public.php is what is known as a or a "tracking beacon." Here is the paradox: AdGuard blocks trackers, but to block them effectively, they need to know what trackers look like.
If you are an avid user of network-wide ad blockers like AdGuard Home or Pi-hole , or if you have been analyzing your router’s DNS query logs, you may have stumbled upon a strange, semi-gibberish domain: tb.rg.adguard.net followed by a script path /public.php . tb.rg adguard.net public.php
At first glance, this string looks suspicious. Is it a typo? A phishing link? A piece of malware phoning home? The short answer is . It is not malware. In fact, it is a sign that your ad blocker is working exactly as intended. public
A poorly coded website detects that its primary tracker is blocked. It then tries to send data to a fallback tracker. That fallback tracker is also blocked, so it sends to a third. Eventually, the script attempts to send data to AdGuard's endpoints at tb.rg out of desperation. Is it a typo