urlscan.io logo urlscan.io
SecurityTrails logo

windows-ad-blocker.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.dinoraptzor.org/
Effective URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campai...
Submission Tags: demotag1 demotag2 Search All
Submission: On December 05 via api from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 11 domains to perform 32 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is windows-ad-blocker.com.
TLS certificate: Issued by E1 on October 24th 2023. Valid for: 3 months.
This is the only time windows-ad-blocker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 88.212.201.198 39134 (UNITEDNET)
1 2 88.212.201.204 39134 (UNITEDNET)
1 95.101.54.144 20940 (AKAMAI-ASN1)
2 139.45.195.8 9002 (RETN-AS)
1 95.101.54.210 20940 (AKAMAI-ASN1)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
14 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
4 2a05:d018:56f... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
32 13
1    2606:4700:3037::ac43:b409 (United States)

ASN13335 (CLOUDFLARENET, US)
www.dinoraptzor.org
2    2606:4700:3030::6815:5d19 (United States)

ASN13335 (CLOUDFLARENET, US)
smartlink.name
1    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
2    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
1    95.101.54.144 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-144.deploy.static.akamaitechnologies.com
ak.hetapugs.com
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    95.101.54.210 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-210.deploy.static.akamaitechnologies.com
ak.deephicy.net
2    2606:4700:3034::ac43:9c45 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-blocking24.net
14    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
windows-ad-blocker.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:223e:4e00:12:b121:9c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
euob.thatmonkeybites3.com
4    2a05:d018:56f:b800:f42c:e894:1fb0:3740 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obseu.thatmonkeybites3.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
14 windows-ad-blocker.com
windows-ad-blocker.com
195 KB
5 thatmonkeybites3.com
euob.thatmonkeybites3.com — Cisco Umbrella Rank: 177165
obseu.thatmonkeybites3.com — Cisco Umbrella Rank: 186138
39 KB
3 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 12199
2 KB
2 ad-blocking24.net
ad-blocking24.net — Cisco Umbrella Rank: 125446
1 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12331
1012 B
2 smartlink.name
smartlink.name — Cisco Umbrella Rank: 533553
2 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
250 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
83 KB
1 deephicy.net
ak.deephicy.net — Cisco Umbrella Rank: 98971
2 KB
1 hetapugs.com
ak.hetapugs.com — Cisco Umbrella Rank: 861838
2 KB
1 dinoraptzor.org
www.dinoraptzor.org
936 B
32 11
Domain Requested by
14 windows-ad-blocker.com ak.deephicy.net
windows-ad-blocker.com
4 obseu.thatmonkeybites3.com euob.thatmonkeybites3.com
windows-ad-blocker.com
3 counter.yadro.ru 2 redirects smartlink.name
2 ad-blocking24.net 1 redirects windows-ad-blocker.com
2 my.rtmark.net ak.hetapugs.com
ak.deephicy.net
2 smartlink.name smartlink.name
1 region1.google-analytics.com www.googletagmanager.com
1 euob.thatmonkeybites3.com windows-ad-blocker.com
1 www.googletagmanager.com windows-ad-blocker.com
1 ak.deephicy.net ak.hetapugs.com
1 ak.hetapugs.com
1 www.dinoraptzor.org
32 12

This site contains no links.

Subject Issuer Validity Valid
rtmark.net
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
ak.hetaruwg.com
R3		 2023-11-28 -
2024-02-26		 3 months crt.sh
windows-ad-blocker.com
E1		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.thatmonkeybites3.com
Amazon RSA 2048 M01		 2023-07-18 -
2024-08-15		 a year crt.sh
ad-blocking24.net
E1		 2023-11-05 -
2024-02-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Frame ID: FA6139745D255DBE41CF8D6E76720CC6
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Adblock Ultimate

Page URL History Show full URLs

  1. http://www.dinoraptzor.org/ Page URL
  2. http://smartlink.name/trafficback.html Page URL
  3. http://smartlink.name/en/index.html Page URL
  4. http://ak.hetapugs.com/4/4923326?var=KATYA Page URL
  5. https://ak.deephicy.net/4/6118780/?var=4923326 Page URL
  6. https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=755845110746583808&cost=0.00... HTTP 302
    https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.n... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

32
Requests

78 %
HTTPS

62 %
IPv6

11
Domains

12
Subdomains

13
IPs

5
Countries

325 kB
Transfer

862 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.dinoraptzor.org/ Page URL
  2. http://smartlink.name/trafficback.html Page URL
  3. http://smartlink.name/en/index.html Page URL
  4. http://ak.hetapugs.com/4/4923326?var=KATYA Page URL
  5. https://ak.deephicy.net/4/6118780/?var=4923326 Page URL
  6. https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=755845110746583808&cost=0.001400&zoneid=6118780&campaignid=7434979&bannerid=19008311&subzoneid=0 HTTP 302
    https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://counter.yadro.ru/hit;nextstat?rhttp%3A//smartlink.name/trafficback.html;s1600*1200*24;uhttp%3A//smartlink.name/en/index.html;h;0.47482188858639596 HTTP 302
  • https://counter.yadro.ru/hit;nextstat?rhttp%3A//smartlink.name/trafficback.html;s1600*1200*24;uhttp%3A//smartlink.name/en/index.html;h;0.47482188858639596 HTTP 302
  • https://counter.yadro.ru/hit;nextstat?q;rhttp%3A//smartlink.name/trafficback.html;s1600*1200*24;uhttp%3A//smartlink.name/en/index.html;h;0.47482188858639596

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.dinoraptzor.org/ 		379 B
936 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.dinoraptzor.org/
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:b409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d9c415f914efa12b3e508783c856e03a2f8270be06c013349347c9e3eb74f62

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
830b800e8e06fa5c-AMS
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Dec 2023 10:10:35 GMT
Last-Modified
Fri, 26 Aug 2022 05:40:27 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wi9BFNnkj4DsligeSg5eiLDJjWCAmuflg7QmKl0roiF%2F4Y53unnDfteLw47u1qFl2g%2Fq5glVTdSgyqzsaCIVz3Ff%2B%2F8epSKv%2Fm0eFoernjgUwYJOpXL7bzL4k0nCn2G0p99wzNN12vvUS%2BEm3%2F8oFeQC"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
trafficback.html
smartlink.name/ 		371 B
908 B 		Document
General
Check archive.org
Download Go to
Full URL
http://smartlink.name/trafficback.html
Protocol
HTTP/1.1
Server
2606:4700:3030::6815:5d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://www.dinoraptzor.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
830b800f2e053764-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Dec 2023 10:10:36 GMT
Last-Modified
Tue, 31 Oct 2023 10:55:02 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIMtxyNfooJfqKZ4P0AW2Q4g2qSdig2yeHJLIXpamJYsCEXhaS8bTgpzIyKMkJQbuQGWwtZUKIZPJIxqT%2FcRDSvKlMVXzpBWqy5nlAV4IUFMOavZGb3CVTFGaNvj0zUrUxabCwjFfLVRd%2F5ijA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
index.html
smartlink.name/en/ 		541 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://smartlink.name/en/index.html
Requested by
Host: smartlink.name
URL: http://smartlink.name/trafficback.html
Protocol
HTTP/1.1
Server
2606:4700:3030::6815:5d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0ac73a35506566c80571fbe5066815b750f879ca2e6bb511afb5cd081904c2f

Request headers

Referer
http://smartlink.name/trafficback.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
830b800f6e3c3764-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Dec 2023 10:10:36 GMT
Last-Modified
Wed, 30 Nov 2022 20:25:44 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cDacnv2CLVVskOKs76mUbKbkP1A%2FinzMH%2B2eWSZkxogBP5nFvR%2BaNV4cj2v0cBSb2gLFcayYbyeTlK6XnDWUJVFNsuMcFI7bdxhhKmFQMH0SYYb%2BFooHwXe0%2BRrA%2FanfenazMDT%2BCeY8AjvQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
hit;nextstat
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit;nextstat?rhttp%3A//smartlink.name/trafficback.html;s1600*1200*24;uhttp%3A//smartlink.name/en/index.html;h;0.47482188858639596
  • https://counter.yadro.ru/hit;nextstat?rhttp%3A//smartlink.name/trafficback.html;s1600*1200*24;uhttp%3A//smartlink.name/en/index.html;h;0.47482188858639596
  • https://counter.yadro.ru/hit;nextstat?q;rhttp%3A//smartlink.name/trafficback.html;s1600*1200*24;uhttp%3A//smartlink.name/en/index.html;h;0.47482188858639596
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;nextstat?q;rhttp%3A//smartlink.name/trafficback.html;s1600*1200*24;uhttp%3A//smartlink.name/en/index.html;h;0.47482188858639596
Requested by
Host: smartlink.name
URL: http://smartlink.name/en/index.html
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://smartlink.name/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 10:10:36 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sun, 04 Dec 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 10:10:36 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;nextstat?q;rhttp%3A//smartlink.name/trafficback.html;s1600*1200*24;uhttp%3A//smartlink.name/en/index.html;h;0.47482188858639596
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sun, 04 Dec 2022 21:00:00 GMT
4923326
ak.hetapugs.com/4/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ak.hetapugs.com/4/4923326?var=KATYA
Protocol
HTTP/1.1
Server
95.101.54.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
http://smartlink.name/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
Access-Control-Allow-Methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
* *
Access-Control-Max-Age
86400
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Length
589
Content-Type
text/html; charset=utf8
Date
Tue, 05 Dec 2023 10:10:36 GMT
Expires
Tue, 05 Dec 2023 10:10:36 GMT
Link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://ak.deephicy.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
Pragma
no-cache
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Trace-Id
6b5f7886caca3fec9007775fff01f68b
img.gif
my.rtmark.net/ 		43 B
506 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=4049333160c34fdeb06f1360e61fe50d
Requested by
Host: ak.hetapugs.com
URL: http://ak.hetapugs.com/4/4923326?var=KATYA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
http://ak.hetapugs.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
ak.deephicy.net/4/6118780/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.deephicy.net/4/6118780/?var=4923326
Requested by
Host: ak.hetapugs.com
URL: http://ak.hetapugs.com/4/4923326?var=KATYA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
715
content-type
text/html; charset=utf8
date
Tue, 05 Dec 2023 10:10:36 GMT
expires
Tue, 05 Dec 2023 10:10:36 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://ad-blocking24.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache
timing-allow-origin
*
vary
Accept-Encoding
x-trace-id
a0076b6807fcef4cd7aa7e98f9b8e7f7
img.gif
my.rtmark.net/ 		43 B
506 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=1c41e61663024701a8fb32aa19d937ec
Requested by
Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=4923326
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://ak.deephicy.net
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
Primary Request /
windows-ad-blocker.com/
Redirect Chain
  • https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=755845110746583808&cost=0.001400&zoneid=6118780&campaignid=7434979&bannerid=19008311&subzoneid=0
  • https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=17...
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Requested by
Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=4923326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
b5f6d0938d9c9356b632df818134e719ec21db071d91fa32ec3f570b78169a95
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ak.deephicy.net/partitial/5117854/?var=6118780&ab2r=0&prfrev=false&rhd=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
830b8014bff86940-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 05 Dec 2023 10:10:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKnH1jt42Uj241bDvv%2FBAJtGnbOZ0WLnL1gxb2Zop4sfQCtDJ3kkKpxmF1RFwrC8HuLhZE0QD2TKrxvxjabroV7LLnxBYGfz6sWOvBmG0pNEitWED7q444vGT2pPcLniJFz0oc6hlN0%2FxVsavuArjyM48k9l"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Next.js

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
830b80140d33b724-AMS
content-type
text/html; charset=UTF-8
date
Tue, 05 Dec 2023 10:10:36 GMT
location
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omgwRwtI5BjGfFnH%2Bm4dOZ2ilkBj6d%2F%2B1%2FUqhlddQart%2FtiRP%2B8tntv6oypPwF93UnTDIIk8KgrcuATp%2Fwx2BXeH%2FK8CLtNNzaoodzOOlRg9Wi83j4m%2FJOYk7Uc4YNkoi9omHJ7kOYQvklxmhEOsfA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js
www.googletagmanager.com/gtag/ 		235 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af5301a70b77bdde14ba32caaee29ad93af8f70651792c36273caa38ecea649b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84141
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Dec 2023 10:10:36 GMT
8c3dd651469c9787e366b6d88eb7fa51.js
euob.thatmonkeybites3.com/sxp/i/ 		100 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:4e00:12:b121:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
bb78d54ae56a50e8f444358105d2b5799afd2232dedce7c61f3f7f84fa728a3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 03:54:10 GMT
content-encoding
gzip
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
FRA56-P4
age
22586
etag
"18e67-C2H+Ndn3d7vNwbeY1CRVaRHqO54"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
37263
x-amz-cf-id
ERr8SvCZKHDFhD3lm7P4yEzQs_yBt7fHw19jg1xlApB2x8AWvmoKvA==
expires
Tue, 05 Dec 2023 15:54:10 GMT
2e9d8ebba0938b65.css
windows-ad-blocker.com/_next/static/css/ 		38 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/css/2e9d8ebba0938b65.css
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ec7ba9241e2e5d330b50f0ab0c61013e5f53f75879e7debc70bab50501d9138
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
410311
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 16:10:06 GMT
server
cloudflare
etag
W/"978d-18c20fe9c21"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7VnO%2FdFbKPHpfz0lCWpoVBsHOFMR6bVIBY4mgZdVRU9j%2FawIVVvLbuq79Z1AXUCKE9sNDRA%2BnLvyqdFShPr6NyjhTpngMSkEvM%2Bhgva6obNI%2FOVZ1qS30XLTGzD7Vnf4wDWO630MZnmf0Ysq5ZCf0DnSEBo"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
830b8014e8476940-FRA
a85a315e20706270.css
windows-ad-blocker.com/_next/static/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a09e57f0c6c676e88d3ee2bec7cc52863854fc8029270852cfcbe5d55278a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
435192
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"42a0-18c153dad9f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apliBF3rl2I02PdKBnKBwYd%2BSYOMUvBoD9Vd4XNqv9FtnuJWf1o7qOhomjreetGqH%2FiW%2BjJzDwWU2PYzzGWHkE7UWSCtlGbDQ2L%2BguWU1fyo5Clqi6bSbG7HhlqOoCo3cAQiNRgj%2F0wggeiBkWbbilLBJ%2Fls"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
830b8014e84a6940-FRA
928-b002b5bdc2ecfb3e.js
windows-ad-blocker.com/_next/static/chunks/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/928-b002b5bdc2ecfb3e.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b78b743f668adfa0c2dad4df5f96e5db8d9740499540df1bd7a804b8a4db829
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
435192
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"e0e3-18c153dada3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDj9BSlciMuQlkyMb0A3VvyR%2Fb2FY9j%2BQ9VFydQxm5mcmSHbT%2FZQhIJjGgT%2ByKj5Vvx8v5Vn3SaYiESmHh%2BbEnKH7Puyscd4QQ2yffyjDDaLPkl7hGNG2clmLGEdG50Ouio7UnF9gVRONKWzVh%2BhedlXB%2BJD"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
830b8014f8526940-FRA
2.944cae28dafd6244.js
windows-ad-blocker.com/_next/static/chunks/ 		69 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/2.944cae28dafd6244.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a40498f2332ad081b1a5ad52455487c1db238fa9bb44275fd875ede527909814
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
435192
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"114b7-18c153dada3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTvZUL4GL%2BbS5oEWxZZ6GFYDMkt7NplJkdwRlEkLnu5O1nilJ0pME2sPYqqm3zgjifvODJrPwc3wGygtIdQUOki5qcqcNw9LKVYBFOfrOqAkbPvF6ITVF1x%2Fi5be7AZ%2FVvnWWoSBEjEAGYYQUt0QyxNZdlSQ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
830b8014f8556940-FRA
webpack-731718ee34548f2f.js
windows-ad-blocker.com/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/webpack-731718ee34548f2f.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d398e8a599f1d6b3b657537767ea2804356654be3c2674601e790c20c0845bcc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
410310
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 16:10:06 GMT
server
cloudflare
etag
W/"162d-18c20fe9c1d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2Bm0HAud3J61tW3yD2rrNajNQCEz35nU6sYrnzndM9U5y81V6Bvi59sEdFZio4roDAt3ZWeDbLftRU8zEi9JzMwP4Mguu5%2BtrxzPE5xqljUNSmvKcGpR2IEsLPqfP8VYOCBXYNbZaRbOtz6codn9l7nPyMr3"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
830b8014f8576940-FRA
framework-2c79e2a64abdb08b.js
windows-ad-blocker.com/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/framework-2c79e2a64abdb08b.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
435191
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"226fc-18c153dada3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKfWEs4ZwOplnry7zmnvoqQ3lHp8jd1YkBawK8iiSOzgEQccDK2PGtmHihCMmtvlXdiucXNgdYzAyZ%2BLjQarHEZrPnWGyheJeNOLhKymxa%2FcKLMOBL4RCCnlP5BF5NZb6lf83jwntS4zwutR%2Bs2jZIpPeoRC"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
830b8014f8586940-FRA
main-a0dca5a2ff5035f1.js
windows-ad-blocker.com/_next/static/chunks/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/main-a0dca5a2ff5035f1.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3b7c9705ecbf8632f614da7fa876ed266ce03e7ee3dc21a2cb6c32bd64e0c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
435191
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"15cfe-18c153dada3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNCqYp%2B8DfFR2MN9s3n56kIQ7JnYDy%2BMYRcpyOrRV0huWu4D7ahxyQe7H%2BF1XMvQTtYc8GNzbWzRlSLiG6lNrkDghFBhkUyE%2BKMz8sZxxwukLChwqpGDOFgnqQPqeRhzOUD15yz6vTk96Jq3Gb6e843gOPqM"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
830b8014f8596940-FRA
_app-5d53fa5d7b0d899f.js
windows-ad-blocker.com/_next/static/chunks/pages/ 		64 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/pages/_app-5d53fa5d7b0d899f.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52185a83d558c8e0e0fa308035d96d888e28c5b231554858072d3ec88a0bf688
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73694
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Dec 2023 13:40:30 GMT
server
cloudflare
etag
W/"10017-18c350f16a2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKjDv%2FIBHo2v4h6eM%2FiuLDnK9%2B3ieF2DI93XFO1%2BNe8fzs2S8%2BHjmUgE6xBLBDXyD%2FcYZJZN002Fx%2BQAdKOCBQ7OpJetH7FkG5c%2FTiQRZAbWBY%2FD03J6%2BE%2BxBtVihBXQBQ0%2FR%2BVFQGU7WxIhcJfULER0E%2Fs7"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
830b8014f85a6940-FRA
index-38eb391d7d485452.js
windows-ad-blocker.com/_next/static/chunks/pages/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/pages/index-38eb391d7d485452.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb8f13c3efd897cfa71a51732762b2ba618d70a42a79917ae58847375cc777a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
435191
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"2649-18c153dada3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tijaTCmxASpJTyU68lrIelx%2FD%2Ffaz7xORGCKQHPkPIiPEdj5JpZr8QlDOJg6aY8Ma2JAhMVF6KQtlEhQjCpS5BLX72q6OdK%2BL1AlFWVaLkva7RdcyvMvGxkK5gncJKAqLB8IRpp1dWGQPerSrgzpV0FkMXNu"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
830b8014f85b6940-FRA
_buildManifest.js
windows-ad-blocker.com/_next/static/RO4PgHSkJOBqfWXGK9TtB/ 		997 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/RO4PgHSkJOBqfWXGK9TtB/_buildManifest.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
495e059e9acd3b96f21595d59e6d8dab240a4c306828e88e15dfedd1411c90c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73694
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Dec 2023 13:40:30 GMT
server
cloudflare
etag
W/"3e5-18c350f169e"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNujRMPoM3k0CtM45QE0eA5DwmKpGqWLfYCY4KuY4%2FZbt5P7yiERy2WqjnxgfnHWiRrp5WWS3%2FeNwW8KHmrGn8QcWlyGKUvMUoeMdjRQrXSNtf8OijTJd%2BI0dkN%2BuWlTEEUejBiikSho3RQRvktakel5XkUD"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
830b8014f85e6940-FRA
_ssgManifest.js
windows-ad-blocker.com/_next/static/RO4PgHSkJOBqfWXGK9TtB/ 		77 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/RO4PgHSkJOBqfWXGK9TtB/_ssgManifest.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73694
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Dec 2023 13:40:30 GMT
server
cloudflare
etag
W/"4d-18c350f169e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvUNAMG88sgV8cGJ72xC06uwCC1SVXfa950iDwYPpktBLoOQCsGV0ZXtrLuvHwLuEOgvM9DqIfB2b6iIl2wdxIZ86OsY8%2B%2Fv1YybPyoAIfQCMoTB0GzX2l%2BacmEYSIm6kEirpRyvnaFTzw0N77H0MT%2BtQcjp"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
830b8014f85f6940-FRA
icon.svg
windows-ad-blocker.com/images/promo-images/salmon/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-ad-blocker.com/images/promo-images/salmon/icon.svg
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Dec 2023 13:40:16 GMT
server
cloudflare
etag
W/"c75-18c350ee03a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9Ve5zNnANf173EJVCBpJDGH4qy1KW4D2WWKx5zkbtIrv2A0woFNHCqMMxfy0U0wmV%2BRE438nJUoMMi3GSImhb2HScW%2BlLbXg8ScPxkITLYT0TC0fqo2nynv8oPalsMkZF8U8wQeE3VIz38umb4xJapKpYi3"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
830b80151f18690f-FRA
available-in-chrome.svg
windows-ad-blocker.com/images/browser-icons/ 		21 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-ad-blocker.com/images/browser-icons/available-in-chrome.svg
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/_next/static/css/2e9d8ebba0938b65.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/_next/static/css/2e9d8ebba0938b65.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Dec 2023 13:40:16 GMT
server
cloudflare
etag
W/"5287-18c350edffa"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdbpIA8F2Bvx%2FgSMLl4O1moq%2FJUgzphSCYczpJYcVuiOnToyIdiscegaep8i0q9mSf6O9GThGoQDSZMpiG7fNAw2AMd0HLXbLmrlOO8n%2FRSskrPdpe32CFRslZFCvKhZ5pGfds2S8BJOL7uXPJIue4zYry72"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
830b80151f19690f-FRA
cp4kl7k.php
ad-blocking24.net/ 		0
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-blocking24.net/cp4kl7k.php?add_event6=1&uclick=usbga4qn3y
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:10:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1SxFzrWBX8FJmrgMdZ8urAUyvVAZqPDSN5ORESKONgyVJCxwq%2BqqXAP3P9sg8K78VETyhG7yY3O6RDByvC%2FuXNaqr9dW08LZ3lUmolx8cEo8nGH91QUrOHaSsPEvvBIiRARF6ugddYU%2FAP92vaj4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
830b80157ee4b724-AMS
alt-svc
h3=":443"; ma=86400
ct
obseu.thatmonkeybites3.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/ct?id=46468&url=https%3A%2F%2Fwindows-ad-blocker.com%2F%3Fextension%3Dadblock_ultimate%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dad-blocking24.net%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D3%26src%3D6118780%26cid%3D77beeusbga4qn3y1ad%26lpkey%3D175701b1778313c936%26uclick%3Dusbga4qn3y%26uclickhash%3Dusbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1701771037086&hl=8&op=0&ag=79378977&rand=032289127062627970159222076021067368084692761994820828070896541162081918002111251502&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDMyOV0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsXCIsXCJ2XCI6XCJpbnRlbCBpbmMuXCIsXCJyXCI6XCJpbnRlbCBpcmlzIG9wZW5nbCBlbmdpbmVcIixcInNsdlwiOlwid2ViZ2wgZ2xzbCBlcyAxLjAgKG9wZW5nbCBlcyBnbHNsIGVzIDEuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDEuMCAob3BlbmdsIGVzIDIuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6NCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjM2OTg1MTg3MTAsXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsNCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCw2LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMywwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMCwwLDAsMCwyLDAiXSxbLTEsIi0iXSxbLTIsIjYsZWNYR1gxOW5ucnZWTzJKZGxOaHhCS1FrTHZTRmRBUUJDbGgxNFZVVkZBbEY3K0NBSXFYUkJGQ0UxNkZZa29WVXBBV2hBU0lEMmtaNU50VSs2OWIvMSs1ODdjeldSSkFQbEdsOSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBhZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjExOTAwMDAwLFwidWpoc1wiOjEwMDAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsOS43LDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTcwMTc3MTAzNzA1NywtMV0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsMTM0LDAsMTcsMCwwLDIzLDI4LC0xLDAsMjQ0LjcsMjQ0LjcsMzIwLDMyMCJdLFstMzksIltcIjIwMDMwMTA3XCIsNCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwzLGZhbHNlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiNjIwLDY3NywwLDAsMCw1NjIsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJFdXJvcGUvQmVybGluLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIxMDAiXSxbLTU0LCItIl0sWy01NSwiMiJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1E0SUFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRjWEJrUlVVMU5TVW9ERmhaY1RGWmJGMDFSV0UxVVZsZFNYRUJiVUUxY1Nnb1hXbFpVRmtwQlNSWlFGZ0ZhQ2wxZER3d0lEUThBV2dBT0FRNWNDZzhQV3c5ZEFRRmNXdzVmV0F3SUYxTktBd2dERHc4SkFRMFFGVmhOR1UwWFhFRkpWa3ROU2hrUlVVMU5TVW9ERmhaY1RGWmJGMDFSV0UxVVZsZFNYRUJiVUUxY1Nnb1hXbFpVRmtwQlNSWlFGZ0ZhQ2wxZER3d0lEUThBV2dBT0FRPT0iXSxbLTU4LCItIl0sWy01OSwiZGVmYXVsdCJdLFstNjAsMjIyXSxbLTYxLCJ7XCJ3Z3NsXCI6XCIwO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy02MiwiODAiXSxbLTYzLCIwIl0sWy02NCwiWzAsXCJcIixbXV0iXSxbLTY1LCItIl0sWy02NiwiZ2VvbG9jYXRpb24sc3RvcmFnZWFjY2VzcyxnYW1lcGFkLGNoZWN0LG1pZGksZGlzcGxheWNhcHR1cmUsdXNiLGxvY2FsZm9udHMscGljdHVyZWlucGljdHVyZSxwdWJsaWNrZXljcmVkZW50aWFsc2dldCxvdHBjcmVkZW50aWFscyxjaHVhZm9ybWZhY3RvcixlbmNyeXB0ZWRtZWRpYSxjaHNhdmVkYXRhLGNodWFmdWxsdmVyc2lvbmxpc3QsY2h1YXdvdzY0LGNoZG93bmxpbmssY2hwcmVmZXJzY29sb3JzY2hlbWUsc3luY3hocixjaHVhbW9kZWwsY2hwcmVmZXJzcmVkdWNlZHRyYW5zcGFyZW5jeSxzZXJpYWwsY2FtZXJhLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24scHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LGNodWFmdWxsdmVyc2lvbixmdWxsc2NyZWVuLGNoZHByLHVubG9hZCxrZXlib2FyZG1hcCxjaHVhcGxhdGZvcm0sZ3lyb3Njb3BlLGNodWFtb2JpbGUsd2luZG93bWFuYWdlbWVudCxjaHVhLG1hZ25ldG9tZXRlcixhY2NlbGVyb21ldGVyLHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixjaHVhYXJjaCx4cnNwYXRpYWx0cmFja2luZyxpZGxlZGV0ZWN0aW9uLGNodWFwbGF0Zm9ybXZlcnNpb24sY2h3aWR0aCxjbGlwYm9hcmRyZWFkLGNodmlld3BvcnR3aWR0aCxwYXltZW50LGNodmlld3BvcnRoZWlnaHQsY2hydHQsYXV0b3BsYXksY3Jvc3NvcmlnaW5pc29sYXRlZCxoaWQsY2h1YWJpdG5lc3Msc2NyZWVud2FrZWxvY2ssY2xpcGJvYXJkd3JpdGUsY2hkZXZpY2VtZW1vcnksbWljcm9waG9uZSJdLFstNjcsIjI1MzIzMTI4ODg6MTQiXSxbImRkYiIsIjAsNiwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDIsMSw1LDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDEsMCw0LDAsMCwwLDAsMCwwLDE0Il0sWyJibmNoIiw1OF0sWyJhYm5jaCIsNThdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=ayBqUP2sqJ&pto=350&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1701771037.tkMNzkQa3ZyYB3mZ&suid=1.1701771037.XY8LChHKxaIFOtoc&tuid=1.1701771037.IFQo0dq83mPFJeZD&fbc=-&gtm=W10%3D&it=20%2C203%2C62&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5586cc33e79152bfc36f74e0a48700592a63c604d870cfa0d61b879bac8af13e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Tue, 05 Dec 2023 10:10:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1540
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je3bt0v9138996702&_p=1701771036946&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1458325379.1701771037&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701771037&sct=1&seg=0&dl=https%3A%2F%2Fwindows-ad-blocker.com%2F%3Fextension%3Dadblock_ultimate%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dad-blocking24.net%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D3%26src%3D6118780%26cid%3D77beeusbga4qn3y1ad%26lpkey%3D175701b1778313c936%26uclick%3Dusbga4qn3y%26uclickhash%3Dusbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05&dt=Adblock%20Ultimate&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=374
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 10:10:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://windows-ad-blocker.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tc_imp.gif
obseu.thatmonkeybites3.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obseu.thatmonkeybites3.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aefc032eb47899a9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a17896b2f17071a10acf9f29f671cd483d8022b3b1eaf2e7504d56ad863c30c380026c503065a30015d97eb3e1c77be26bb25cb43e2916af05265ac5e24721bd853e946f4c6d7df3abb2807ff7ccaa8556d8e0e3143714493d60264fc60b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a49d8677a0dbde5eee489d513772aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7dfb93146db8d8af738d52ad43e3871ac34bc8997f976e63c7cc228e30c483baa59df3f1477fe425b7bbfc215128ae9621cca648a11d0245971e509acf96c3cdfa8825d965d398fa8876e37d723394342a999bdc1320cafe74a710ec9e41c974a97d4c4655c50ba803cacca17cae807cd50cea80d184768d574b60f11a14587b1672caa064f044dac5ba22a89166f69c73d984a6fe7382b1ee546a7bd8bf1248dca14d5e0cf9f9bd34fd64c5b74abcb173f22df966cb2a8019d6a839c21d31a0ecc33069663340754e1e44ffec8f7a9140e448484228f0b347df8e4b55aab5d8bdee3997a8a7aed1a9abb0154c75fa16d2a0052ed8162c16d66458766cf729ae711ecae8c060d969d4239dee7f91e15ec2764a6272552d17dd9ee7922a3e06c64116ce8b88f8e8c71646cce7ec79d7917032c597516e3ea895980822fe3a8d1f9945fe3ed14691d54bf1f366ffdcded3c55a25b9b43e7ed67ea2d9b0ae04807e6043179e695f42f3f60eccb34ad89398cb5dd195d421042533cb2fb717f847b88075847712334b3e616da30fd8d47117ec2dd2ade727c5dd1ed46679bd422479deec914a09fc6de7d0419c5e66510ee5647290a5c536d94b2ccdd460fd8688a1c43b8e4f5f3008e06b3704cee35005ef62a387953f85c1f11c416ee03632026fcc0b4de098e8040c936a72cf948547d5d7b9c6453fb938ba1b7755cb473f62d3d0055d96d0e3d2feaf10e73aba73d325c3931fc5edf82b37f39b41c29ebeb1d8eed7cd34428afa38549b3f920d8143e0e42ba8c7d1c870b286d6f8e75b7a94e1e5ff5fdc55885215600e75cb903932da79f75cd58a32aa0b35e36d5ecb30de926d20e03e24034f8ef5c62c82db5f257e462cd3d8c3fec955e85fe0cd633dfccb7f7a081c032b23f160f6a22f45f4b5d1dbe5a1a6adbbc829e2f68d0142144f1e06721e26c25f2e7e8af7b2a765f1df2e07d3c25ea685579994c4c89deab71de616de5f8b58ce8bac9682757094b0fdc63c116b74c29adcb06912abf8247b0ce82bff32631ef95fb53d8c0759cf49108bc2e4b3f798c7a18f61c34fcac22d82b0ffc77df98df66f54dccdda2da726a3dbc95e7580dc2688c67a24b64044bf171d255670acd27654fb19726471e62c8e90ff6f71b61e44126487b1b6ee709d466c6aa0adee&cri=ayBqUP2sqJ&ts=199&cb=1701771037286
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Tue, 05 Dec 2023 10:10:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
7d5b534a-f6cd-4f20-b41e-71050f787f83
https://windows-ad-blocker.com/ 		261 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://windows-ad-blocker.com/7d5b534a-f6cd-4f20-b41e-71050f787f83
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f02aa8d9e2e17e95b9f15d25b76db5dd6688a0fe8bb377c9916a724a43cba89

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
261
Content-Type
0bab870a-0ded-4afb-8bce-d0744d21d2e9
https://windows-ad-blocker.com/ 		529 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://windows-ad-blocker.com/0bab870a-0ded-4afb-8bce-d0744d21d2e9
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6118780&cid=77beeusbga4qn3y1ad&lpkey=175701b1778313c936&uclick=usbga4qn3y&uclickhash=usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a94a0a86fb24e7abc4674eb62fd2dc249c3733a70ef9485e683fb58176129e7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
529
Content-Type
mon
obseu.thatmonkeybites3.com/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/mon
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windows-ad-blocker.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://windows-ad-blocker.com
date
Tue, 05 Dec 2023 10:10:38 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
mon
obseu.thatmonkeybites3.com/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/mon
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windows-ad-blocker.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://windows-ad-blocker.com
date
Tue, 05 Dec 2023 10:10:40 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| gtag object| dataLayer object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST function| __ctcg_ct_46468_exec object| google_tag_manager object| google_tag_data object| gaGlobal object| _cq

26 Cookies

Domain/Path Name / Value
.yadro.ru/ Name: FTID
Value: 1bRlSS0khNeh1bRlSS002SyE
.yadro.ru/ Name: VID
Value: 0VaFRZ3HCd8h1bRlSS0026gx
ak.hetapugs.com/ Name: OAID
Value: 4049333160c34fdeb06f1360e61fe50d
ak.hetapugs.com/ Name: oaidts
Value: 1701771036
my.rtmark.net/ Name: ID
Value: 4049333160c34fdeb06f1360e61fe50d
ak.deephicy.net/ Name: OAID
Value: 1c41e61663024701a8fb32aa19d937ec
ak.deephicy.net/ Name: oaidts
Value: 1701771036
ad-blocking24.net/ Name: uclick
Value: usbga4qn3y
ad-blocking24.net/ Name: uclickhash
Value: usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
.windows-ad-blocker.com/ Name: extension
Value: adblock_ultimate
.windows-ad-blocker.com/ Name: promo
Value: salmon
.windows-ad-blocker.com/ Name: big
Value: none
.windows-ad-blocker.com/ Name: clk_domain
Value: ad-blocking24.net
.windows-ad-blocker.com/ Name: flow
Value: binom
.windows-ad-blocker.com/ Name: campaignId
Value: 10557
.windows-ad-blocker.com/ Name: trafficsource
Value: 3
.windows-ad-blocker.com/ Name: src
Value: 6118780
.windows-ad-blocker.com/ Name: cid
Value: 77beeusbga4qn3y1ad
.windows-ad-blocker.com/ Name: lpkey
Value: 175701b1778313c936
.windows-ad-blocker.com/ Name: uclick
Value: usbga4qn3y
.windows-ad-blocker.com/ Name: uclickhash
Value: usbga4qn3y-usbga4qn3y-8p6o-1zdz-h9yd-wf1m-wfd5-d84d05
.windows-ad-blocker.com/ Name: _cq_duid
Value: 1.1701771037.tkMNzkQa3ZyYB3mZ
.windows-ad-blocker.com/ Name: _cq_suid
Value: 1.1701771037.XY8LChHKxaIFOtoc
.windows-ad-blocker.com/ Name: _ga_D9B6K7HFTW
Value: GS1.1.1701771037.1.0.1701771037.0.0.0
.windows-ad-blocker.com/ Name: _ga
Value: GA1.1.1458325379.1701771037
obseu.thatmonkeybites3.com/ Name: cg_uuid
Value: ef0a5745af20ba7148855fa65552aeec

1 Console Messages

Source Level URL
Text
worker verbose URL: blob:https://windows-ad-blocker.com/7d5b534a-f6cd-4f20-b41e-71050f787f83(Line 1)
Message:
Error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-blocking24.net
ak.deephicy.net
ak.hetapugs.com
counter.yadro.ru
euob.thatmonkeybites3.com
my.rtmark.net
obseu.thatmonkeybites3.com
region1.google-analytics.com
smartlink.name
windows-ad-blocker.com
www.dinoraptzor.org
www.googletagmanager.com
139.45.195.8
2001:4860:4802:34::36
2600:9000:223e:4e00:12:b121:9c80:93a1
2606:4700:3030::6815:5d19
2606:4700:3034::ac43:9c45
2606:4700:3037::ac43:b409
2a00:1450:4001:80f::2008
2a05:d018:56f:b800:f42c:e894:1fb0:3740
2a06:98c1:3121::3
88.212.201.198
88.212.201.204
95.101.54.144
95.101.54.210
0d9c415f914efa12b3e508783c856e03a2f8270be06c013349347c9e3eb74f62
495e059e9acd3b96f21595d59e6d8dab240a4c306828e88e15dfedd1411c90c5
52185a83d558c8e0e0fa308035d96d888e28c5b231554858072d3ec88a0bf688
5586cc33e79152bfc36f74e0a48700592a63c604d870cfa0d61b879bac8af13e
5b3b7c9705ecbf8632f614da7fa876ed266ce03e7ee3dc21a2cb6c32bd64e0c2
6ec7ba9241e2e5d330b50f0ab0c61013e5f53f75879e7debc70bab50501d9138
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
8f02aa8d9e2e17e95b9f15d25b76db5dd6688a0fe8bb377c9916a724a43cba89
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b78b743f668adfa0c2dad4df5f96e5db8d9740499540df1bd7a804b8a4db829
a40498f2332ad081b1a5ad52455487c1db238fa9bb44275fd875ede527909814
a6a09e57f0c6c676e88d3ee2bec7cc52863854fc8029270852cfcbe5d55278a2
a94a0a86fb24e7abc4674eb62fd2dc249c3733a70ef9485e683fb58176129e7b
af5301a70b77bdde14ba32caaee29ad93af8f70651792c36273caa38ecea649b
b5f6d0938d9c9356b632df818134e719ec21db071d91fa32ec3f570b78169a95
bb78d54ae56a50e8f444358105d2b5799afd2232dedce7c61f3f7f84fa728a3f
cb8f13c3efd897cfa71a51732762b2ba618d70a42a79917ae58847375cc777a9
d398e8a599f1d6b3b657537767ea2804356654be3c2674601e790c20c0845bcc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
f0ac73a35506566c80571fbe5066815b750f879ca2e6bb511afb5cd081904c2f
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7