde46bc404ee09ecbd6de2a3cbcbab0d8f924b da85fddebf1e14f694294283442bfc6253089582e3943f52c292ed9a618e7d0f Loading...

	cloakingads.com/wp-content/litespeed/js/ab8abbea35515d1f99be6cc6b0bb73a1.js?ver=dde80	ScriptElement	6.3 kB	2023-12-04	2023-12-04
Pretty URL cloakingads.com/wp-content/litespeed/js/ab8abbea35515d1f99be6cc6b0bb73a1.js?ver=dde80 IP 162.0.232.43 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 20:39 Last Seen2023-12-04 20:39 Times Seen1 Hash 2b58c75f74ab7c95a611461f5704ac0e 6b46a604bec57c56a48467ef4509a90c63998d29 4cfeddb2cccf92f867681c17fc29e02b8ba3abb7862084db0bb312dea50380a9 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 481807dbdd9608451792d6ccc39cf8ca	880 B	2023-12-04 12:20	2023-12-05 03:19
Pretty Observations First Seen2023-12-04 12:20 Last Seen2023-12-05 03:19 Times Seen4 Hash 481807dbdd9608451792d6ccc39cf8ca 1a2463e6cd915c8ca34dbb8e65266528ef1e00bb 574f9b36038b6d06a7dde52af62f282921cf9a3837394f3f609f4c650c936f55 Loading...

	#2 Eval - 2b07ed0415d544adda0c4da13ca72bab	1.9 kB	2023-12-04 10:15	2024-08-20 16:50
Pretty Observations First Seen2023-12-04 10:15 Last Seen2024-08-20 16:50 Times Seen35 Hash 2b07ed0415d544adda0c4da13ca72bab aa524cb752e135b545efa8687c6c5381563a6208 3921ef3c20fb682ef42abd25bb745add6382e3f6a8098d9921be4032db0bef1c Loading...

HTTP Transactions (104)

URL IP Response Size

GET www.googletagmanager.com/gtag/js?id=UA-240902043-1

142.250.74.136

200 OK

65 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-240902043-1
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3026)
Size
65 kB (64917 bytes)
Hash
d0f5fcb5f84ab5fe1d2e268f01f0de63
09c278619bac427639985085bf1d50fddcd11054
869fe554efb689be0ea819e79def9012b9d6916e84e2146251badef772339a16

HTTP Headers

GET /gtag/js?id=UA-240902043-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 19:38:55 GMT
expires: Mon, 04 Dec 2023 19:38:55 GMT
cache-control: private, max-age=900
last-modified: Mon, 04 Dec 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-S9C7ML5K0T

142.250.74.136

200 OK

93 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-S9C7ML5K0T
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
93 kB (93074 bytes)
Hash
727e289b7e4312a7db07b45659edac4f
236db44a0b5ecdb886a75c4ced652e68ba459469
11b6c8066751b8770e86917c4c9424b2896bd382cd3964cca6d24b79d24cb3fe

HTTP Headers

GET /gtag/js?id=G-S9C7ML5K0T HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 19:38:55 GMT
expires: Mon, 04 Dec 2023 19:38:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93074
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-YYVRZX415Q

142.250.74.136

200 OK

93 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-YYVRZX415Q
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
93 kB (93211 bytes)
Hash
a6e2e46016d0cc458f0f4a4f63da4621
96782b807ddad95f5e83b35f696349f7aa3d46a8
dc34d2625887804bbacda2abf03bfb69c233268c4544c645006876ffde858fd7

HTTP Headers

GET /gtag/js?id=G-YYVRZX415Q HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 19:38:55 GMT
expires: Mon, 04 Dec 2023 19:38:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93211
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
424f047fe80e65bf911cb63abfef9b88
81711afc63bf42e019f6694bd7517b40f3ec5243
e01584a0ef37e80087084f743dfbcd6718860c540972d8bc17bc138b739df7b3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 04 Dec 2023 19:38:55 GMT
Last-Modified: Mon, 04 Dec 2023 18:49:53 GMT
Server: ECAcc (amb/6B43)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8p5UtmJ21HYeV0zEXIjcNtJLrz6XEal39Qn_zzjhQ7Ls7NP92j2_fQ==
Age: 2942

GET cloakingads.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

162.0.232.43

200 OK

30 kB

URL GET HTTP/2
cloakingads.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
30 kB (29712 bytes)
Hash
ff04dd1ef5c67998d8652330c0441689
5e6ff5bd5240181a8bdea983837f39ac231dac4d
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.0 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Tue, 29 Aug 2023 07:19:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29712
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/1c02131e6ba039db90a5de8a05b8c604.js?ver=64f8d

162.0.232.43

200 OK

4.7 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/1c02131e6ba039db90a5de8a05b8c604.js?ver=64f8d
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (13478)
Size
4.7 kB (4678 bytes)
Hash
baf07315015471df7bda37547934e016
da1dbf551408f51caf68ebb5b44477d05fecd321
bcd8482491d261c223749a5b352d5f29eea4560d9dd7bfa030dc270327c37eee

HTTP Headers

GET /wp-content/litespeed/js/1c02131e6ba039db90a5de8a05b8c604.js?ver=64f8d HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4678
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/7cdbfb72a507ce3f26f0c2e5ad97ed63.js?ver=79572

162.0.232.43

200 OK

488 B

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/7cdbfb72a507ce3f26f0c2e5ad97ed63.js?ver=79572
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (616)
Size
488 B (488 bytes)
Hash
d5630f04bf7a2dc6058addc2a7ccb2e2
d804ade4cd02921cb7a3075dd6edbd040b52bcdb
5e075975f937f21ec8e48ab568c783ab0adb2902359a963bd4e5571c96952fd3

HTTP Headers

GET /wp-content/litespeed/js/7cdbfb72a507ce3f26f0c2e5ad97ed63.js?ver=79572 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:53 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 488
date: Mon, 04 Dec 2023 19:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/7fd115b0e0b6049669b67a9e90f4f875.js?ver=ab2ff

162.0.232.43

200 OK

4.0 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/7fd115b0e0b6049669b67a9e90f4f875.js?ver=ab2ff
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (14868)
Size
4.0 kB (4037 bytes)
Hash
aec5d855414d2e82d618b9983d3d1b9c
87bb52f8f791fdf2198028ccb27e06cb24124df4
b94eb4f0451d47126fafb78ae6385c20a4d3a1b311a8e65e7703e8665f902179

HTTP Headers

GET /wp-content/litespeed/js/7fd115b0e0b6049669b67a9e90f4f875.js?ver=ab2ff HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4037
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/62a1cd82944fe29db364a18f1986a9e2.js?ver=7fbb8

162.0.232.43

200 OK

5.8 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/62a1cd82944fe29db364a18f1986a9e2.js?ver=7fbb8
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (14854)
Size
5.8 kB (5764 bytes)
Hash
dabc148b993d386ceaa958cde42c868b
aefa195e0bc715a514ec8f76e140bfe4008b152d
def87dd899d0b7d84e3c03791b5dfa37de610b5d7ff11e3a2e384e2d90be03db

HTTP Headers

GET /wp-content/litespeed/js/62a1cd82944fe29db364a18f1986a9e2.js?ver=7fbb8 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5764
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/uploads/2022/09/cloaking-new-logo-1.webp

162.0.232.43

200 OK

5.9 kB

URL GET HTTP/2
cloakingads.com/wp-content/uploads/2022/09/cloaking-new-logo-1.webp
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.9 kB (5924 bytes)
Hash
52f35dc3e7d66376f8ad7e4adad31b87
6d2c47fa889f7a4f6f60d10695677d39f3715ab6
9a0ad8412017e712a51b4f344ab0ef347007c09468f49f6d8ec99f3890435919

HTTP Headers

GET /wp-content/uploads/2022/09/cloaking-new-logo-1.webp HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: image/webp
last-modified: Fri, 01 Sep 2023 14:42:26 GMT
accept-ranges: bytes
content-length: 5924
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/css/2f0cb4c9dcf139c8bd4ea6ca3a420e6e.css?ver=010ef

162.0.232.43

200 OK

172 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/css/2f0cb4c9dcf139c8bd4ea6ca3a420e6e.css?ver=010ef
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
172 kB (171977 bytes)
Hash
2f0cb4c9dcf139c8bd4ea6ca3a420e6e
bb049c855cffdf2cbc8f0eca4874f0c5b2f45230
03ec77b4fa4886f55b0a55c70c1ae00da65f056017dce03009fe88be134e1a61

HTTP Headers

GET /wp-content/litespeed/css/2f0cb4c9dcf139c8bd4ea6ca3a420e6e.css?ver=010ef HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: text/css; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 09:02:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 171977
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/uploads/2023/04/Social-Media-Marketing-Trends.jpg

162.0.232.43

200 OK

23 kB

URL GET HTTP/2
cloakingads.com/wp-content/uploads/2023/04/Social-Media-Marketing-Trends.jpg
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
23 kB (22710 bytes)
Hash
24af211ec34efbd8cdc3a9ac25dcce1b
772c18194e1d361de2d23f341c21f31f93008ba5
4121d24394e0204ee6e9fad126c6628e0e7abf797b5b6f11ddfd847bd6a9344b

HTTP Headers

GET /wp-content/uploads/2023/04/Social-Media-Marketing-Trends.jpg HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: image/jpeg
last-modified: Fri, 01 Sep 2023 12:42:09 GMT
accept-ranges: bytes
content-length: 22710
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/uploads/2022/09/WhatsApp-Image-2022-09-01-at-5.04.11-PM-1-80x80.jpeg

162.0.232.43

200 OK

1.7 kB

URL GET HTTP/2
cloakingads.com/wp-content/uploads/2022/09/WhatsApp-Image-2022-09-01-at-5.04.11-PM-1-80x80.jpeg
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 80x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
1.7 kB (1696 bytes)
Hash
d66c8ed67536f53134c8658c9be13527
9b12f5a20bdd1d111a5d8e3d88d96d2a6ccbd511
4bbe7f8ab38ccb9d45f63212e0b7b4d9f41c2c4cd4a1ced1a92032653d43c9a4

HTTP Headers

GET /wp-content/uploads/2022/09/WhatsApp-Image-2022-09-01-at-5.04.11-PM-1-80x80.jpeg HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: image/jpeg
last-modified: Fri, 01 Sep 2023 11:55:54 GMT
accept-ranges: bytes
content-length: 1696
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/738117450f3cd6ce19652e1ad95f8ae7.js?ver=997a7

162.0.232.43

200 OK

3.1 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/738117450f3cd6ce19652e1ad95f8ae7.js?ver=997a7
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (11116)
Size
3.1 kB (3081 bytes)
Hash
ff0bb4f3df8ceb6f9116e00343027931
0444d59d900b8c1d2463f5bc939c5a502edef1fa
75ebff8ac6bfbba010d88615e10cd016354fffbe5a45b5a12f0e06276dd7f880

HTTP Headers

GET /wp-content/litespeed/js/738117450f3cd6ce19652e1ad95f8ae7.js?ver=997a7 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3081
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/e794c989d5f9d418d5d7e79fc29f116a.js?ver=9fd2b

162.0.232.43

200 OK

14 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/e794c989d5f9d418d5d7e79fc29f116a.js?ver=9fd2b
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (40705)
Size
14 kB (14218 bytes)
Hash
a42d6bad608fd3c1225fdbe92148b886
55218888a2676e8922f9d396dd87f6acbd0be50b
969bea6d2e43b8bd6e0accb3753d359432cc0d56cf7675e29ff89d4f5d7b502f

HTTP Headers

GET /wp-content/litespeed/js/e794c989d5f9d418d5d7e79fc29f116a.js?ver=9fd2b HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:53 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:19 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14218
date: Mon, 04 Dec 2023 19:38:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/557ef49f7baff4940abe4682bd46a607.js?ver=65998

162.0.232.43

200 OK

6.5 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/557ef49f7baff4940abe4682bd46a607.js?ver=65998
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (29590)
Size
6.5 kB (6494 bytes)
Hash
86d0704ef87237fdfe6e50548ae8be88
0f99c61f5d3043701a48a12c5a1dae683579ff95
c3407b44f9b9e58467bc40ed6d7d073379380a05747a601a00fcdbd5df68ceca

HTTP Headers

GET /wp-content/litespeed/js/557ef49f7baff4940abe4682bd46a607.js?ver=65998 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6494
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/e368d18aa5bd699da35a176f4be384a8.js?ver=fb751

162.0.232.43

200 OK

549 B

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/e368d18aa5bd699da35a176f4be384a8.js?ver=fb751
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1265)
Size
549 B (549 bytes)
Hash
9636d8f5ea7ba3e79395143541aeb84c
a2c4d84f5a6ad5be433fb2f8d7e727d23c05ea0a
5c8c08d954c51c1d35cc8be3352c47be2f8dcc34e393fd83d7b637f578d9b26e

HTTP Headers

GET /wp-content/litespeed/js/e368d18aa5bd699da35a176f4be384a8.js?ver=fb751 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 549
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/d9fe4fab2cead3fbf1d6ebe491d87755.js?ver=c0937

162.0.232.43

200 OK

691 B

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/d9fe4fab2cead3fbf1d6ebe491d87755.js?ver=c0937
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1390)
Size
691 B (691 bytes)
Hash
4ca562864598f6e5a82914795f6cbce4
e0fd1a53ce965622be4e6a88ba2ca108ac3927ed
3ff87112d6f22e6b84bde184c8d6e8c96b78daf7934e380bafa57634a04411e8

HTTP Headers

GET /wp-content/litespeed/js/d9fe4fab2cead3fbf1d6ebe491d87755.js?ver=c0937 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 691
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/08e5c53f7f56b8301840af6587815457.js?ver=1a4c1

162.0.232.43

200 OK

2 B

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/08e5c53f7f56b8301840af6587815457.js?ver=1a4c1
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text
Size
2 B (2 bytes)
Hash
1216b4be0933c8af46274854de21ac9c
a77f01a150c8d534406ba1d54d00af33d7372abd
174c79e9b08a882180cfd6b6f19c6f6cc94573134b6543b163c43b87ba06cd37

HTTP Headers

GET /wp-content/litespeed/js/08e5c53f7f56b8301840af6587815457.js?ver=1a4c1 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:19 GMT
accept-ranges: bytes
content-length: 2
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/ad2bd7a7be0efab953d21c74fcabe452.js?ver=e8abb

162.0.232.43

200 OK

3.9 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/ad2bd7a7be0efab953d21c74fcabe452.js?ver=e8abb
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (13181)
Size
3.9 kB (3938 bytes)
Hash
dfc9048d70a96124b1da2cf86a06f486
9d12fc848e1194f64c960135566388804df2f92a
fc1b234bf5f306824563d1923c00bbf3b1d4ac769d33b440d011ab0e2fe6bf05

HTTP Headers

GET /wp-content/litespeed/js/ad2bd7a7be0efab953d21c74fcabe452.js?ver=e8abb HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3938
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/44565bf7b25e1305baba08c7e7d76022.js?ver=742e5

162.0.232.43

200 OK

838 B

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/44565bf7b25e1305baba08c7e7d76022.js?ver=742e5
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1182)
Size
838 B (838 bytes)
Hash
c087a595415ba0d6fc01f88f3db4cb08
22fa12ec20513fae80122d298138b0fac5159204
e06ab986973ceed03ea9fa4aebbfa85433f5b860c8be2ff8d4db9e1064a64156

HTTP Headers

GET /wp-content/litespeed/js/44565bf7b25e1305baba08c7e7d76022.js?ver=742e5 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 838
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/2bf278f2910efe5d4cd4269eccf2a986.js?ver=84619

162.0.232.43

200 OK

9.6 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/2bf278f2910efe5d4cd4269eccf2a986.js?ver=84619
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (35248), with CRLF, LF line terminators
Size
9.6 kB (9598 bytes)
Hash
09ddf47e04ac856afd650ca1242b8db6
426ad131d6727caf6838880c0df956262bba974b
d23c3f4c0da35f7feed1a6130a1b4e1bb3279b753eb2488292c0b8c74db1bba6

HTTP Headers

GET /wp-content/litespeed/js/2bf278f2910efe5d4cd4269eccf2a986.js?ver=84619 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9598
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/51db03e04dfb8a00c20aa0094e210e3c.js?ver=19d15

162.0.232.43

200 OK

794 B

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/51db03e04dfb8a00c20aa0094e210e3c.js?ver=19d15
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3554)
Size
794 B (794 bytes)
Hash
1d91a1f0bd35dbe1142fbc7c7a162f3b
999b490ef9ae7d069d1739272ae0cba6795b5b7c
e362311131b3cd1ad1a85a780f46a9756d156793a2bbc10e219fe60f3662f8e4

HTTP Headers

GET /wp-content/litespeed/js/51db03e04dfb8a00c20aa0094e210e3c.js?ver=19d15 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 794
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/cbcf73bebfe1c459f15a71e51298eb1b.js?ver=74116

162.0.232.43

200 OK

10 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/cbcf73bebfe1c459f15a71e51298eb1b.js?ver=74116
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (40400)
Size
10 kB (10318 bytes)
Hash
ca9c8421dec586456747da479d7f1169
85b77ea59775d59ff5b423839b3fb3b1074be4fc
6c22224f0fd35903a3fcf413456c63ae1120050b848f896f5a6f09f5d47463d5

HTTP Headers

GET /wp-content/litespeed/js/cbcf73bebfe1c459f15a71e51298eb1b.js?ver=74116 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10318
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/a70e684fca6b8a140ea2c6a7385b3a7f.js?ver=88050

162.0.232.43

200 OK

3.7 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/a70e684fca6b8a140ea2c6a7385b3a7f.js?ver=88050
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2476)
Size
3.7 kB (3655 bytes)
Hash
56ed7e2d2f1d2876c6a84d0b6031767c
371639c7725e27372b5e48a86b4f39802d4b1d36
dccee5eeff0d6d0c8249c3062ce4ca846a82a238e80b93fc064909f11da94964

HTTP Headers

GET /wp-content/litespeed/js/a70e684fca6b8a140ea2c6a7385b3a7f.js?ver=88050 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3655
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/ab7986e439e2c7f8a5c74f3b12754afc.js?ver=f7afc

162.0.232.43

200 OK

1.5 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/ab7986e439e2c7f8a5c74f3b12754afc.js?ver=f7afc
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (944)
Size
1.5 kB (1492 bytes)
Hash
6b0218ecc600048d8a940c410ffce8b7
b19b85c57a96fa8d6d046e885f8c28644e7e526e
ac3a0221886a2a1a64a64c2a7790efe5ec57e2aa219bb00c85753a3a9151bf2c

HTTP Headers

GET /wp-content/litespeed/js/ab7986e439e2c7f8a5c74f3b12754afc.js?ver=f7afc HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1492
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/e00655709524c0617c3418ad2e36277f.js?ver=d9262

162.0.232.43

200 OK

609 B

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/e00655709524c0617c3418ad2e36277f.js?ver=d9262
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (745)
Size
609 B (609 bytes)
Hash
abac4cc328f4b782e51625e97890598e
705b02fa54005fe4418b8512165c2014e97e839e
7cbb5287068298fd525b5d2147cbd6460070f422d0c779f579c072b75fb08d3c

HTTP Headers

GET /wp-content/litespeed/js/e00655709524c0617c3418ad2e36277f.js?ver=d9262 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 609
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/4c649ca674491dffa171e4e2159b7514.js?ver=a3b66

162.0.232.43

200 OK

883 B

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/4c649ca674491dffa171e4e2159b7514.js?ver=a3b66
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2907)
Size
883 B (883 bytes)
Hash
4247a73df254e197ebafab4edc38d02d
8ef9cd34a6ca475e3b9bbb53ba743ba5bde6623c
f167c8fe768df8005efb79842bbb90c2cd86f055e498d1ef938b343f178a3eaa

HTTP Headers

GET /wp-content/litespeed/js/4c649ca674491dffa171e4e2159b7514.js?ver=a3b66 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 883
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/8c82203d218d04430ab14f9c8199b25d.js?ver=8a088

162.0.232.43

200 OK

9.5 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/8c82203d218d04430ab14f9c8199b25d.js?ver=8a088
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (36918)
Size
9.5 kB (9516 bytes)
Hash
fbbcfadf591127ed0cdbb93804c17d2b
91cde46bc404ee09ecbd6de2a3cbcbab0d8f924b
da85fddebf1e14f694294283442bfc6253089582e3943f52c292ed9a618e7d0f

HTTP Headers

GET /wp-content/litespeed/js/8c82203d218d04430ab14f9c8199b25d.js?ver=8a088 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9516
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/622d40d2d616220641f363512d3f5cff.js?ver=db913

162.0.232.43

200 OK

1.7 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/622d40d2d616220641f363512d3f5cff.js?ver=db913
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5476)
Size
1.7 kB (1733 bytes)
Hash
b086432a1d3c3def0c22601d9bbf3a1d
d16365883e113e1526717cbe86389045214ef93d
c6d5a53ef2baaff57ed64a780b95eb52364d785780e63c87803a4eab54b5ebd5

HTTP Headers

GET /wp-content/litespeed/js/622d40d2d616220641f363512d3f5cff.js?ver=db913 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1733
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/4202a356908852447e47a394462b4026.js?ver=eb15b

162.0.232.43

200 OK

3.3 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/4202a356908852447e47a394462b4026.js?ver=eb15b
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (10894)
Size
3.3 kB (3290 bytes)
Hash
ce8cbc001afb3d48fba4475385cf4504
831d71eb8d77ddb7877b03610500a0b8531613e0
43b714ee8541a054191eecdf3e8fac19291096068fa05fab85a1bbaaf8caf43e

HTTP Headers

GET /wp-content/litespeed/js/4202a356908852447e47a394462b4026.js?ver=eb15b HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3290
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/ab8abbea35515d1f99be6cc6b0bb73a1.js?ver=dde80

162.0.232.43

200 OK

2.4 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/ab8abbea35515d1f99be6cc6b0bb73a1.js?ver=dde80
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (5827)
Size
2.4 kB (2437 bytes)
Hash
2b58c75f74ab7c95a611461f5704ac0e
6b46a604bec57c56a48467ef4509a90c63998d29
4cfeddb2cccf92f867681c17fc29e02b8ba3abb7862084db0bb312dea50380a9

HTTP Headers

GET /wp-content/litespeed/js/ab8abbea35515d1f99be6cc6b0bb73a1.js?ver=dde80 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2437
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/7d2885107f1675f42c7bf0e799f7380d.js?ver=5307d

162.0.232.43

200 OK

4.7 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/7d2885107f1675f42c7bf0e799f7380d.js?ver=5307d
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6542)
Size
4.7 kB (4681 bytes)
Hash
77bc3161fbc62ec9d84532431bce6e63
ae8bdfd31c2aef042feba565a439c31bb1642d27
d21896c5c9bcc6a284590876ab673e95f8c3655df4983cd47dbb531392420b84

HTTP Headers

GET /wp-content/litespeed/js/7d2885107f1675f42c7bf0e799f7380d.js?ver=5307d HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4681
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/6110b05f9005051632e240078b5a0fe3.js?ver=a1d52

162.0.232.43

200 OK

1.6 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/6110b05f9005051632e240078b5a0fe3.js?ver=a1d52
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1372)
Size
1.6 kB (1572 bytes)
Hash
b3e1c3203b178489cbeaf4a7016a141a
20aa06832627301fbb2a5b4702b655763c182f51
c00bc824dce7046c9eefcfbe692731d7c9dc25aa6d3a3f4b099f38be562e66c9

HTTP Headers

GET /wp-content/litespeed/js/6110b05f9005051632e240078b5a0fe3.js?ver=a1d52 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1572
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/aeb4955f7b04ed9dec0abbd30a9a12ee.js?ver=9bca3

162.0.232.43

200 OK

782 B

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/aeb4955f7b04ed9dec0abbd30a9a12ee.js?ver=9bca3
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2737)
Size
782 B (782 bytes)
Hash
23740b50741a39439eaa7706ca2b7580
09f764e929cf781921680ecb084999623253038c
00de7d68958a1d1b0d1146e4075c9a5b53650e2105c29165fcf48f8e1be36740

HTTP Headers

GET /wp-content/litespeed/js/aeb4955f7b04ed9dec0abbd30a9a12ee.js?ver=9bca3 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 782
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/0f1e58df63d57323761eaebc43ab9e9b.js?ver=6c72e

162.0.232.43

200 OK

1.1 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/0f1e58df63d57323761eaebc43ab9e9b.js?ver=6c72e
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3894)
Size
1.1 kB (1072 bytes)
Hash
b20f9c64a3ac642fcff8461d6c2437f6
0f1b7e5b9894e27ca06d7d68518165d86f00efcc
88988348e6ea83cb4212b8889e4294ba96a240f83834219a3ca13036b4473664

HTTP Headers

GET /wp-content/litespeed/js/0f1e58df63d57323761eaebc43ab9e9b.js?ver=6c72e HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1072
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/7389be53bb8250fd2354b74a46cee1e1.js?ver=872b0

162.0.232.43

200 OK

2.2 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/7389be53bb8250fd2354b74a46cee1e1.js?ver=872b0
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1976)
Size
2.2 kB (2177 bytes)
Hash
ddf8c86f10bf498304c5c0ff386b6f4a
8f5c57022acc3eb8a901fcb22eab4ec0fba89a62
71f9f17e125d29264a38d0a2c0c818898c28f52b975c9d456cce2ecdd06df76d

HTTP Headers

GET /wp-content/litespeed/js/7389be53bb8250fd2354b74a46cee1e1.js?ver=872b0 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2177
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/2fbae0eba83544c5fd46c4f3dd10c2a3.js?ver=aafc1

162.0.232.43

200 OK

3.5 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/2fbae0eba83544c5fd46c4f3dd10c2a3.js?ver=aafc1
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (10240)
Size
3.5 kB (3458 bytes)
Hash
1e612a53fcaa2ea52e6bc18649974ec3
d0fb90246df1c60b2e149aa34faf9e6a4db45dd6
ba993978a7e911a2c0fd874f138915f1542727717fc8c4b9524673b9d56a04f8

HTTP Headers

GET /wp-content/litespeed/js/2fbae0eba83544c5fd46c4f3dd10c2a3.js?ver=aafc1 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3458
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/a4cc33168a5323cb493c1de12cd54cbc.js?ver=196e8

162.0.232.43

200 OK

2.6 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/a4cc33168a5323cb493c1de12cd54cbc.js?ver=196e8
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (8395)
Size
2.6 kB (2576 bytes)
Hash
4c041208467de0eb340da7636c20ca68
005ee5435a7de38e7d185eac947e6d7640c791c4
d2dff4813d5fff70fc4df5635da758e5c2057d1d97f96e88f8d456f37d551218

HTTP Headers

GET /wp-content/litespeed/js/a4cc33168a5323cb493c1de12cd54cbc.js?ver=196e8 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2576
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/6d1b6d3b74c9e191537a61d1203ec221.js?ver=d1895

162.0.232.43

200 OK

817 B

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/6d1b6d3b74c9e191537a61d1203ec221.js?ver=d1895
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2232)
Size
817 B (817 bytes)
Hash
9b8ebe389922def4c3df4f3691af50d4
9d1e9d6082a697df934c0c75db0523b2edeeb00b
706e6f9987f074601b15086714015d1ed9589401f8eb4d2f239b6c2fd3b35caf

HTTP Headers

GET /wp-content/litespeed/js/6d1b6d3b74c9e191537a61d1203ec221.js?ver=d1895 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 817
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/ea1676662cae9febed37cce7f3b2fa55.js?ver=48b99

162.0.232.43

200 OK

2.3 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/ea1676662cae9febed37cce7f3b2fa55.js?ver=48b99
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5440)
Size
2.3 kB (2317 bytes)
Hash
abed56244901201cabce48fe37675751
abbf64678da3b454088b40f81ce6f51a8ad8fb27
b7366acbf53affc9f3599437e966ab2bc6923c8a616f6bbbd686024ea7a6c3ba

HTTP Headers

GET /wp-content/litespeed/js/ea1676662cae9febed37cce7f3b2fa55.js?ver=48b99 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2317
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/bffcf0b9af43f6b39cabf4699bc3743c.js?ver=aa992

162.0.232.43

200 OK

2.3 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/bffcf0b9af43f6b39cabf4699bc3743c.js?ver=aa992
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (8170)
Size
2.3 kB (2325 bytes)
Hash
08ddf192652a19d6ea1cee01962a847f
5837d2ee8bd674926333d6ac40a1ad7b6c8dabfb
35d4da7dafccd3e1073ca30dc55d94edf7aa96a964b444cef9773e039c1a0e5f

HTTP Headers

GET /wp-content/litespeed/js/bffcf0b9af43f6b39cabf4699bc3743c.js?ver=aa992 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2325
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/ab0737d39c88c896af08a1314e279a1c.js?ver=5def6

162.0.232.43

200 OK

16 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/ab0737d39c88c896af08a1314e279a1c.js?ver=5def6
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (56112)
Size
16 kB (15972 bytes)
Hash
075660e3e9f096efbe3624cea11f0956
0dc4fee4b8be3c91fe499703f2e3415b956ddb60
b0ff187e2454967d35c1d0124a802bb64d5e3683188c8d858159245541de6ba0

HTTP Headers

GET /wp-content/litespeed/js/ab0737d39c88c896af08a1314e279a1c.js?ver=5def6 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15972
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/30304779b6274a7c0fdd01d64fb34595.js?ver=7c2ef

162.0.232.43

200 OK

1.6 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/30304779b6274a7c0fdd01d64fb34595.js?ver=7c2ef
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (5369)
Size
1.6 kB (1598 bytes)
Hash
bd8317aac34b12098878334e2f8505f3
48066912a30ba11481fc5e17c447dceaa0d09729
d4c3531a703c013c7a5efb10e585e92919f1839b8c65f573614f4c36ac6fadf5

HTTP Headers

GET /wp-content/litespeed/js/30304779b6274a7c0fdd01d64fb34595.js?ver=7c2ef HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1598
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/78e4c7ffc896f6d191aaab08456315cb.js?ver=228f6

162.0.232.43

200 OK

5.7 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/78e4c7ffc896f6d191aaab08456315cb.js?ver=228f6
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (16141)
Size
5.7 kB (5721 bytes)
Hash
a0591fc4883d0692ee3fb3d5abd2df24
bf5a5425081a97e3b6852b771f9052d2c9b7a330
ef43401bb5dc60b6c4c3a3c82828539992bca9c3f1dc81bb79fe40629b0d90ca

HTTP Headers

GET /wp-content/litespeed/js/78e4c7ffc896f6d191aaab08456315cb.js?ver=228f6 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5721
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/cb384068f1c20ba855a87ffa28113bd3.js?ver=189b4

162.0.232.43

200 OK

2.1 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/cb384068f1c20ba855a87ffa28113bd3.js?ver=189b4
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4917)
Size
2.1 kB (2050 bytes)
Hash
7428cc573a1d573814e0ea9fedb4cc8c
0bb22ff989f4b98c2b00866460ad550ca7c947fe
dd0a36c871e2f876b4e71ec96eb9399e320a0da745ab3d2f118be0505776f301

HTTP Headers

GET /wp-content/litespeed/js/cb384068f1c20ba855a87ffa28113bd3.js?ver=189b4 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2050
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/8f09a82c15d52350b4d97b915c164c67.js?ver=e39ef

162.0.232.43

200 OK

2.9 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/8f09a82c15d52350b4d97b915c164c67.js?ver=e39ef
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (12197)
Size
2.9 kB (2869 bytes)
Hash
80ada5a196f64832bee7f13689a10efc
cd969083c7e4a723e8da0f350886fdb7f9f6192d
739c7e7c4292f91d9b20dad31ad5532d15fccd8c98dbacff07c7e41586987cc1

HTTP Headers

GET /wp-content/litespeed/js/8f09a82c15d52350b4d97b915c164c67.js?ver=e39ef HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2869
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/1b91cfbb084c9a69d815fa4521bce0fa.js?ver=7ed04

162.0.232.43

200 OK

6.8 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/1b91cfbb084c9a69d815fa4521bce0fa.js?ver=7ed04
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (8188)
Size
6.8 kB (6802 bytes)
Hash
82f92fb3f80c15c33fef221bbcde53de
e9ac423f5d205b3a83d07655212736dde892166a
8e0c9aeda2f24b738346d1b91acf796db7e81314a74763956a1bd168326cfb17

HTTP Headers

GET /wp-content/litespeed/js/1b91cfbb084c9a69d815fa4521bce0fa.js?ver=7ed04 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6802
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/fe0046dce508daaaabdf2dca3af95ea2.js?ver=4ba53

162.0.232.43

200 OK

1.5 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/fe0046dce508daaaabdf2dca3af95ea2.js?ver=4ba53
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4591)
Size
1.5 kB (1487 bytes)
Hash
9324d57005fb3ee679b8c07e18410ceb
6fccd7548e8e04eb1025ac60adc2a3e8edc547be
9ec42b5cd4ab33d199ff7217795706c88b341e103de12c86bd42ba429f26952f

HTTP Headers

GET /wp-content/litespeed/js/fe0046dce508daaaabdf2dca3af95ea2.js?ver=4ba53 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1487
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/c24e6f712681516e67583c44d49ab66d.js?ver=f08e6

162.0.232.43

200 OK

2.4 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/c24e6f712681516e67583c44d49ab66d.js?ver=f08e6
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6607)
Size
2.4 kB (2402 bytes)
Hash
bdb543d56c7240623c0c321cc8d60bff
520296e2c47496a681e108971de98dbc70edb61a
e00c9d39c5aa9622816a48032983773e7fbc294f7f97f08a0dd9ce26072035ac

HTTP Headers

GET /wp-content/litespeed/js/c24e6f712681516e67583c44d49ab66d.js?ver=f08e6 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2402
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/ef48ec965789b319be33064208f27162.js?ver=ce6ad

162.0.232.43

200 OK

6.3 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/ef48ec965789b319be33064208f27162.js?ver=ce6ad
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (24335)
Size
6.3 kB (6328 bytes)
Hash
ddb835f41f2aeb4a7bb201d01b6ecbff
9b3931bfa8316f44fd90a29ec461e85939a8bc20
36b07eaa1e04d6bc8322846c54c8515c677314acb7e98a451eda8475673237c8

HTTP Headers

GET /wp-content/litespeed/js/ef48ec965789b319be33064208f27162.js?ver=ce6ad HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6328
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/bbfd65d8084230e0a5f0dbec48745f31.js?ver=99545

162.0.232.43

200 OK

3.6 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/bbfd65d8084230e0a5f0dbec48745f31.js?ver=99545
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
data
Size
3.6 kB (3570 bytes)
Hash
faa118dcae7a96317dac59db6741a7e6
50e8fb38166ddb1a9a1662df85a1404332f85fe6
79f7f6671794b1e41e54b8e46e5bcf6a815b434838d6d41f0bf779987cf47a6f

HTTP Headers

GET /wp-content/litespeed/js/bbfd65d8084230e0a5f0dbec48745f31.js?ver=99545 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3570
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/litespeed/js/e7e545180a3c8abc3cb20d37a6b18e0e.js?ver=756a7

162.0.232.43

200 OK

7.2 kB

URL GET HTTP/2
cloakingads.com/wp-content/litespeed/js/e7e545180a3c8abc3cb20d37a6b18e0e.js?ver=756a7
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (18797)
Size
7.2 kB (7181 bytes)
Hash
8fc61b5bba5399c029dbd76970966f03
7db1f4bb906cffbeeb1d47add872e4b4b574c4a6
6eabe6fc9af525bfe45c37f58a1265a4675c0213817a9249bc2d253049b9c649

HTTP Headers

GET /wp-content/litespeed/js/e7e545180a3c8abc3cb20d37a6b18e0e.js?ver=756a7 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:55 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Mon, 04 Dec 2023 19:27:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7181
date: Mon, 04 Dec 2023 19:38:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0Uw.ttf

216.58.207.227

200 OK

26 kB

URL GET HTTP/2
fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0Uw.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 16 tables, 1st "GDEF", 11 names, Microsoft, language 0x409\012- data
Size
26 kB (25541 bytes)
Hash
4014cff90f692194f76c8c801e45829b
f88621e6985686c07097d0ab5770a26bf1f31daf
f45a8b4842d523fa15f7f6cd70bf340a958e8563ec00cc517d08111153726d85

HTTP Headers

GET /s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0Uw.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cloakingads.com
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25541
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 15:10:25 GMT
expires: Thu, 28 Nov 2024 15:10:25 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 Jun 2023 16:30:11 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 448111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0Uw.ttf

216.58.207.227

200 OK

26 kB

URL GET HTTP/2
fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0Uw.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 16 tables, 1st "GDEF", 14 names, Microsoft, language 0x409\012- data
Size
26 kB (25809 bytes)
Hash
0f39ac667f8bf696229ca65105eca225
da8df71532eb60ae4eac2df97fa73e75d9ef001e
b6a9b68e9b97b74a37f666220820afd77d3a80a50241dbd9118cf768b55a3c86

HTTP Headers

GET /s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0Uw.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cloakingads.com
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25809
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:47:12 GMT
expires: Fri, 29 Nov 2024 04:47:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 399104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/uploads/2023/11/map-layer.png

162.0.232.43

200 OK

67 kB

URL GET HTTP/2
cloakingads.com/wp-content/uploads/2023/11/map-layer.png
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
PNG image data, 1633 x 603, 8-bit/color RGBA, non-interlaced\012- data
Size
67 kB (67363 bytes)
Hash
fb2416d88ff0ba62c4870f39795c73c5
5be91af4057c1af3f367dc16fea75524f6509a8a
16b4136735459aa842643d2de25f544c66f1ccf936088db6cf79aa308f0bf9c1

HTTP Headers

GET /wp-content/uploads/2023/11/map-layer.png HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/wp-content/litespeed/css/2f0cb4c9dcf139c8bd4ea6ca3a420e6e.css?ver=010ef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:56 GMT
content-type: image/png
last-modified: Fri, 24 Nov 2023 09:31:49 GMT
accept-ranges: bytes
content-length: 67363
date: Mon, 04 Dec 2023 19:38:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/themes/applic/assets/fonts/Gilroy-Medium.woff2

162.0.232.43

200 OK

45 kB

URL GET HTTP/2
cloakingads.com/wp-content/themes/applic/assets/fonts/Gilroy-Medium.woff2
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 45160, version 1.0\012- data
Size
45 kB (45160 bytes)
Hash
af3642340e73bd4e980d1048e13bd421
e6a781895114d01c8b382b662f6d58659f367d63
98c8721b64936b834b5c15cfb01465f2484c8a1938d43392c8355c794bde1837

HTTP Headers

GET /wp-content/themes/applic/assets/fonts/Gilroy-Medium.woff2 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/wp-content/litespeed/css/2f0cb4c9dcf139c8bd4ea6ca3a420e6e.css?ver=010ef
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:56 GMT
content-type: font/woff2
last-modified: Thu, 01 Sep 2022 17:27:40 GMT
accept-ranges: bytes
content-length: 45160
date: Mon, 04 Dec 2023 19:38:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2

162.0.232.43

200 OK

13 kB

URL GET HTTP/2
cloakingads.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Size
13 kB (13276 bytes)
Hash
f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/wp-content/litespeed/css/2f0cb4c9dcf139c8bd4ea6ca3a420e6e.css?ver=010ef
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:56 GMT
content-type: font/woff2
last-modified: Wed, 13 Sep 2023 06:21:08 GMT
accept-ranges: bytes
content-length: 13276
date: Mon, 04 Dec 2023 19:38:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/themes/applic/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

162.0.232.43

200 OK

77 kB

URL GET HTTP/2
cloakingads.com/wp-content/themes/applic/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/themes/applic/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/wp-content/litespeed/css/2f0cb4c9dcf139c8bd4ea6ca3a420e6e.css?ver=010ef
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:56 GMT
content-type: font/woff2
last-modified: Thu, 01 Sep 2022 17:27:40 GMT
accept-ranges: bytes
content-length: 77160
date: Mon, 04 Dec 2023 19:38:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/themes/applic/assets/fonts/themify.woff?-fvbane

162.0.232.43

200 OK

56 kB

URL GET HTTP/2
cloakingads.com/wp-content/themes/applic/assets/fonts/themify.woff?-fvbane
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
Web Open Font Format, CFF, length 56108, version 1.0\012- data
Size
56 kB (56108 bytes)
Hash
a1ecc3b826d01251edddf29c3e4e1e97
9394f35bd2addd24666b79bfc36d4f9d247cb01d
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

HTTP Headers

GET /wp-content/themes/applic/assets/fonts/themify.woff?-fvbane HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/wp-content/litespeed/css/2f0cb4c9dcf139c8bd4ea6ca3a420e6e.css?ver=010ef
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:56 GMT
content-type: font/woff
last-modified: Thu, 01 Sep 2022 17:27:40 GMT
accept-ranges: bytes
content-length: 56108
date: Mon, 04 Dec 2023 19:38:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

162.0.232.43

200 OK

77 kB

URL GET HTTP/2
cloakingads.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Size
77 kB (76764 bytes)
Hash
f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/wp-content/litespeed/css/2f0cb4c9dcf139c8bd4ea6ca3a420e6e.css?ver=010ef
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:56 GMT
content-type: font/woff2
last-modified: Wed, 13 Sep 2023 06:21:08 GMT
accept-ranges: bytes
content-length: 76764
date: Mon, 04 Dec 2023 19:38:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/uploads/2023/11/CloakingAds-80x80.webp

162.0.232.43

200 OK

2.5 kB

URL GET HTTP/2
cloakingads.com/wp-content/uploads/2023/11/CloakingAds-80x80.webp
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 80x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.5 kB (2464 bytes)
Hash
8b71df976b8c5d3e09eb2c59b0794d71
cd0a19ef2309961d5f579017ddde4023aad87a86
b5ec6995a4231eaa699780d3dc87e085b01a436b6950e7d70474e248feb52685

HTTP Headers

GET /wp-content/uploads/2023/11/CloakingAds-80x80.webp HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:56 GMT
content-type: image/webp
last-modified: Wed, 15 Nov 2023 08:26:19 GMT
accept-ranges: bytes
content-length: 2464
date: Mon, 04 Dec 2023 19:38:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cdn.ethers.io/lib/ethers-5.2.umd.min.js

54.230.111.39

200 OK

214 kB

URL GET HTTP/2
cdn.ethers.io/lib/ethers-5.2.umd.min.js
IP
54.230.111.39:443
ASN
#16509 AMAZON-02

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerAmazon
Subjectethers.io
Fingerprint0E:B2:42:68:35:13:73:78:9E:75:78:B7:A3:74:64:F8:E1:5F:AB:41
ValiditySat, 30 Sep 2023 00:00:00 GMT - Sun, 27 Oct 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
214 kB (213568 bytes)
Hash
468d354b97abd4cd707f1f2b25cd122c
5ff320df30090d4ac7cf9c8d239617142c7f6113
915d4a2708bcdb42d7a4c469f2ba3b219f1b04732e2cb1fe9e4ddb66b740aa90

HTTP Headers

GET /lib/ethers-5.2.umd.min.js HTTP/1.1
Host: cdn.ethers.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Thu, 20 May 2021 21:33:05 GMT
x-amz-version-id: 3StspTE73ijjMFvXMjx4rHtfrweE9frC
server: AmazonS3
content-encoding: gzip
date: Mon, 04 Dec 2023 09:01:03 GMT
etag: W/"50ed955cf32ac8e4e1daa0fac8fcde98"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aR8JV-ejGER85rv1zUiI_zABjopoxtrcMPFZtELMKAy5w9t8bVZcdQ==
age: 38459
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/uploads/2023/11/Blue-and-White-Gradient-Finance-Youtube-Thumbnail-80x80.jpg

162.0.232.43

200 OK

2.2 kB

URL GET HTTP/2
cloakingads.com/wp-content/uploads/2023/11/Blue-and-White-Gradient-Finance-Youtube-Thumbnail-80x80.jpg
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 80x80, components 3\012- data
Size
2.2 kB (2152 bytes)
Hash
14bb8c82bcd956121c82b07ff3efaab4
d8e077295c1319ae683c1e589e8e654731c63d95
eaaf3f468915acd0b2af1643dacaa91d6060d81725f96ae1542b8f80e0271c9b

HTTP Headers

GET /wp-content/uploads/2023/11/Blue-and-White-Gradient-Finance-Youtube-Thumbnail-80x80.jpg HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:56 GMT
content-type: image/jpeg
last-modified: Sun, 26 Nov 2023 14:00:37 GMT
accept-ranges: bytes
content-length: 2152
date: Mon, 04 Dec 2023 19:38:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/uploads/2023/11/gfd-80x80.jpg

162.0.232.43

200 OK

2.0 kB

URL GET HTTP/2
cloakingads.com/wp-content/uploads/2023/11/gfd-80x80.jpg
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 80x80, components 3\012- data
Size
2.0 kB (1977 bytes)
Hash
8a822cd15eba3ab7a85ed37fe6fc7bab
35ae6f5fc74e1907ed1351a22bf3cb6b9d7e0188
e49df0ec2553f0f79a8e3684bb0cb418a75a7069523f2a3c519b935f1cc0e022

HTTP Headers

GET /wp-content/uploads/2023/11/gfd-80x80.jpg HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:56 GMT
content-type: image/jpeg
last-modified: Sat, 18 Nov 2023 16:00:34 GMT
accept-ranges: bytes
content-length: 1977
date: Mon, 04 Dec 2023 19:38:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/uploads/2022/09/cropped-fav-cloaking-300x300.png

162.0.232.43

200 OK

14 kB

URL GET HTTP/2
cloakingads.com/wp-content/uploads/2022/09/cropped-fav-cloaking-300x300.png
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
14 kB (13964 bytes)
Hash
934ef08b8b16c62b09376db82d58ac67
b41f647aaf67ced108286a19f98e54661254d811
6be341d7415565e85e9593d95348a4b05c5e959fe07672bc0dd35c8894aff436

HTTP Headers

GET /wp-content/uploads/2022/09/cropped-fav-cloaking-300x300.png HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Cookie: _ga_S9C7ML5K0T=GS1.1.1701718742.1.0.1701718742.0.0.0; _ga=GA1.1.568434654.1701718743; _ga_YYVRZX415Q=GS1.1.1701718742.1.0.1701718742.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:57 GMT
content-type: image/png
last-modified: Fri, 01 Sep 2023 11:45:24 GMT
accept-ranges: bytes
content-length: 13964
date: Mon, 04 Dec 2023 19:38:57 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/uploads/2022/09/cropped-fav-cloaking-80x80.png

162.0.232.43

200 OK

3.0 kB

URL GET HTTP/2
cloakingads.com/wp-content/uploads/2022/09/cropped-fav-cloaking-80x80.png
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.0 kB (2952 bytes)
Hash
8a6e66103b97726e3b0446a355bf978e
474cd5e6ad6ada6fcf7a96245c58a338d1a8418e
10bda61441a1cc34deeb2ae4f78547e2bda37a2c14bbd0f117579cc5f0d4cd59

HTTP Headers

GET /wp-content/uploads/2022/09/cropped-fav-cloaking-80x80.png HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Cookie: _ga_S9C7ML5K0T=GS1.1.1701718742.1.0.1701718742.0.0.0; _ga=GA1.1.568434654.1701718743; _ga_YYVRZX415Q=GS1.1.1701718742.1.0.1701718742.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:57 GMT
content-type: image/png
last-modified: Fri, 01 Sep 2023 11:45:25 GMT
accept-ranges: bytes
content-length: 2952
date: Mon, 04 Dec 2023 19:38:57 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

162.0.232.43

200 OK

600 B

URL GET HTTP/2
cloakingads.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1320)
Size
600 B (600 bytes)
Hash
673e11fe8be2616c6b1effc7833f135c
e7e5a96dad4619466e71c39a6d7569bd4a918c48
1accc1d454a99953122a7ccb163fb269ec59abd86930d18b49562858b4379c6f

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Cookie: _ga_S9C7ML5K0T=GS1.1.1701718742.1.0.1701718742.0.0.0; _ga=GA1.1.568434654.1701718743; _ga_YYVRZX415Q=GS1.1.1701718742.1.0.1701718742.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:57 GMT
content-type: application/javascript; charset=utf8mb4
last-modified: Wed, 13 Sep 2023 06:21:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 600
date: Mon, 04 Dec 2023 19:38:57 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

POST bsc-dataseed1.binance.org/

52.223.34.155

200 OK

0 B

URL POST HTTP/2
bsc-dataseed1.binance.org/
IP
52.223.34.155:443
ASN
#16509 AMAZON-02

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerAmazon
Subjectbinance.org
FingerprintEF:4B:CA:8F:7A:A5:3A:BE:4E:F9:29:F1:D8:52:99:AE:8F:47:65:DC
ValidityFri, 30 Jun 2023 00:00:00 GMT - Sun, 28 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: bsc-dataseed1.binance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cloakingads.com/
Origin: https://cloakingads.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Mon, 04 Dec 2023 19:38:57 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

POST bsc-dataseed1.binance.org/

52.223.34.155

200 OK

0 B

URL POST HTTP/2
bsc-dataseed1.binance.org/
IP
52.223.34.155:443
ASN
#16509 AMAZON-02

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerAmazon
Subjectbinance.org
FingerprintEF:4B:CA:8F:7A:A5:3A:BE:4E:F9:29:F1:D8:52:99:AE:8F:47:65:DC
ValidityFri, 30 Jun 2023 00:00:00 GMT - Sun, 28 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: bsc-dataseed1.binance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cloakingads.com/
Origin: https://cloakingads.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Mon, 04 Dec 2023 19:38:57 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

POST bsc-dataseed1.binance.org/

52.223.34.155

200 OK

0 B

URL POST HTTP/2
bsc-dataseed1.binance.org/
IP
52.223.34.155:443
ASN
#16509 AMAZON-02

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerAmazon
Subjectbinance.org
FingerprintEF:4B:CA:8F:7A:A5:3A:BE:4E:F9:29:F1:D8:52:99:AE:8F:47:65:DC
ValidityFri, 30 Jun 2023 00:00:00 GMT - Sun, 28 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: bsc-dataseed1.binance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cloakingads.com/
Origin: https://cloakingads.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Mon, 04 Dec 2023 19:38:57 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

GET marybskitchen.com/fEOV2v/

185.192.111.203

200 OK

880 B

URL GET HTTP/1.1
marybskitchen.com/fEOV2v/
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
ASCII text, with very long lines (880), with no line terminators
Size
880 B (880 bytes)
Hash
481807dbdd9608451792d6ccc39cf8ca
1a2463e6cd915c8ca34dbb8e65266528ef1e00bb
574f9b36038b6d06a7dde52af62f282921cf9a3837394f3f609f4c650c936f55

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /fEOV2v/ HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cloakingads.com
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 880
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Mon, 04 Dec 2023 19:38:58 GMT
Set-Cookie: _subid=s8hnpa25v5ir; expires=Thu, 04 Jan 2024 19:38:58 GMT; path=/
71eb8=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4NThcIjoxNzAxNzE4NzM4fSxcImNhbXBhaWduc1wiOntcIjU5NVwiOjE3MDE3MTg3Mzh9LFwidGltZVwiOjE3MDE3MTg3Mzh9In0.V4-SIyoZ3I4A0Mf62eNExJycDQwCCbkQB2QKx_LMMyE; expires=Sun, 07 Nov 2077 15:17:56 GMT; path=/
_token=uuid_s8hnpa25v5ir_s8hnpa25v5ir656e2ad2249504.35219263; expires=Thu, 04 Jan 2024 19:38:58 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

POST bsc-dataseed1.binance.org/

52.223.34.155

200 OK

7.3 kB

URL POST HTTP/2
bsc-dataseed1.binance.org/
IP
52.223.34.155:443
ASN
#16509 AMAZON-02

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerAmazon
Subjectbinance.org
FingerprintEF:4B:CA:8F:7A:A5:3A:BE:4E:F9:29:F1:D8:52:99:AE:8F:47:65:DC
ValidityFri, 30 Jun 2023 00:00:00 GMT - Sun, 28 Jul 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
7.3 kB (7298 bytes)
Hash
7855aabe1be2e1d4d9683a6508186546
afe530f59475b81e9189721d7f2cc0cc38fc37f0
64fa9bad3274e0dc928755d2d8d827dbe0470406cc1a29ee19f6cd8f35ccbe75

HTTP Headers

POST / HTTP/1.1
Host: bsc-dataseed1.binance.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloakingads.com/
content-type: application/json
Content-Length: 60
Origin: https://cloakingads.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:38:57 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-nr-trace-id: 00000000000000000000000000000000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
X-Firefox-Spdy: h2

GET marybskitchen.com/lander/wheel--ww-/css/css2

185.192.111.203

200 OK

11 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/css/css2
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
ASCII text
Size
11 kB (10592 bytes)
Hash
aa79c58845eff084cb9171210b6886c2
89c703ff0743f4b00b7459ee548eafed1cc0a39f
6a6dec013a531660cd9fef2c8cba2dadbb036df445d1ad5d0332357b6fa9d094

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/css/css2 HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: application/octet-stream
Content-Length: 10592
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-2960"
X-Content-Type-Options: nosniff
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/css/style.css

185.192.111.203

200 OK

3.9 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/css/style.css
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
ASCII text
Size
3.9 kB (3938 bytes)
Hash
a03447124476a237f27c64c997ed98bc
335569d2bb862cca3b0b9afd902494c31118d42d
121b469801da26d395adbffe2445a1a462268b56edd8c2db5204a676bdc495ef

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/css/style.css HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: text/css
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"644d69a6-5517"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET marybskitchen.com/lander/wheel--ww-/images/preloader.svg

185.192.111.203

200 OK

626 B

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/images/preloader.svg
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
626 B (626 bytes)
Hash
d1d62225370aa3390ebc3c2d44e73c8f
bfc52e7dc1847a3a25e7aa620724cbff9f04b20f
3485068c605242a0853e4e9dd60705ecbdd0128902b182792c196aaf63e96513

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/images/preloader.svg HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/svg+xml
Content-Length: 626
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-272"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/images/secure.png

185.192.111.203

200 OK

11 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/images/secure.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 280 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11040 bytes)
Hash
b890624bdd129ebe35f3b4b0ca77deda
34d94b34bccf527670d1ffd70d46702ae9adf452
71c8e7ccdbc6cb6e6bf50c7b5edb130a726786d17b897ecde149c9a61d7f77d6

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/images/secure.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 11040
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-2b20"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/rounds/AT.png

185.192.111.203

200 OK

127 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/rounds/AT.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 436 x 428, 8-bit/color RGBA, non-interlaced\012- data
Size
127 kB (127253 bytes)
Hash
08f0cba7f74f198055d1f3d7548852e7
7ccf797b4bff4df40456b7c8e38d0a39e58cffc6
b729deee7d8588e82c98b36ce295d12da5dbf7145b9f300670362376e63bedd4

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/rounds/AT.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 127253
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1f115"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/fonts/GothamProBold.otf

185.192.111.203

200 OK

57 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/fonts/GothamProBold.otf
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
OpenType font data\012- data
Size
57 kB (56860 bytes)
Hash
da3c5e41d8292ab93b81fabc2576a827
a14da41548c6614b0199a4adfad00d31ae0b1baa
da270a3284e7d63a611ed00044392de057be65b73c22585d75f6785f1acff380

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/fonts/GothamProBold.otf HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/lander/wheel--ww-/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: application/octet-stream
Content-Length: 56860
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-de1c"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/images/bg-mob.jpg

185.192.111.203

200 OK

70 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/images/bg-mob.jpg
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1155x1055, components 3\012- data
Size
70 kB (70168 bytes)
Hash
e33a8b300aef90aa72d566b197df5b93
392701a682cda4e4864db937d54d9ba832b5ba82
43bbb1d6e43d04ff4250dffb2336d459296979b79e7ee01ee52064aa1824e400

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/images/bg-mob.jpg HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/lander/wheel--ww-/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/jpeg
Content-Length: 70168
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-11218"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/js/jquery-3.2.1.min.js

185.192.111.203

200 OK

30 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/js/jquery-3.2.1.min.js
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
ASCII text, with very long lines (32058), with CRLF line terminators
Size
30 kB (30188 bytes)
Hash
473957cfb255a781b42cb2af51d54a3b
67bdacbd077ee59f411109fd119ee9f58db15a5f
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/js/jquery-3.2.1.min.js HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: application/javascript
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"644d69a6-15287"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET marybskitchen.com/lander/wheel--ww-/rounds/LU.png

185.192.111.203

200 OK

127 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/rounds/LU.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 436 x 428, 8-bit/color RGBA, non-interlaced\012- data
Size
127 kB (127317 bytes)
Hash
b07f4e77393e8e0c312e95ec78a41ce1
a511e441efc6c035c337ca46747f29ee15a055cc
9249bec54685814a752e6e400e9f18a1c0701e520b56928ef27ba94524094fa3

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/rounds/LU.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 127317
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1f155"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/rounds/IT.png

185.192.111.203

200 OK

127 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/rounds/IT.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 436 x 428, 8-bit/color RGBA, non-interlaced\012- data
Size
127 kB (126879 bytes)
Hash
dd12f6c427987b54d315ee716bf49727
a72d8d5a5fa58f8a10ff71715edb3145a4498f3b
06a9fdd3c5bf9107c181b3b83165817ec7066826d46b4de83ebf6423cfd9805d

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/rounds/IT.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 126879
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1ef9f"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/images/partners-mob.png

185.192.111.203

200 OK

58 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/images/partners-mob.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 1048 x 340, 8-bit/color RGBA, non-interlaced\012- data
Size
58 kB (58492 bytes)
Hash
915b9494aa93701257dcd5dcde728966
fdeb81d9adbfb05a5d14c28a4759a712c8ca1ba2
fa197de722e13dede49bc7cd67d98a728936679b5dcbe34677ef7ca4c46c4aba

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/images/partners-mob.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 58492
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-e47c"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/fonts/GothamProBold.otf

185.192.111.203

200 OK

57 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/fonts/GothamProBold.otf
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
OpenType font data\012- data
Size
57 kB (56860 bytes)
Hash
da3c5e41d8292ab93b81fabc2576a827
a14da41548c6614b0199a4adfad00d31ae0b1baa
da270a3284e7d63a611ed00044392de057be65b73c22585d75f6785f1acff380

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/fonts/GothamProBold.otf HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/lander/wheel--ww-/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: application/octet-stream
Content-Length: 56860
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-de1c"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/rounds/en.png

185.192.111.203

200 OK

127 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/rounds/en.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 436 x 428, 8-bit/color RGBA, non-interlaced\012- data
Size
127 kB (126706 bytes)
Hash
745b0b752889e5f100b380c30f728812
7b062e75f9e9f1cf2bb393b59908ae61e1b3b6b8
e545ff367a79d8ee9433e26ea409da1731f08f54e3d31368fbdb27c792848f96

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/rounds/en.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 126706
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1eef2"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/images/flags.png?1

185.192.111.203

200 OK

5.1 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/images/flags.png?1
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 16 x 208, 8-bit/color RGBA, non-interlaced\012- data
Size
5.1 kB (5139 bytes)
Hash
e481d8d121284e81d96546fcbc50ee90
74a554de2ad70f98b7e3660b48d4b0e95244f0f0
753d55701325a472f52f1579e4c3169abce2b2e066f812da5d7f28a851cbeef1

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/images/flags.png?1 HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/lander/wheel--ww-/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 5139
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1413"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/images/lang-arr.png

185.192.111.203

200 OK

1.1 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/images/lang-arr.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 13 x 8, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1064 bytes)
Hash
90cac70809f117b7b119e434f4361e9c
85351468b3fe911d79ce06ffce827b3e41e2ef80
f58b65b14d6339c11b682e7debd706acb89858294a4dc589c2d31538acc94a68

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/images/lang-arr.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/lander/wheel--ww-/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 1064
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-428"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/images/wheel-win-frame.png

185.192.111.203

200 OK

4.6 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/images/wheel-win-frame.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 97 x 109, 8-bit colormap, non-interlaced\012- data
Size
4.6 kB (4641 bytes)
Hash
3fc6c3de61b9d7cc56aef1ccbc1316ee
6e961b04b42b04962b45e6cbe6c12dbe37e636d1
7410ae4fb5107248c206f1ea68d15b43f81f479f02ef1a3bc301bce5d36d8edf

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/images/wheel-win-frame.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/lander/wheel--ww-/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 4641
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1221"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/images/wheel-btn.png

185.192.111.203

200 OK

21 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/images/wheel-btn.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 180 x 360, 8-bit colormap, non-interlaced\012- data
Size
21 kB (21213 bytes)
Hash
dabcedea100a9809d17c2e5d54b1afca
8e389423c72a8add4eb7a1713ae6400cd271af2c
16662ce41178a45a03f6f73a939f319e01d7ab21705d3349216a77b0ded1c354

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/images/wheel-btn.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/lander/wheel--ww-/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 21213
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-52dd"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/rounds/KW.png

185.192.111.203

200 OK

130 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/rounds/KW.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 436 x 428, 8-bit/color RGBA, non-interlaced\012- data
Size
130 kB (129592 bytes)
Hash
ca21ff14a40cb5fa22f225b5707a27b3
0dd6655d48eb50927dd5c7284190fdd0bbd44696
f1488a791d68917ba89f72bc559d5b4fd7085d8cfe7513432901da673d2e6634

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/rounds/KW.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 129592
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1fa38"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/rounds/CY.png

185.192.111.203

200 OK

127 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/rounds/CY.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 436 x 428, 8-bit/color RGBA, non-interlaced\012- data
Size
127 kB (127102 bytes)
Hash
f0cd28f122ae5cf4bbe099e50f19b9b3
4f8a25e3a1dfea36213a096f74549c5f5741bf3b
78d4e9eff6164b5d054b8545d72c764b4d8e3b47a9dd05b7179efa4865e8156d

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/rounds/CY.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 127102
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1f07e"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/rounds/FR.png

185.192.111.203

200 OK

127 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/rounds/FR.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 436 x 428, 8-bit/color RGBA, non-interlaced\012- data
Size
127 kB (126971 bytes)
Hash
e93560cb388604a4882bcc18332dfd7d
f1e8f0f68dcd1e37e1575c9c28f24fa6f0c6876c
1745f680608280ba1ee5e226b93ce09947ae3854597618dced45fc4e3cafb50a

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/rounds/FR.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 126971
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1effb"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/rounds/JP.png

185.192.111.203

200 OK

126 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/rounds/JP.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 436 x 428, 8-bit/color RGBA, non-interlaced\012- data
Size
126 kB (125931 bytes)
Hash
db43f6557a1926bc6a2ab770948dec9b
bbf1673ffc0c8a3bfea6da5362f1f5f9f0e55090
8416b1865b81590dac0ff3489f110671f75e5fc0bb0c77c044cf4b25afe8d280

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/rounds/JP.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 125931
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1ebeb"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/rounds/KR.png

185.192.111.203

200 OK

127 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/rounds/KR.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 436 x 428, 8-bit/color RGBA, non-interlaced\012- data
Size
127 kB (126953 bytes)
Hash
556564e867c662b71a050fd5fda57f56
9c87de430c71bc2488a8a97cafc828d4779ade5a
fd7664c553842f2cb26f96cf71c5f1d90f5a4159b18f6c722d76f9bfa6ff3eed

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/rounds/KR.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 126953
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1efe9"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/rounds/TH.png

185.192.111.203

200 OK

127 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/rounds/TH.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 436 x 428, 8-bit/color RGBA, non-interlaced\012- data
Size
127 kB (126751 bytes)
Hash
100a64ea3d8dedda5e1acf91744e5a44
3e4f6f0d4bf7be2378ea93d7952bb5ecc6ddbd22
d726f4de4a99bd0c2001f3b560d8f0a253624a7e49cfdd5f861ac4c19190990f

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/rounds/TH.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 126751
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1ef1f"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/rounds/VN.png

185.192.111.203

200 OK

126 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/rounds/VN.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 436 x 428, 8-bit/color RGBA, non-interlaced\012- data
Size
126 kB (125889 bytes)
Hash
cc358d9d7ade859c06d84b67f0703e26
e67ffb1496e7811cc72c09770596667971175c52
5794f25fde9aa2906d6530602a3847692f117ccbb006f441cf25716db32de700

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/rounds/VN.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 125889
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1ebc1"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/rounds/BD.png

185.192.111.203

200 OK

128 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/rounds/BD.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 436 x 428, 8-bit/color RGBA, non-interlaced\012- data
Size
128 kB (127647 bytes)
Hash
aed7a6572f5e5c65c8ea3298edec9746
920731d2db9ca6090dd425312561cd881073a1c1
aa0fedc565371730ac6ee55b1a7c4210ec4b74c8ba47a6d45b1c8afab7a6a593

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/rounds/BD.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 127647
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1f29f"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/images/secure-mob.png

185.192.111.203

200 OK

9.0 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/images/secure-mob.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 151 x 67, 8-bit/color RGBA, non-interlaced\012- data
Size
9.0 kB (9043 bytes)
Hash
2fe62704c6e04c513deae48f240582ce
a985772feda6e749ee4d8f46c7aad602f33b8b95
01c59ec35580f41d5f7253e8f1e9f4f9d2500553866e139d96c15c1e75189079

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/images/secure-mob.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 9043
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-2353"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/images/partners.png

185.192.111.203

200 OK

22 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/images/partners.png
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
PNG image data, 804 x 61, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (21452 bytes)
Hash
7e087b31a233507a93fbfe718b37be42
ba54dbeed204a810f1c89aed5ed875e469fc6797
6ef78528ba7b1b132728f62f416b956b08f16b63fbb692b502535794d94455cc

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/images/partners.png HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/4q1YTq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/png
Content-Length: 21452
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-53cc"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/lander/wheel--ww-/images/bg-desk.jpg

185.192.111.203

200 OK

126 kB

URL GET HTTP/1.1
marybskitchen.com/lander/wheel--ww-/images/bg-desk.jpg
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://marybskitchen.com/4q1YTq
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1075, components 3\012- data
Size
126 kB (126068 bytes)
Hash
59c4b02f781d45fc30139be5ee28e10e
832386cf57ec8a753fe805a55894ca5f78b76643
b6eb1196a69ddad3e11c31b6e2eda8ed0c80e8fbae2c80d6c9c7e600e0380690

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /lander/wheel--ww-/images/bg-desk.jpg HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://marybskitchen.com/lander/wheel--ww-/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: image/jpeg
Content-Length: 126068
Last-Modified: Sat, 29 Apr 2023 19:01:58 GMT
Connection: keep-alive
ETag: "644d69a6-1ec74"
Expires: Thu, 14 Dec 2023 19:38:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET marybskitchen.com/4q1YTq

185.192.111.203

200 OK

51 kB

URL GET HTTP/1.1
marybskitchen.com/4q1YTq
IP
185.192.111.203:443
ASN
#49505 OOO Network of data-centers Selectel

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerLet's Encrypt
Subjectmarybskitchen.com
FingerprintE4:F5:4F:9E:06:29:AD:41:59:2B:A0:82:AE:A4:17:78:54:04:0C:73
ValidityTue, 28 Nov 2023 16:43:21 GMT - Mon, 26 Feb 2024 16:43:20 GMT

File type

Size
51 kB (51410 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	ClearFake

HTTP Headers

GET /4q1YTq HTTP/1.1
Host: marybskitchen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 19:38:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: Mon, 04 Dec 2023 19:38:58 GMT
Set-Cookie: _subid=s8hnpa25v5it; expires=Thu, 04 Jan 2024 19:38:58 GMT; path=/
71eb8=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE5MzFcIjoxNzAxNzE4NzM4fSxcImNhbXBhaWduc1wiOntcIjYwM1wiOjE3MDE3MTg3Mzh9LFwidGltZVwiOjE3MDE3MTg3Mzh9In0.rdxX5B0X0i_mmktusIiRh9xgZtmvNK2jciVWPdznZpk; expires=Sun, 07 Nov 2077 15:17:56 GMT; path=/
_token=uuid_s8hnpa25v5it_s8hnpa25v5it656e2ad242f0a7.96805519; expires=Thu, 04 Jan 2024 19:38:58 GMT; path=/
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.33
Access-Control-Allow-Origin: *

GET cloakingads.com/wp-content/uploads/2022/09/WhatsApp-Image-2022-09-01-at-5.04.11-PM-300x300.jpeg

162.0.232.43

200 OK

12 kB

URL GET HTTP/2
cloakingads.com/wp-content/uploads/2022/09/WhatsApp-Image-2022-09-01-at-5.04.11-PM-300x300.jpeg
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (11454 bytes)
Hash
492655591d94acb27aa50f2164fbacb6
102ed528fd49b88983b58f0c8996f61e92f7679c
c1c801bfa34b14db22fc71ac6d013c436ecb1225db821c6a5b92490cabfa151b

HTTP Headers

GET /wp-content/uploads/2022/09/WhatsApp-Image-2022-09-01-at-5.04.11-PM-300x300.jpeg HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloakingads.com/tag/approval-your-google-cloaked-ads/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 19:38:56 GMT
content-type: image/jpeg
last-modified: Fri, 01 Sep 2023 11:56:20 GMT
accept-ranges: bytes
content-length: 11454
date: Mon, 04 Dec 2023 19:38:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

GET cloakingads.com/tag/approval-your-google-cloaked-ads/

162.0.232.43

200 OK

52 kB

URL User Request GET HTTP/2
cloakingads.com/tag/approval-your-google-cloaked-ads/
IP
162.0.232.43:443
ASN
#22612 NAMECHEAP-NET

Certificate
IssuerSectigo Limited
Subjectcloakingads.com
Fingerprint40:7E:B1:5F:13:6C:48:AB:D7:11:BF:86:0A:B8:D9:50:AF:81:46:C9
ValidityWed, 14 Jun 2023 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT

File type

Size
52 kB (52242 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tag/approval-your-google-cloaked-ads/ HTTP/1.1
Host: cloakingads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
link: <https://cloakingads.com/wp-json/>; rel="https://api.w.org/", <https://cloakingads.com/wp-json/wp/v2/tags/130>; rel="alternate"; type="application/json"
etag: "3972-1701702038;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 19:38:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (70)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by