urlscan.io logo urlscan.io
SecurityTrails logo

windows-ad-blocker.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://glaultoa.com/partitial/5117844/?var=4709567
Effective URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campai...
Submission: On December 02 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 26 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is windows-ad-blocker.com.
TLS certificate: Issued by E1 on October 24th 2023. Valid for: 3 months.
This is the only time windows-ad-blocker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
glaultoa.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    2606:4700:3032::6815:7c7 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-blocking24.net
14    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
windows-ad-blocker.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:223e:600:12:b121:9c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
euob.thatmonkeybites3.com
4    2a05:d018:56f:b804:6115:ed34:65c7:21ff (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obseu.thatmonkeybites3.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
14 windows-ad-blocker.com
windows-ad-blocker.com
194 KB
5 thatmonkeybites3.com
euob.thatmonkeybites3.com — Cisco Umbrella Rank: 177165
obseu.thatmonkeybites3.com — Cisco Umbrella Rank: 186138
39 KB
2 ad-blocking24.net
ad-blocking24.net — Cisco Umbrella Rank: 125446
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
259 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
82 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12331
505 B
1 glaultoa.com
glaultoa.com
2 KB
26 7
Domain Requested by
14 windows-ad-blocker.com glaultoa.com
windows-ad-blocker.com
4 obseu.thatmonkeybites3.com euob.thatmonkeybites3.com
windows-ad-blocker.com
2 ad-blocking24.net 1 redirects windows-ad-blocker.com
1 region1.google-analytics.com www.googletagmanager.com
1 euob.thatmonkeybites3.com windows-ad-blocker.com
1 www.googletagmanager.com windows-ad-blocker.com
1 my.rtmark.net glaultoa.com
1 glaultoa.com
26 8

This site contains no links.

Subject Issuer Validity Valid
glaultoa.com
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
rtmark.net
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
windows-ad-blocker.com
E1		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.thatmonkeybites3.com
Amazon RSA 2048 M01		 2023-07-18 -
2024-08-15		 a year crt.sh
ad-blocking24.net
E1		 2023-11-05 -
2024-02-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Frame ID: 35283793ACB339406F66828F6287C4CD
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Adblock Ultimate

Page URL History Show full URLs

  1. https://glaultoa.com/partitial/5117844/?var=4709567 Page URL
  2. https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=754873783848018801&cost=0.00... HTTP 302
    https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.n... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

26
Requests

92 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

4
Countries

318 kB
Transfer

859 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://glaultoa.com/partitial/5117844/?var=4709567 Page URL
  2. https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=754873783848018801&cost=0.001679&zoneid=5117844&campaignid=7439492&bannerid=19019310&subzoneid=0 HTTP 302
    https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
glaultoa.com/partitial/5117844/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://glaultoa.com/partitial/5117844/?var=4709567
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Sat, 02 Dec 2023 17:50:53 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://ad-blocking24.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
3ffc599e63a24d67a0fd2e9df2bde829
img.gif
my.rtmark.net/ 		43 B
505 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=9c77ebf51d8c42a7bbc1fc66536573b6
Requested by
Host: glaultoa.com
URL: https://glaultoa.com/partitial/5117844/?var=4709567
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:53 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://glaultoa.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
Primary Request /
windows-ad-blocker.com/
Redirect Chain
  • https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=754873783848018801&cost=0.001679&zoneid=5117844&campaignid=7439492&bannerid=19019310&subzoneid=0
  • https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17...
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Requested by
Host: glaultoa.com
URL: https://glaultoa.com/partitial/5117844/?var=4709567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
5e54d57b771b977b24f84ace924e84195afb4d6cb11982674458053f46592f15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://glaultoa.com/partitial/5117844/?var=5117844&ab2r=0&prfrev=false&rhd=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
82f56a33fa4a419d-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 02 Dec 2023 17:50:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eChdmbCffHdL%2BNdq%2FrQ1DAX6Yi1WIfxmkUwgzGjkOy7RuxiNgU27ZJeN9%2BcVGJ2Nu0yad8XTHB5p970J13r%2FOnMViXJwA%2FflPPGVVSLuv373%2FXvHPcOvZ22oCdZJsmOsztZS2iABkaulZOxm%2FvKAb9dE98t0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Next.js

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82f56a324f7377ae-LHR
content-type
text/html; charset=UTF-8
date
Sat, 02 Dec 2023 17:50:53 GMT
location
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdLYyF3Y0F4DP2MjyjDwZblBpPHicvSZDQfSCAcrM2j5JpuaDBTbZajMIByVqpkLd8dpYblzOuB4j5IzaDa9zNUZrM1C1tyrBKL%2BNsKhuKIl1qmrgYEzJE0IJCCerBKCuPEy0iUJ%2B5cZiUMKCNeTbg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js
www.googletagmanager.com/gtag/ 		235 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4e2291f93aeca6cd367f543bc8e2d931f28f8100275f83131b71ffeba010531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84057
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Dec 2023 17:50:54 GMT
8c3dd651469c9787e366b6d88eb7fa51.js
euob.thatmonkeybites3.com/sxp/i/ 		100 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:600:12:b121:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
bb78d54ae56a50e8f444358105d2b5799afd2232dedce7c61f3f7f84fa728a3f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 07:38:52 GMT
content-encoding
gzip
via
1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
FRA56-P4
age
37287
etag
"18e67-C2H+Ndn3d7vNwbeY1CRVaRHqO54"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
37263
x-amz-cf-id
H2lhGVdXL5k2NG_LGUfDx9CHvCkF1VMfLJl79LoZv2ZCYfg7IqZlSg==
expires
Sat, 02 Dec 2023 19:29:27 GMT
2e9d8ebba0938b65.css
windows-ad-blocker.com/_next/static/css/ 		38 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/css/2e9d8ebba0938b65.css
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ec7ba9241e2e5d330b50f0ab0c61013e5f53f75879e7debc70bab50501d9138
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
178785
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 16:10:06 GMT
server
cloudflare
etag
W/"978d-18c20fe9c21"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2t9E9XhcC9Oncz4iZmyvACK1SYCy%2FMhmtaDZ1GVZyOYjzKHu5qDvNPmFqAN%2BEdGegE2lUTGm0a5tFx3t69cw6UlZ%2FCw6vc9sVu3byU9jvSMCHfcawnD8GgOhwgYlD336KAK8w3k6xat1jXEkP6WGxd49y1C"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
82f56a367e81419d-LHR
a85a315e20706270.css
windows-ad-blocker.com/_next/static/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a09e57f0c6c676e88d3ee2bec7cc52863854fc8029270852cfcbe5d55278a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
203632
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"42a0-18c153dad9f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KC8QfoO3DRRth46e9tTwT6tKmoXIRtkjT3wE0q2JG8%2BF7cAJ%2FBGnXOt0OMQwl1oq5Lr8cJqKkzUgclbLiiV7aOwOgpkkhNcARRUo9mygw17xSIXL2CIou7io4aCsdG3EN29smgm2SJ9M6HwN17M2iBibaroq"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
82f56a367e84419d-LHR
928-b002b5bdc2ecfb3e.js
windows-ad-blocker.com/_next/static/chunks/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/928-b002b5bdc2ecfb3e.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b78b743f668adfa0c2dad4df5f96e5db8d9740499540df1bd7a804b8a4db829
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
203632
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"e0e3-18c153dada3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=By%2B%2FZQ21cN7gvpfkT993gFETfTBUImbrmd1WSmofnT384Gn2zAB1przK2EWjghMbVwswW7gzv7K2sEm8M5NwL9y08vcPKTKmXejL%2F1ZL5nzIkmMK1drz%2FynOXKNjwoPlA%2F5Dhby7lxJHF%2F%2BRF0mW2%2FJ9kdh7"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
82f56a369e9b419d-LHR
2.944cae28dafd6244.js
windows-ad-blocker.com/_next/static/chunks/ 		69 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/2.944cae28dafd6244.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a40498f2332ad081b1a5ad52455487c1db238fa9bb44275fd875ede527909814
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
203632
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"114b7-18c153dada3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BMRvx9ksmW%2Bb6g9hWefq021s%2BVXQl0dmSSDuZRY5KwuUnk0Tv7c9q%2Bn%2B5HOEDI%2FvX%2FO0Ys1r6iBFFlQG5GsXq%2BVDwzmE8pGTPqAIFPSSucniDp4MQnXDYkoCWn81jb7jCBgSfLastCbViYlkizHdGcDw%2B1r"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
82f56a369e9d419d-LHR
webpack-731718ee34548f2f.js
windows-ad-blocker.com/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/webpack-731718ee34548f2f.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d398e8a599f1d6b3b657537767ea2804356654be3c2674601e790c20c0845bcc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
136665
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 16:10:06 GMT
server
cloudflare
etag
W/"162d-18c20fe9c1d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRZCAq%2FQQLo7SUJqVZ0wJ5qUH6jyQqrrE20j%2FJwxbfCs7Rxgq5S26ejroA6mlkvQ9YJgasSoHODvRIVMj%2FLgVgvzDmstn%2BacQD5DBHvqAoSbSYB%2F6DqpG%2Bl8quBE45PNkCqhUk82HLWpCF9uaBWp2Ea4Z%2BID"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
82f56a369ea1419d-LHR
framework-2c79e2a64abdb08b.js
windows-ad-blocker.com/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/framework-2c79e2a64abdb08b.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
203632
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"226fc-18c153dada3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccN8wHJlgX%2Bt%2FpGrDH26uY16wWtM8PVcDp%2FDd9W36mjk5EivX1fMEe1pdZhtvyOq2v%2BkKk%2FIZAZn1UJDJ%2B0z3qTn2EbyRa6PhRbXMWR2FgFog72ga7cVk4mozs0e0AybRnmd%2FtjTJaMDfdmRgMZpq3sNjlAR"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
82f56a369ea2419d-LHR
main-a0dca5a2ff5035f1.js
windows-ad-blocker.com/_next/static/chunks/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/main-a0dca5a2ff5035f1.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3b7c9705ecbf8632f614da7fa876ed266ce03e7ee3dc21a2cb6c32bd64e0c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
203632
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"15cfe-18c153dada3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75e6DMhM0sIeKfCu5Leda090LzgsQJSmCxFQJ3sH%2FMo0VvvbudzcjUYFe%2BdyaYJm8tJ58hCfaRDzbHea8GSC%2BVZTiN8IQyo0e%2BiAmQctUiANzU0wr81ZX1ap%2BXDFQCyA4ksKlgcyg0RhkvsJ%2BWhO0sdgkqdY"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
82f56a369ea4419d-LHR
_app-f965f19afd265f3b.js
windows-ad-blocker.com/_next/static/chunks/pages/ 		64 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/pages/_app-f965f19afd265f3b.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b0f0e0e17d0392b32388f3ac7a2ff8434608842c431ec5cafe58559608f8b99
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
178785
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 16:10:06 GMT
server
cloudflare
etag
W/"ffae-18c20fe9c1d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykOB7wcKt7T%2B6Zv10%2FwEwtOl9yuQQYk8%2BeUt3QgVh9W34pxaCXekGykp23xP5UVc1zn6Pi29dMc1Ia0Z0UJIy41lvLX2K9pmnIZ%2B0VF5Ebzd%2B1HqhDhqq2v0IqB8wAmaOQmccdPI64hpdYJbCrJV9D20zEyx"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
82f56a369ea5419d-LHR
index-38eb391d7d485452.js
windows-ad-blocker.com/_next/static/chunks/pages/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/chunks/pages/index-38eb391d7d485452.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb8f13c3efd897cfa71a51732762b2ba618d70a42a79917ae58847375cc777a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
203632
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 09:23:32 GMT
server
cloudflare
etag
W/"2649-18c153dada3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AS3AZV7oTXh0iiL7%2Fr%2FSVE8FWgSErHpzUhBJR4pkS4UYQUcHSnMeCIN8bXaW3wcvKqZ3UwrhNltyzPJiuRmfJQw2KC5lm3kPcAscjk7WSnZXZ0COHZwyItRkIIP3nfh9J0ise0upNo8K9%2F%2Br4dngJ9iyVYEK"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
82f56a369ea8419d-LHR
_buildManifest.js
windows-ad-blocker.com/_next/static/XmEaIe1ibzZOgVBVz957m/ 		997 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/XmEaIe1ibzZOgVBVz957m/_buildManifest.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
495e059e9acd3b96f21595d59e6d8dab240a4c306828e88e15dfedd1411c90c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
178785
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 16:10:06 GMT
server
cloudflare
etag
W/"3e5-18c20fe9c1d"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwH5vZv6tv1LI14EAOVRJ1nY5vaITe3M4En6fSoYUVG5XPHYgeeez70nfnWBmlBZpZxUuSgu2D9xpQYegv%2FP3wwpjwkai8GRaq3h3ZUQjRH9Ry717uwI%2FENaaX4eNaD0A2D9Mc%2BfD%2BdqW02Cj4RSj35vUsVL"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
82f56a369eab419d-LHR
_ssgManifest.js
windows-ad-blocker.com/_next/static/XmEaIe1ibzZOgVBVz957m/ 		77 B
362 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windows-ad-blocker.com/_next/static/XmEaIe1ibzZOgVBVz957m/_ssgManifest.js
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
178785
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 16:10:06 GMT
server
cloudflare
etag
W/"4d-18c20fe9c1d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEVAWiiI17Cdh%2Bz9cCdhask07igLxxbvWmLPbW1OOjMRPk3Mrson1riX7IyZu1kosDcQ%2FeLcuWlpBAZ3sVCHCQdzBtdC31z9DAmU3Oz6km6uER1WrARD%2FHDC3lvkv%2FuU4%2FruxQga5dzOORa15Iwk%2FEbAk%2FWU"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
82f56a369ead419d-LHR
icon.svg
windows-ad-blocker.com/images/promo-images/salmon/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-ad-blocker.com/images/promo-images/salmon/icon.svg
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 16:09:50 GMT
server
cloudflare
etag
W/"c75-18c20fe5e5d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfZr%2BL9xpKACAmE%2BBpVLxuFXWvAZoNdBkJdUHlpeL7JtnMqld8eTJUO5WJAdVfspyXrfepGQ8wXY8WHcrr7FzDnkJ3ElIB%2Fn7k8YFyxd79CBH9vECBEnvDux5QG0gCFVYM0PPy9yDByBVhg8ejLHJZRGLEFg"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
82f56a374fae419d-LHR
available-in-chrome.svg
windows-ad-blocker.com/images/browser-icons/ 		21 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windows-ad-blocker.com/images/browser-icons/available-in-chrome.svg
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/_next/static/css/2e9d8ebba0938b65.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/_next/static/css/2e9d8ebba0938b65.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 16:09:50 GMT
server
cloudflare
etag
W/"5287-18c20fe5e3d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzVIrUhgoBuz9CW3ZxtCEaDeQg%2B2UTsKCeT6EujcuTfuvsD%2FGWDct5q1N302V5nEC9K1IE%2FncrhuHY1o8EK7GFzWEjqjELl%2B03V%2BdvTOJ%2Bv1kW5qbpaf%2FYJDitJJzG2%2FrFXjQWsT%2F%2ByGX3Xa2l2nhC0f8GLV"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
82f56a374fb0419d-LHR
cp4kl7k.php
ad-blocking24.net/ 		0
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-blocking24.net/cp4kl7k.php?add_event6=1&uclick=pmqq8pxidz
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:50:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSU0JKrejhNYUJBszyMUOWOU%2Bf0%2Bez0FZQbCQAgVRkHceUF%2FXeCMHE5kd49Mr5JBoFG55DCkdFskZ6m8QQF3k2Oavh%2FY4EnDgfwoe8Pha%2FIf6PK5aOhePAKooCUYgDI1dPuI9Ls5orlNKUHxHkS6zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
82f56a37e96377ae-LHR
alt-svc
h3=":443"; ma=86400
ct
obseu.thatmonkeybites3.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/ct?id=46468&url=https%3A%2F%2Fwindows-ad-blocker.com%2F%3Fextension%3Dadblock_ultimate%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dad-blocking24.net%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D3%26src%3D5117844%26cid%3D8efa4pmqq8pxidz445%26lpkey%3D17fa0145538b976153%26uclick%3Dpmqq8pxidz%26uclickhash%3Dpmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1701539454873&hl=5&op=0&ag=79378977&rand=247019102921590091080666182096062380913259905873122102572190941207602172208829091926&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDQ2MDBdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjcsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwxLDMsMCwwLDE1LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEyLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDcsMCwxLDAsMCwwLDAsMCw0LDAiXSxbLTEsIi0iXSxbLTIsIjksZWNYR1gxOW5ucnZWTzJKZGxOaHhCS1FrTHZTRmRBUUJDbGgxNFZVVkZBbEY3K0NBSXFYUkJGQ0UxNkZZa29WVXBBV2hBU0lEMmtaNU50VSs2OWIvMSs1ODdjeldSSkFQbEdsOSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBhZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjEwMDAwMDAwLFwidWpoc1wiOjEwMDAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNzAxNTM5NDU0ODEyLDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDI2OCwwLDEwLDAsMCwxMzQsMzcwLC0xLDAsOTc5LjQsOTc5LjQsMTE5OCwxMTk4Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDMsZmFsc2UsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMSJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsNjc3LDAsMCwwLDU2MiwwLDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIkV1cm9wZS9Mb25kb24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjEwMCJdLFstNTQsIi0iXSxbLTU1LCIyIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUTRJQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZGNYQmtSVVUxTlNVb0RGaFpjVEZaYkYwMVJXRTFVVmxkU1hFQmJVRTFjU2dvWFdsWlVGa3BCU1JaUUZnRmFDbDFkRHd3SURROEFXZ0FPQVE1Y0NnOFBXdzlkQVFGY1d3NWZXQXdJRjFOS0F3Z0REdzhKQVEwUUZWaE5HVTBYWEVGSlZrdE5TaGtSVVUxTlNVb0RGaFpjVEZaYkYwMVJXRTFVVmxkU1hFQmJVRTFjU2dvWFdsWlVGa3BCU1JaUUZnRmFDbDFkRHd3SURROEFXZ0FPQVE9PSJdLFstNTgsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy02MCwyMjJdLFstNjEsIntcIndnc2xcIjpcIjA7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTYyLCI4MCJdLFstNjMsIjEiXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFstNjUsIi0iXSxbLTY2LCJnZW9sb2NhdGlvbixzdG9yYWdlYWNjZXNzLGdhbWVwYWQsY2hlY3QsbWlkaSxkaXNwbGF5Y2FwdHVyZSx1c2IsbG9jYWxmb250cyxwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LG90cGNyZWRlbnRpYWxzLGNodWFmb3JtZmFjdG9yLGVuY3J5cHRlZG1lZGlhLGNoc2F2ZWRhdGEsY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjaHVhd293NjQsY2hkb3dubGluayxjaHByZWZlcnNjb2xvcnNjaGVtZSxzeW5jeGhyLGNodWFtb2RlbCxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxneXJvc2NvcGUsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEsbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxjbGlwYm9hcmR3cml0ZSxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy02NywiMjUzMjMxMjg4ODozNCJdLFsiZGRiIiwiMCw5LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMSwwLDAsMCwzLDgsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMSwwLDgsMCwwLDEsMCwwLDAsMzQiXSxbImJuY2giLDExOF0sWyJhYm5jaCIsMTE5XV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=miEX1KTipa&pto=1258&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1701539454.DMTE7TBbt3pkJvjw&suid=1.1701539454.nANZnXqXXpoCLkEI&tuid=1.1701539454.22B1v7IEXB1TQMkL&fbc=-&gtm=W10%3D&it=20%2C809%2C308&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4028857bfba9bb464e0dfb5b55b78174b485cbd568c94280b0556b162e26e31f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Sat, 02 Dec 2023 17:50:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1503
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je3bt0v9138996702&_p=1701539454444&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=604276684.1701539455&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701539454&sct=1&seg=0&dl=https%3A%2F%2Fwindows-ad-blocker.com%2F%3Fextension%3Dadblock_ultimate%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dad-blocking24.net%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D3%26src%3D5117844%26cid%3D8efa4pmqq8pxidz445%26lpkey%3D17fa0145538b976153%26uclick%3Dpmqq8pxidz%26uclickhash%3Dpmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5&dt=Adblock%20Ultimate&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1317
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 17:50:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://windows-ad-blocker.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tc_imp.gif
obseu.thatmonkeybites3.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obseu.thatmonkeybites3.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aefc236e3438f989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a17896b2f17071a10acf9f29f671a8b8180032d371eaa7d70558168dd62c15664512192035557350d5f94e83d4677be26bb25cb43e2916af05265ae0e257b1bdf50eb42f497d7de6ebb2807ff7ecaa8556d8e0e3143714493d60366f760b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a49d8677a0dbde5eee489d513772aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7daec21465ebdeaf768b0ff64fbb821acb1d99c92dc5693194cd21de31c5dbecf49df3f1477fe425b7bbfc215128ae9621cca648a11d0245971e509acf96c3cdfa8825d965d398fa8876e37d723394342a999bdc1320cafe74a710ec9e41c974a97d4c4655c50ba803cacca17cae807cd50cea80d184768d574b60f11a14587b1672caa064f044dac5ba22a89166f69c73d984a6fe7382b1ee546a7bd8bf1248dca14d5e0cf9f9bd34fd64c5b74abcb173f22df966cb2a8019d6a839c21d31a0ecc33069663340754e1e44ffec8f7a9140e4484b4228ffbc4bdb8e4b55aab5d7efea3dc6adb9bdc7f0efb9121b76ff4383a0052ed8162c16d6640b206cf77faa731acab9c8648c61d2269dee7f91e15ec2764f7c61437453d499b0912a3e06c64116ce8b88f8e8c71358dff1b53dde962731c5924f7d28f1d1910f75fd3a8d1f9945fe3ed14691d54bf1f366ffdcded3c55a25b9b43e7e8322a284e1ae04807e6043179e695f42f3f60eccb34ad89398cb5dd195d421042530cc2fb717f847b88075847712334b3e616da30fd8d47117ec2dd2ade727c5dd1ed46679bd422479deec914a09fc6de7d0419c5e66510ee5647290a5c536d94b2ccdd460fd8688a1c43b8e4f5f3008e06b3704cee35005ef62a387953f85c1f11c416ee03632026fd21151e085f31b19937e72d1919b42cadda6d25a2abb2ca6046d5fd053257fd4cc19478bd2ffcbe1b413fd27a06ed739dc8e02c4edf8372aee8640c29da2afc5f3d6cd335e91e725559b378e179c5ee1e72ab4d2ccd571b184c9e5fa467b91e18be2519511d10604680069d4913e36dd60e954d18f32b36355861859aa42e1ca7c34fe1d364b028ee8ca6ec0820a3073552dcededaba932d951cbfa93620c8f368625529285157a37cc087202287b5ccd7a0e3fff8aec53ae3eb8b182a7c42617c2e6359940c557af4f5ea8d0285bf6b26ebeb17d0854a95d7839e8ee7db71fa079b05ab3ca5d4b0d0972c3798acd4ef383f463980eacba7665fff81436502b83bf3627b14e64ee870da1678c1084bce87a9adc88f82f28e7a8d19d4cc6095b6ecc77dfb92ed2c05cfd29935f362e39595116ed1af38bfc6796bff4659bb5405790630fdd878&cri=miEX1KTipa&ts=470&cb=1701539455343
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://windows-ad-blocker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Sat, 02 Dec 2023 17:50:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
92a3d087-cde8-47b3-94de-a83e9800410d
https://windows-ad-blocker.com/ 		261 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://windows-ad-blocker.com/92a3d087-cde8-47b3-94de-a83e9800410d
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc4463f75b4dc22f74f53dcc91e2681985d2533309a205496e01913b0f14d842

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
261
Content-Type
abefe815-8ed5-4e13-85d7-f4187f8261e1
https://windows-ad-blocker.com/ 		529 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://windows-ad-blocker.com/abefe815-8ed5-4e13-85d7-f4187f8261e1
Requested by
Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=5117844&cid=8efa4pmqq8pxidz445&lpkey=17fa0145538b976153&uclick=pmqq8pxidz&uclickhash=pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7462dbf02f3e28efd61873a9229324e15fdb70e43429552700a96526db4da7a4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
529
Content-Type
mon
obseu.thatmonkeybites3.com/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/mon
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windows-ad-blocker.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://windows-ad-blocker.com
date
Sat, 02 Dec 2023 17:50:56 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
mon
obseu.thatmonkeybites3.com/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/mon
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windows-ad-blocker.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://windows-ad-blocker.com
date
Sat, 02 Dec 2023 17:50:58 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| gtag object| dataLayer object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST function| __ctcg_ct_46468_exec object| google_tag_manager object| google_tag_data object| gaGlobal object| _cq

22 Cookies

Domain/Path Name / Value
glaultoa.com/ Name: OAID
Value: 9c77ebf51d8c42a7bbc1fc66536573b6
glaultoa.com/ Name: oaidts
Value: 1701539453
my.rtmark.net/ Name: ID
Value: 9c77ebf51d8c42a7bbc1fc66536573b6
ad-blocking24.net/ Name: uclick
Value: pmqq8pxidz
ad-blocking24.net/ Name: uclickhash
Value: pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
.windows-ad-blocker.com/ Name: extension
Value: adblock_ultimate
.windows-ad-blocker.com/ Name: promo
Value: salmon
.windows-ad-blocker.com/ Name: big
Value: none
.windows-ad-blocker.com/ Name: clk_domain
Value: ad-blocking24.net
.windows-ad-blocker.com/ Name: flow
Value: binom
.windows-ad-blocker.com/ Name: campaignId
Value: 10557
.windows-ad-blocker.com/ Name: trafficsource
Value: 3
.windows-ad-blocker.com/ Name: src
Value: 5117844
.windows-ad-blocker.com/ Name: cid
Value: 8efa4pmqq8pxidz445
.windows-ad-blocker.com/ Name: lpkey
Value: 17fa0145538b976153
.windows-ad-blocker.com/ Name: uclick
Value: pmqq8pxidz
.windows-ad-blocker.com/ Name: uclickhash
Value: pmqq8pxidz-pmqq8pxidz-8p6o-1zdz-h9yd-wf1m-wfd5-1d49a5
.windows-ad-blocker.com/ Name: _cq_duid
Value: 1.1701539454.DMTE7TBbt3pkJvjw
.windows-ad-blocker.com/ Name: _cq_suid
Value: 1.1701539454.nANZnXqXXpoCLkEI
.windows-ad-blocker.com/ Name: _ga_D9B6K7HFTW
Value: GS1.1.1701539454.1.0.1701539454.0.0.0
.windows-ad-blocker.com/ Name: _ga
Value: GA1.1.604276684.1701539455
obseu.thatmonkeybites3.com/ Name: cg_uuid
Value: c9294185d57a6c206bdd21ae8090bff9

1 Console Messages

Source Level URL
Text
worker verbose URL: blob:https://windows-ad-blocker.com/92a3d087-cde8-47b3-94de-a83e9800410d(Line 1)
Message:
Error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-blocking24.net
euob.thatmonkeybites3.com
glaultoa.com
my.rtmark.net
obseu.thatmonkeybites3.com
region1.google-analytics.com
windows-ad-blocker.com
www.googletagmanager.com
139.45.195.8
139.45.197.245
2001:4860:4802:34::36
2600:9000:223e:600:12:b121:9c80:93a1
2606:4700:3032::6815:7c7
2a00:1450:4001:81c::2008
2a05:d018:56f:b804:6115:ed34:65c7:21ff
2a06:98c1:3121::3
3b0f0e0e17d0392b32388f3ac7a2ff8434608842c431ec5cafe58559608f8b99
4028857bfba9bb464e0dfb5b55b78174b485cbd568c94280b0556b162e26e31f
495e059e9acd3b96f21595d59e6d8dab240a4c306828e88e15dfedd1411c90c5
5b3b7c9705ecbf8632f614da7fa876ed266ce03e7ee3dc21a2cb6c32bd64e0c2
5e54d57b771b977b24f84ace924e84195afb4d6cb11982674458053f46592f15
6ec7ba9241e2e5d330b50f0ab0c61013e5f53f75879e7debc70bab50501d9138
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
7462dbf02f3e28efd61873a9229324e15fdb70e43429552700a96526db4da7a4
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b78b743f668adfa0c2dad4df5f96e5db8d9740499540df1bd7a804b8a4db829
a40498f2332ad081b1a5ad52455487c1db238fa9bb44275fd875ede527909814
a6a09e57f0c6c676e88d3ee2bec7cc52863854fc8029270852cfcbe5d55278a2
bb78d54ae56a50e8f444358105d2b5799afd2232dedce7c61f3f7f84fa728a3f
cb8f13c3efd897cfa71a51732762b2ba618d70a42a79917ae58847375cc777a9
d398e8a599f1d6b3b657537767ea2804356654be3c2674601e790c20c0845bcc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7
f4e2291f93aeca6cd367f543bc8e2d931f28f8100275f83131b71ffeba010531
fc4463f75b4dc22f74f53dcc91e2681985d2533309a205496e01913b0f14d842