windows-ad-blocker.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hugleglo.com/4/6621360
Effective URL:
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campai...
Submission: On December 02 via api (December 2nd 2023, 7:49:45 pm UTC) from US — Scanned from GB

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 26 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is windows-ad-blocker.com.
TLS certificate: Issued by E1 on October 24th 2023. Valid for: 3 months.

This is the only time windows-ad-blocker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1 2	2606:4700:303... 2606:4700:3034::ac43:9c45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20a... 2600:9000:20ab:a400:12:b121:9c80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a05:d018:56f... 2a05:d018:56f:b800:f42c:e894:1fb0:3740	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
26	9

1 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

hugleglo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:9c45 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ad-blocking24.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

windows-ad-blocker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ab:a400:12:b121:9c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

euob.thatmonkeybites3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d018:56f:b800:f42c:e894:1fb0:3740 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

obseu.thatmonkeybites3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	windows-ad-blocker.com windows-ad-blocker.com	194 KB
5	thatmonkeybites3.com euob.thatmonkeybites3.com — Cisco Umbrella Rank: 177165 obseu.thatmonkeybites3.com — Cisco Umbrella Rank: 186138	39 KB
2	ad-blocking24.net 1 redirects ad-blocking24.net — Cisco Umbrella Rank: 125446	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	259 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	83 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 12331	505 B
1	hugleglo.com hugleglo.com	2 KB
26	7

	Domain	Requested by
14	windows-ad-blocker.com	hugleglo.com windows-ad-blocker.com
4	obseu.thatmonkeybites3.com	euob.thatmonkeybites3.com windows-ad-blocker.com
2	ad-blocking24.net	1 redirects windows-ad-blocker.com
1	region1.google-analytics.com	www.googletagmanager.com
1	euob.thatmonkeybites3.com	windows-ad-blocker.com
1	www.googletagmanager.com	windows-ad-blocker.com
1	my.rtmark.net	hugleglo.com
1	hugleglo.com
26	8

This site contains no links.

Subject Issuer	Validity	Valid
hugleglo.com R3	`2023-11-16` - `2024-02-14`	3 months	crt.sh
rtmark.net R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
windows-ad-blocker.com E1	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.thatmonkeybites3.com Amazon RSA 2048 M01	`2023-07-18` - `2024-08-15`	a year	crt.sh
ad-blocking24.net E1	`2023-11-05` - `2024-02-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
Frame ID: DA7F838B1E6D100A95C1E04BA008DEA4
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Adblock Ultimate

Page URL History Show full URLs

https://hugleglo.com/4/6621360 Page URL
https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=754903672525426932&cost=0.00... HTTP 302
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.n... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

26
Requests

92 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

4
Countries

318 kB
Transfer

859 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hugleglo.com/4/6621360 Page URL
https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=754903672525426932&cost=0.003019&zoneid=6621360&campaignid=7439492&bannerid=19019310&subzoneid=0 HTTP 302
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 6621360
hugleglo.com/4/ 2 KB
2 KB 283ms
144ms Document
text/html 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hugleglo.com/4/6621360
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sat, 02 Dec 2023 19:49:39 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://ad-blocking24.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: d6efa41aa49bc8ce065b1ca109cb57f7

POST
H2 200 img.gif
my.rtmark.net/ 43 B
505 B 202ms
86ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=91f5fcaa11894f5f83218cebd791d2d5

Requested by

Host: hugleglo.com
URL: https://hugleglo.com/4/6621360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:39 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://hugleglo.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2

200

Primary Request / Show response
windows-ad-blocker.com/
Redirect Chain

https://ad-blocking24.net/cp4kl7k.php?key=fickwiw7fy7yshltu1k2&visitor_id=754903672525426932&cost=0.003019&zoneid=6621360&campaignid=7439492&bannerid=19019310&subzoneid=0
https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=17...

8 KB
5 KB

211ms
67ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42

Requested by

Host: hugleglo.com
URL: https://hugleglo.com/4/6621360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

e7a246b4b23ed6114b6365eeb947dd73cbba9fa4951e2cab40646e0e6d361074

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hugleglo.com/partitial/5117843/?var=6621360&ab2r=0&prfrev=false&rhd=false
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82f6182c3d834141-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 19:49:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FqKpiNJ2tNph1Z7w%2F%2F2QbZ3xS7rmXGFH4b44eVosAOLWvGHv%2FwmqGFsLc07zmTHpeKA8mdKpULNIoidCY5Y9nUPEJieYVWJt3o2K4gROc3FLJDtUjiczBhdYLRid3%2BM8uOXURA2W6mkUjVX6tNKWip0jxVv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Next.js

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f6182acf5cdd54-LHR
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 19:49:39 GMT
location: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdaEGXosxtriNMY5mjk4ir%2BxuWtcA4Vj9UtM7FOVjaWvX%2B4TMawzO%2B978DMj1Vl1YML7z6ZzY5rgn3soWfLnVpbMqun4Cds4%2BE48E%2BECPESSbPFwzprCEXE9Gx5npM4Xzh13LEvRMKhP5VSkdGwh7g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
83 KB 660ms
56ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW

Requested by

Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd8fa885d9ac133c0c90b58a115c8326ef195c3be77dee97098c6cd4fc807f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84092
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Dec 2023 19:49:40 GMT

GET
H2 200 8c3dd651469c9787e366b6d88eb7fa51.js Show response
euob.thatmonkeybites3.com/sxp/i/ 100 KB
37 KB 542ms
54ms Script
text/javascript 2600:9000:20ab:a400:12:b121:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Requested by: Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:a400:12:b121:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: bb78d54ae56a50e8f444358105d2b5799afd2232dedce7c61f3f7f84fa728a3f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:29:27 GMT
content-encoding: gzip
via: 1.1 9ac192ffc1203361ea1141b56df84966.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: AMS58-P3
age: 1213
etag: "18e67-C2H+Ndn3d7vNwbeY1CRVaRHqO54"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 37263
x-amz-cf-id: Wy3Rb4CWCmOL0FCHQaRN6WVrHKhszioNq2YWebPfITWQOa4xHK2w4g==
expires: Sun, 03 Dec 2023 07:29:27 GMT

GET
H2 200 2e9d8ebba0938b65.css
windows-ad-blocker.com/_next/static/css/ 38 KB
25 KB 49ms
48ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/css/2e9d8ebba0938b65.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ec7ba9241e2e5d330b50f0ab0c61013e5f53f75879e7debc70bab50501d9138

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 185907
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:10:06 GMT
server: cloudflare
etag: W/"978d-18c20fe9c21"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FA3EKxc8Ly6sE1HclX70Nash0UCqck1jAsHqmlPDXIkmwf1jpGGkZUMaSJPPScmtEBqXxixmDbjCyd17U2Q9%2FZP3yHljC689s3BTv%2FuBcJ3CoAUQJYK%2BxGQFhTUNkYqoB5WlIFEHJD4CG%2FLtpIP3TYzweuxA"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 82f6182cbe0c4141-LHR

GET
H2 200 a85a315e20706270.css
windows-ad-blocker.com/_next/static/css/ 17 KB
3 KB 47ms
47ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6a09e57f0c6c676e88d3ee2bec7cc52863854fc8029270852cfcbe5d55278a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 210760
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 09:23:32 GMT
server: cloudflare
etag: W/"42a0-18c153dad9f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDMkFGpckyWoguUV0hEz8Loctglpqc67r4l8CYPx6hIJ5PJWtFIMnr%2BmSp9zqZG67ExHH8jIFpv65yn9DBngCAD8MbFrkikzo2zwFHfn8fi8y1ZzavoYqx%2F3259RiNZUf4CBh62eH71V6loWIZBQQ740NlTm"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 82f6182cbe0e4141-LHR

GET
H2 200 928-b002b5bdc2ecfb3e.js Show response
windows-ad-blocker.com/_next/static/chunks/ 56 KB
16 KB 144ms
140ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/chunks/928-b002b5bdc2ecfb3e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b78b743f668adfa0c2dad4df5f96e5db8d9740499540df1bd7a804b8a4db829

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142043
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:10:06 GMT
server: cloudflare
etag: W/"e0e3-18c20fe9c1d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjFH7P1BBblwDFrgCTpzvi0N2DNtNlSD4FzPW7irwtubLwnkPiwJiNGnhzLH6I9hv9C3OmencWrcHV5fMAGLqwYL%2BzrBObPzUjKrDgVJhY900fxeOlAciQxOEz7mIDjuXsnwe86VjAU%2FBhWmw0PgNQb4oVTE"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 82f6182cce2f4141-LHR

GET
H2 200 2.944cae28dafd6244.js Show response
windows-ad-blocker.com/_next/static/chunks/ 69 KB
22 KB 119ms
116ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/chunks/2.944cae28dafd6244.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a40498f2332ad081b1a5ad52455487c1db238fa9bb44275fd875ede527909814

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 210762
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 09:23:32 GMT
server: cloudflare
etag: W/"114b7-18c153dada3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoSDxot42v%2FtC8Yj2LdcnGMw607lCpBGXP809Fq8ovrdCx%2FqgIejPxPTUH3Q3vdOkNvkDVkEgKKGdlMQ%2FM73PMimAAlMItuVO6zJU0fiTews9riQ23T2RGi13nt%2B9KXntLoX7GCuvajdNs4fH2HB2CypXUjF"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 82f6182cce324141-LHR

GET
H2 200 webpack-731718ee34548f2f.js Show response
windows-ad-blocker.com/_next/static/chunks/ 6 KB
3 KB 91ms
87ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/chunks/webpack-731718ee34548f2f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d398e8a599f1d6b3b657537767ea2804356654be3c2674601e790c20c0845bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 185907
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:10:06 GMT
server: cloudflare
etag: W/"162d-18c20fe9c1d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mga96d8WkV0H45k77ESJVuf%2FhvECXLtdN1tKn0AzluVdp525jmOPpyzEQxqOz04FulrjC6PzsWdEDoHKpJLWLobGXOGo%2FxcXzWs5nuonHwQmzFFoCM0CNBGGzINbZAW19nUYjGH0rOsJzY2p7OsLrrPxm54K"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 82f6182cce334141-LHR

GET
H2 200 framework-2c79e2a64abdb08b.js Show response
windows-ad-blocker.com/_next/static/chunks/ 138 KB
45 KB 141ms
138ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/chunks/framework-2c79e2a64abdb08b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 210762
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 09:23:32 GMT
server: cloudflare
etag: W/"226fc-18c153dada3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvQMF0W9%2BTHbVRh8nMDQyVDmIyWxrApNvLzIYJhUrhfZZUBPttKA2bHIzSdwykB8QGAeKS7jjrQCdoTdCwjFmj%2FsYxrS2i8GCbx%2Bq3%2F4chYv2pzJurKyNGVWBGb6ZufNTZtcKqCNKc7NvTCcrMJXdSmZdtJ0"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 82f6182cce344141-LHR

GET
H2 200 main-a0dca5a2ff5035f1.js Show response
windows-ad-blocker.com/_next/static/chunks/ 87 KB
27 KB 116ms
113ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/chunks/main-a0dca5a2ff5035f1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b3b7c9705ecbf8632f614da7fa876ed266ce03e7ee3dc21a2cb6c32bd64e0c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 210762
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 09:23:32 GMT
server: cloudflare
etag: W/"15cfe-18c153dada3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=my6So7T2APCZ42DTdEFIaoe7rnv58Crdjq2RaSdVKNw0EhrXhe7tOk2JuKt%2BqTmF1FwQ8zThDQkS264im8Gox2szt1h5gkbuURqAK16O%2BFUvfmpONdfyt63tJcdg9b9i%2FYgNUPA78P%2BldCgcalmG6uSobpgB"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 82f6182cce354141-LHR

GET
H2 200 _app-f965f19afd265f3b.js Show response
windows-ad-blocker.com/_next/static/chunks/pages/ 64 KB
34 KB 91ms
88ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/chunks/pages/_app-f965f19afd265f3b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b0f0e0e17d0392b32388f3ac7a2ff8434608842c431ec5cafe58559608f8b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 185907
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:10:06 GMT
server: cloudflare
etag: W/"ffae-18c20fe9c1d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5jEoN61Rn7KV8cGJHs79Z7cKREcurSweQRWJjLz2WsHg07AlCO33BID%2FXz0R%2FPUI4uv5VOylrBL3S3Vn1gCGMhXJ3bVPFEbIGSU0afXI%2FkxNlhVgPmL%2BVhFp4jVA%2FBgAzZ4lm6UeWt5iHsZoi32rZDDJULq"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 82f6182cce374141-LHR

GET
H2 200 index-38eb391d7d485452.js Show response
windows-ad-blocker.com/_next/static/chunks/pages/ 10 KB
4 KB 119ms
116ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/chunks/pages/index-38eb391d7d485452.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb8f13c3efd897cfa71a51732762b2ba618d70a42a79917ae58847375cc777a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 210762
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 09:23:32 GMT
server: cloudflare
etag: W/"2649-18c153dada3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNLfYtb4FfTPy1Vl4AE4G9749iVZLD5R4XdgQJSEv%2BEz3%2BpGRmgBYXii8NIkNWWju%2FIsHEA6WXU57bAdizs7VXK%2FFw9FK9VVtvehmzFYAqMj7VU3lxOchmpURKbbK8WELMtEm4LZIbEINteaLFv72sJCtf9o"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 82f6182cce384141-LHR

GET
H2 200 _buildManifest.js Show response
windows-ad-blocker.com/_next/static/XmEaIe1ibzZOgVBVz957m/ 997 B
762 B 117ms
115ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/XmEaIe1ibzZOgVBVz957m/_buildManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

495e059e9acd3b96f21595d59e6d8dab240a4c306828e88e15dfedd1411c90c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 185907
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:10:06 GMT
server: cloudflare
etag: W/"3e5-18c20fe9c1d"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQLUm3FKNx7Hu7Vfo7Van0yK1Vx5y88J%2BByDkQnDS5a1ri8976BMkILk6U7LWgXLSaonmaggX4epPCiRkukxFWztftY4tDrwc%2FJtmzeG7MvQVzPIL6%2BoxvYaWIltNX1LuSRtqytfJLtoiXNq1kehXwYU7BCT"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 82f6182cce394141-LHR

GET
H2 200 _ssgManifest.js Show response
windows-ad-blocker.com/_next/static/XmEaIe1ibzZOgVBVz957m/ 77 B
414 B 144ms
142ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windows-ad-blocker.com/_next/static/XmEaIe1ibzZOgVBVz957m/_ssgManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 185907
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:10:06 GMT
server: cloudflare
etag: W/"4d-18c20fe9c1d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=expzR4iTaOkFrvHqKLkUFCMI38RnTABSXkuHMuTT3eMUSM64lKIn7uQCau0YlaJkdZM4XZXABRkxUApKblSWw1XHR%2Bpotsp3yzlH9f0jIREQSH9Fyfh3N822zWdn8HUS2%2FuvNQIrqle37gXTJsjDcuY8rXre"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 82f6182cce3b4141-LHR

GET
H2 200 icon.svg
windows-ad-blocker.com/images/promo-images/salmon/ 3 KB
2 KB 129ms
128ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windows-ad-blocker.com/images/promo-images/salmon/icon.svg

Requested by

Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/_next/static/css/a85a315e20706270.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:09:50 GMT
server: cloudflare
etag: W/"c75-18c20fe5e5d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJM3gMmZbhzphr53r4f6791QGl8z7m8b2aWlJfrMh6vjQ5pYP9i2rAr7kZw3npkD%2BLIQdV0WrHC76QG7q%2BPFHbqdC5RDfDsW%2FCCW5cQpq723vw%2FvLgln2QWFlS9vhg9VszBIw5fPFrhbxQ9GiHPtfXoeu8NY"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 82f6182d6eef4141-LHR

GET
H2 200 available-in-chrome.svg
windows-ad-blocker.com/images/browser-icons/ 21 KB
7 KB 130ms
129ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windows-ad-blocker.com/images/browser-icons/available-in-chrome.svg

Requested by

Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/_next/static/css/2e9d8ebba0938b65.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/_next/static/css/2e9d8ebba0938b65.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:09:50 GMT
server: cloudflare
etag: W/"5287-18c20fe5e3d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O98M1tAcggbAI7UMrrkeLWR3RcFcc3PNFCgGL81ix9j1%2BXF3IT3sCshudSA1tCnuJyNjnGUMtAa1zvmHqGxJwMnxXydQp0FI0oqPXhaQgYwos6Ti5c9XrhNBYQs76GmCJ2OHvlJhsxeJFrPKiTIFf7gecM7s"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 82f6182d6ef14141-LHR

GET
H2 200 cp4kl7k.php
ad-blocking24.net/ 0
325 B 66ms
65ms Image
text/html 2606:4700:3034::ac43:9c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-blocking24.net/cp4kl7k.php?add_event6=1&uclick=usa2g63zdz
Requested by: Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:49:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GW7URooJJxm6IX2acmgC%2BUCpBVf%2BIT47IM2bTBfMHTMPFHMVGrfCDn7ESg9ShfSgZzW9ZzV78c9V9DVom%2B%2BZEoZz4EfqD6NZzvTP9WAWJqgBpF7h52ySFndLcoXOhzy5AtXlh0c%2Fcjp6FfpQCyoYLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 82f6182e0b47dd54-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 ct Show response
obseu.thatmonkeybites3.com/ 4 KB
2 KB 207ms
49ms Script
text/javascript 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.thatmonkeybites3.com/ct?id=46468&url=https%3A%2F%2Fwindows-ad-blocker.com%2F%3Fextension%3Dadblock_ultimate%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dad-blocking24.net%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D3%26src%3D6621360%26cid%3Dfeb19usa2g63zdz3ab%26lpkey%3D177001af5416687e79%26uclick%3Dusa2g63zdz%26uclickhash%3Dusa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1701546580585&hl=5&op=0&ag=79378977&rand=948080050211221926829521616107000422253022207754917292595965041057097022215527010156&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDk5NTddLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjUsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDYsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsOCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCw1LDAsMCwwLDAsMCwwLDEsMiwwIl0sWy0xLCItIl0sWy0yLCI3LGVjWEdYMTlubnJ2Vk8ySmRsTmh4QktRa0x2U0ZkQVFCQ2xoMTRWVVZGQWxGNytDQUlxWFJCRkNFMTZGWWtvVlVwQVdoQVNJRDJrWjVOdFUrNjliLzErNTg3Y3pXUkpBUGxHbDkiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoxMDAwMDAwMCxcInVqaHNcIjoxMDAwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDkuOCwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE3MDE1NDY1ODA1NDQsMF0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsMjA3LDAsMTEsMCwwLDEzNCw4OCwtMSwwLDU0NS42LDU0NS42LDEwMzIsMTAzMiJdLFstMzksIltcIjIwMDMwMTA3XCIsNCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwzLGZhbHNlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiNjIwLDY3NywwLDAsMCw1NjIsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJFdXJvcGUvTG9uZG9uLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIxMDAiXSxbLTU0LCItIl0sWy01NSwiMiJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1E0SUFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRjWEJrUlVVMU5TVW9ERmhaY1RGWmJGMDFSV0UxVVZsZFNYRUJiVUUxY1Nnb1hXbFpVRmtwQlNSWlFGZ0ZhQ2wxZER3d0lEUThBV2dBT0FRNWNDZzhQV3c5ZEFRRmNXdzVmV0F3SUYxTktBd2dERHc4SkFRMFFGVmhOR1UwWFhFRkpWa3ROU2hrUlVVMU5TVW9ERmhaY1RGWmJGMDFSV0UxVVZsZFNYRUJiVUUxY1Nnb1hXbFpVRmtwQlNSWlFGZ0ZhQ2wxZER3d0lEUThBV2dBT0FRPT0iXSxbLTU4LCItIl0sWy01OSwiZGVmYXVsdCJdLFstNjAsMjIyXSxbLTYxLCJ7XCJ3Z3NsXCI6XCIwO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy02MiwiODAiXSxbLTYzLCIwIl0sWy02NCwiWzAsXCJcIixbXV0iXSxbLTY1LCItIl0sWy02NiwiZ2VvbG9jYXRpb24sc3RvcmFnZWFjY2VzcyxnYW1lcGFkLGNoZWN0LG1pZGksZGlzcGxheWNhcHR1cmUsdXNiLGxvY2FsZm9udHMscGljdHVyZWlucGljdHVyZSxwdWJsaWNrZXljcmVkZW50aWFsc2dldCxvdHBjcmVkZW50aWFscyxjaHVhZm9ybWZhY3RvcixlbmNyeXB0ZWRtZWRpYSxjaHNhdmVkYXRhLGNodWFmdWxsdmVyc2lvbmxpc3QsY2h1YXdvdzY0LGNoZG93bmxpbmssY2hwcmVmZXJzY29sb3JzY2hlbWUsc3luY3hocixjaHVhbW9kZWwsY2hwcmVmZXJzcmVkdWNlZHRyYW5zcGFyZW5jeSxzZXJpYWwsY2FtZXJhLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24scHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LGNodWFmdWxsdmVyc2lvbixmdWxsc2NyZWVuLGNoZHByLHVubG9hZCxrZXlib2FyZG1hcCxjaHVhcGxhdGZvcm0sZ3lyb3Njb3BlLGNodWFtb2JpbGUsd2luZG93bWFuYWdlbWVudCxjaHVhLG1hZ25ldG9tZXRlcixhY2NlbGVyb21ldGVyLHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixjaHVhYXJjaCx4cnNwYXRpYWx0cmFja2luZyxpZGxlZGV0ZWN0aW9uLGNodWFwbGF0Zm9ybXZlcnNpb24sY2h3aWR0aCxjbGlwYm9hcmRyZWFkLGNodmlld3BvcnR3aWR0aCxwYXltZW50LGNodmlld3BvcnRoZWlnaHQsY2hydHQsYXV0b3BsYXksY3Jvc3NvcmlnaW5pc29sYXRlZCxoaWQsY2h1YWJpdG5lc3Msc2NyZWVud2FrZWxvY2ssY2xpcGJvYXJkd3JpdGUsY2hkZXZpY2VtZW1vcnksbWljcm9waG9uZSJdLFstNjcsIjI1MzIzMTI4ODg6MjAiXSxbImRkYiIsIjAsNywwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDEsMSw3LDAsMSwwLDEsMCwwLDAsMCwwLDAsMCwwLDEsMCw1LDAsMCwwLDAsMCwwLDIwIl0sWyJibmNoIiw3N10sWyJhYm5jaCIsNzddXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=upyuJxu6FD&pto=1072&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1701546580.sowmrCllyuATLony&suid=1.1701546580.xfrQVz82o9NidgxN&tuid=1.1701546580.cAIiA1qRQprgGTFd&fbc=-&gtm=W10%3D&it=21%2C423%2C557&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
Requested by: Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf5dfe9a1dc4cf92ae5fe09149470682fff1fb9a2f749c35691265fca15fe421

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Sat, 02 Dec 2023 19:49:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1511
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 193ms
59ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je3bt0v9138996702&_p=1701546579950&gcd=11l1l1l1l1&dma=0&cid=975811939.1701546581&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701546580&sct=1&seg=0&dl=https%3A%2F%2Fwindows-ad-blocker.com%2F%3Fextension%3Dadblock_ultimate%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dad-blocking24.net%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D3%26src%3D6621360%26cid%3Dfeb19usa2g63zdz3ab%26lpkey%3D177001af5416687e79%26uclick%3Dusa2g63zdz%26uclickhash%3Dusa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42&dt=Adblock%20Ultimate&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1222
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 19:49:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://windows-ad-blocker.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc_imp.gif
obseu.thatmonkeybites3.com/tracker/ 43 B
79 B 42ms
41ms Image
image/gif 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obseu.thatmonkeybites3.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aefc231ec42829d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a17896b2f17071a10acf9f29f674fd6d5db512d6d4af72c25508639da34c4523500249455005c300009c3ea6e1d77be26bb25cb43e2916af05265ae0e257b1bdf50eb42f497d7de6cbb2807ff7ecaa8556d8e0e3143714493d60366f760b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a49d8677a0dbde5eee489d513772aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7df9914666eb8af97c8e03aa4fb2811ac0499e992b926e34c09b26d13698d6ecf39df3f1477fe425b7bbfc215128ae9621cca648a11d0245971e509acf96c3cdfa8825d965d398fa8876e37d723394342a999bdc1320cafe74a710ec9e41c974a97d4c4655c50ba803cacca17cae807cd50cea80d184768d574b60f11a14587b1672caa064f044dac5ba22a89166f69c73d984a6fe7382b1ee546a7bd8bf1248dca14d5e0cf9f9bd34fd64c5b74abcb173f22df966cb2a8019d6a839c21d31a0ecc33069663340754e1e44ffec8f7a9140e44848452bf9b749df8e4b55aab589efee6dcba8a7ad84afa9f2011b76f816d4a0052ed8162c16d6645a716cf72af9731dc3edc76b8d35d02c9dee7f91e15ec2764a6271002b159f8ab0912a3e06c64116ce8b88f8e8c71646cfb2ea7b95852731c597516d6bae97da1c75fd3a8d1f9945fe3ed14691d54bf1f366ffdcded3c55a25b9b43e7e8627f3deb4a904807e6043179e695f42f3f60eccb34ad89398cb5dd195d421042530cc2fb717f847b88075847712334b3e616da30fd8d47117ec2dd2ade727c5dd1ed46679bd422479deec914a09fc6de7d0419c5e66510ee5647290a5c536d94b2ccdd460fd8688a1c43b8e4f5f3008e06b3704cee35005ef62a387953f85c1f11c416ee03632026fd21151e085f31b19937e72d1919b42cadda6d25a2abb2ca6046d5fd053257fd4cc19478bd2ffcbe1b413fd27a06ed739dc8e02c4edf8372aee8640c29da2afc5f3d6cd335e91e725559b378e179c5ee1e72ab4d2ccd571b184c9e5fa467b91e18be2519511d10604680069d4913e36dd60ee5bd08236b35477a5301cbd6cefc73a05c11b2f4f0c8ee8ca6ec0820a3073552dcededaba932d9213bea43220ded454696d0b613b60ea5deaaf2c1f80b5ccd7a0e3fff8aec53ae3eb8b182a7c4266732f6e5d945d2671acc2ecb5158c8d2815fdf23af8854a95d7839e8ee7db71fa079b05ab3ca5d4b0d0972c3798acd4ef383f463980eacba7665fff81436502b83bf3627b14e64ee870da1678c1084bce87a9adc88f82f28e7a8d19d4cc6095b6ecc77dfb92ed2c05cfd29935f362e39595116ed1af38bfc6796bff4659bb5405790630fdd878&cri=upyuJxu6FD&ts=222&cb=1701546580807
Requested by: Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://windows-ad-blocker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Sat, 02 Dec 2023 19:49:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK 4d07c844-ab6b-414f-8f1e-1d8aa816f2c2
https://windows-ad-blocker.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://windows-ad-blocker.com/4d07c844-ab6b-414f-8f1e-1d8aa816f2c2
Requested by: Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3ccf47357c024925b9d03cfe77fa0b4a16de4af007c38c7808f7aea06bc37cd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK 4943dcb2-d11f-44fa-a242-f967c2362422
https://windows-ad-blocker.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://windows-ad-blocker.com/4943dcb2-d11f-44fa-a242-f967c2362422
Requested by: Host: windows-ad-blocker.com
URL: https://windows-ad-blocker.com/?extension=adblock_ultimate&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10557&trafficsource=3&src=6621360&cid=feb19usa2g63zdz3ab&lpkey=177001af5416687e79&uclick=usa2g63zdz&uclickhash=usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1563f6ec98c86752600a7ab4d7ec12b2f366f56e61cadb6a3007185fd70f89e4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 529
Content-Type

POST
H2 200 mon Show response
obseu.thatmonkeybites3.com/ 0
152 B 71ms
70ms XHR
application/json 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.thatmonkeybites3.com/mon
Requested by: Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windows-ad-blocker.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://windows-ad-blocker.com
date: Sat, 02 Dec 2023 19:49:41 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obseu.thatmonkeybites3.com/ 0
39 B 71ms
70ms XHR
application/json 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.thatmonkeybites3.com/mon
Requested by: Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windows-ad-blocker.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://windows-ad-blocker.com
date: Sat, 02 Dec 2023 19:49:43 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hugleglo.com/	1970-01-21 01:24:42	Name: OAID Value: 91f5fcaa11894f5f83218cebd791d2d5
hugleglo.com/	1970-01-21 01:24:42	Name: oaidts Value: 1701546579
my.rtmark.net/	1970-01-21 01:24:42	Name: ID Value: 91f5fcaa11894f5f83218cebd791d2d5
ad-blocking24.net/	1970-01-20 16:40:32	Name: uclick Value: usa2g63zdz
ad-blocking24.net/	1970-01-20 16:40:32	Name: uclickhash Value: usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
.windows-ad-blocker.com/	1970-01-21 02:15:06	Name: extension Value: adblock_ultimate
.windows-ad-blocker.com/	1970-01-21 02:15:06	Name: promo Value: salmon
.windows-ad-blocker.com/	1970-01-21 02:15:06	Name: big Value: none
.windows-ad-blocker.com/	1970-01-21 02:15:06	Name: clk_domain Value: ad-blocking24.net
.windows-ad-blocker.com/	1970-01-21 02:15:06	Name: flow Value: binom
.windows-ad-blocker.com/	1970-01-21 02:15:06	Name: campaignId Value: 10557
.windows-ad-blocker.com/	1970-01-21 02:15:06	Name: trafficsource Value: 3
.windows-ad-blocker.com/	1970-01-21 02:15:06	Name: src Value: 6621360
.windows-ad-blocker.com/	1970-01-21 02:15:06	Name: cid Value: feb19usa2g63zdz3ab
.windows-ad-blocker.com/	1970-01-21 02:15:06	Name: lpkey Value: 177001af5416687e79
.windows-ad-blocker.com/	1970-01-21 02:15:06	Name: uclick Value: usa2g63zdz
.windows-ad-blocker.com/	1970-01-21 02:15:06	Name: uclickhash Value: usa2g63zdz-usa2g63zdz-8p6o-1zdz-h9yd-wf1m-wfd5-4aec42
.windows-ad-blocker.com/	1970-01-20 18:50:30	Name: _cq_duid Value: 1.1701546580.sowmrCllyuATLony
.windows-ad-blocker.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1701546580.xfrQVz82o9NidgxN
.windows-ad-blocker.com/	1970-01-21 02:15:06	Name: _ga_D9B6K7HFTW Value: GS1.1.1701546580.1.0.1701546580.0.0.0
.windows-ad-blocker.com/	1970-01-21 02:15:06	Name: _ga Value: GA1.1.975811939.1701546581
obseu.thatmonkeybites3.com/	1970-01-21 00:42:56	Name: cg_uuid Value: 6dfbf1ba9dbd125f3f557770354f5d5b

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	verbose	URL: blob:https://windows-ad-blocker.com/4d07c844-ab6b-414f-8f1e-1d8aa816f2c2(Line 1) Message: Error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-blocking24.net
euob.thatmonkeybites3.com
hugleglo.com
my.rtmark.net
obseu.thatmonkeybites3.com
region1.google-analytics.com
windows-ad-blocker.com
www.googletagmanager.com
139.45.195.8
139.45.197.239
2001:4860:4802:32::36
2600:9000:20ab:a400:12:b121:9c80:93a1
2606:4700:3034::ac43:9c45
2a00:1450:4001:81c::2008
2a05:d018:56f:b800:f42c:e894:1fb0:3740
2a06:98c1:3120::3
1563f6ec98c86752600a7ab4d7ec12b2f366f56e61cadb6a3007185fd70f89e4
3b0f0e0e17d0392b32388f3ac7a2ff8434608842c431ec5cafe58559608f8b99
495e059e9acd3b96f21595d59e6d8dab240a4c306828e88e15dfedd1411c90c5
5b3b7c9705ecbf8632f614da7fa876ed266ce03e7ee3dc21a2cb6c32bd64e0c2
6ec7ba9241e2e5d330b50f0ab0c61013e5f53f75879e7debc70bab50501d9138
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b78b743f668adfa0c2dad4df5f96e5db8d9740499540df1bd7a804b8a4db829
a3ccf47357c024925b9d03cfe77fa0b4a16de4af007c38c7808f7aea06bc37cd
a40498f2332ad081b1a5ad52455487c1db238fa9bb44275fd875ede527909814
a6a09e57f0c6c676e88d3ee2bec7cc52863854fc8029270852cfcbe5d55278a2
bb78d54ae56a50e8f444358105d2b5799afd2232dedce7c61f3f7f84fa728a3f
cb8f13c3efd897cfa71a51732762b2ba618d70a42a79917ae58847375cc777a9
cf5dfe9a1dc4cf92ae5fe09149470682fff1fb9a2f749c35691265fca15fe421
d398e8a599f1d6b3b657537767ea2804356654be3c2674601e790c20c0845bcc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a246b4b23ed6114b6365eeb947dd73cbba9fa4951e2cab40646e0e6d361074
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7
fd8fa885d9ac133c0c90b58a115c8326ef195c3be77dee97098c6cd4fc807f42

windows-ad-blocker.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

92 %HTTPS

75 %IPv6

7 Domains

8 Subdomains

9 IPs

4 Countries

318 kBTransfer

859 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

22 Cookies

1 Console Messages

windows-ad-blocker.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

92 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

4
Countries

318 kB
Transfer

859 kB
Size

22
Cookies

26 HTTP transactions
0 data transactions