windows-ad-blocker.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ncedclouds.com/
Effective URL:
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campai...
Submission: On December 10 via manual (December 10th 2023, 11:34:22 pm UTC) from GB — Scanned from GB

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 44 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is windows-ad-blocker.com.
TLS certificate: Issued by E1 on October 24th 2023. Valid for: 3 months.

This is the only time windows-ad-blocker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::6815:1d9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	2606:4700:303... 2606:4700:3030::ac43:956c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1 2	2606:4700:303... 2606:4700:3032::6815:7c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20a... 2600:9000:20ab:2400:12:b121:9c80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a05:d018:56f... 2a05:d018:56f:b804:6115:ed34:65c7:21ff	16509 (AMAZON-02) (AMAZON-02)
44	11

1 2606:4700:3031::6815:1d9a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ncedclouds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3030::ac43:956c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ncedclouds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ncedclouds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

thefacux.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:7c7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ad-blocking24.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

windows-ad-blocker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ab:2400:12:b121:9c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

euob.thatmonkeybites3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d018:56f:b804:6115:ed34:65c7:21ff (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

obseu.thatmonkeybites3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	windows-ad-blocker.com windows-ad-blocker.com	194 KB
12	ncedclouds.com 2 redirects ncedclouds.com www.ncedclouds.com	134 KB
5	thatmonkeybites3.com euob.thatmonkeybites3.com — Cisco Umbrella Rank: 177165 obseu.thatmonkeybites3.com — Cisco Umbrella Rank: 186138	39 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	229 KB
2	ad-blocking24.net 1 redirects ad-blocking24.net — Cisco Umbrella Rank: 125446	1 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 12331	506 B
1	thefacux.com thefacux.com — Cisco Umbrella Rank: 370209	2 KB
44	8

	Domain	Requested by
14	windows-ad-blocker.com	thefacux.com windows-ad-blocker.com
10	www.ncedclouds.com	www.ncedclouds.com
4	obseu.thatmonkeybites3.com	euob.thatmonkeybites3.com windows-ad-blocker.com
3	www.googletagmanager.com	www.ncedclouds.com www.googletagmanager.com windows-ad-blocker.com
2	ad-blocking24.net	1 redirects windows-ad-blocker.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ncedclouds.com	2 redirects
1	euob.thatmonkeybites3.com	windows-ad-blocker.com
1	my.rtmark.net	thefacux.com
1	thefacux.com
44	11

This site contains no links.

Subject Issuer	Validity	Valid
ncedclouds.com GTS CA 1P5	`2023-11-12` - `2024-02-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
thefacux.com R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
rtmark.net R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
windows-ad-blocker.com E1	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.thatmonkeybites3.com Amazon RSA 2048 M01	`2023-07-18` - `2024-08-15`	a year	crt.sh
ad-blocking24.net E1	`2023-11-05` - `2024-02-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
Frame ID: 9DFE9E24F148721D4EA9D3A3496ABEAD
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Adblock Ultimate

Page URL History Show full URLs

http://ncedclouds.com/ HTTP 301
https://ncedclouds.com/ HTTP 301
https://www.ncedclouds.com/ Page URL
https://thefacux.com/4/6506601 Page URL
https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=757859302995403590&cost=0.14... HTTP 302
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.n... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

44
Requests

89 %
HTTPS

82 %
IPv6

8
Domains

11
Subdomains

11
IPs

4
Countries

619 kB
Transfer

1668 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ncedclouds.com/ HTTP 301
https://ncedclouds.com/ HTTP 301
https://www.ncedclouds.com/ Page URL
https://thefacux.com/4/6506601 Page URL
https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=757859302995403590&cost=0.140629&zoneid=6506601&campaignid=7671068&bannerid=19644485&subzoneid=0 HTTP 302
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ncedclouds.com/ HTTP 301
https://ncedclouds.com/ HTTP 301
https://www.ncedclouds.com/

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.ncedclouds.com/
Redirect Chain

http://ncedclouds.com/
https://ncedclouds.com/
https://www.ncedclouds.com/

63 KB
14 KB

573ms
527ms

Document
text/html

2606:4700:3030::ac43:956c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncedclouds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:956c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5020db0ae6959d29c0dcbcafb79a879820898928c487e5b906c2d4f6e04a68ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83394c2b6c9a369a-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 23:34:15 GMT
link: <https://www.ncedclouds.com/wp-json/>; rel="https://api.w.org/" <https://www.ncedclouds.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://www.ncedclouds.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a343F1iJUXBIinEdmYCSPQAfe8DgCkdQjm%2F%2BKO%2F0HpdOgUlxugyuhXxcmcoM7CFTaHVzlS9I1hU7QHCd7MtuLX5e4ok4wUoMvZ9mfr2vnMYToQoJWWI2f8UOtj%2BMYTpVGkAX3cwHHO4%2F8l%2FQYiYUW6M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83394c28d99a369a-LHR
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 23:34:15 GMT
location: https://www.ncedclouds.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6NlgF07xGtWv1Y4y4in9xRFecKAOlPmmcuI1jtVzgFwEUERg0rezugRjdYx5%2B8DgXbgFU09N8sCYo1wnHmU5NDeapb7SjAr9qPfgsd84cPufIs58C2n0%2FurojI2p5df2nqaC13f%2B51b9Uw83w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress

GET
H2 200 style.min.css
www.ncedclouds.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 463ms
455ms Stylesheet
text/css 2606:4700:3030::ac43:956c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncedclouds.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: www.ncedclouds.com
URL: https://www.ncedclouds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:956c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ncedclouds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Mar 2023 00:22:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=te2sEaA%2FEu5Nfm3OVgHgG7GCXP1Z90hR7h0ekXYPtGiRG%2BuQ7UW17hqvNL9uVhEHO4SEzwuhTiFK%2BVEASnV4ksnfLmz5l4c70AsxCDvjrHABu%2BuRcBX7T4qldp4%2Fb389EYk2r%2B%2BppQEA4yHgShlMOqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 83394c2ed8fd369a-LHR
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Dec 2023 23:34:16 GMT

GET
H2 200 styles.css
www.ncedclouds.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 346ms
340ms Stylesheet
text/css 2606:4700:3030::ac43:956c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncedclouds.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6
Requested by: Host: www.ncedclouds.com
URL: https://www.ncedclouds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:956c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ncedclouds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 22 May 2023 17:35:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLLDquqt5Qv6Pu3P2aJULDRfRXuA%2BUtk8%2FtPdLUt1bM2tWayGSmYl8wAoERSX207moMw1TMxAK4za7Q%2FZdWc1L9iRAn3uLWaZ65mepG%2F5lGkDz6Hrw5nKCrrU5X90Zl1dQl2Q6MrNjkDLNUNJHXNY1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 83394c2ed8ff369a-LHR
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Dec 2023 23:34:16 GMT

GET
H2 200 font-awesome.min.css
www.ncedclouds.com/wp-content/themes/zakra/assets/lib/font-awesome/css/ 30 KB
7 KB 330ms
324ms Stylesheet
text/css 2606:4700:3030::ac43:956c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncedclouds.com/wp-content/themes/zakra/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: www.ncedclouds.com
URL: https://www.ncedclouds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:956c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ncedclouds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 May 2023 16:23:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBQ3wATzwkpqSI%2FVr%2Fum1smaBDZHJBEJzpLPypL%2FYPM1RuY6ORH3ulFoVvJdBaqH52mRSYW1cYqzev3V6TJrzT7ADRjlr1f%2BHLvoAOTmklH2d%2BCrKVNkHXlmeC8laORM%2FWBWIaUTOlvVhq9Gy8UOybY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 83394c2ed900369a-LHR
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Dec 2023 23:34:16 GMT

GET
H2 200 style.css
www.ncedclouds.com/wp-content/themes/zakra/ 57 KB
11 KB 466ms
461ms Stylesheet
text/css 2606:4700:3030::ac43:956c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncedclouds.com/wp-content/themes/zakra/style.css?ver=2.2.1
Requested by: Host: www.ncedclouds.com
URL: https://www.ncedclouds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:956c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21b984f5dca503e52510fa5d109025ee314f1a93fdc89062df7f05b52e030169

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ncedclouds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 May 2023 16:23:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMoN2evionvJcx8gJZ%2B0RywYYzKJ8Njt1IdZm6ZQA7vx0BQNgT5XTmZzAvJyjOnFzV312dxIdymjWnPvpJlagN7wjxVcDy5MMcorrX5f3ilQehEtW4MrhnE9vgS%2BUeDmSd%2BNepURSHW9CV4sR3fi3Lk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 83394c2ed902369a-LHR
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Dec 2023 23:34:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 242ms
80ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89706063-1

Requested by

Host: www.ncedclouds.com
URL: https://www.ncedclouds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b656ec64afaf06bafff6dbc413749e2bfec49c2bbba66e8d2f3ff53e29f0da0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ncedclouds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68988
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Dec 2023 23:34:16 GMT

GET
H2 200 cropped-NCEdCloud_logo-e1684862555751.png
www.ncedclouds.com/wp-content/uploads/2023/05/ 43 KB
44 KB 603ms
599ms Image
image/png 2606:4700:3030::ac43:956c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ncedclouds.com/wp-content/uploads/2023/05/cropped-NCEdCloud_logo-e1684862555751.png
Requested by: Host: www.ncedclouds.com
URL: https://www.ncedclouds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:956c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93d5c82eaadc01ec70948945fa5366fb4534f1891c3f0c0063e14522cd3bb63a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ncedclouds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:16 GMT
cf-cache-status: MISS
last-modified: Tue, 23 May 2023 17:22:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrcF%2FQPkD2yl9300oweAArGccbIQJwxqFrMqLRYG54Lm%2FKR1tPe%2Byo0DUiSzv1SD8MipKhoBOOtrYl7wWitA5tcmSsZeiCXzLrewVEOsUIVVS2katg4xMJXOdRaSgcp9V%2FHZ98RnQJ2qK0tBiSamSrI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83394c2ed903369a-LHR
alt-svc: h3=":443"; ma=86400
content-length: 44353
expires: Sun, 17 Dec 2023 23:34:16 GMT

GET
H2 200 Ncedcloud-logo-1-2-300x296.png
www.ncedclouds.com/wp-content/uploads/2023/05/ 17 KB
18 KB 469ms
466ms Image
image/png 2606:4700:3030::ac43:956c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ncedclouds.com/wp-content/uploads/2023/05/Ncedcloud-logo-1-2-300x296.png
Requested by: Host: www.ncedclouds.com
URL: https://www.ncedclouds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:956c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 477806c0aff568c06349b8c87dcfb7cefd005c1625ee90590aa60ab6cf897630

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ncedclouds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:16 GMT
cf-cache-status: MISS
last-modified: Tue, 23 May 2023 17:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0b8g0Ymho%2BCTdNB36zvrY%2FoTVhB1LhAZqs1wrOyoTuXF6iDMpXCthBdOJ3QGKr6vDXk0qzeU4XNTeDgDSzTTuIPpyYYolQi998wo9U6k0mhM3r%2BzIK%2BpE7G7ERxGqR6uftFtW7KXxSfoGraelXvnKqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83394c2ed909369a-LHR
alt-svc: h3=":443"; ma=86400
content-length: 17785
expires: Sun, 17 Dec 2023 23:34:16 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.ncedclouds.com/wp-includes/js/ 18 KB
5 KB 321ms
321ms Script
application/javascript 2606:4700:3030::ac43:956c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncedclouds.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: www.ncedclouds.com
URL: https://www.ncedclouds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:956c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ncedclouds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qw%2FZAUWtLm3D0SVlk6sLuJFVoq%2FM1gWWw8Vg3WZqX9iGHInPVO%2FaU8wXCs%2BLQcDtIHhthKTpvCuPCYzAzW5JLMBcbVELK3AbvPcpnUYZ%2FMKW7Zl0BCmueFIf2b2fey5EVLpFoYp0hHkewhgNdvFqAuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 83394c2f2964369a-LHR
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Dec 2023 23:34:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 62ms
60ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EPFDLPYXE8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89706063-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85c604de010801c4710d5271028f29b6bc89113438aa5793c74bde6ba874f86f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ncedclouds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 23:34:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 178ms
39ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89706063-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ncedclouds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Dec 2023 23:22:30 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 706
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 11 Dec 2023 01:22:30 GMT

GET
H3 200 themegrill-icons.woff2
www.ncedclouds.com/wp-content/themes/zakra/assets/fonts/ 1 KB
2 KB 40ms
39ms Font
font/woff2 2606:4700:3030::ac43:956c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncedclouds.com/wp-content/themes/zakra/assets/fonts/themegrill-icons.woff2?5d42b271f668d2d6461ba91fc5a5a839
Requested by: Host: www.ncedclouds.com
URL: https://www.ncedclouds.com/wp-content/themes/zakra/style.css?ver=2.2.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:956c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b84099a6f7f94d98d7e0f52cf017c2a1cc0b2a9aa1d3f542f8e1379a8bc83a99

Request headers

Referer: https://www.ncedclouds.com/wp-content/themes/zakra/style.css?ver=2.2.1
Origin: https://www.ncedclouds.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:16 GMT
cf-cache-status: HIT
last-modified: Tue, 23 May 2023 16:23:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10244
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByNac8IROcLxCr0PzLSE8ME7q7AUVTeKtN5IDyChgIuPrEZb3RJnXwHYIVDYumDh%2BS9q%2B0svZQkN%2FayZ4BFEqYmpNYguWL865g3WCPL%2F96It5iRLSpmEUB6toEwdsPioJqnzaHbm7UMdVGuhjIYIx6k%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83394c3219732408-LHR
alt-svc: h3=":443"; ma=86400
content-length: 1320
expires: Sun, 17 Dec 2023 20:43:32 GMT

GET
H3 200 Ncedcloud-login-3.png
www.ncedclouds.com/wp-content/uploads/2023/05/ 18 KB
18 KB 36ms
35ms Image
image/png 2606:4700:3030::ac43:956c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ncedclouds.com/wp-content/uploads/2023/05/Ncedcloud-login-3.png
Requested by: Host: www.ncedclouds.com
URL: https://www.ncedclouds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:956c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8e4539bdd93d5969c9c9cb87690a90a86641529cb223a2c37596bee2735a992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ncedclouds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:16 GMT
cf-cache-status: HIT
last-modified: Sun, 28 May 2023 15:45:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10244
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdzRuqPnz4GAo6k3wc40bUv2B0rzeGvuE5TcVyLHZAhPadi2urPZXS0qYz8qVoOHZk9hNlPwSemo28S%2BxqugBoVJiHhG00OCrctgWWv9254JWr0e7ADtYRUd2Au6Zvpig%2BO1zsWOt4jh89ptsraxR%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83394c3259b42408-LHR
alt-svc: h3=":443"; ma=86400
content-length: 18300
expires: Sun, 17 Dec 2023 20:43:32 GMT

GET Ncedcloud-scan-qr.png
www.ncedclouds.com/wp-content/uploads/2023/05/ 0
0

GET Ncedcloud-recover-a-forgotten-password-1024x488.png
www.ncedclouds.com/wp-content/uploads/2023/05/ 0
0

GET Ncedcloud-account-recovery-768x422.png
www.ncedclouds.com/wp-content/uploads/2023/05/ 0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 205ms
64ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EPFDLPYXE8&gtm=45je3bt0v9114930798&_p=1702251256589&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=106506177.1702251257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702251256&sct=1&seg=0&dl=https%3A%2F%2Fwww.ncedclouds.com%2F&dt=NCEdCloud%20-%20NCEdCloud%20Login%20-%20my.ncedcloud.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1826
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EPFDLPYXE8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ncedclouds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 23:34:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ncedclouds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/j/ 1 B
208 B 47ms
46ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1192282643&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ncedclouds.com%2F&ul=en-us&de=UTF-8&dt=NCEdCloud%20-%20NCEdCloud%20Login%20-%20my.ncedcloud.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=509499683&gjid=973041345&cid=106506177.1702251257&tid=UA-89706063-1&_gid=1154932020.1702251257&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1726714874

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ncedclouds.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 23:34:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ncedclouds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6506601
thefacux.com/4/ 2 KB
2 KB 335ms
195ms Document
text/html 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thefacux.com/4/6506601
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.ncedclouds.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sun, 10 Dec 2023 23:34:17 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://ad-blocking24.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: 0b643ac4c647e0832dc4641b91a36da4

POST
H2 200 img.gif
my.rtmark.net/ 43 B
506 B 199ms
46ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=876965fcb7a3454e83ae47f3752e26cd

Requested by

Host: thefacux.com
URL: https://thefacux.com/4/6506601

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://thefacux.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2

200

Primary Request / Show response
windows-ad-blocker.com/
Redirect Chain

https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=757859302995403590&cost=0.140629&zoneid=6506601&campaignid=7671068&bannerid=19644485&subzoneid=0
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=17...

8 KB
5 KB

216ms
80ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172

Requested by

Host: thefacux.com
URL: https://thefacux.com/4/6506601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

f19f1e0aa26f0ac594388ed31b6163ee18bcf1dcc19768c222b7c2b3867de459

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://thefacux.com/partitial/5117856/?var=6506601&ab2r=0&prfrev=false&rhd=false
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83394c3859e724e0-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 10 Dec 2023 23:34:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDZTEcTp1NkMjrke%2BOpVqEW%2BaTz5h20BsW29Hl%2BwewbP1pQkqc8TMR1nMKC3pOlddsaTgePITIx5nMp%2BTIZCk%2FjxgS60ALrojO15mfn9QRfragPAm5ez14UQ17YG9VEaOxLg1PJGMeh7YU3KStPf3tdD7hww"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Next.js

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83394c36ed27776c-LHR
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 23:34:17 GMT
location: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbhlxX00oru9DZkUKcPo6oI1gOE00yoRi9Cuhve2eDvakcOysWNADaoltYD9TpRFz5C6ndU7rbxFiNaNJU2aUmkwhHg1YnUTmXOfFHp2aG9RtRcHCj7MOiM0c7avUVXZVsmodVhE4OIGDCdR4qyc5A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
82 KB 59ms
55ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW

Requested by

Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93455e679f811eee86b83f554b12888b553217f0c5f6adcb212cd84dbd596c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84194
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 23:34:17 GMT

GET
H2 200 8c3dd651469c9787e366b6d88eb7fa51.js Show response
euob.thatmonkeybites3.com/sxp/i/ 100 KB
37 KB 201ms
32ms Script
text/javascript 2600:9000:20ab:2400:12:b121:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Requested by: Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:2400:12:b121:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: bb78d54ae56a50e8f444358105d2b5799afd2232dedce7c61f3f7f84fa728a3f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 14:51:02 GMT
content-encoding: gzip
via: 1.1 ed6e39eea0e39e463514b9421b7a2806.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: AMS58-P3
age: 31396
etag: "18e67-C2H+Ndn3d7vNwbeY1CRVaRHqO54"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 37263
x-amz-cf-id: fAKUIJMW2T72bG3RDHVkKh1hV70XHVOtDINdwqxiLAF4Ep_Duv-F-g==
expires: Mon, 11 Dec 2023 02:51:01 GMT

GET
H2 200 c879c4b6ff58f45e.css
windows-ad-blocker.com/_next/static/css/ 38 KB
25 KB 39ms
34ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/css/c879c4b6ff58f45e.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a72a4416ab7ea2d4cf58e920dd3575742c779d18ce1bde99f8dbfcfa4b73f3bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290243
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Dec 2023 14:55:13 GMT
server: cloudflare
etag: W/"98b9-18c44c6923e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGIAPOXpyQvgsgmHeh6ZQug0N9ihBibEGsu96jzClQnpPXxzm0YKm%2FkxFdrrRC9%2BPhpmpRIzpbDwcCJoIKXI5JeSwNLHD92xDjQRQDDuZHmO1b5Izavn%2Fs%2BMpedqaAlUP6T9dWC1ZNCryA%2FQlYbQhafsCweV"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 83394c38ea6224e0-LHR

GET
H2 200 a85a315e20706270.css
windows-ad-blocker.com/_next/static/css/ 17 KB
3 KB 52ms
51ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6a09e57f0c6c676e88d3ee2bec7cc52863854fc8029270852cfcbe5d55278a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 915453
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 09:23:32 GMT
server: cloudflare
etag: W/"42a0-18c153dad9f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYR23ypcjnt2S67gZ7uY39hiiuqRKH4DgvsnndMcOo6THl5d6n6%2BKsCJ5XxASj3tniSQ2fu%2B4wHf4b8n9iiAbuBaNV7uw0ZdxQMZ7xAU6n0ecP%2FRrRiGyzdxL1uIebKXnpQ%2BsAIgcP4yeQ34T2%2BiaEBX40U4"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 83394c38ea6524e0-LHR

GET
H2 200 928-b002b5bdc2ecfb3e.js Show response
windows-ad-blocker.com/_next/static/chunks/ 56 KB
17 KB 48ms
43ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/chunks/928-b002b5bdc2ecfb3e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b78b743f668adfa0c2dad4df5f96e5db8d9740499540df1bd7a804b8a4db829

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 915453
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 09:23:32 GMT
server: cloudflare
etag: W/"e0e3-18c153dada3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2Bb0jUyNq9eQ2q%2FdOdfXiX1unram98s%2FUJuLwyt0p4chkguqWW7s8TQhIaR%2BxEWgSPbgIR2uCRjhjvuxf%2BnD4Ts%2FyJdht6OO1Sc1T5MgO%2Bl%2FRbv2jKPyUT8Gq4eOjcO4veGNJugrXPE8%2Fkvcfw9k4f2RTkuD"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 83394c391a9a24e0-LHR

GET
H2 200 2.944cae28dafd6244.js Show response
windows-ad-blocker.com/_next/static/chunks/ 69 KB
22 KB 42ms
38ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/chunks/2.944cae28dafd6244.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a40498f2332ad081b1a5ad52455487c1db238fa9bb44275fd875ede527909814

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 915453
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 09:23:32 GMT
server: cloudflare
etag: W/"114b7-18c153dada3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xVvYzoe2CNSaClnEsO66m%2BtMalgzVRVR92qRcbWJruRixUJJh09eKxT4BWcZxzEiL%2F%2BH%2FBrC9Utoiu76B7NCGnqeEAzeuqsv8JVJJ0Knn6QGR9DpHQcl5wSfsejpXJG4GPjS0E0BHUsVFpq%2FHJ%2BokUbj8JB"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 83394c391a9c24e0-LHR

GET
H2 200 webpack-da099db999a5dd31.js Show response
windows-ad-blocker.com/_next/static/chunks/ 6 KB
3 KB 39ms
35ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/chunks/webpack-da099db999a5dd31.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17e6f1da31e1a591bc82ad05c1e16dfb26c58aed8af1df4925d80564a60f8359

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290243
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Dec 2023 14:55:13 GMT
server: cloudflare
etag: W/"162d-18c44c6923a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNVj4msZNxNp5fyWej7m%2Fyx479ZFYLn9RdMPMoaO3h%2FVaXcrFsArBGvsBQF7rLksJUqGHHRGXW434eEv19Olju0VfCQQB5aJkK0ftcEvyGOBzRfdLafC53EulCzMDduyn15sH448J3yXFNCAguKaLI4cfYeG"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 83394c391a9d24e0-LHR

GET
H2 200 framework-2c79e2a64abdb08b.js Show response
windows-ad-blocker.com/_next/static/chunks/ 138 KB
45 KB 49ms
45ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/chunks/framework-2c79e2a64abdb08b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 915453
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 09:23:32 GMT
server: cloudflare
etag: W/"226fc-18c153dada3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIJJ4GUXbAjKzcGdL2emz3LirCu5GmPoFdMeaS2BttBDQOOeIHlVpSv7bvHNHXf1VkcjN76A5JAkWRJjkT6m1N2RDzZV1wB21tIwIZwF5qvRTIjrJJ%2BtHfBsFDeTIgXe%2BHh3CHpmfRItXerAZNSrpOK7vXRy"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 83394c391a9e24e0-LHR

GET
H2 200 main-a0dca5a2ff5035f1.js Show response
windows-ad-blocker.com/_next/static/chunks/ 87 KB
27 KB 59ms
56ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/chunks/main-a0dca5a2ff5035f1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b3b7c9705ecbf8632f614da7fa876ed266ce03e7ee3dc21a2cb6c32bd64e0c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 852503
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:10:06 GMT
server: cloudflare
etag: W/"15cfe-18c20fe9c1d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIYJyz%2BIDthqJzo2MMrV0sx70FPHaR6I3L5VRFkM%2B6Si50QBYbnpKaIERwibi%2BdmgO6U2SPHZ2R%2FwxsWbcMZHjdv9C0u1H0FYFy5g1knnGq5C7RZpNACuHJW0bZo2%2FcQbJ4FVY5wZqc6uYJpZzPjy1D%2BUOef"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 83394c391a9f24e0-LHR

GET
H2 200 _app-c624ed1cd7465c06.js Show response
windows-ad-blocker.com/_next/static/chunks/pages/ 65 KB
34 KB 56ms
53ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/chunks/pages/_app-c624ed1cd7465c06.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65b43dd6c779cd6456b05b135399b22acc72cb50f75dd64f9b657db5c5f568ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290243
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Dec 2023 14:55:13 GMT
server: cloudflare
etag: W/"1032b-18c44c6923a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26d0HHKD9O6yG%2Bk%2F5OmMOlBVIWi4qjOVPRtI8g8B8RKwBAJVUOX55PnTevIS8AuyD2gA2QgepHwnVbOVk9qdOk16zUyxcNfwfRYbE8BglJovumpZHY%2BVxjmfLiS2WrZ0U63QejeP7wUsNz5as93yZDfJROTs"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 83394c391aa024e0-LHR

GET
H2 200 index-38eb391d7d485452.js Show response
windows-ad-blocker.com/_next/static/chunks/pages/ 10 KB
4 KB 38ms
36ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/chunks/pages/index-38eb391d7d485452.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb8f13c3efd897cfa71a51732762b2ba618d70a42a79917ae58847375cc777a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 915453
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 09:23:32 GMT
server: cloudflare
etag: W/"2649-18c153dada3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRtWn0MX3Clgxc66%2ByCZU2S3mLbmCmR572LxQvcuY4qcW4J63gdn%2BvLx0TmiO1elYhHmAMnj7gc3Rt4lQkyE9AHX6IjKTcnpfpWCULskWexMk59ZE%2FkN6DxWvQJrH01rI8oiwNVItJmYYsJsktc%2FBzbchCOn"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 83394c391aa124e0-LHR

GET
H2 200 _buildManifest.js Show response
windows-ad-blocker.com/_next/static/cXSVYdc_RosEVSCK23lC_/ 997 B
769 B 43ms
41ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/cXSVYdc_RosEVSCK23lC_/_buildManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c29b59e4699b04707b785e5d41a3a961721c25ef09846d3efec7bbfe91fbf160

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290243
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Dec 2023 14:55:13 GMT
server: cloudflare
etag: W/"3e5-18c44c6923e"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCtPIAQCKnYUYx8V%2FxKmL%2FwgCKx%2BiBli42xBcwofwXD5lnKAqqfpQ2nuwwuAo8AreXAkIvd7zH9NCnyP%2B%2BKLUvhOBB3YlL2DSg9cbYxjslt8v2CA5%2Bk%2FulmwQ3F%2Fzwn0joAM7NBJWntlMfTX0ciqs9d2j4lu"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 83394c391aa224e0-LHR

GET
H2 200 _ssgManifest.js Show response
windows-ad-blocker.com/_next/static/cXSVYdc_RosEVSCK23lC_/ 77 B
359 B 41ms
40ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/cXSVYdc_RosEVSCK23lC_/_ssgManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290243
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Dec 2023 14:55:13 GMT
server: cloudflare
etag: W/"4d-18c44c6923e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yj5YwLqgmwYeHY9T1UVZdvQpoVF%2B5GsoJoTFxhRmo6JuCNk3MQB%2FZigEqMVcVkRGjfseUsXcKvfFZI8OsXBawxTVRVR1JKLpIfRqohlq2G%2B5yfPw0WIK4nqnMDgDxWA0FvA2lpxha3D8mNvFVG6gzRKP3PVv"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 83394c391aa324e0-LHR

GET
H2 200 icon.svg
windows-ad-blocker.com/images/promo-images/salmon/ 3 KB
2 KB 63ms
62ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windows-ad-blocker.com/images/promo-images/salmon/icon.svg

Requested by

Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Dec 2023 14:55:00 GMT
server: cloudflare
etag: W/"c75-18c44c65dce"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXRClQ8i%2FO65In%2B%2F2%2BbZ4GXUSWw2UEVOIyiuz5L8te4XgBL77AnGIcOr57hBbG7BIOq41OUZQ8tolYtTksmDhhgECriH1%2B6WAhKHW3mIY76g8ZU6z7w5w4txv5FtUabR%2F8JCXZ3VnW3hLtis5UNN62tvJACQ"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 83394c394ace24e0-LHR

GET
H2 200 available-in-chrome.svg
windows-ad-blocker.com/images/browser-icons/ 21 KB
7 KB 60ms
59ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windows-ad-blocker.com/images/browser-icons/available-in-chrome.svg

Requested by

Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/_next/static/css/c879c4b6ff58f45e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/_next/static/css/c879c4b6ff58f45e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Dec 2023 14:55:00 GMT
server: cloudflare
etag: W/"5287-18c44c65dae"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gXLEHd1yKNc0%2BRdqtw%2BrAiCvl6ARYjA1mt1uE%2BYq8LjPcHxjLhBzAunNF5Q100Km2OmAD653u%2B2SGcyrbhoPQXZoWJVwiZF1edL7eWvp%2FoYdbhhiyX%2FPelQLhw3BDzI14vJRF6OOgHG8H%2FdziqTXk13obzC"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 83394c394ad024e0-LHR

GET
H2 200 cp4kl7k.php
ad-blocking24.net/ 0
287 B 67ms
66ms Image
text/html 2606:4700:3032::6815:7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-blocking24.net/cp4kl7k.php?add_event6=1&uclick=xsktx915wj
Requested by: Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:34:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncEuLqtj8vD0vAbSKU9KZNjneE6b6u7LnI3Tz3sPzzzJ00rj381vYFv%2B87OT6qtptW4ntb8sAFyp6e4WncF9SSo7d3WCDplm6j08Gjiik0MoIHN1r8hzlI3Z6Jp3lYURScxreraVcA7IO%2B%2FwN8C1jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 83394c39df63776c-LHR
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
77 B 38ms
38ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je3bt0v9138996702&_p=1702251257760&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1192682841.1702251258&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702251257&sct=1&seg=0&dl=https%3A%2F%2Fwindows-ad-blocker.com%2F%3Fextension%3Dadblock_ultimate%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dad-blocking24.net%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D3%26src%3D6506601%26cid%3D18f2fxsktx915wjeb0%26lpkey%3D170f0245258d156557%26uclick%3Dxsktx915wj%26uclickhash%3Dxsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172&dt=Adblock%20Ultimate&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=688
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 23:34:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://windows-ad-blocker.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ct Show response
obseu.thatmonkeybites3.com/ 5 KB
2 KB 246ms
76ms Script
text/javascript 2a05:d018:56f:b804:6115:ed34:65c7:21ff
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.thatmonkeybites3.com/ct?id=46468&url=https%3A%2F%2Fwindows-ad-blocker.com%2F%3Fextension%3Dadblock_ultimate%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dad-blocking24.net%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D3%26src%3D6506601%26cid%3D18f2fxsktx915wjeb0%26lpkey%3D170f0245258d156557%26uclick%3Dxsktx915wj%26uclickhash%3Dxsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1702251258160&hl=5&op=0&ag=144935025&rand=948728787718781502820201550802620301264565715194889020276917141066597066660228012512&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDgwMzJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjU1LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MzY5ODUxODcxMCxcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkge1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAgICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAgICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAgICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9XSJdLFsiY2IiLCIwLDAsMCwwLDAsMSwwLDAsMCwzLDAsMSw2MCwxLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMSwzMSwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCw3LDAsMSwwLDAsMCwwLDAsMywwIl0sWy0xLCItIl0sWy0yLCI1LGVBSFdYMS9mM3F6Q3Zia3V5bVF3Z2xJYUYzcEVzUkVFVHBvVmRGVkJRUXBSY1JCRlNLSUlnaVJJcjBLaEpScXBTQXRDQWtRSHBJenliYlhwbVpyLzUvZDk2YnpjdVNBUEovR3QiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yMCwiMTE5MjY4Mjg0MS4xNzAyMjUxMjU4Il0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjE1MjAwMDAwLFwidWpoc1wiOjExMjAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsOS40LDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTcwMjI1MTI1ODExOCwwXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSwyODIsMCwyMCwwLDAsMTE2LDk4LC0xLDAsNTkzLDU5Myw4OTYsODk3Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDMsZmFsc2UsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMSJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsNjc3LDAsMCwwLDU2MiwwLDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIkV1cm9wZS9Mb25kb24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjEwMCJdLFstNTQsIi0iXSxbLTU1LCIxIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUTRJQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZGNYQmtSVVUxTlNVb0RGaFpjVEZaYkYwMVJXRTFVVmxkU1hFQmJVRTFjU2dvWFdsWlVGa3BCU1JaUUZnRmFDbDFkRHd3SURROEFXZ0FPQVE1Y0NnOFBXdzlkQVFGY1d3NWZXQXdJRjFOS0F3Z0REdzhKQVEwUUZWaE5HVTBYWEVGSlZrdE5TaGtSVVUxTlNVb0RGaFpjVEZaYkYwMVJXRTFVVmxkU1hFQmJVRTFjU2dvWFdsWlVGa3BCU1JaUUZnRmFDbDFkRHd3SURROEFXZ0FPQVE9PSJdLFstNTgsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy02MCwyMjJdLFstNjEsIntcIndnc2xcIjpcIjA7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTYyLCI4MCJdLFstNjMsIjEiXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFstNjUsIi0iXSxbLTY2LCJnZW9sb2NhdGlvbixzdG9yYWdlYWNjZXNzLGdhbWVwYWQsY2hlY3QsbWlkaSxkaXNwbGF5Y2FwdHVyZSx1c2IsbG9jYWxmb250cyxwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LG90cGNyZWRlbnRpYWxzLGNodWFmb3JtZmFjdG9yLGVuY3J5cHRlZG1lZGlhLGNoc2F2ZWRhdGEsY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjaHVhd293NjQsY2hkb3dubGluayxjaHByZWZlcnNjb2xvcnNjaGVtZSxzeW5jeGhyLGNodWFtb2RlbCxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxneXJvc2NvcGUsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEsbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxjbGlwYm9hcmR3cml0ZSxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy02NywiMjUzMjMxMjg4ODoyMCJdLFsiZGRiIiwiMCw0LDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDEsMCwyLDksMCwxLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDUsMCwwLDAsMCwwLDAsMjAiXSxbImJuY2giLDE2M10sWyJhYm5jaCIsMTY0XV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=RQnUtMAABd&pto=939&ver=57&gac=1192682841.1702251258&mei=&ap=&fe=1&duid=1.1702251258.D1F8JZcDTj2okYj2&suid=1.1702251258.BtUuzMp6wFbsjbAy&tuid=1.1702251258.D60hZSDDEkgHufsg&fbc=-&gtm=W10%3D&it=23%2C512%2C217&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
Requested by: Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 528d7004a125a550987ce0a5f3438f82d1e167d84435198eceea1bdcf78cb51c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Sun, 10 Dec 2023 23:34:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1536
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc_imp.gif
obseu.thatmonkeybites3.com/tracker/ 43 B
79 B 40ms
39ms Image
image/gif 2a05:d018:56f:b804:6115:ed34:65c7:21ff
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obseu.thatmonkeybites3.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aecc530eb458f959225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a17896b2f17071a10acf9f29f674d8182da547e6c4dab7f76038e32d96b9505350271c751560c60565cc7be394f77be26bb25cb43e2916af05265ae0e257b1bdf50eb42f497d7de69bb2807ff7ecaa8556d8e0e3143714493d6026df660b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7948677a0dbde53e2489b592e019cbecbf7af2b95dfe57594351ccdeb8b795904fd736fac951764ead1ff718e07aa4ee6821cc21acec97ec63e36c39076d0669880eae193fdbd4c38fc2eb6bdf2294d26f9913f82be50eb0102419457459a9788c4c7f190218729d6d1b58675ef757c24c879269bd9cc493dc6ef7fba0aea9f129571af734f4a5df121b11bd7c8ad69bfc32ad711e88283ca6480564961b95e1f56214573cbab27b54bddf18129aa9d6ef1cf2fdccde9f0708eb9ec53632edea55243cdf30d540fe1b3e23ffa65c7fc0fbebd6ee325f76fec07d915d7ad39c00c63a6ffc430666c235c6f490f42a7e29a2f9051ba434b432ffeb44ec9cb4158f3b9d7ecbe3a8aaebfb8cef1aef40c1569a94790ea1935d60a681ad0630b716ef27ead731196eac4658f65d033cef87094eb5694334c7a644a75129987becd792809c34b1ecd829ae3bd82105edaf8b47c938829669091497821f090dc117baa2fc559c007e275cf58c6901ab1ee2fa5cd898f850034bbe52663d473a78ab2b90a8e3861040f95745112e4f21cd0b206c09a98c148dfd495391c4035ac21b957b85fb39d7bd363512b45266f3db40cdbc37100fb7dcab5e729cb9c159e7e61fc49296d9ba8915948f263abdf568350604413e3653e88bd897ad74569cbf64ff88a83bbf916c857472314fb75235a9e98085da43de0fec32f8ad2ee0b556ebe78765a77934e05b8dd974c039a706cc18b950395c6b0a44424bb36a71a695ecf52207dd3cc074282cafed5eab30ffc39a167c938c78f03d8f0fe2b33f39b43c49ea2afc2f3d4d129438ce625558722930a9d5ee2f836a9cfcdd576ae9bd4f8fb467388fce7fe43c255944f1762126bc88c2437dc65ef5db89624f95271b67f54dc31ad8f7874a76575104799fcc65984ad5658131458b485dfe5c941cc17a9b0207dd3db421a015368273ee423b1f97e56fca2d8db96e2c3e9f6b268e4b2fc4d692715133c387a4fce4b0e5ce7b9fff569ecca6a4088934dae925e99e1c5c8c487d368926082168a6bf997fbd0df6f31898699b6021603749cccc7e23500bd811d365afb13f973385abc12bf0e9d017ccf4453c599a7ffc198d2eada3cd24cd4cc7f8bb4afdf76e69cbf2e048e9ad57af17ba3dbd64064c3c472cc863467e74c45fe4c516a0b30a29f6c44c04b0a666be92bcbdcf13e02a03d440e6291&cri=RQnUtMAABd&ts=292&cb=1702251258452
Requested by: Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Sun, 10 Dec 2023 23:34:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK ef9bada8-70e1-43c6-9d48-96b4a07ab755
https://windows-ad-blocker.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://windows-ad-blocker.com/ef9bada8-70e1-43c6-9d48-96b4a07ab755
Requested by: Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a386b96bcb5d0aaba5464a534589c0f980a6e8121d26e1c956ff11c17bc321cb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK 0f7164e9-013a-4d9e-aa1d-46206d30b7fb
https://windows-ad-blocker.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://windows-ad-blocker.com/0f7164e9-013a-4d9e-aa1d-46206d30b7fb
Requested by: Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6506601&cid=18f2fxsktx915wjeb0&lpkey=170f0245258d156557&uclick=xsktx915wj&uclickhash=xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6aa6d775589d92a605c0256dffac456ee1d9b8bb4ac04e723b9383e35b7a42c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 529
Content-Type

POST
H2 200 mon Show response
obseu.thatmonkeybites3.com/ 0
152 B 70ms
69ms XHR
application/json 2a05:d018:56f:b804:6115:ed34:65c7:21ff
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.thatmonkeybites3.com/mon
Requested by: Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windows-ad-blocker.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://windows-ad-blocker.com
date: Sun, 10 Dec 2023 23:34:19 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obseu.thatmonkeybites3.com/ 0
39 B 70ms
69ms XHR
application/json 2a05:d018:56f:b804:6115:ed34:65c7:21ff
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.thatmonkeybites3.com/mon
Requested by: Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windows-ad-blocker.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://windows-ad-blocker.com
date: Sun, 10 Dec 2023 23:34:21 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.ncedclouds.com
URL: https://www.ncedclouds.com/wp-content/uploads/2023/05/Ncedcloud-scan-qr.png

Domain: www.ncedclouds.com
URL: https://www.ncedclouds.com/wp-content/uploads/2023/05/Ncedcloud-recover-a-forgotten-password-1024x488.png

Domain: www.ncedclouds.com
URL: https://www.ncedclouds.com/wp-content/uploads/2023/05/Ncedcloud-account-recovery-768x422.png

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ncedclouds.com/	1970-01-21 02:26:51	Name: _ga_EPFDLPYXE8 Value: GS1.1.1702251256.1.0.1702251256.0.0.0
.ncedclouds.com/	1970-01-21 02:26:51	Name: _ga Value: GA1.2.106506177.1702251257
.ncedclouds.com/	1970-01-20 16:52:17	Name: _gid Value: GA1.2.1154932020.1702251257
.ncedclouds.com/	1970-01-20 16:50:51	Name: _gat_gtag_UA_89706063_1 Value: 1
thefacux.com/	1970-01-21 01:36:27	Name: OAID Value: 876965fcb7a3454e83ae47f3752e26cd
thefacux.com/	1970-01-21 01:36:27	Name: oaidts Value: 1702251257
my.rtmark.net/	1970-01-21 01:36:27	Name: ID Value: 876965fcb7a3454e83ae47f3752e26cd
ad-blocking24.net/	1970-01-20 16:52:17	Name: uclick Value: xsktx915wj
ad-blocking24.net/	1970-01-20 16:52:17	Name: uclickhash Value: xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
.windows-ad-blocker.com/	1970-01-21 02:26:51	Name: extension Value: adblock_ultimate
.windows-ad-blocker.com/	1970-01-21 02:26:51	Name: promo Value: salmon
.windows-ad-blocker.com/	1970-01-21 02:26:51	Name: big Value: none
.windows-ad-blocker.com/	1970-01-21 02:26:51	Name: clk_domain Value: ad-blocking24.net
.windows-ad-blocker.com/	1970-01-21 02:26:51	Name: flow Value: binom
.windows-ad-blocker.com/	1970-01-21 02:26:51	Name: campaignId Value: 10557
.windows-ad-blocker.com/	1970-01-21 02:26:51	Name: trafficsource Value: 3
.windows-ad-blocker.com/	1970-01-21 02:26:51	Name: src Value: 6506601
.windows-ad-blocker.com/	1970-01-21 02:26:51	Name: cid Value: 18f2fxsktx915wjeb0
.windows-ad-blocker.com/	1970-01-21 02:26:51	Name: lpkey Value: 170f0245258d156557
.windows-ad-blocker.com/	1970-01-21 02:26:51	Name: uclick Value: xsktx915wj
.windows-ad-blocker.com/	1970-01-21 02:26:51	Name: uclickhash Value: xsktx915wj-xsktx915wj-8p6o-1zdz-h9yd-wf1m-wfd5-0f5172
.windows-ad-blocker.com/	1970-01-21 02:26:51	Name: _ga_D9B6K7HFTW Value: GS1.1.1702251257.1.0.1702251257.0.0.0
.windows-ad-blocker.com/	1970-01-21 02:26:51	Name: _ga Value: GA1.1.1192682841.1702251258
.windows-ad-blocker.com/	1970-01-20 19:02:15	Name: _cq_duid Value: 1.1702251258.D1F8JZcDTj2okYj2
.windows-ad-blocker.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1702251258.BtUuzMp6wFbsjbAy
obseu.thatmonkeybites3.com/	1970-01-21 00:54:41	Name: cg_uuid Value: 431ccbcfe7179969b157bd3fceb310b0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	verbose	URL: blob:https://windows-ad-blocker.com/ef9bada8-70e1-43c6-9d48-96b4a07ab755(Line 1) Message: Error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-blocking24.net
euob.thatmonkeybites3.com
my.rtmark.net
ncedclouds.com
obseu.thatmonkeybites3.com
region1.google-analytics.com
thefacux.com
windows-ad-blocker.com
www.google-analytics.com
www.googletagmanager.com
www.ncedclouds.com
www.ncedclouds.com
139.45.195.8
139.45.197.238
2001:4860:4802:32::36
2600:9000:20ab:2400:12:b121:9c80:93a1
2606:4700:3030::ac43:956c
2606:4700:3031::6815:1d9a
2606:4700:3032::6815:7c7
2a00:1450:4001:811::200e
2a00:1450:4001:81c::2008
2a05:d018:56f:b804:6115:ed34:65c7:21ff
2a06:98c1:3121::3
17e6f1da31e1a591bc82ad05c1e16dfb26c58aed8af1df4925d80564a60f8359
21b984f5dca503e52510fa5d109025ee314f1a93fdc89062df7f05b52e030169
477806c0aff568c06349b8c87dcfb7cefd005c1625ee90590aa60ab6cf897630
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5020db0ae6959d29c0dcbcafb79a879820898928c487e5b906c2d4f6e04a68ab
528d7004a125a550987ce0a5f3438f82d1e167d84435198eceea1bdcf78cb51c
5b3b7c9705ecbf8632f614da7fa876ed266ce03e7ee3dc21a2cb6c32bd64e0c2
65b43dd6c779cd6456b05b135399b22acc72cb50f75dd64f9b657db5c5f568ab
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
85c604de010801c4710d5271028f29b6bc89113438aa5793c74bde6ba874f86f
93455e679f811eee86b83f554b12888b553217f0c5f6adcb212cd84dbd596c92
93d5c82eaadc01ec70948945fa5366fb4534f1891c3f0c0063e14522cd3bb63a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b78b743f668adfa0c2dad4df5f96e5db8d9740499540df1bd7a804b8a4db829
a386b96bcb5d0aaba5464a534589c0f980a6e8121d26e1c956ff11c17bc321cb
a40498f2332ad081b1a5ad52455487c1db238fa9bb44275fd875ede527909814
a6a09e57f0c6c676e88d3ee2bec7cc52863854fc8029270852cfcbe5d55278a2
a72a4416ab7ea2d4cf58e920dd3575742c779d18ce1bde99f8dbfcfa4b73f3bf
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
b656ec64afaf06bafff6dbc413749e2bfec49c2bbba66e8d2f3ff53e29f0da0e
b84099a6f7f94d98d7e0f52cf017c2a1cc0b2a9aa1d3f542f8e1379a8bc83a99
bb78d54ae56a50e8f444358105d2b5799afd2232dedce7c61f3f7f84fa728a3f
c29b59e4699b04707b785e5d41a3a961721c25ef09846d3efec7bbfe91fbf160
cb8f13c3efd897cfa71a51732762b2ba618d70a42a79917ae58847375cc777a9
d6aa6d775589d92a605c0256dffac456ee1d9b8bb4ac04e723b9383e35b7a42c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
f19f1e0aa26f0ac594388ed31b6163ee18bcf1dcc19768c222b7c2b3867de459
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7
f8e4539bdd93d5969c9c9cb87690a90a86641529cb223a2c37596bee2735a992

windows-ad-blocker.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

89 %HTTPS

82 %IPv6

8 Domains

11 Subdomains

11 IPs

4 Countries

619 kBTransfer

1668 kBSize

26 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

windows-ad-blocker.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

89 %
HTTPS

82 %
IPv6

8
Domains

11
Subdomains

11
IPs

4
Countries

619 kB
Transfer

1668 kB
Size

26
Cookies

44 HTTP transactions
0 data transactions