urlscan.io logo urlscan.io
SecurityTrails logo

distrib.install-extension.com Open in urlscan Pro
188.114.97.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ak.uplatiason.com/4/6851943/0.036758660828912326
Effective URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom...
Submission: On April 23 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 28 HTTP transactions. The main IP is 188.114.97.9, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is distrib.install-extension.com. The Cisco Umbrella rank of the primary domain is 477687.
TLS certificate: Issued by GTS CA 1P5 on March 15th 2024. Valid for: 3 months.
This is the only time distrib.install-extension.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 104.77.118.56 20940 (AKAMAI-ASN1)
1 139.45.195.8 9002 (RETN-AS)
1 37.48.68.71 60781 (LEASEWEB-...)
1 1 52.58.28.63 16509 (AMAZON-02)
18 188.114.97.9 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
28 7
6    104.77.118.56 (Slough, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-77-118-56.deploy.static.akamaitechnologies.com
ak.uplatiason.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
datatechone.com
1    52.58.28.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com
track.installing-adblocker.com
18    188.114.97.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
distrib.install-extension.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
18 install-extension.com
distrib.install-extension.com — Cisco Umbrella Rank: 477687
326 KB
6 uplatiason.com
ak.uplatiason.com — Cisco Umbrella Rank: 462553
17 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404
254 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
89 KB
1 installing-adblocker.com
track.installing-adblocker.com
455 B
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 29445
470 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11881
491 B
28 7
Domain Requested by
18 distrib.install-extension.com ak.uplatiason.com
distrib.install-extension.com
6 ak.uplatiason.com 1 redirects ak.uplatiason.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com distrib.install-extension.com
1 track.installing-adblocker.com 1 redirects distrib.install-extension.com
1 datatechone.com ak.uplatiason.com
1 my.rtmark.net ak.uplatiason.com
28 7

This site contains no links.

Subject Issuer Validity Valid
ak.hetaruwg.com
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh
rtmark.net
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-10 -
2024-12-23		 a year crt.sh
install-extension.com
GTS CA 1P5		 2024-03-15 -
2024-06-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Frame ID: 6B73C143D3DE3D8D40FFD5F0D01628D8
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Essential AdBlocker

Page URL History Show full URLs

  1. http://ak.uplatiason.com/4/6851943/0.036758660828912326 HTTP 307
    https://ak.uplatiason.com/4/6851943/0.036758660828912326 Page URL
  2. https://ak.uplatiason.com/?z=6851943&syncedCookie=true&rhd=false HTTP 302
    https://ak.uplatiason.com/4/6118780/?var=6851943&btz=Europe/London&bto=-60&bar=x Page URL
  3. https://track.installing-adblocker.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=806748489425097684&cost=0.002713&z... HTTP 307
    https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adbl... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

28
Requests

96 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

432 kB
Transfer

1246 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ak.uplatiason.com/4/6851943/0.036758660828912326 HTTP 307
    https://ak.uplatiason.com/4/6851943/0.036758660828912326 Page URL
  2. https://ak.uplatiason.com/?z=6851943&syncedCookie=true&rhd=false HTTP 302
    https://ak.uplatiason.com/4/6118780/?var=6851943&btz=Europe/London&bto=-60&bar=x Page URL
  3. https://track.installing-adblocker.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=806748489425097684&cost=0.002713&zoneid=6118780&campaignid=7671068&bannerid=19644485&subzoneid=0 HTTP 307
    https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ak.uplatiason.com/4/6851943/0.036758660828912326 HTTP 307
  • https://ak.uplatiason.com/4/6851943/0.036758660828912326
Request Chain 5
  • https://ak.uplatiason.com/?z=6851943&syncedCookie=true&rhd=false HTTP 302
  • https://ak.uplatiason.com/4/6118780/?var=6851943&btz=Europe/London&bto=-60&bar=x

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0.036758660828912326
ak.uplatiason.com/4/6851943/
Redirect Chain
  • http://ak.uplatiason.com/4/6851943/0.036758660828912326
  • https://ak.uplatiason.com/4/6851943/0.036758660828912326
33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.uplatiason.com/4/6851943/0.036758660828912326
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.118.56 Slough, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-77-118-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8419169d6696b6922a2a708ea0df14b79741fb209b1a4eedc62c6b3cf61cf821
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
13381
content-type
text/html; charset=utf8
date
Tue, 23 Apr 2024 21:22:27 GMT
expires
Tue, 23 Apr 2024 21:22:27 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
strict-transport-security
max-age=1
timing-allow-origin
* *
vary
Accept-Encoding
x-content-type-options
nosniff
x-trace-id
300d9efb718ae4c6c9557cd9e034b8a5

Redirect headers

Location
https://ak.uplatiason.com/4/6851943/0.036758660828912326
Non-Authoritative-Reason
HttpsUpgrades
sftouch
ak.uplatiason.com/ 		2 B
534 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ak.uplatiason.com/sftouch?userId=00804755973d45c5e57f61e7ff84c506&z=6851943&p_rid=c6646c37-31e0-4e30-9dcc-ec8637f44e27&p_src=sf&branchId=0&rb=BnWtdWECnnfUaJFgWnp4fVbRHDQkunazabJuFPJeGRktxCOQCnk7j3yHNyr1zaHpKyZ8MkLsS8zAUxVgSFPAU1OSlSlvZ94AMsdv31dHPStfHxWDDInOTMmqk375Lmm8vqinPXCBaJd16x5NloSKVEiYtJ-Sg1a2SyTpz44t6JRyx1GqrPTM-xtLtlPkQQF1INnvmV0uWCD-qhQOvypZW4sOdnq6Q0k73wiP7iU4OvB7TiTY7HCuRxjJxyh7TzzgylWYzbiIqMNIbyZx9ll7EWGFXtO03gb5mlyb8A==
Requested by
Host: ak.uplatiason.com
URL: https://ak.uplatiason.com/4/6851943/0.036758660828912326
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.118.56 Slough, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-77-118-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
Referer
https://ak.uplatiason.com/4/6851943/0.036758660828912326
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=1
date
Tue, 23 Apr 2024 21:22:27 GMT
x-content-type-options
nosniff
content-length
2
x-trace-id
b46a8565f407bc47f80c372ffe127b7b
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://ak.uplatiason.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 23 Apr 2024 21:22:27 GMT
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=00804755973d45c5e57f61e7ff84c506&z=6851943&p_rid=c6646c37-31e0-4e30-9dcc-ec8637f44e27&p_src=sf
Requested by
Host: ak.uplatiason.com
URL: https://ak.uplatiason.com/4/6851943/0.036758660828912326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ak.uplatiason.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c6646c37-31e0-4e30-9dcc-ec8637f44e27
Requested by
Host: ak.uplatiason.com
URL: https://ak.uplatiason.com/4/6851943/0.036758660828912326
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://ak.uplatiason.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 23 Apr 2024 21:22:28 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://ak.uplatiason.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
favicon.ico
ak.uplatiason.com/ 		0
110 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ak.uplatiason.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.118.56 Slough, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-77-118-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
Referer
https://ak.uplatiason.com/4/6851943/0.036758660828912326
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 21:22:28 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 23 Apr 2024 21:22:28 GMT
/
ak.uplatiason.com/4/6118780/
Redirect Chain
  • https://ak.uplatiason.com/?z=6851943&syncedCookie=true&rhd=false
  • https://ak.uplatiason.com/4/6118780/?var=6851943&btz=Europe/London&bto=-60&bar=x
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.uplatiason.com/4/6118780/?var=6851943&btz=Europe/London&bto=-60&bar=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.118.56 Slough, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-77-118-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://ak.uplatiason.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
621
content-type
text/html; charset=utf8
date
Tue, 23 Apr 2024 21:22:28 GMT
expires
Tue, 23 Apr 2024 21:22:28 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://track.installing-adblocker.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache
strict-transport-security
max-age=1
timing-allow-origin
* *
vary
Accept-Encoding
x-content-type-options
nosniff
x-trace-id
cd8c443d439de3fc96e9edf625b4017b

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ak.uplatiason.com
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Tue, 23 Apr 2024 21:22:28 GMT
expires
Tue, 23 Apr 2024 21:22:28 GMT
link
<https://ak.uplatiason.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://ak.uplatiason.com/4/6118780/?var=6851943&btz=Europe/London&bto=-60&bar=x
pragma
no-cache
referrer-policy
no-referrer
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
2f810e6b69ccdef66fb31d46e35f74ee
favicon.ico
ak.uplatiason.com/ 		0
110 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ak.uplatiason.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.118.56 Slough, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-77-118-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
Referer
https://ak.uplatiason.com/afu.php?zoneid=6851943&var=6851943&rid=U65rf3eq-8UZ_KSLSwnwew%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=124.0.6367.60
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 21:22:28 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 23 Apr 2024 21:22:28 GMT
Primary Request /
distrib.install-extension.com/
Redirect Chain
  • https://track.installing-adblocker.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=806748489425097684&cost=0.002713&zoneid=6118780&campaignid=7671068&bannerid=19644485&subzoneid=0
  • https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Requested by
Host: ak.uplatiason.com
URL: https://ak.uplatiason.com/4/6118780/?var=6851943&btz=Europe/London&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
3dc6e1f83b087e59a2015e8cd2f7765ffd67a354c98b5a4d0dbbd8df8eaac610
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://ak.uplatiason.com/partitial/5117854?var=6118780&ab2r=0&prfrev=false&rhd=false&sf=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8790e8c36e18946c-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 23 Apr 2024 21:22:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cDmlK6Et1VbpGXvtWUrpxXtaQwv3Mi5KS5V7Tz1KsMtks6OmVMX0S8wPkJGAuBXJ5w5t0PtKAXhAcf8XXpYgj1LYRmc%2FSOlPaI2wAW1llMc%2FaHmxy%2BG5ZTpvfqf%2B5kqfrYFVdedwj9mVyR7uLpPlog%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Next.js

Redirect headers

content-length
0
date
Tue, 23 Apr 2024 21:22:28 GMT
location
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
server
Caddy
x-request-id
9d48801a-32e4-4656-956a-439799236d07
js
www.googletagmanager.com/gtag/ 		254 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17999fa896b4106cc0b56e6b9ea0a79048e99cbef1cc2399129b4cffa2a266d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90920
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Apr 2024 21:22:29 GMT
9d92a176c9608aa4.css
distrib.install-extension.com/_next/static/css/ 		102 B
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/_next/static/css/9d92a176c9608aa4.css
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1346657
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:49:03 GMT
server
cloudflare
etag
W/"66-18ebac03847"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wM2pJcqkOD0hrd7nlMc59Y7SIOkeLdxT%2BmNZ4FqtShoAhviGyCSwjqsSDC9FAvLUQNJm5l%2F1IQ2medwpO%2BEYdzTTeiqTAgodDqS3MZDmbTP%2F1DuQozNv%2BmrSR%2BlBqzhJU%2BLCjHemlZQkfsYBl0JJGw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8790e8c3fecf946c-LHR
6624b28ad7c81098.css
distrib.install-extension.com/_next/static/css/ 		53 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/_next/static/css/6624b28ad7c81098.css
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612bc0bfe939c01266249da83fc090b6a12b06121ecb9003e0b972b5919ff348
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81161
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:35 GMT
server
cloudflare
etag
W/"d532-18f07ff310a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8TIAAwIH2MXn9%2FYZx4ReldZ7U3qdzcdZj%2BxUXKRTJ3iDUUU3D4qQttGKCZIPSW0PlRXVKVjf5PR2MwKu3ImAbE%2BPMt7%2BooPXsuuglRXNrCgGCljnXmd3GvEouGp0CxJSlZXbBMlSSYD4TZl39Nyj8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8790e8c3fed1946c-LHR
cc418b0c6bf1a331.css
distrib.install-extension.com/_next/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/_next/static/css/cc418b0c6bf1a331.css
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46d26b72ae2b2b742ccff82bc2bce009f75ad9037d6541dcc3c695ea04ad533d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81161
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:35 GMT
server
cloudflare
etag
W/"c87-18f07ff310a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D0%2BUnukJpBvvSrOyTvGsd38bL26RbbDF0vxAW0Jt%2FkZR3QHJgqnEae2CiG4XS4UOHnXkeFVTWIZignG%2FhSlcDxJw%2BdZYowx3bIiYvRrKDagQhT2wdcZdMfy0rw690Bg%2F5B30s%2Be40nPE5UQbf7oI8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8790e8c3fed3946c-LHR
928-098d30093d7a53de.js
distrib.install-extension.com/_next/static/chunks/ 		103 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/_next/static/chunks/928-098d30093d7a53de.js
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c93bdc96efec15f9a1051266985bfac2a37faaa1e75a538f882cf9271969385
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81160
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:35 GMT
server
cloudflare
etag
W/"19af6-18f07ff3112"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gLwLVOz9TMcCICUMiQiwkRinCUVmknpgiFpmNYt9gyb%2FYoCHUhRaJjEMB9je1yJLjUG44wE2NR0ZbDxNQsU278Do0TEfKd8yoyc28%2FrmD63aiu3I%2Bie58%2FCHznPsZfJv2syNUAgrTpJnFAYtDtjs3w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8790e8c41ef3946c-LHR
166.e3872adc3133803c.js
distrib.install-extension.com/_next/static/chunks/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/_next/static/chunks/166.e3872adc3133803c.js
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0f1cd9d408ad5481760a5be3853d4520ec11c88f97af839c6e8f2a69342c7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81161
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:35 GMT
server
cloudflare
etag
W/"442d-18f07ff310e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMopD1GwyNDzSFp3FSrteRvQFE9Bx7REBMMh%2FV1QWaD53QNshMEpbUsaHJ82Q041fy1ORnCAfefdXGLvBqrJaOdfbHFi4%2FVPG5xUPDfczx%2FZ%2Fd39RwcxZo6Y5N4OKEazD0Mx%2FfLalPbJknFLqAOOTg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8790e8c41efa946c-LHR
983.7df084c3c1b46127.js
distrib.install-extension.com/_next/static/chunks/ 		151 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/_next/static/chunks/983.7df084c3c1b46127.js
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f54c1926e1eca808c1abc58816273ecdca9912b60fff5abeec257a3dd58226
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81161
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:35 GMT
server
cloudflare
etag
W/"25ae3-18f07ff310e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=chi7Yk6uJBfYDMgn6ejGM8EbLwAkKCVvMLgROreVvI2LarvTSybYTrLy%2B44K38EJoixacm9vPQHcqBoqpa3%2BfuD2M4NzPfy6Hk8uD%2FeVd8E3EFFH7iv8axS%2B3PNKCj4LMPLmf9U%2FLqpjXbReJC3Ahg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8790e8c41eff946c-LHR
webpack-5e7e238b7757fae3.js
distrib.install-extension.com/_next/static/chunks/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/_next/static/chunks/webpack-5e7e238b7757fae3.js
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
706dcd9e8820e2c74dfda381e8970328e60b78410febb2665f8ad350bb8c6306
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81161
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:35 GMT
server
cloudflare
etag
W/"24ee-18f07ff3112"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qjd3wA%2FbBaV4SMV8ktJo1LGaKZeUs7m1wt9y4AxxSPzJON2wLixaRXSRKmbFzr068NZ1QrpFp%2BtKAeLxcfP8zI8zKvA%2FVtUT6RqacGSOs%2F8QbkZhKVt4lPKvBMoBX5rpxVucFdJWgZgQ3P5pDJsmWw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8790e8c41f01946c-LHR
framework-b6c83bfa9a39c763.js
distrib.install-extension.com/_next/static/chunks/ 		254 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/_next/static/chunks/framework-b6c83bfa9a39c763.js
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44194db98e4976a20d8e2c04f37f017a6705cca8b762db693200248f06ed9204
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81160
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:35 GMT
server
cloudflare
etag
W/"3f83d-18f07ff3112"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uMp4%2FGpkjF2EERUX8REKKah9o%2BIaO9DAAMOAgKTIIld7lbR0VCQsJfu7CY1KRdmEChKLw1KLD75vc8RTJD5RxXirF3HAE2jjugeRbajpCaWm9J7HEO7HSk7rTPYGWfDi3AsgjJvW%2FsRb8TeeBzIDPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8790e8c41f02946c-LHR
main-135f21a169f4ba91.js
distrib.install-extension.com/_next/static/chunks/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/_next/static/chunks/main-135f21a169f4ba91.js
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1dac2ae7890611de9109085164f050111ecabffb600b373b4fbd21cbded69f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81161
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:35 GMT
server
cloudflare
etag
W/"244f4-18f07ff310e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijY%2Bbi%2Bc3wFYM8d8N8HyzWMddKXvLIN5L5sQ9OqnWWoaCYnnf3GiT%2F3K5ulSI8H3L1o7vA%2BMcEpxgMQymLZnKyTZCp5cmcxknOP19dxMQwX5IZ%2B5sV0JuOS3EdbYIgse9EHvKdyv0guixXHYBBnZOA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8790e8c41f03946c-LHR
_app-8f219d1ce4cef753.js
distrib.install-extension.com/_next/static/chunks/pages/ 		79 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/_next/static/chunks/pages/_app-8f219d1ce4cef753.js
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dddad0c7c60e631ad5933f20d92537a63b856ddc4bc0de6c94bc74ed370672c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81161
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:35 GMT
server
cloudflare
etag
W/"13c57-18f07ff310e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0Y2laImNed8DSPBSCjaCuCz1ERn3OAXu5ZIttuaNUzgfv0LH7ad9EPMO2XWzqrvuT2RljIuWdnfLKSIPp0R67HJYvTTAk0RmR9l6F14CB4mcr%2Fm5tnBIEjrH4QrYFqTqFqCl%2FBOw8kjKf0ZUIPZQA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8790e8c41f05946c-LHR
index-c118523abefcad9d.js
distrib.install-extension.com/_next/static/chunks/pages/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/_next/static/chunks/pages/index-c118523abefcad9d.js
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448e4cf97daf625ff9916c449afd9ae2f62bfdb221f4ab247c076f82ec9aa2c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81160
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:35 GMT
server
cloudflare
etag
W/"4e2d-18f07ff3112"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MRSwKpIHepwT8%2BAvyIkxREGUgEy%2FeYIMsncWrHwqCFB%2FLmFPTI6FhOTdlly6n0%2BbKLNvldrWbaM%2BbDNykSb8jRkUNcDieyp8svWUxoA9%2FwtfADgvRTiIip0psbUvQiE1CjqFV44JczyKbqY3Xkntrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8790e8c41f07946c-LHR
_buildManifest.js
distrib.install-extension.com/_next/static/3I3NH8U3G11WbwYohY_0Q/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/_next/static/3I3NH8U3G11WbwYohY_0Q/_buildManifest.js
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c2ec4de25123303884f23f7c770fb0ad852ff038652c444f3f8c43f249c5869
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81161
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:35 GMT
server
cloudflare
etag
W/"407-18f07ff310e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ICLyEncseHgUHmEhgdfiDzTF8HGty9qv7G7cySxy%2B824rKo7g0XA4heEwLepGSIsUTKYIs269XRC4FNVKc1mFqRh0N5E3W5abDqPoGSb0%2FwsJijKvKuXpJMJyBsqCos0x9Yr3y%2FXy3l1Y31gBesqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8790e8c41f09946c-LHR
_ssgManifest.js
distrib.install-extension.com/_next/static/3I3NH8U3G11WbwYohY_0Q/ 		77 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/_next/static/3I3NH8U3G11WbwYohY_0Q/_ssgManifest.js
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81161
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:35 GMT
server
cloudflare
etag
W/"4d-18f07ff310e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qn1LgTA4QhfmE5bLMKRfr6gOzosVyDJffUD7A4Voj%2B7Xke63lYdel3%2BDJhhtmohHn0aTzH%2FjG0iIxr3BKbdn5CrzhCD3qso%2FzzRsy6c9eE12phe4PDpmmR8KqIT0BTPTuzyPn48H2q1jmFZiJYMSkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8790e8c41f0a946c-LHR
icon.svg
distrib.install-extension.com/images/promo-images/salmon/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://distrib.install-extension.com/images/promo-images/salmon/icon.svg
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/_next/static/css/cc418b0c6bf1a331.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/_next/static/css/cc418b0c6bf1a331.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:20 GMT
server
cloudflare
etag
W/"c75-18f07fef4ba"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oBa9qLyg0DKeQ68DLVz%2B%2FBMCVAYx%2BUyrwST4fcS4xr8HVu%2BBXmU0W35NkdIQNy4bkcwRWdIw5aUXmcDzcfvLSuYLi5Fg9RIueQjVNXfZYXwsvTxsLvCZRHoTLWAPBMuOnPBSJ1Dx7lCj4M5uVHbSMg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8790e8c49f93946c-LHR
available-in-chrome.svg
distrib.install-extension.com/images/browser-icons/ 		21 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://distrib.install-extension.com/images/browser-icons/available-in-chrome.svg
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/_next/static/css/6624b28ad7c81098.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/_next/static/css/6624b28ad7c81098.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:20 GMT
server
cloudflare
etag
W/"5287-18f07fef496"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NuoBcz9D%2FmaBRzPjKhFm2EeOrtInqXG%2F00wkA5JnWH0cRL8EbrJClJ08d8uTmpAyJLgS3ZD45ZwLMTJ5r45eISJFlDU5mHd%2FzEGh8TMgSebAVnnQFQYZ%2F9yjxA7utAgprupzU%2BNA%2FhJZVyJhuGH2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8790e8c49f94946c-LHR
click
track.installing-adblocker.com/ 		0
0
big-icon.svg
distrib.install-extension.com/images/promo-images/salmon/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://distrib.install-extension.com/images/promo-images/salmon/big-icon.svg
Requested by
Host: distrib.install-extension.com
URL: https://distrib.install-extension.com/_next/static/css/cc418b0c6bf1a331.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c63888d81f8a68cd75b14ace069944be39bf1c1d71d79d751410e7d77fa096fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/_next/static/css/cc418b0c6bf1a331.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:20 GMT
server
cloudflare
etag
W/"c5a-18f07fef4ba"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lI7NUXdm6IvRbLAt0ijmZs1g3XMiEiRpnhg87ksVTDSNsj3Ix2CyEpEsaPaGDGwNhicYRhqKznGvgNlsArm82Z9tIgrITh0DI35add7qEjCQULJ08jT9AP199rSz8s0m4J%2FeC8jl8KWLA1q3bUAYBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8790e8c61985946c-LHR
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je44h0v9138996702za200&_p=1713907349110&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2044603945.1713907349&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713907349&sct=1&seg=0&dl=https%3A%2F%2Fdistrib.install-extension.com%2F%3Fextension%3Dessential_adblocker%26promo%3Dsalmon%26clk_domain%3Dtrack.installing-adblocker.com%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D32%26src%3D6118780%26cid%3Dcok2d532r96s73apa660%26lpkey%3D17139895536478a4c8be14fa07ec1b30d04db07648%26isV2%3Dtrue&dt=Essential%20AdBlocker&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=990
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 21:22:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://distrib.install-extension.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
distrib.install-extension.com/images/extension-icons/essential-adblocker/ 		91 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://distrib.install-extension.com/images/extension-icons/essential-adblocker/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f300937eec8702b8c9b49ac23d8eba8bd28335093ac5c9d731ac963f50fbef4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 21:22:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Apr 2024 22:48:20 GMT
server
cloudflare
etag
W/"16b86-18f07fef49e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/x-icon
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTMSpkxeKgjbuX%2FkBf95lq4IZm10yNwYp%2BgNdif7QtoSrVZDsjeu4tjw0Yuqyh4H39r8k%2FYbOR7%2F8FQMluSYiD7yngVZidlMYoG6ird6n6WHKvu7X%2FxM%2Fa8DrSfgKeWQT16iTaY8ZRJSEyfvMWmObw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8790e8c68a12946c-LHR

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
track.installing-adblocker.com
URL
https://track.installing-adblocker.com/click?upd_clickid=cok2d532r96s73apa660&add_event6=1

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| a38b function| a38a object| webpackChunk_N_E function| a14b function| a14a function| a37b function| a37a function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| a1b function| a1a function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_tag_manager object| google_tag_data object| gaGlobal

19 Cookies

Domain/Path Name / Value
ak.uplatiason.com/ Name: OAID
Value: 00804755973d45c5e57f61e7ff84c506
ak.uplatiason.com/ Name: oaidts
Value: 1713907347
my.rtmark.net/ Name: ID
Value: 00804755973d45c5e57f61e7ff84c506
ak.uplatiason.com/ Name: syncedCookie
Value: true
track.installing-adblocker.com/ Name: uclick
Value: yu+CklhUaIg11eGgYGCYttqdsG6bHDKlxtUYsG8oOA+fHNYSBru8sO21xPcmJeBP6s0E2DA=
track.installing-adblocker.com/ Name: bcid
Value: cok2d532r96s73apa660
track.installing-adblocker.com/ Name: cid
Value: cok2d532r96s73apa660
.install-extension.com/ Name: extension
Value: essential_adblocker
.install-extension.com/ Name: promo
Value: salmon
.install-extension.com/ Name: clk_domain
Value: track.installing-adblocker.com
.install-extension.com/ Name: flow
Value: binom
.install-extension.com/ Name: campaignId
Value: 10557
.install-extension.com/ Name: trafficsource
Value: 32
.install-extension.com/ Name: src
Value: 6118780
.install-extension.com/ Name: cid
Value: cok2d532r96s73apa660
.install-extension.com/ Name: lpkey
Value: 17139895536478a4c8be14fa07ec1b30d04db07648
.install-extension.com/ Name: isV2
Value: true
.install-extension.com/ Name: _ga_D9B6K7HFTW
Value: GS1.1.1713907349.1.0.1713907349.0.0.0
.install-extension.com/ Name: _ga
Value: GA1.1.2044603945.1713907349

3 Console Messages

Source Level URL
Text
other warning URL: https://ak.uplatiason.com/4/6851943/0.036758660828912326
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://distrib.install-extension.com/?extension=essential_adblocker&promo=salmon&clk_domain=track.installing-adblocker.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cok2d532r96s73apa660&lpkey=17139895536478a4c8be14fa07ec1b30d04db07648&isV2=true
Message:
Access to XMLHttpRequest at 'https://track.installing-adblocker.com/click?upd_clickid=cok2d532r96s73apa660&add_event6=1' from origin 'https://distrib.install-extension.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://track.installing-adblocker.com/click?upd_clickid=cok2d532r96s73apa660&add_event6=1
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.uplatiason.com
datatechone.com
distrib.install-extension.com
my.rtmark.net
region1.google-analytics.com
track.installing-adblocker.com
www.googletagmanager.com
track.installing-adblocker.com
104.77.118.56
139.45.195.8
188.114.97.9
2001:4860:4802:34::36
2a00:1450:4001:80b::2008
37.48.68.71
52.58.28.63
17999fa896b4106cc0b56e6b9ea0a79048e99cbef1cc2399129b4cffa2a266d5
1c93bdc96efec15f9a1051266985bfac2a37faaa1e75a538f882cf9271969385
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3c2ec4de25123303884f23f7c770fb0ad852ff038652c444f3f8c43f249c5869
3dc6e1f83b087e59a2015e8cd2f7765ffd67a354c98b5a4d0dbbd8df8eaac610
44194db98e4976a20d8e2c04f37f017a6705cca8b762db693200248f06ed9204
448e4cf97daf625ff9916c449afd9ae2f62bfdb221f4ab247c076f82ec9aa2c1
46d26b72ae2b2b742ccff82bc2bce009f75ad9037d6541dcc3c695ea04ad533d
4c0f1cd9d408ad5481760a5be3853d4520ec11c88f97af839c6e8f2a69342c7b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
612bc0bfe939c01266249da83fc090b6a12b06121ecb9003e0b972b5919ff348
66f54c1926e1eca808c1abc58816273ecdca9912b60fff5abeec257a3dd58226
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
706dcd9e8820e2c74dfda381e8970328e60b78410febb2665f8ad350bb8c6306
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
7f300937eec8702b8c9b49ac23d8eba8bd28335093ac5c9d731ac963f50fbef4
8419169d6696b6922a2a708ea0df14b79741fb209b1a4eedc62c6b3cf61cf821
8dddad0c7c60e631ad5933f20d92537a63b856ddc4bc0de6c94bc74ed370672c
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
a1dac2ae7890611de9109085164f050111ecabffb600b373b4fbd21cbded69f6
c63888d81f8a68cd75b14ace069944be39bf1c1d71d79d751410e7d77fa096fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa