Tb.rg Adguard.net Public.php ^new^ (Chrome SIMPLE)

If you are an avid user of network-wide ad blockers like AdGuard Home or Pi-hole , or if you have been analyzing your router’s DNS query logs, you may have stumbled upon a strange, semi-gibberish domain: tb.rg.adguard.net followed by a script path /public.php .

public.php is what is known as a or a "tracking beacon." Here is the paradox: AdGuard blocks trackers, but to block them effectively, they need to know what trackers look like. tb.rg adguard.net public.php

A poorly coded website detects that its primary tracker is blocked. It then tries to send data to a fallback tracker. That fallback tracker is also blocked, so it sends to a third. Eventually, the script attempts to send data to AdGuard's endpoints at tb.rg out of desperation. If you are an avid user of network-wide

This URL is a diagnostic tool, a telemetry endpoint, and a failsafe mechanism rolled into one. It represents the ongoing war between privacy tools and data collectors. AdGuard uses this domain to ensure that when a tracker is blocked, your browser doesn't freeze, and AdGuard's developers can improve their software. It then tries to send data to a fallback tracker

At first glance, this string looks suspicious. Is it a typo? A phishing link? A piece of malware phoning home? The short answer is . It is not malware. In fact, it is a sign that your ad blocker is working exactly as intended.