urlscan.io logo urlscan.io
SecurityTrails logo

windows-ad-blocker.com Open in urlscan Pro
2606:4700:3030::ac43:d9f6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://2cdd.aqgjhj.wy5532.com/
Effective URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campai...
Submission: On December 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 12 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3030::ac43:d9f6, located in United States and belongs to CLOUDFLARENET, US. The main domain is windows-ad-blocker.com.
TLS certificate: Issued by E1 on October 24th 2023. Valid for: 3 months.
This is the only time windows-ad-blocker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    172.93.103.101 (Piscataway, United States)

ASN23470 (RELIABLESITE, US)
2cdd.aqgjhj.wy5532.com
2    192.99.158.241 (Canada)

ASN16276 (OVH, FR)
PTR: ip241.ip-192-99-158.net
btdnav.com
1    142.93.240.225 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
www.toromclick.com
2    139.45.195.6 (United Kingdom)

ASN9002 (RETN-AS, GB)
stainsat.net
1    2600:1f18:43d1:2a02:b6ee:327b:545e:e578 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
go.rdrm1.click
1    139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)
femsoahe.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    2606:4700:3032::6815:7c7 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-blocking24.net
14    2606:4700:3030::ac43:d9f6 (United States)

ASN13335 (CLOUDFLARENET, US)
windows-ad-blocker.com
1    2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2209:4e00:12:b121:9c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
euob.thatmonkeybites3.com
4    2a05:d018:56f:b800:f42c:e894:1fb0:3740 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obseu.thatmonkeybites3.com
1    2607:f8b0:4006:80d::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
14 windows-ad-blocker.com
windows-ad-blocker.com
194 KB
5 thatmonkeybites3.com
euob.thatmonkeybites3.com — Cisco Umbrella Rank: 177165
obseu.thatmonkeybites3.com — Cisco Umbrella Rank: 186138
39 KB
2 ad-blocking24.net
ad-blocking24.net — Cisco Umbrella Rank: 125446
1 KB
2 stainsat.net
stainsat.net — Cisco Umbrella Rank: 142699
7 KB
2 btdnav.com
btdnav.com
7 KB
2 wy5532.com
2cdd.aqgjhj.wy5532.com
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
259 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
82 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12331
504 B
1 femsoahe.com
femsoahe.com — Cisco Umbrella Rank: 899249
2 KB
1 rdrm1.click
go.rdrm1.click
915 B
1 toromclick.com
www.toromclick.com — Cisco Umbrella Rank: 115246
433 B
29 12
Domain Requested by
14 windows-ad-blocker.com femsoahe.com
windows-ad-blocker.com
4 obseu.thatmonkeybites3.com euob.thatmonkeybites3.com
windows-ad-blocker.com
2 ad-blocking24.net 1 redirects windows-ad-blocker.com
2 stainsat.net 1 redirects
2 btdnav.com 1 redirects 2cdd.aqgjhj.wy5532.com
2 2cdd.aqgjhj.wy5532.com 1 redirects
1 www.google-analytics.com www.googletagmanager.com
1 euob.thatmonkeybites3.com windows-ad-blocker.com
1 www.googletagmanager.com windows-ad-blocker.com
1 my.rtmark.net femsoahe.com
1 femsoahe.com
1 go.rdrm1.click 1 redirects
1 www.toromclick.com 1 redirects
29 13

This site contains no links.

Subject Issuer Validity Valid
wy5532.com
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
femsoahe.com
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
rtmark.net
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
windows-ad-blocker.com
E1		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.thatmonkeybites3.com
Amazon RSA 2048 M01		 2023-07-18 -
2024-08-15		 a year crt.sh
ad-blocking24.net
E1		 2023-11-05 -
2024-02-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Frame ID: 51B079D7EE180D1ACCC7D30A5D617F2E
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Adblock Ultimate

Page URL History Show full URLs

  1. https://2cdd.aqgjhj.wy5532.com/ Page URL
  2. https://2cdd.aqgjhj.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MT... HTTP 302
    http://btdnav.com/click?data=cnN4WDVCRU4zcGNFbFAyNW9ER1NkRHAwdlowc3BBb3BwMnJsUS13Q2E0NzFFR0plV... Page URL
  3. http://btdnav.com/Redirect/ HTTP 302
    http://www.toromclick.com/feed/click/?t1=128&tid=753&uid=191&subid=wy5532.com&id=05e25ce60cdffda6f4c6c... HTTP 302
    http://stainsat.net/api/submit_form_request?p=7109dd2d-4b25-41c6-8d8b-562d23a200cd&ts=1702266720... Page URL
  4. http://stainsat.net/api/win_request?ad_scheme=1&p=7109dd2d-4b25-41c6-8d8b-562d23a200cd&hil=2&ng=... HTTP 301
    https://go.rdrm1.click/go/84f9cca4-b3bb-4adf-b2d7-3a0e1ab29447?cost=0.000090&clickid=75792416937083... HTTP 302
    https://femsoahe.com/4/5423637?ymid=MGbWqCayNFid7x9QkKU2XW&var=6304608 Page URL
  5. https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=757924169743868122&cost=0.00... HTTP 302
    https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.n... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

83 %
HTTPS

54 %
IPv6

12
Domains

13
Subdomains

12
IPs

4
Countries

332 kB
Transfer

872 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://2cdd.aqgjhj.wy5532.com/ Page URL
  2. https://2cdd.aqgjhj.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwMjI3MzkyMCwiaWF0IjoxNzAyMjY2NzIwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydWZxbDQwdjd0MTQ1NjlvMnMzN2pxazMiLCJuYmYiOjE3MDIyNjY3MjAsInRzIjoxNzAyMjY2NzIwMTQ1NTYyfQ.Hn0Cve6V1EtqYBMeaZbGtGb7_eCREMyBatnghOLQUy8&sid=a32d4a13-97d8-11ee-8193-cb54a14a593b HTTP 302
    http://btdnav.com/click?data=cnN4WDVCRU4zcGNFbFAyNW9ER1NkRHAwdlowc3BBb3BwMnJsUS13Q2E0NzFFR0plVDk3SGJnRTVBMkZ1RGZFTkFhSEFzR3NiRjBsVE9nVE9idlA2RnhSVVF4QzcwVFI5Um1yUXdSd3BXMjVqeC14YkFFbVIyTmk3bWdfdTZwbktRY3FFdmE3V3BHend1RE4zb1ktNFFnMg2&id=934142ea-605f-4143-b22f-747635731586 Page URL
  3. http://btdnav.com/Redirect/ HTTP 302
    http://www.toromclick.com/feed/click/?t1=128&tid=753&uid=191&subid=wy5532.com&id=05e25ce60cdffda6f4c6c97a98542be4:c967ce7812250b97f0ad2dafb4082fe305aa2604041d73f01ca2fc9af7bc9fcc67ae10a7fcb5d41e11b6efcfbeed1a1704fd4c9abe822dc7e77c5d530fdfbd09f9b4bf0f51b03e52e0d91eed9b5c6adb59ed08909504b343ef313da47f38c5a357e0d7378fa24f6b5166665d9816d94c2024a9d1ac8a3e7c7bf28b47242a52520d8839e6e75d5dbbebf655fb6d45056cf60e6c492f0b3dddf445f557efecb230cfab6302a4ba35b1043c411cf592e3eedc5a6723011d8382e28cd282973f01823230ddb516a2eebeea80b99757ba13dd229ba38988e1644f5825a9748e63cff9c0086930b4111eb7fd76791f1879ebd380c0d703d6fe602e08d1948c8f1af4030a3c5468fcceb1c9fcbaf745de6825bc28fc6c41dd6ae4b8debc48069f4491924b8ab2bfd5a30bb6bb0f62495f41764db85d6ba8bf0afacece38443f399e74a67a318f978a9f5a2c587d6798cb31c944182d81875706fee8005b1143db62ac5d7aa173abdd1ce2163d28c98029a1ca285fcd6f509c5b80349182388a39d9a4bac1c5a31b88fe6e4c20a9197093561ee3 HTTP 302
    http://stainsat.net/api/submit_form_request?p=7109dd2d-4b25-41c6-8d8b-562d23a200cd&ts=1702266720&z=6304608 Page URL
  4. http://stainsat.net/api/win_request?ad_scheme=1&p=7109dd2d-4b25-41c6-8d8b-562d23a200cd&hil=2&ng=1&ix=0&pt=0&np=1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fstainsat.net%2Fapi%2Fsubmit_form_request%3Fp%3D7109dd2d-4b25-41c6-8d8b-562d23a200cd%26ts%3D1702266720%26z%3D6304608&wy=-1&wx=-1&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&navlng=en-US&rf=http%3A%2F%2Fbtdnav.com%2F&wgl=Intel+Iris+OpenGL+Engine HTTP 301
    https://go.rdrm1.click/go/84f9cca4-b3bb-4adf-b2d7-3a0e1ab29447?cost=0.000090&clickid=757924169370832896&zoneid=6304608&campaignid=7475734&bannerid=19105260&country=US&user_activity={user_activity}&zone_type={zone_type}&carrier=%3F&subzone_id={subzone_id} HTTP 302
    https://femsoahe.com/4/5423637?ymid=MGbWqCayNFid7x9QkKU2XW&var=6304608 Page URL
  5. https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=757924169743868122&cost=0.000120&zoneid=5423637&campaignid=7443739&bannerid=19029167&subzoneid=0 HTTP 302
    https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://2cdd.aqgjhj.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwMjI3MzkyMCwiaWF0IjoxNzAyMjY2NzIwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydWZxbDQwdjd0MTQ1NjlvMnMzN2pxazMiLCJuYmYiOjE3MDIyNjY3MjAsInRzIjoxNzAyMjY2NzIwMTQ1NTYyfQ.Hn0Cve6V1EtqYBMeaZbGtGb7_eCREMyBatnghOLQUy8&sid=a32d4a13-97d8-11ee-8193-cb54a14a593b HTTP 302
  • http://btdnav.com/click?data=cnN4WDVCRU4zcGNFbFAyNW9ER1NkRHAwdlowc3BBb3BwMnJsUS13Q2E0NzFFR0plVDk3SGJnRTVBMkZ1RGZFTkFhSEFzR3NiRjBsVE9nVE9idlA2RnhSVVF4QzcwVFI5Um1yUXdSd3BXMjVqeC14YkFFbVIyTmk3bWdfdTZwbktRY3FFdmE3V3BHend1RE4zb1ktNFFnMg2&id=934142ea-605f-4143-b22f-747635731586
Request Chain 2
  • http://btdnav.com/Redirect/ HTTP 302
  • http://www.toromclick.com/feed/click/?t1=128&tid=753&uid=191&subid=wy5532.com&id=05e25ce60cdffda6f4c6c97a98542be4:c967ce7812250b97f0ad2dafb4082fe305aa2604041d73f01ca2fc9af7bc9fcc67ae10a7fcb5d41e11b6efcfbeed1a1704fd4c9abe822dc7e77c5d530fdfbd09f9b4bf0f51b03e52e0d91eed9b5c6adb59ed08909504b343ef313da47f38c5a357e0d7378fa24f6b5166665d9816d94c2024a9d1ac8a3e7c7bf28b47242a52520d8839e6e75d5dbbebf655fb6d45056cf60e6c492f0b3dddf445f557efecb230cfab6302a4ba35b1043c411cf592e3eedc5a6723011d8382e28cd282973f01823230ddb516a2eebeea80b99757ba13dd229ba38988e1644f5825a9748e63cff9c0086930b4111eb7fd76791f1879ebd380c0d703d6fe602e08d1948c8f1af4030a3c5468fcceb1c9fcbaf745de6825bc28fc6c41dd6ae4b8debc48069f4491924b8ab2bfd5a30bb6bb0f62495f41764db85d6ba8bf0afacece38443f399e74a67a318f978a9f5a2c587d6798cb31c944182d81875706fee8005b1143db62ac5d7aa173abdd1ce2163d28c98029a1ca285fcd6f509c5b80349182388a39d9a4bac1c5a31b88fe6e4c20a9197093561ee3 HTTP 302
  • http://stainsat.net/api/submit_form_request?p=7109dd2d-4b25-41c6-8d8b-562d23a200cd&ts=1702266720&z=6304608
Request Chain 3
  • http://stainsat.net/api/win_request?ad_scheme=1&p=7109dd2d-4b25-41c6-8d8b-562d23a200cd&hil=2&ng=1&ix=0&pt=0&np=1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fstainsat.net%2Fapi%2Fsubmit_form_request%3Fp%3D7109dd2d-4b25-41c6-8d8b-562d23a200cd%26ts%3D1702266720%26z%3D6304608&wy=-1&wx=-1&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&navlng=en-US&rf=http%3A%2F%2Fbtdnav.com%2F&wgl=Intel+Iris+OpenGL+Engine HTTP 301
  • https://go.rdrm1.click/go/84f9cca4-b3bb-4adf-b2d7-3a0e1ab29447?cost=0.000090&clickid=757924169370832896&zoneid=6304608&campaignid=7475734&bannerid=19105260&country=US&user_activity={user_activity}&zone_type={zone_type}&carrier=%3F&subzone_id={subzone_id} HTTP 302
  • https://femsoahe.com/4/5423637?ymid=MGbWqCayNFid7x9QkKU2XW&var=6304608

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
2cdd.aqgjhj.wy5532.com/ 		484 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2cdd.aqgjhj.wy5532.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.93.103.101 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Cowboy /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control
max-age=0, private, must-revalidate
content-length
484
content-type
text/html; charset=utf-8
date
Mon, 11 Dec 2023 03:51:59 GMT
server
Cowboy
click
btdnav.com/
Redirect Chain
  • https://2cdd.aqgjhj.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwMjI3MzkyMCwiaWF0IjoxNzAyMjY2NzIwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydWZxbDQwdjd0MTQ1...
  • http://btdnav.com/click?data=cnN4WDVCRU4zcGNFbFAyNW9ER1NkRHAwdlowc3BBb3BwMnJsUS13Q2E0NzFFR0plVDk3SGJnRTVBMkZ1RGZFTkFhSEFzR3NiRjBsVE9nVE9idlA2RnhSVVF4QzcwVFI5Um1yUXdSd3BXMjVqeC14YkFFbVIyTmk3bWdfdTZw...
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://btdnav.com/click?data=cnN4WDVCRU4zcGNFbFAyNW9ER1NkRHAwdlowc3BBb3BwMnJsUS13Q2E0NzFFR0plVDk3SGJnRTVBMkZ1RGZFTkFhSEFzR3NiRjBsVE9nVE9idlA2RnhSVVF4QzcwVFI5Um1yUXdSd3BXMjVqeC14YkFFbVIyTmk3bWdfdTZwbktRY3FFdmE3V3BHend1RE4zb1ktNFFnMg2&id=934142ea-605f-4143-b22f-747635731586
Requested by
Host: 2cdd.aqgjhj.wy5532.com
URL: https://2cdd.aqgjhj.wy5532.com/
Protocol
HTTP/1.1
Server
192.99.158.241 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip241.ip-192-99-158.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://2cdd.aqgjhj.wy5532.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
5412
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Dec 2023 03:49:26 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
11
date
Mon, 11 Dec 2023 03:52:00 GMT
location
http://btdnav.com/click?data=cnN4WDVCRU4zcGNFbFAyNW9ER1NkRHAwdlowc3BBb3BwMnJsUS13Q2E0NzFFR0plVDk3SGJnRTVBMkZ1RGZFTkFhSEFzR3NiRjBsVE9nVE9idlA2RnhSVVF4QzcwVFI5Um1yUXdSd3BXMjVqeC14YkFFbVIyTmk3bWdfdTZwbktRY3FFdmE3V3BHend1RE4zb1ktNFFnMg2&id=934142ea-605f-4143-b22f-747635731586
server
Cowboy
submit_form_request
stainsat.net/api/
Redirect Chain
  • http://btdnav.com/Redirect/
  • http://www.toromclick.com/feed/click/?t1=128&tid=753&uid=191&subid=wy5532.com&id=05e25ce60cdffda6f4c6c97a98542be4:c967ce7812250b97f0ad2dafb4082fe305aa2604041d73f01ca2fc9af7bc9fcc67ae10a7fcb5d41e11b...
  • http://stainsat.net/api/submit_form_request?p=7109dd2d-4b25-41c6-8d8b-562d23a200cd&ts=1702266720&z=6304608
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://stainsat.net/api/submit_form_request?p=7109dd2d-4b25-41c6-8d8b-562d23a200cd&ts=1702266720&z=6304608
Protocol
HTTP/1.1
Server
139.45.195.6 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://btdnav.com
Referer
http://btdnav.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
6821
Content-Type
text/html; charset=utf8
Date
Mon, 11 Dec 2023 03:52:01 GMT
Server
nginx
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
272
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Dec 2023 03:52:01 GMT
Expires
0
Keep-Alive
timeout=5
Location
http://stainsat.net/api/submit_form_request?p=7109dd2d-4b25-41c6-8d8b-562d23a200cd&ts=1702266720&z=6304608
Surrogate-Control
no-store
Vary
Accept
X-Powered-By
Express
5423637
femsoahe.com/4/
Redirect Chain
  • http://stainsat.net/api/win_request?ad_scheme=1&p=7109dd2d-4b25-41c6-8d8b-562d23a200cd&hil=2&ng=1&ix=0&pt=0&np=1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fstainsat.net%2Fapi%2Fsubmit_form_request%3...
  • https://go.rdrm1.click/go/84f9cca4-b3bb-4adf-b2d7-3a0e1ab29447?cost=0.000090&clickid=757924169370832896&zoneid=6304608&campaignid=7475734&bannerid=19105260&country=US&user_activity={user_activity}&...
  • https://femsoahe.com/4/5423637?ymid=MGbWqCayNFid7x9QkKU2XW&var=6304608
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://femsoahe.com/4/5423637?ymid=MGbWqCayNFid7x9QkKU2XW&var=6304608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://stainsat.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Mon, 11 Dec 2023 03:52:02 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://ad-blocking24.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
95ef2b0299c97797701eccd1223271a8

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin
*
cache-control
no-cache
content-length
192
content-type
text/html; charset=utf-8
date
Mon, 11 Dec 2023 03:52:01 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://femsoahe.com/4/5423637?ymid=MGbWqCayNFid7x9QkKU2XW&var=6304608
server
openresty
vary
Accept
x-response-time
8.310ms
img.gif
my.rtmark.net/ 		43 B
504 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=cfeb841b2461417488717218939f2309
Requested by
Host: femsoahe.com
URL: https://femsoahe.com/4/5423637?ymid=MGbWqCayNFid7x9QkKU2XW&var=6304608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:02 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://femsoahe.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
Primary Request /
windows-ad-blocker.com/
Redirect Chain
  • https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=757924169743868122&cost=0.000120&zoneid=5423637&campaignid=7443739&bannerid=19029167&subzoneid=0
  • https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=17...
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Requested by
Host: femsoahe.com
URL: https://femsoahe.com/4/5423637?ymid=MGbWqCayNFid7x9QkKU2XW&var=6304608
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
ad8c66eef4f5bb364f1a01a0845c46265fcdde0daf5be3fc1fcdb7d381785c27
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://femsoahe.com/partitial/5578752/?var=5423637&ab2r=0&prfrev=false&rhd=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
833ac5ca68298c6f-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 11 Dec 2023 03:52:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqVwuAiYFQ0EuA60xwA1W%2FJOUBGdXJ8MS5dOrsX0%2F1Cp7FbUv9mp1ygsU73Ln5aXgAbqGMphe7K7%2Fy0vUsDH27CjuH9U%2B3FOSEOiT%2FfOHF%2FzQ0bzChD%2BYDrVSdhY9aKbkNvU8lPSK9iNWO6rszdOXH5mXzc0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Next.js

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
833ac5c7da6072bc-EWR
content-type
text/html; charset=UTF-8
date
Mon, 11 Dec 2023 03:52:02 GMT
location
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGIu6uIH7%2F6h4lTtmHMBXbuNbSiyQJYlOXNtY3NxtRZPSO9R6gVgP5JggzUZKY06zmRNu8c6C5frfWzl8VDpIUltX9xyYBpN4boZBUnK5KJJc5nkHBHejNq%2FwDltkkSRRT%2F4dq%2B3QdPdcqMiVjNnzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js
www.googletagmanager.com/gtag/ 		235 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
061b465f486f05a2b9449c7c4c72bd3887419a33dcbd5f058f04e892310708ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83990
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 11 Dec 2023 03:52:03 GMT
8c3dd651469c9787e366b6d88eb7fa51.js
euob.thatmonkeybites3.com/sxp/i/ 		100 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:4e00:12:b121:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
bb78d54ae56a50e8f444358105d2b5799afd2232dedce7c61f3f7f84fa728a3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 02:51:01 GMT
content-encoding
gzip
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
EWR53-P1
age
3662
etag
"18e67-C2H+Ndn3d7vNwbeY1CRVaRHqO54"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
37263
x-amz-cf-id
TqMftele9yYFxXJUMqhfgJs9JubKbhGlYXkN0NjuK6NxBltplvYI_A==
expires
Mon, 11 Dec 2023 14:51:01 GMT
c879c4b6ff58f45e.css
windows-ad-blocker.com/_next/static/css/ 		38 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/css/c879c4b6ff58f45e.css
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a72a4416ab7ea2d4cf58e920dd3575742c779d18ce1bde99f8dbfcfa4b73f3bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
305741
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"98b9-18c44c6923e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rm1hYPfEsL2goaNrW8ksi24tBAqksvtZajB5JxFnq9uabygEmiA9Q3ZzHXaBDiMuCux3y8UUx0k%2F24NclV58JVggnQa7bVG4sQansiQqRklqs1hpyoURufQcQPQQ6K8Ulj9%2Fan4K5UjIn23xshXZHZ0ItQ4g"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
833ac5cb99978c6f-EWR
a85a315e20706270.css
windows-ad-blocker.com/_next/static/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a09e57f0c6c676e88d3ee2bec7cc52863854fc8029270852cfcbe5d55278a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930925
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"42a0-18c153dad9f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ka%2FoOLn79V5ClD7StqzTMXunDTcl3%2FEPxbiW4uoJnYfUuBNPged8OWrL1D8Ts8boFFlMC7QO3VIbYAuePuEc%2FZHEqzEBEUxc6h9eUIOg4Fa6Q3acbxoL2eQPD720jc2AFpBU32st9JUuprgK0MY1wZYH3Sf8"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
833ac5cba9ad8c6f-EWR
928-b002b5bdc2ecfb3e.js
windows-ad-blocker.com/_next/static/chunks/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/928-b002b5bdc2ecfb3e.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b78b743f668adfa0c2dad4df5f96e5db8d9740499540df1bd7a804b8a4db829
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930925
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"e0e3-18c153dada3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVDSPnXcenVmp9BNH1OW9OFt8wqXjO69M2zFr%2BxGzpkazRcVhNA%2F53jZjZUJmDGlpyPYvrWyafaujYk%2BtaAy%2B3Vl8ms%2BvH9llWw3dZc%2Bk7Q7XkwiXd1uXKfdS1SX2ii9WmIsYC74khGn%2FMY8Cx65S5emx%2BF4"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
833ac5cba9af8c6f-EWR
2.944cae28dafd6244.js
windows-ad-blocker.com/_next/static/chunks/ 		69 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/2.944cae28dafd6244.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a40498f2332ad081b1a5ad52455487c1db238fa9bb44275fd875ede527909814
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
853982
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 16:10:06 GMT
server
cloudflare
etag
W/"114b7-18c20fe9c1d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cba589069D678YQ9IeSKgRJ8iIEY74DnxeoCBI6y6%2Bk7UuNj6HBkmkYDliLNA64bzb%2FFiVzil8Y%2B7s2H2fQPz4vAJ4yRcMX04n0JcRcAH9hkOggv0XgQzd8G%2BSjmFqSJ7uz9sFChgJjBDk3QlAz0LSj8aD6%2B"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
833ac5cba9b08c6f-EWR
webpack-da099db999a5dd31.js
windows-ad-blocker.com/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/webpack-da099db999a5dd31.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17e6f1da31e1a591bc82ad05c1e16dfb26c58aed8af1df4925d80564a60f8359
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
305740
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"162d-18c44c6923a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqHxH05In%2BhGkFvnyeueRmVng%2BVLK7P%2BfiiD%2FqxR%2Ff8B3fulbumb2JfoakFstx8U6rryddSQp0YheExzRTFotjfgey5H1FR8VuOHJyekEDyx5x0Q2dIeq4hd5F%2F1xwy4Q%2FXXMQXnDEXV9z64wp8o%2BRfzWmbS"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
833ac5cba9b28c6f-EWR
framework-2c79e2a64abdb08b.js
windows-ad-blocker.com/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/framework-2c79e2a64abdb08b.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930925
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"226fc-18c153dada3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzhFwO3YNrSlWyJokfyI5QTnYPNKrLTE5ltwRFpheXfVPPsALNKVoNxd0OUQKBkU%2Ft2AH%2BKZueMBd2zhWRVtgyctnUu0p4MUOCsOx6Hp4HN9A32odedbO075Sl5eBokr8%2BCDvUDabEJikFdtKtENASslYu0m"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
833ac5cba9b58c6f-EWR
main-a0dca5a2ff5035f1.js
windows-ad-blocker.com/_next/static/chunks/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/main-a0dca5a2ff5035f1.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3b7c9705ecbf8632f614da7fa876ed266ce03e7ee3dc21a2cb6c32bd64e0c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930925
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"15cfe-18c153dada3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FY70QkstfuBWEMJwvT3AhHBcn0pLglfk%2B30ti7b5QTfl4y5IyiWGVyyvfCWLCXpVjVA7BjNOCsURyt55sMHOfCzEtjq2SKx2rsZhSQzTGZJGLpVyBINGJ3yVxZQ4jdoXan4ShKMJnG5g9%2Fth%2BXXeuYKPopyd"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
833ac5cba9b68c6f-EWR
_app-c624ed1cd7465c06.js
windows-ad-blocker.com/_next/static/chunks/pages/ 		65 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/pages/_app-c624ed1cd7465c06.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65b43dd6c779cd6456b05b135399b22acc72cb50f75dd64f9b657db5c5f568ab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
305740
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"1032b-18c44c6923a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bf4OfQzAdXZ5gvMEBupTX7KTS7c4Bja7VBhTbeUx%2FGWfYESMFEz1r8LNMDxxeqTr1nrSGpQagb4V4EM7IRVfjv0bvowwGo1K%2FyyBIzchsT%2Bi5fDp6eV7gXku0moKElP0I2IGKEH4LtOh%2FRikZEjCETIUKP0j"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
833ac5cba9ba8c6f-EWR
index-38eb391d7d485452.js
windows-ad-blocker.com/_next/static/chunks/pages/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/pages/index-38eb391d7d485452.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb8f13c3efd897cfa71a51732762b2ba618d70a42a79917ae58847375cc777a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
853960
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 16:10:06 GMT
server
cloudflare
etag
W/"2649-18c20fe9c1d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqxFFGDL4yqLGilalCTLYWhvOqLyrWzbTLljQTQCTM2iXLf3Es0NNdHZpn95%2FUx2SZC%2FGu%2FdCPOmGTL294Mz0Ca0JtC9%2F0yaNeI4rbsfaYC1zdsBdL5pDc4j2aPCcW5siNCvIzCwMuo8s6R8aHgfS1XnpNPy"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
833ac5cba9bd8c6f-EWR
_buildManifest.js
windows-ad-blocker.com/_next/static/cXSVYdc_RosEVSCK23lC_/ 		997 B
760 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/cXSVYdc_RosEVSCK23lC_/_buildManifest.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c29b59e4699b04707b785e5d41a3a961721c25ef09846d3efec7bbfe91fbf160
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
305741
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"3e5-18c44c6923e"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kz9tBQQqmUue%2FPO2xCuD%2FSurCCNcN5yNTnebYUFK7g32pJjq8bgZ4Sj44WBIcTO5AKqcvvrzUqeAI0Nrr8AJdbrq1d3cS1aavt7LYNKiwlw0FVvjWp8kN1mTDAIEWTwKj9Ie1hFEYyYpcF43omhDBvat1TKe"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
833ac5cba9be8c6f-EWR
_ssgManifest.js
windows-ad-blocker.com/_next/static/cXSVYdc_RosEVSCK23lC_/ 		77 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/cXSVYdc_RosEVSCK23lC_/_ssgManifest.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
305740
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:13 GMT
server
cloudflare
etag
W/"4d-18c44c6923e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQxr%2BEE%2FOn2qjnM%2Flb%2B1qom5kCUBZgzF%2FAVK0xu%2BKdOh5MELqq%2FdF2DC4DA1NkkNZw2TsUySHdMWuC3iFnVAYiHd03iDbF5x64cOumqhABE0NlTTCmk7Y7JgRf7oaii6cCuuxKTvlX9XtXUBw7NipZdC3XoT"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
833ac5cba9c08c6f-EWR
icon.svg
windows-ad-blocker.com/images/promo-images/salmon/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-ad-blocker.com/images/promo-images/salmon/icon.svg
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:00 GMT
server
cloudflare
etag
W/"c75-18c44c65dce"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPua1mqZtwjvVZStulRNru%2BaoqkkLIsBvNBTs8pTs0dYP7%2B9MNqOAt4q2cae6X37ysWBDqkxSAFGZNUoJS3BK6MaU6XMWMO7hRTOSsR7I%2BR7QKF1G%2B5VWVtziYexIHY%2F9u5lpAhLvjibh3GI6kXqWBwiFprg"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
833ac5cc1a468c6f-EWR
available-in-chrome.svg
windows-ad-blocker.com/images/browser-icons/ 		21 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-ad-blocker.com/images/browser-icons/available-in-chrome.svg
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/_next/static/css/c879c4b6ff58f45e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d9f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/_next/static/css/c879c4b6ff58f45e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 14:55:00 GMT
server
cloudflare
etag
W/"5287-18c44c65dae"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvjXPXu0Op7IFI5N0f33CIbP83z5DhKKgJa6Y5EmfSRtjVdO7AjHMT4oNcgPamls29MOPIuIda%2B6bb560Z%2BiYwd2K8LfiC5q8sEvszzmC%2BvVif4YHeKJICHqLWnuiqr1P2lnMPf%2BoMza%2B7L2xoQfk2HtBiZb"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
833ac5cc6aaf8c6f-EWR
cp4kl7k.php
ad-blocking24.net/ 		0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-blocking24.net/cp4kl7k.php?add_event6=1&uclick=xs152t158n
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:52:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhj9Axvo2rvcqrkmGd8E2CwBMZx5a23RlIuCDW0KBNU3UkGh9fnM7N%2FQwarJqa%2BqSJJFfMAQ9T86wSfOYtxWNE6AoUyynEPHUdcnde%2FkGJdAQU7tqABumN71pDjMNvJ3AU9wue7GX0pJQoco29TRzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
833ac5ccdf4d72bc-EWR
alt-svc
h3=":443"; ma=86400
ct
obseu.thatmonkeybites3.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/ct?id=46468&url=https%3A%2F%2Fwindows-ad-blocker.com%2F%3Fextension%3Dadblock_ultimate%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dad-blocking24.net%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D3%26src%3D5423637%26cid%3D0d45cxs152t158n3ef%26lpkey%3D1763021e2639706222%26uclick%3Dxs152t158n%26uclickhash%3Dxs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1702266723705&hl=6&op=0&ag=144935025&rand=747295970987200650115725150507510362753985512914806055625212241215205720125551702250&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDIyMDZdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjc5LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MzY5ODUxODcxMCxcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkge1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAgICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAgICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAgICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9XSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDEsMCwzLDAsMSw4MywwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwyMywxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDIsMCwwLDAsMCwyLDEsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwyLDAsMCwwLDAsMCwyMiwwLDEsMCwwLDAsMCwwLDUsMCJdLFstMSwiLSJdLFstMiwiMTcsZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwRXNSRUVUcG9WZEZWQlFRcFJjUkJGU0tJSWdpUklyMEtoSlJxcFNBdENBa1FIcEl6eWJiWHBtWnIvNS9kOTZiemN1U0FQSi9HdCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBhZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjExMjAwMDAwLFwidWpoc1wiOjEwMDAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNzAyMjY2NzIzNjExLDEwXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSwyNjEsMCwxMiwwLDAsMjI3LDE3OSwtMSwwLDgzNiw4MzYsMTE5MiwxMTkyIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDMsZmFsc2UsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMSJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsNjc3LDAsMCwwLDU2MiwwLDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlBhY2lmaWMvSG9ub2x1bHUsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjEwMCJdLFstNTQsIi0iXSxbLTU1LCIyIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUTRJQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZGNYQmtSVVUxTlNVb0RGaFpjVEZaYkYwMVJXRTFVVmxkU1hFQmJVRTFjU2dvWFdsWlVGa3BCU1JaUUZnRmFDbDFkRHd3SURROEFXZ0FPQVE1Y0NnOFBXdzlkQVFGY1d3NWZXQXdJRjFOS0F3Z0REdzhKQVEwUUZWaE5HVTBYWEVGSlZrdE5TaGtSVVUxTlNVb0RGaFpjVEZaYkYwMVJXRTFVVmxkU1hFQmJVRTFjU2dvWFdsWlVGa3BCU1JaUUZnRmFDbDFkRHd3SURROEFXZ0FPQVE9PSJdLFstNTgsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy02MCwyMjJdLFstNjEsIntcIndnc2xcIjpcIjA7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTYyLCI4MCJdLFstNjMsIjAiXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFstNjUsIi0iXSxbLTY2LCJnZW9sb2NhdGlvbixzdG9yYWdlYWNjZXNzLGdhbWVwYWQsY2hlY3QsbWlkaSxkaXNwbGF5Y2FwdHVyZSx1c2IsbG9jYWxmb250cyxwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LG90cGNyZWRlbnRpYWxzLGNodWFmb3JtZmFjdG9yLGVuY3J5cHRlZG1lZGlhLGNoc2F2ZWRhdGEsY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjaHVhd293NjQsY2hkb3dubGluayxjaHByZWZlcnNjb2xvcnNjaGVtZSxzeW5jeGhyLGNodWFtb2RlbCxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxneXJvc2NvcGUsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEsbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxjbGlwYm9hcmR3cml0ZSxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy02NywiMjUzMjMxMjg4ODozMCJdLFsiZGRiIiwiMCwxNywwLDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwyLDEsMCwxLDAsMCwwLDEsNSwzNCwwLDIsMCwxLDAsMCwwLDAsMCwwLDAsNiwxLDAsOCwxLDAsMCwwLDAsMCwzMCJdLFsiYm5jaCIsMjY0XSxbImFibmNoIiwyNjVdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=ZVdLdVLn7D&pto=1286&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1702266723.Ztnhle1Qo4PM0x2u&suid=1.1702266723.SH4zPfbLPXJ4FhlH&tuid=1.1702266723.eQ54elUWhF4iBQY4&fbc=-&gtm=W10%3D&it=20%2C659%2C322&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b8f92a040d3684be0caacfb61a28c8b01425053f6a83de5fb2e5e36d57e02f9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Mon, 11 Dec 2023 03:52:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1517
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je3bt0v9138996702&_p=1702266723088&gcd=11l1l1l1l1&dma=0&cid=1060076661.1702266724&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702266723&sct=1&seg=0&dl=https%3A%2F%2Fwindows-ad-blocker.com%2F%3Fextension%3Dadblock_ultimate%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dad-blocking24.net%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D3%26src%3D5423637%26cid%3D0d45cxs152t158n3ef%26lpkey%3D1763021e2639706222%26uclick%3Dxs152t158n%26uclickhash%3Dxs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857&dt=Adblock%20Ultimate&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1352
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Dec 2023 03:52:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://windows-ad-blocker.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tc_imp.gif
obseu.thatmonkeybites3.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obseu.thatmonkeybites3.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aecc533ec4088999225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a17896b2f17071a10acf9f29f671dd78689042e6a1afe70260c843dd736c3066200769504565733550c93b63f4b77be26bb25cb43e2913df05265ac052d791bda02e44ef496d6d63cbb2807ff7ecaa8556d8e0e3143714493d6036df460b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7948677a0dbde53e2489b592e019cbecbf7af2b95dfe57594351ccdeb8b795904fd7367fb954562e8dcf370dd55ff14e1811fc14fc9cb7cc43d3796ca748c369283bae193fdbd4c38fc2eb6bdf2294d26f9913f82be50eb0102419457459a9788c4c7f190218729d6d1b58675ef757c24c879269bd9cc493dc6ef7fba0aea9f129571af734f4a5df121b11bd7c8ad69bfc32ad711e88283ca6480564961b95e1f56214573cbab27b54bddf18129aa9d6ef1cf2fdccde9f0708eb9ec53632edea55243cdf30d540fe1b3e23ffa65c7fc0fbebd6ee325f76fec07d915d7ad39c00c63a6ffc430666c235c6f490f42a7e29a2f9051ba404a412afeb748c9cb4158f3b88bbeb93f8aaee5f984bcaef443113fae1190ea1935d60a681ad0655e716ef72ead701acbecc1658862d533cef87094eb5694334c202500381299c8bacd792809c34b1ecd829ae3bd8210049bb2f97c93c72d66909113396bbd90dc5e7faa2fc559c007e275cf58c6901ab1ee2fa5cd898f850034bbe526608676ae88b7b90a8e3861040f95745112e4f21cd0b206c09a98c148dfd495391c5224ac21b957b85fb39d7bd363512b45266f3db40cdbc37100fb7dcab5e729cb9c159e7e61fc49296d9ba8915948f263abdf568350604413e3653e88bd897ad74569cbf64ff88a83bbf916c857473f07ee657300efcc5509e4789eaad3279dcefe124f3efe782a6319c61750e785f31e10967e6cd09f845dcad6bcd35a21b32ca6046257d0532078dccc19478bd7ffcbe4b217fd27a568d539dc8902c6f1e52a37ef8640de83bfb2c4f3d5d129438ce625528722930a9d5ee9f836a9cfcdd670ae9bd4f8fb457988fce7fe43c454e54e043657319e823324dd7beb5ad58834ab112fe06e40a474edd62321a4062f1525e1f4902fc0c942303a027584cdd7a893369712bbae30389085140b1522113d758375e1871b3f84a3a69db8deb4b0ae8b6dbba19815387c5963722a645f8c08500af6adb89572e9983627edce3aa8ce24e6fcc7da80fff25cb007d32a9f32bd96e89bd17773d5c2dfed2d2a63398dd9daa9605ec3c61e3e41f47dac22750cb118a37ec255269906538fc6eaff9fcc8cea90629357c2807a8ab9a1c728b9ddae614c9d8c9960ee74fddb835d72ce8a64dfc36541e46d5bb3155476093bac876356e5482d77&cri=ZVdLdVLn7D&ts=444&cb=1702266724149
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Mon, 11 Dec 2023 03:52:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
409638f5-ea72-4bba-b45f-1a0f49a574f2
https://windows-ad-blocker.com/ 		261 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://windows-ad-blocker.com/409638f5-ea72-4bba-b45f-1a0f49a574f2
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34d8856ef5be481933311a6bc80209be713acf72868b1fbe213c3a91f836faab

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
261
Content-Type
ed622676-a60a-4e68-b88f-63be58820af3
https://windows-ad-blocker.com/ 		529 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://windows-ad-blocker.com/ed622676-a60a-4e68-b88f-63be58820af3
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5423637&cid=0d45cxs152t158n3ef&lpkey=1763021e2639706222&uclick=xs152t158n&uclickhash=xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2329c73f2bae6bc2f770a7db74d5b837eb99bfc9b234535a8078a67ab9b4781e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
529
Content-Type
mon
obseu.thatmonkeybites3.com/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/mon
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windows-ad-blocker.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://windows-ad-blocker.com
date
Mon, 11 Dec 2023 03:52:05 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
mon
obseu.thatmonkeybites3.com/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/mon
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windows-ad-blocker.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://windows-ad-blocker.com
date
Mon, 11 Dec 2023 03:52:07 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| gtag object| dataLayer object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST function| __ctcg_ct_46468_exec object| google_tag_manager object| google_tag_data object| gaGlobal object| _cq

28 Cookies

Domain/Path Name / Value
.wy5532.com/ Name: sid
Value: a32d4a13-97d8-11ee-8193-cb54a14a593b
btdnav.com/ Name: KCTfJPaAfusdfcC
Value: KCTfJPaAfusdfcC
.go.rdrm1.click/ Name: bemob-viewer-id
Value: f8c3e540-3008-4e85-8fe7-5130dc360acb
.go.rdrm1.click/ Name: bemob-uniq-visit:84f9cca4-b3bb-4adf-b2d7-3a0e1ab29447
Value: 1
.go.rdrm1.click/ Name: bemob-rotation:84f9cca4-b3bb-4adf-b2d7-3a0e1ab29447:random:db01e0be75bfefcec69908e899e88a79
Value: 0-0-1
.go.rdrm1.click/ Name: bemob-click-id
Value: MGbWqCayNFid7x9QkKU2XW
femsoahe.com/ Name: OAID
Value: cfeb841b2461417488717218939f2309
femsoahe.com/ Name: oaidts
Value: 1702266722
ad-blocking24.net/ Name: uclick
Value: xs152t158n
ad-blocking24.net/ Name: uclickhash
Value: xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
my.rtmark.net/ Name: ID
Value: cfeb841b2461417488717218939f2309
.windows-ad-blocker.com/ Name: extension
Value: adblock_ultimate
.windows-ad-blocker.com/ Name: promo
Value: salmon
.windows-ad-blocker.com/ Name: big
Value: none
.windows-ad-blocker.com/ Name: clk_domain
Value: ad-blocking24.net
.windows-ad-blocker.com/ Name: flow
Value: binom
.windows-ad-blocker.com/ Name: campaignId
Value: 10557
.windows-ad-blocker.com/ Name: trafficsource
Value: 3
.windows-ad-blocker.com/ Name: src
Value: 5423637
.windows-ad-blocker.com/ Name: cid
Value: 0d45cxs152t158n3ef
.windows-ad-blocker.com/ Name: lpkey
Value: 1763021e2639706222
.windows-ad-blocker.com/ Name: uclick
Value: xs152t158n
.windows-ad-blocker.com/ Name: uclickhash
Value: xs152t158n-xs152t158n-8p6o-1zdz-h9yd-wf1m-wfd5-340857
.windows-ad-blocker.com/ Name: _cq_duid
Value: 1.1702266723.Ztnhle1Qo4PM0x2u
.windows-ad-blocker.com/ Name: _cq_suid
Value: 1.1702266723.SH4zPfbLPXJ4FhlH
.windows-ad-blocker.com/ Name: _ga_D9B6K7HFTW
Value: GS1.1.1702266723.1.0.1702266723.0.0.0
.windows-ad-blocker.com/ Name: _ga
Value: GA1.1.1060076661.1702266724
obseu.thatmonkeybites3.com/ Name: cg_uuid
Value: de5032e108a8368d42b5e6ff86ace8d4

1 Console Messages

Source Level URL
Text
worker verbose URL: blob:https://windows-ad-blocker.com/409638f5-ea72-4bba-b45f-1a0f49a574f2(Line 1)
Message:
Error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2cdd.aqgjhj.wy5532.com
ad-blocking24.net
btdnav.com
euob.thatmonkeybites3.com
femsoahe.com
go.rdrm1.click
my.rtmark.net
obseu.thatmonkeybites3.com
stainsat.net
windows-ad-blocker.com
www.google-analytics.com
www.googletagmanager.com
www.toromclick.com
139.45.195.6
139.45.195.8
139.45.197.243
142.93.240.225
172.93.103.101
192.99.158.241
2600:1f18:43d1:2a02:b6ee:327b:545e:e578
2600:9000:2209:4e00:12:b121:9c80:93a1
2606:4700:3030::ac43:d9f6
2606:4700:3032::6815:7c7
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80f::2008
2a05:d018:56f:b800:f42c:e894:1fb0:3740
061b465f486f05a2b9449c7c4c72bd3887419a33dcbd5f058f04e892310708ff
17e6f1da31e1a591bc82ad05c1e16dfb26c58aed8af1df4925d80564a60f8359
2329c73f2bae6bc2f770a7db74d5b837eb99bfc9b234535a8078a67ab9b4781e
34d8856ef5be481933311a6bc80209be713acf72868b1fbe213c3a91f836faab
5b3b7c9705ecbf8632f614da7fa876ed266ce03e7ee3dc21a2cb6c32bd64e0c2
65b43dd6c779cd6456b05b135399b22acc72cb50f75dd64f9b657db5c5f568ab
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b78b743f668adfa0c2dad4df5f96e5db8d9740499540df1bd7a804b8a4db829
a40498f2332ad081b1a5ad52455487c1db238fa9bb44275fd875ede527909814
a6a09e57f0c6c676e88d3ee2bec7cc52863854fc8029270852cfcbe5d55278a2
a72a4416ab7ea2d4cf58e920dd3575742c779d18ce1bde99f8dbfcfa4b73f3bf
ad8c66eef4f5bb364f1a01a0845c46265fcdde0daf5be3fc1fcdb7d381785c27
b8f92a040d3684be0caacfb61a28c8b01425053f6a83de5fb2e5e36d57e02f9d
bb78d54ae56a50e8f444358105d2b5799afd2232dedce7c61f3f7f84fa728a3f
c29b59e4699b04707b785e5d41a3a961721c25ef09846d3efec7bbfe91fbf160
cb8f13c3efd897cfa71a51732762b2ba618d70a42a79917ae58847375cc777a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7