![](/screenshots/4b5dd240-5e36-4de7-a056-fc7f8a107ba3.png)
thecloak.com
Open in
urlscan Pro
208.97.154.88
Public Scan
Submission: On April 15 via api from US — Scanned from DE
Summary
This is the only time thecloak.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 208.97.154.88 208.97.154.88 | 26347 (DREAMHOST-AS) (DREAMHOST-AS) | |
1 1 | 2606:4700:303... 2606:4700:3031::6815:1b8e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 2606:4700:303... 2606:4700:3037::ac43:8eeb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 2a00:1450:400... 2a00:1450:4001:808::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2606:4700:20:... 2606:4700:20::681a:f2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:20:... 2606:4700:20::681a:1f2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 3 | 2a00:1450:400... 2a00:1450:4001:827::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:803::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::2002 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:82a::2001 | 15169 (GOOGLE) (GOOGLE) | |
22 | 11 |
ASN26347 (DREAMHOST-AS, US)
PTR: vps42863.dreamhostps.com
thecloak.com |
ASN13335 (CLOUDFLARENET, US)
tshirthell.com | |
www.tshirthell.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
partner.googleadservices.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 138 |
204 KB |
4 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73 |
4 KB |
3 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 |
10 KB |
3 |
tshirthell.com
2 redirects
tshirthell.com www.tshirthell.com |
33 KB |
2 |
hide-my-ip.com
1 redirects
www.hide-my-ip.com |
65 KB |
2 |
thecloak.com
thecloak.com |
54 KB |
1 |
google.de
adservice.google.de — Cisco Umbrella Rank: 9047 |
531 B |
1 |
googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 925 |
603 B |
1 |
gstatic.com
www.gstatic.com |
6 KB |
22 | 9 |
Domain | Requested by | |
---|---|---|
6 | pagead2.googlesyndication.com |
thecloak.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
3 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
3 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
3 | www.google.com |
1 redirects
thecloak.com
tpc.googlesyndication.com |
2 | www.hide-my-ip.com |
1 redirects
thecloak.com
|
2 | tshirthell.com | 2 redirects |
2 | thecloak.com |
thecloak.com
|
1 | adservice.google.com |
pagead2.googlesyndication.com
|
1 | adservice.google.de |
pagead2.googlesyndication.com
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
1 | www.gstatic.com |
thecloak.com
|
1 | www.tshirthell.com |
thecloak.com
|
22 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.tshirthell.com |
www.hide-my-ip.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.google.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
http://thecloak.com/
Frame ID: A18E72BB22FEC5D32E4556C67CA6445D
Requests: 14 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html
Frame ID: F1DF3A69B3642F80DF980E1110931BA5
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6176759882842617&output=html&h=90&slotname=5298496561&adk=2836448035&adf=2653041513&pi=t.ma~as.5298496561&w=728&lmt=1564835220&format=728x90&url=http%3A%2F%2Fthecloak.com%2F&wgl=1&dt=1681524048963&bpp=5&bdt=105&idt=100&shv=r20230412&mjsv=m202304120201&ptt=9&saldr=aa&abxe=1&correlator=2345780270489&frm=20&pv=2&ga_vid=1441458489.1681524049&ga_sid=1681524049&ga_hid=2059842818&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31073823&oid=2&pvsid=2977981944307219&tmod=935882292&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bsT0pBt4wA&p=http%3A//thecloak.com&dtd=117
Frame ID: 8CB5266C02DEF8C976EC305C7EB5C3BF
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6176759882842617&output=html&adk=1812271804&adf=3025194257&lmt=1564835220&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x540_l%7C356x540_r&format=0x0&url=http%3A%2F%2Fthecloak.com%2F&ea=0&pra=7&wgl=1&dt=1681524048982&bpp=3&bdt=124&idt=105&shv=r20230412&mjsv=m202304120201&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=2345780270489&frm=20&pv=1&ga_vid=1441458489.1681524049&ga_sid=1681524049&ga_hid=2059842818&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31073823&oid=2&pvsid=2977981944307219&tmod=935882292&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=113
Frame ID: 7C804B94DF51375228F187EFD6571452
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B8F30C86292F3770ED3BE63966C3D6D1
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: D3AE1BD08B24AAE3084DEF696725454E
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/4b5dd240-5e36-4de7-a056-fc7f8a107ba3.png)
Detected technologies
Detected patterns
- googlesyndication\.com/
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://tshirthell.com/img/affiliate_section/banners/topshirts_720x90_1.jpg HTTP 301
- https://tshirthell.com/img/affiliate_section/banners/topshirts_720x90_1.jpg HTTP 301
- https://www.tshirthell.com/img/affiliate_section/banners/topshirts_720x90_1.jpg
- http://www.hide-my-ip.com/images/affiliate/728x90.jpg HTTP 301
- https://www.hide-my-ip.com/images/affiliate/728x90.jpg
- http://www.google.com/cse/brand?form=cse-search-box&lang=en HTTP 301
- https://www.gstatic.com/prose/brandjs.js
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
thecloak.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
topshirts_720x90_1.jpg
www.tshirthell.com/img/affiliate_section/banners/ Redirect Chain
|
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me%20on%20the%20green.jpg
thecloak.com/ |
52 KB 52 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
137 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
728x90.jpg
www.hide-my-ip.com/images/affiliate/ Redirect Chain
|
63 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brandjs.js
www.gstatic.com/prose/ Redirect Chain
|
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
branding.png
www.google.com/cse/static/images/1x/en/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120201/ |
348 KB 117 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/ Frame F1DF |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
391 B 603 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 531 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 456 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 8CB5 |
436 B 410 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 7C80 |
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
15 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B8F3 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame D3AE |
783 B 965 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js
pagead2.googlesyndication.com/bg/ Frame B8F3 |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/pagead/ Frame D3AE |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame B8F3 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.thecloak.com/ | Name: __gads Value: ID=79e6447c4e308834-22ab4e9e93dd001d:T=1681524049:RT=1681524049:S=ALNI_Mb5S1yxn1BpENikEP7z4JuMku1vDw |
|
.thecloak.com/ | Name: __gpi Value: UID=00000be2b0a253df:T=1681524049:RT=1681524049:S=ALNI_MYNA6n7OLM7fqcJZLN-RAy4dJ1N5A |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
thecloak.com
tpc.googlesyndication.com
tshirthell.com
www.google.com
www.gstatic.com
www.hide-my-ip.com
www.tshirthell.com
208.97.154.88
2606:4700:20::681a:1f2
2606:4700:20::681a:f2
2606:4700:3031::6815:1b8e
2606:4700:3037::ac43:8eeb
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2002
0af7ab96bc6271c718b6fd0b37967176cd88c50d94cab6ea8b4e5b6596bcd735
11666dc286e69dff72376e89cd000c8864ae34474a2283670d989564bb29a5c1
1d1de8d5732df3e21bffa00e23b40aa55f55653cd4dbb2ce25600e71c5f49a0e
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3e9fe96d66bba6aa0866cbf79d8989f8fc175fb24fd7a5beefe3c8eba3b9c4dd
4cd546325fa42c7181e25c51a616ddcd3a1f5b7578f3fc9aa1f7f49bc64d0d3b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56200c78878674c9dfe934496e46487f20e59567d33d4fbb21e7b4583e1b84b3
5bf5f0c5a17ffc799ca11bbcec710d314c1751e5f2531a14266c47a1e1e435f6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
bccd6f9c9145b5f04eefad87abc14f0d93bebe8e7e6b92e34ec5347981edaa94
c9b8a73a814d852b59cd6204a6142fa7be2436b8cf322a9d9ab7d0eac279dc9e
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d96ac591bde87d0c1c13116552cde49edeb9728cb684615811da33d21a2ec9
eecb2cb963b281ce41347be92dfb07c5c56c5d756fc3afa39f2c038a285ab98e