urlscan.io logo urlscan.io
SecurityTrails logo

greenorbitly.com Open in urlscan Pro
2606:4700:3032::ac43:a45e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s.viiqoyqt.com/h/1312/m3busqperz7fvk5n3kyhk46vw3flnaotzz3uueccobafqmdvezctzmwozxhhcbjm2bl6qsg3klx42uhuk2m4e562g...
Effective URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom...
Submission: On February 29 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3032::ac43:a45e, located in United States and belongs to CLOUDFLARENET, US. The main domain is greenorbitly.com. The Cisco Umbrella rank of the primary domain is 421921.
TLS certificate: Issued by GTS CA 1P5 on February 17th 2024. Valid for: 3 months.
This is the only time greenorbitly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 31.220.27.135 39572 (ADVANCEDH...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 52.58.28.63 16509 (AMAZON-02)
15 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
20 5
2    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.viiqoyqt.com
1    2606:4700:3034::ac43:d702 (United States)

ASN13335 (CLOUDFLARENET, US)
pixel-eu.rtbix.xyz
1    52.58.28.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com
continue-blocking-ads.xyz
15    2606:4700:3032::ac43:a45e (United States)

ASN13335 (CLOUDFLARENET, US)
greenorbitly.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
15 greenorbitly.com
greenorbitly.com — Cisco Umbrella Rank: 421921
293 KB
2 viiqoyqt.com
s.viiqoyqt.com — Cisco Umbrella Rank: 26887
21 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2124
254 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
85 KB
1 continue-blocking-ads.xyz
continue-blocking-ads.xyz
456 B
1 rtbix.xyz
pixel-eu.rtbix.xyz — Cisco Umbrella Rank: 177513
881 B
20 6
Domain Requested by
15 greenorbitly.com greenorbitly.com
2 s.viiqoyqt.com s.viiqoyqt.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com greenorbitly.com
1 continue-blocking-ads.xyz 1 redirects greenorbitly.com
1 pixel-eu.rtbix.xyz 1 redirects
20 6

This site contains no links.

Subject Issuer Validity Valid
viiqoyqt.com
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh
greenorbitly.com
GTS CA 1P5		 2024-02-17 -
2024-05-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Frame ID: 02CF06A732114AFB534C2803F5CF6931
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

YTube AdSkipper

Page URL History Show full URLs

  1. https://s.viiqoyqt.com/h/1312/m3busqperz7fvk5n3kyhk46vw3flnaotzz3uueccobafqmdvezctzmwozxhhcbjm2bl6q... Page URL
  2. https://pixel-eu.rtbix.xyz/i?ee=N9LIDM4oQ6lWgxUDcTAcjcb-t7WI2GY4gk9pzmb1Ofq61Wu-NyGrh1VLvgRbT6yC2S3Yf6h... HTTP 301
    https://continue-blocking-ads.xyz/click?key=63c16cbce40d15ba137a&visitor_id=FxECclBDW0difFggWEV3U14ESGEUTUhPbG... HTTP 307
    https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blockin... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

95 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

399 kB
Transfer

1065 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s.viiqoyqt.com/h/1312/m3busqperz7fvk5n3kyhk46vw3flnaotzz3uueccobafqmdvezctzmwozxhhcbjm2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfd5alwm6retl5k62rk3snsu65vnm3qrsaini4mq6xy7nlpyzxmxdpzqkezfnnxvfe5e4krszhv73sviescnurqlk7xu6jmyvijm3srxnfwbd3pjdefl245r5jl4tvcrsvufmlw4xrkh435qjzufy7en6rncstio22utugw67rhvmzv4jt2yvcc6fyybn7w3v7pe5cql5yvy2lzpvkemwd7pntx442amybxw3lumzzuoqkrapbhm6myotu5xz5lk6mu2546nkoufnkduz4lkpvkkcwv7yt3sbvnu6vfoofhisozi56let2l7f5zktsa3zguby2wg7wv3u6cwdaxm4d3plu6z6dtlkr2kqcijjuutx3myxqv76cdvljt5jkzzp7ev4lxxu27u4fuvd62tffzsox3isfeov34ctdptvapzeodoguen3oqwgc7bkx37ncp2423jumvmsqfincuicdtfyyhc4ccpyas43zcpj3uaeybd5fuasdhluvqwiannavc6uatbewhsrw3zpfpf3ebslq5qqsz6xgm5etufcp2hmexxcj27nfwmax63jfj5resfhett2vv6zt3jpuxs6awdidayickmvasuazdhmta2gycheltkpi5carvkkyhovtxgqkekyobchivn5akg2lonzqktthf3bvxa7k6jfnpz6r7nwa4ix3otmaotckhwcvbqs3txnhjchhwe4imqlh2kduxegtjhieqktauimvwkbdcgjzhfywjzf2q====?u=https%3A%2F%2Fpixel-eu.rtbix.xyz%2Fi%3Fee%3DN9LIDM4oQ6lWgxUDcTAcjcb-t7WI2GY4gk9pzmb1Ofq61Wu-NyGrh1VLvgRbT6yC2S3Yf6h5rXMJRgCyaKeFY49CrMQAB-97WbXtTAIcoNU2GrAamjfct9d45nOi22xb74KYbr0T5qKN0pXduDdPbQjRLGBa-gyvsxqswjEzpdzyRwCkhsJjRu3tIUE7p-CAatGjXpYHCTMvAnG9ZEGGaCEa2vk7VqdKE2dQJj22XacWEIDJhvl-q5mg7EkJ5I5-3E01T5xwkUkEGChqXq8C9SGbQcdAZt5OEH0wfsVStWE Page URL
  2. https://pixel-eu.rtbix.xyz/i?ee=N9LIDM4oQ6lWgxUDcTAcjcb-t7WI2GY4gk9pzmb1Ofq61Wu-NyGrh1VLvgRbT6yC2S3Yf6h5rXMJRgCyaKeFY49CrMQAB-97WbXtTAIcoNU2GrAamjfct9d45nOi22xb74KYbr0T5qKN0pXduDdPbQjRLGBa-gyvsxqswjEzpdzyRwCkhsJjRu3tIUE7p-CAatGjXpYHCTMvAnG9ZEGGaCEa2vk7VqdKE2dQJj22XacWEIDJhvl-q5mg7EkJ5I5-3E01T5xwkUkEGChqXq8C9SGbQcdAZt5OEH0wfsVStWE HTTP 301
    https://continue-blocking-ads.xyz/click?key=63c16cbce40d15ba137a&visitor_id=FxECclBDW0difFggWEV3U14ESGEUTUhPbGFWZAxSb1tOAlBzQUxeTGxhTXBTVn5XXx0PIhYYB1s7NQ5kRkUrV04JRnJGSVlAYWlDd11RdFBfBVdhXlsMQndqSHRcUWFDCgtGeUVIWE15chx_SF15TU5VVXNQQ0hDbGQfc1Nfe0xeAgFxX00PF2B9Q3JdA2AECAAGJUUcWxRhZU5kRkUrUF0RXnFeWwxEZ3JAdUZFK1BfEV5yQlVIE2RkWHxeS28HXQZGeUZJU1l3NktwSF1_UlsfRiVDTkhPYmdDakgBfFhOCVVwS1VIE2diWHxZGg&zoneid=1403549917691363&campaignid=2266&CreativeID=7128&siteid=1403549917691363.kadam.net&domain=1403549917691363.kadam.net&keywords=&placement_id=1403549917691363&banner_id=7128 HTTP 307
    https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
m3busqperz7fvk5n3kyhk46vw3flnaotzz3uueccobafqmdvezctzmwozxhhcbjm2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfd5alwm6retl5k62rk3snsu65vnm3qrsaini4mq6xy7nlpyzxmxdpzqkezfnnxvfe5e4krszhv73sviescnurqlk7xu...
s.viiqoyqt.com/h/1312/ 		51 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.viiqoyqt.com/h/1312/m3busqperz7fvk5n3kyhk46vw3flnaotzz3uueccobafqmdvezctzmwozxhhcbjm2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfd5alwm6retl5k62rk3snsu65vnm3qrsaini4mq6xy7nlpyzxmxdpzqkezfnnxvfe5e4krszhv73sviescnurqlk7xu6jmyvijm3srxnfwbd3pjdefl245r5jl4tvcrsvufmlw4xrkh435qjzufy7en6rncstio22utugw67rhvmzv4jt2yvcc6fyybn7w3v7pe5cql5yvy2lzpvkemwd7pntx442amybxw3lumzzuoqkrapbhm6myotu5xz5lk6mu2546nkoufnkduz4lkpvkkcwv7yt3sbvnu6vfoofhisozi56let2l7f5zktsa3zguby2wg7wv3u6cwdaxm4d3plu6z6dtlkr2kqcijjuutx3myxqv76cdvljt5jkzzp7ev4lxxu27u4fuvd62tffzsox3isfeov34ctdptvapzeodoguen3oqwgc7bkx37ncp2423jumvmsqfincuicdtfyyhc4ccpyas43zcpj3uaeybd5fuasdhluvqwiannavc6uatbewhsrw3zpfpf3ebslq5qqsz6xgm5etufcp2hmexxcj27nfwmax63jfj5resfhett2vv6zt3jpuxs6awdidayickmvasuazdhmta2gycheltkpi5carvkkyhovtxgqkekyobchivn5akg2lonzqktthf3bvxa7k6jfnpz6r7nwa4ix3otmaotckhwcvbqs3txnhjchhwe4imqlh2kduxegtjhieqktauimvwkbdcgjzhfywjzf2q====?u=https%3A%2F%2Fpixel-eu.rtbix.xyz%2Fi%3Fee%3DN9LIDM4oQ6lWgxUDcTAcjcb-t7WI2GY4gk9pzmb1Ofq61Wu-NyGrh1VLvgRbT6yC2S3Yf6h5rXMJRgCyaKeFY49CrMQAB-97WbXtTAIcoNU2GrAamjfct9d45nOi22xb74KYbr0T5qKN0pXduDdPbQjRLGBa-gyvsxqswjEzpdzyRwCkhsJjRu3tIUE7p-CAatGjXpYHCTMvAnG9ZEGGaCEa2vk7VqdKE2dQJj22XacWEIDJhvl-q5mg7EkJ5I5-3E01T5xwkUkEGChqXq8C9SGbQcdAZt5OEH0wfsVStWE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.135 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
15cce7291e51d067e5b2f075aae7b8a22b2f8a619aa779acf99015fc9deb925c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Width, Viewport-Width, DPR, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
cache-control
no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 29 Feb 2024 22:23:01 GMT
server
nginx/1.23.2
vary
Accept-Encoding
index
s.viiqoyqt.com/cnt/api/ 		0
223 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s.viiqoyqt.com/cnt/api/index
Requested by
Host: s.viiqoyqt.com
URL: https://s.viiqoyqt.com/h/1312/m3busqperz7fvk5n3kyhk46vw3flnaotzz3uueccobafqmdvezctzmwozxhhcbjm2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfd5alwm6retl5k62rk3snsu65vnm3qrsaini4mq6xy7nlpyzxmxdpzqkezfnnxvfe5e4krszhv73sviescnurqlk7xu6jmyvijm3srxnfwbd3pjdefl245r5jl4tvcrsvufmlw4xrkh435qjzufy7en6rncstio22utugw67rhvmzv4jt2yvcc6fyybn7w3v7pe5cql5yvy2lzpvkemwd7pntx442amybxw3lumzzuoqkrapbhm6myotu5xz5lk6mu2546nkoufnkduz4lkpvkkcwv7yt3sbvnu6vfoofhisozi56let2l7f5zktsa3zguby2wg7wv3u6cwdaxm4d3plu6z6dtlkr2kqcijjuutx3myxqv76cdvljt5jkzzp7ev4lxxu27u4fuvd62tffzsox3isfeov34ctdptvapzeodoguen3oqwgc7bkx37ncp2423jumvmsqfincuicdtfyyhc4ccpyas43zcpj3uaeybd5fuasdhluvqwiannavc6uatbewhsrw3zpfpf3ebslq5qqsz6xgm5etufcp2hmexxcj27nfwmax63jfj5resfhett2vv6zt3jpuxs6awdidayickmvasuazdhmta2gycheltkpi5carvkkyhovtxgqkekyobchivn5akg2lonzqktthf3bvxa7k6jfnpz6r7nwa4ix3otmaotckhwcvbqs3txnhjchhwe4imqlh2kduxegtjhieqktauimvwkbdcgjzhfywjzf2q====?u=https%3A%2F%2Fpixel-eu.rtbix.xyz%2Fi%3Fee%3DN9LIDM4oQ6lWgxUDcTAcjcb-t7WI2GY4gk9pzmb1Ofq61Wu-NyGrh1VLvgRbT6yC2S3Yf6h5rXMJRgCyaKeFY49CrMQAB-97WbXtTAIcoNU2GrAamjfct9d45nOi22xb74KYbr0T5qKN0pXduDdPbQjRLGBa-gyvsxqswjEzpdzyRwCkhsJjRu3tIUE7p-CAatGjXpYHCTMvAnG9ZEGGaCEa2vk7VqdKE2dQJj22XacWEIDJhvl-q5mg7EkJ5I5-3E01T5xwkUkEGChqXq8C9SGbQcdAZt5OEH0wfsVStWE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.135 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash

Request headers

device-memory
8
Referer
https://s.viiqoyqt.com/h/1312/m3busqperz7fvk5n3kyhk46vw3flnaotzz3uueccobafqmdvezctzmwozxhhcbjm2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfd5alwm6retl5k62rk3snsu65vnm3qrsaini4mq6xy7nlpyzxmxdpzqkezfnnxvfe5e4krszhv73sviescnurqlk7xu6jmyvijm3srxnfwbd3pjdefl245r5jl4tvcrsvufmlw4xrkh435qjzufy7en6rncstio22utugw67rhvmzv4jt2yvcc6fyybn7w3v7pe5cql5yvy2lzpvkemwd7pntx442amybxw3lumzzuoqkrapbhm6myotu5xz5lk6mu2546nkoufnkduz4lkpvkkcwv7yt3sbvnu6vfoofhisozi56let2l7f5zktsa3zguby2wg7wv3u6cwdaxm4d3plu6z6dtlkr2kqcijjuutx3myxqv76cdvljt5jkzzp7ev4lxxu27u4fuvd62tffzsox3isfeov34ctdptvapzeodoguen3oqwgc7bkx37ncp2423jumvmsqfincuicdtfyyhc4ccpyas43zcpj3uaeybd5fuasdhluvqwiannavc6uatbewhsrw3zpfpf3ebslq5qqsz6xgm5etufcp2hmexxcj27nfwmax63jfj5resfhett2vv6zt3jpuxs6awdidayickmvasuazdhmta2gycheltkpi5carvkkyhovtxgqkekyobchivn5akg2lonzqktthf3bvxa7k6jfnpz6r7nwa4ix3otmaotckhwcvbqs3txnhjchhwe4imqlh2kduxegtjhieqktauimvwkbdcgjzhfywjzf2q====?u=https%3A%2F%2Fpixel-eu.rtbix.xyz%2Fi%3Fee%3DN9LIDM4oQ6lWgxUDcTAcjcb-t7WI2GY4gk9pzmb1Ofq61Wu-NyGrh1VLvgRbT6yC2S3Yf6h5rXMJRgCyaKeFY49CrMQAB-97WbXtTAIcoNU2GrAamjfct9d45nOi22xb74KYbr0T5qKN0pXduDdPbQjRLGBa-gyvsxqswjEzpdzyRwCkhsJjRu3tIUE7p-CAatGjXpYHCTMvAnG9ZEGGaCEa2vk7VqdKE2dQJj22XacWEIDJhvl-q5mg7EkJ5I5-3E01T5xwkUkEGChqXq8C9SGbQcdAZt5OEH0wfsVStWE
dpr
1
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
viewport-width
1600
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
server
nginx/1.23.2
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://s.viiqoyqt.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type
content-length
0
Primary Request /
greenorbitly.com/
Redirect Chain
  • https://pixel-eu.rtbix.xyz/i?ee=N9LIDM4oQ6lWgxUDcTAcjcb-t7WI2GY4gk9pzmb1Ofq61Wu-NyGrh1VLvgRbT6yC2S3Yf6h5rXMJRgCyaKeFY49CrMQAB-97WbXtTAIcoNU2GrAamjfct9d45nOi22xb74KYbr0T5qKN0pXduDdPbQjRLGBa-gyvsxqsw...
  • https://continue-blocking-ads.xyz/click?key=63c16cbce40d15ba137a&visitor_id=FxECclBDW0difFggWEV3U14ESGEUTUhPbGFWZAxSb1tOAlBzQUxeTGxhTXBTVn5XXx0PIhYYB1s7NQ5kRkUrV04JRnJGSVlAYWlDd11RdFBfBVdhXlsMQndqS...
  • https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
f4e59fa1d8c0577cb11717041dedf494a81801f312622c3bd3d0914d51a12808
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://s.viiqoyqt.com/h/1312/m3busqperz7fvk5n3kyhk46vw3flnaotzz3uueccobafqmdvezctzmwozxhhcbjm2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfd5alwm6retl5k62rk3snsu65vnm3qrsaini4mq6xy7nlpyzxmxdpzqkezfnnxvfe5e4krszhv73sviescnurqlk7xu6jmyvijm3srxnfwbd3pjdefl245r5jl4tvcrsvufmlw4xrkh435qjzufy7en6rncstio22utugw67rhvmzv4jt2yvcc6fyybn7w3v7pe5cql5yvy2lzpvkemwd7pntx442amybxw3lumzzuoqkrapbhm6myotu5xz5lk6mu2546nkoufnkduz4lkpvkkcwv7yt3sbvnu6vfoofhisozi56let2l7f5zktsa3zguby2wg7wv3u6cwdaxm4d3plu6z6dtlkr2kqcijjuutx3myxqv76cdvljt5jkzzp7ev4lxxu27u4fuvd62tffzsox3isfeov34ctdptvapzeodoguen3oqwgc7bkx37ncp2423jumvmsqfincuicdtfyyhc4ccpyas43zcpj3uaeybd5fuasdhluvqwiannavc6uatbewhsrw3zpfpf3ebslq5qqsz6xgm5etufcp2hmexxcj27nfwmax63jfj5resfhett2vv6zt3jpuxs6awdidayickmvasuazdhmta2gycheltkpi5carvkkyhovtxgqkekyobchivn5akg2lonzqktthf3bvxa7k6jfnpz6r7nwa4ix3otmaotckhwcvbqs3txnhjchhwe4imqlh2kduxegtjhieqktauimvwkbdcgjzhfywjzf2q====?u=https%3A%2F%2Fpixel-eu.rtbix.xyz%2Fi%3Fee%3DN9LIDM4oQ6lWgxUDcTAcjcb-t7WI2GY4gk9pzmb1Ofq61Wu-NyGrh1VLvgRbT6yC2S3Yf6h5rXMJRgCyaKeFY49CrMQAB-97WbXtTAIcoNU2GrAamjfct9d45nOi22xb74KYbr0T5qKN0pXduDdPbQjRLGBa-gyvsxqswjEzpdzyRwCkhsJjRu3tIUE7p-CAatGjXpYHCTMvAnG9ZEGGaCEa2vk7VqdKE2dQJj22XacWEIDJhvl-q5mg7EkJ5I5-3E01T5xwkUkEGChqXq8C9SGbQcdAZt5OEH0wfsVStWE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
85d44f31ff2db8c0-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 29 Feb 2024 22:23:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnn%2B9znDi49P8RG%2FjuoegSrRh41ivBuz1WiuC9Y2%2FTS2XwXvcwiCEcRe75Aop6egcCGzdt2dCxfmV8d6ixByYVN1tnwearIkXCcy0zcYZGGreSnbhPObPMGvkBsHqFVd%2FnFtahfFzH69AwStDF55"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Next.js

Redirect headers

content-length
0
date
Thu, 29 Feb 2024 22:23:01 GMT
location
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
server
Caddy
x-request-id
d46cdc86-f636-430d-aa34-28ea6869cb51
js
www.googletagmanager.com/gtag/ 		242 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e096fe3967f7b94d0ec43bbc49cc7a3d41c8a72a53420e724984e1a78fe56df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86737
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 29 Feb 2024 22:23:01 GMT
6aae6835ff9f0d05.css
greenorbitly.com/_next/static/css/ 		52 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/css/6aae6835ff9f0d05.css
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36220a2261088abab66cbbb670ac92fddd579245c29c01ba42adbcd875464ebc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84757
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Feb 2024 22:49:08 GMT
server
cloudflare
etag
W/"d111-18df1e84732"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W84QxreKodlED9wLtpDn4u7lIG9SC%2B9BCQCl%2BA5znswHb3OvGrj5qUeYVq2gWBi977XgF7njmLGtT48rylTtIQQtq%2F8b0U4%2FuKoCCj9NW1sW%2Fy2DidL%2BvK5qC%2Bk4V1UvADtEWZZTSBDDlS8gf2p9"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
85d44f33389bb8c0-AMS
d050f0d44e063d14.css
greenorbitly.com/_next/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/css/d050f0d44e063d14.css
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee38a9bbc713511033fe3c71c22cd4bdd59c683806825c153859fcdac3d162d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84757
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Feb 2024 22:49:08 GMT
server
cloudflare
etag
W/"cdc-18df1e84732"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJXIv3KuEtnNkAw2q9p6BcqQE06gGXwPycJPt8gORmLVWycDplox3XXVK3Bon4xWq7Ql%2B7mEmRDpsQAd96%2BfwXjZ5Vdm0B5mlqvMlvz4QqDLtw%2FteYETP6wZTJ4npcYq3P%2BTqKKlttbeUZIk6tP7"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
85d44f33389db8c0-AMS
928-832d5a5fe41a42b7.js
greenorbitly.com/_next/static/chunks/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/928-832d5a5fe41a42b7.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b4b8c2673e415b84baa9cf62a8900864fd65ff60493cc6853284dce9321ae8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84757
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Feb 2024 22:49:08 GMT
server
cloudflare
etag
W/"1883e-18df1e84736"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQWbo1e2WJSRWk5xbCPv%2BArhxHpE7NTcZZFiRuT2wKKfVrEK7NP2ja9C7%2FcqdGKYCjP3zpB%2F3ru33MxNUTVYuiSPqpiqhfk8PBwZz6ZIQpinakUMf64DNsk2SgcIFVxvQV1YBpo8dDzt08Hrl3pp"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
85d44f33389eb8c0-AMS
166.a1572963a5a7ac8f.js
greenorbitly.com/_next/static/chunks/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/166.a1572963a5a7ac8f.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
049cb98d133b99a75da84e53e0e4a672d9eb369b828eeaa14845f130d3653b55
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84755
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Feb 2024 22:49:08 GMT
server
cloudflare
etag
W/"3ea8-18df1e84736"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkWmZmcKbfcP9aRWHEw7qa3TwmcSzVmk3OIFGel93UHpjA5BsWvXopZ3FRvTlKzLjnA7z6RCv81hz91wjGvt6%2B%2Bstaqjt6Q4RSuSRrcd7TlM50uxc1xMdFRE9vIbhjL8hn%2B2PqR%2Flwtnhn8bWt55"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
85d44f33389fb8c0-AMS
2.80c183e7ec7499c3.js
greenorbitly.com/_next/static/chunks/ 		92 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/2.80c183e7ec7499c3.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed128b4a5d3831d32152770519633743ed977cb64a117d3216c4b0a3f8ded26b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84754
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Feb 2024 22:49:08 GMT
server
cloudflare
etag
W/"16fa1-18df1e84736"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ju0G0baXwVLqugqP9xEQPx8N1TabfipJT3hg%2B5l1xaTWths9oZznNSNvOSVEgZ6cqPysImRkGfWTCgfo7CteXZhx5JlVS61zcd4bVcgfNhBjD0UgqD2WJlJosWMXQFB9j%2FQ3OXvlXxQVK9n3QlU"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
85d44f3338a2b8c0-AMS
webpack-39475cbfdeb410d9.js
greenorbitly.com/_next/static/chunks/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/webpack-39475cbfdeb410d9.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f72506cc45b5f5322d004f8289b403435d4802e948c11eafd3eb99c6c69bf6e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84753
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Feb 2024 22:49:08 GMT
server
cloudflare
etag
W/"2455-18df1e84736"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OfpJ%2F7BOx7CivUEH%2FNwyGWOnh3a0cJOrHbvXheU9I3tudgjr1l7vkDoniGwWm%2FLktzo3ZdA3yt7m%2FoME7Km9wKxSAI9cF8u56wxqE5NTxBFcYWHO35FN52uv9uYp5vFdOF5gNmN3v68Zv6nO03R"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
85d44f3338a4b8c0-AMS
framework-93db8678ecc2e93f.js
greenorbitly.com/_next/static/chunks/ 		240 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/framework-93db8678ecc2e93f.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eccf78b356675f020c22041837c867b733abbf607748b8c9dcd66fd86a6007d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84705
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Feb 2024 22:49:08 GMT
server
cloudflare
etag
W/"3beb8-18df1e84732"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcekUSAagLg%2B7CN4xmfB6Hi0rHIjGmLrMuL1oBIiPhYGYRbupDJeYAWDAx7q7pOVLOEdzLIWYGtsmclHznh6j8w49wgkktBQWtCqubTly12q3wslEZg9SIk3m5xn0rrCGHaHC8NHue5zQEJGtkDw"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
85d44f3338a5b8c0-AMS
main-96ac34194d3ff31b.js
greenorbitly.com/_next/static/chunks/ 		137 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/main-96ac34194d3ff31b.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30c3c652c4510b174583cdc85a60767f719b1bb68c8036d105138667d7685a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84705
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Feb 2024 22:49:08 GMT
server
cloudflare
etag
W/"22500-18df1e84732"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xSCurGxp4YT3w%2BmxlhXGF5xBK%2FD0Rl%2B6dpjm9ZEY3IdnyMidvfTVaunaPI1OMVolVpvk3UxIEyYny8c9rd0J8CMtAXoHtCBth%2BsxdHst06TdBLrLYVQHJFNov0JuN3sC1dENUmwDOSkz4vFo1uB"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
85d44f3338a6b8c0-AMS
_app-05c1fb3326506e5b.js
greenorbitly.com/_next/static/chunks/pages/ 		77 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/pages/_app-05c1fb3326506e5b.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87c7229e50e5c91bf598918311998b6cadaaffa306ac788594250a1cc56a1cf4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257596
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 26 Feb 2024 22:48:34 GMT
server
cloudflare
etag
W/"13543-18de79b0b81"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0rigENgwo8RwGnO1u0GJQBG%2BRqtfz8yhjy71cExrf2Br%2BbcW9MgIRCoDP%2FqIVpVimN8Om4jBYXdh8bHLaZuCly0cvG1Ugzr%2BetBO5AzCR6hOS8NaahNjsF507CYgumjRAkdStiBBJSD3mjmuWI8"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
85d44f3338a8b8c0-AMS
index-7b949a776e468ba7.js
greenorbitly.com/_next/static/chunks/pages/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/pages/index-7b949a776e468ba7.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
907c0fe891c850b16da4436d24c4f4dda3834ad6ffb09b311273b7e866ef607b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84705
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Feb 2024 22:49:08 GMT
server
cloudflare
etag
W/"4856-18df1e84736"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSrGRxZ4oZ2PDSjL%2FfjR%2BC%2FnSHGLhkiI4ov%2BBVMpxnpcLxPSTzdy8KqMErZlhzuDN8CsrQq7ecOddK1Rhvye4hDXrs%2BSsIlvNOl5zYph%2FAxw1mavnGXKfucFUIfQDX1mB5c0eqzt8wjLKaBzO%2BVK"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
85d44f3338a9b8c0-AMS
_buildManifest.js
greenorbitly.com/_next/static/yiZ0wYy063t9sQ9_nC-3_/ 		997 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/yiZ0wYy063t9sQ9_nC-3_/_buildManifest.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7189c1c66fa205740ef67decd0982f9cb38f381bdc7ed292ad87a0908c293ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84705
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Feb 2024 22:49:08 GMT
server
cloudflare
etag
W/"3e5-18df1e84732"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJTwhB%2FSakLOdMPB0j6yiDBqkWg5h7X%2B6zG9Up%2F21ctpZabzrw4vl4Da0uOZ2UY8TLJIR9u0cuPP3T9h9es5%2BPRMIdqlG7%2FNJbMHxBuFIi8BhX4%2BpmEyH25wvQHuOHj57kqH34QILF3cHBAvd%2FHa"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
85d44f3358ceb8c0-AMS
_ssgManifest.js
greenorbitly.com/_next/static/yiZ0wYy063t9sQ9_nC-3_/ 		77 B
352 B 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/yiZ0wYy063t9sQ9_nC-3_/_ssgManifest.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84705
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Feb 2024 22:49:08 GMT
server
cloudflare
etag
W/"4d-18df1e84732"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWolHK3jgGPwoDjWMgSfRqFa3ZMKthuB9mNJYobtxrL8SwzTKl8QG39%2FPA745c8ybyfYrXvfqS1WLxQsfQmF7%2F6qOehUN1%2BRB5tZFW0Am6CSBPjvwI9oRN9tEp4MEjfVjjxKdJt4fiaUmaYE4W8x"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
85d44f3358cfb8c0-AMS
icon.svg
greenorbitly.com/images/promo-images/salmon/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://greenorbitly.com/images/promo-images/salmon/icon.svg
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/_next/static/css/d050f0d44e063d14.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/_next/static/css/d050f0d44e063d14.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Feb 2024 22:48:52 GMT
server
cloudflare
etag
W/"c75-18df1e80b02"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poopkSbVLq5NeXHCpd0Q%2FVxy2GVeFjBZb0FhRdtqKDENjhA8k2%2FVHYU0Y%2BsRc7jtO4mOsIXgCwDKAi5DG%2BRagOhp%2BbknF0GMpFVrJ0iQQMOj7ULDBXToo5vLaXeZvC7Nu%2F4%2B8b3BeilR8Tv0NFA2"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
85d44f33a9e86ee1-CDG
available-in-chrome.svg
greenorbitly.com/images/browser-icons/ 		21 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://greenorbitly.com/images/browser-icons/available-in-chrome.svg
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/_next/static/css/6aae6835ff9f0d05.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/_next/static/css/6aae6835ff9f0d05.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:23:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Feb 2024 22:48:52 GMT
server
cloudflare
etag
W/"5287-18df1e80ade"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mse1Q%2Byzt%2FdDMOVFJEir7U1jKPvEa6wdIVs3v5Sa3t7AeZ87QkxRfwmbPFTvtM5ktO4zgD4X08HPAMIpYyk5%2BTRHUyStIJNyep2FmggvMsuQMBGR9hzQ361Mh6IVGwRN0E%2B3UfFGZ0CaqVdphqHZ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
85d44f33a9e96ee1-CDG
click
continue-blocking-ads.xyz/ 		0
0
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je42q1v9138996702za200&_p=1709245381621&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1560326187.1709245382&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709245381&sct=1&seg=0&dl=https%3A%2F%2Fgreenorbitly.com%2F%3Fextension%3Dytube_adskipper%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dcontinue-blocking-ads.xyz%26flow%3Dbinom%26campaignId%3D30023%26trafficsource%3D60%26src%3D1403549917691363%26cid%3Dcngg7hb2r96s739f6g90%26lpkey%3D1709236ece109886dcc5be034dccc92f717a045681%26isV2%3Dtrue&dr=https%3A%2F%2Fs.viiqoyqt.com%2F&dt=YTube%20AdSkipper&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=623
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://greenorbitly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 22:23:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://greenorbitly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
continue-blocking-ads.xyz
URL
https://continue-blocking-ads.xyz/click?upd_clickid=cngg7hb2r96s739f6g90&add_event6=1

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| a38b function| a38a object| webpackChunk_N_E function| a14b function| a14a function| a37b function| a37a function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| a1b function| a1a function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_tag_manager object| google_tag_data object| gaGlobal

16 Cookies

Domain/Path Name / Value
continue-blocking-ads.xyz/ Name: uclick
Value: y7SPnFYOPdo1hOaib2CYsqC+OZ+rWiESg9ShFzq4ewwtlG+k6YOd26fnZxxa1k7fPbYkuGU=
continue-blocking-ads.xyz/ Name: bcid
Value: cngg7hb2r96s739f6g90
continue-blocking-ads.xyz/ Name: cid
Value: cngg7hb2r96s739f6g90
.greenorbitly.com/ Name: extension
Value: ytube_adskipper
.greenorbitly.com/ Name: promo
Value: salmon
.greenorbitly.com/ Name: big
Value: none
.greenorbitly.com/ Name: clk_domain
Value: continue-blocking-ads.xyz
.greenorbitly.com/ Name: flow
Value: binom
.greenorbitly.com/ Name: campaignId
Value: 30023
.greenorbitly.com/ Name: trafficsource
Value: 60
.greenorbitly.com/ Name: src
Value: 1403549917691363
.greenorbitly.com/ Name: cid
Value: cngg7hb2r96s739f6g90
.greenorbitly.com/ Name: lpkey
Value: 1709236ece109886dcc5be034dccc92f717a045681
.greenorbitly.com/ Name: isV2
Value: true
.greenorbitly.com/ Name: _ga_D9B6K7HFTW
Value: GS1.1.1709245381.1.0.1709245381.0.0.0
.greenorbitly.com/ Name: _ga
Value: GA1.1.1560326187.1709245382

3 Console Messages

Source Level URL
Text
security warning URL: https://s.viiqoyqt.com/h/1312/m3busqperz7fvk5n3kyhk46vw3flnaotzz3uueccobafqmdvezctzmwozxhhcbjm2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfd5alwm6retl5k62rk3snsu65vnm3qrsaini4mq6xy7nlpyzxmxdpzqkezfnnxvfe5e4krszhv73sviescnurqlk7xu6jmyvijm3srxnfwbd3pjdefl245r5jl4tvcrsvufmlw4xrkh435qjzufy7en6rncstio22utugw67rhvmzv4jt2yvcc6fyybn7w3v7pe5cql5yvy2lzpvkemwd7pntx442amybxw3lumzzuoqkrapbhm6myotu5xz5lk6mu2546nkoufnkduz4lkpvkkcwv7yt3sbvnu6vfoofhisozi56let2l7f5zktsa3zguby2wg7wv3u6cwdaxm4d3plu6z6dtlkr2kqcijjuutx3myxqv76cdvljt5jkzzp7ev4lxxu27u4fuvd62tffzsox3isfeov34ctdptvapzeodoguen3oqwgc7bkx37ncp2423jumvmsqfincuicdtfyyhc4ccpyas43zcpj3uaeybd5fuasdhluvqwiannavc6uatbewhsrw3zpfpf3ebslq5qqsz6xgm5etufcp2hmexxcj27nfwmax63jfj5resfhett2vv6zt3jpuxs6awdidayickmvasuazdhmta2gycheltkpi5carvkkyhovtxgqkekyobchivn5akg2lonzqktthf3bvxa7k6jfnpz6r7nwa4ix3otmaotckhwcvbqs3txnhjchhwe4imqlh2kduxegtjhieqktauimvwkbdcgjzhfywjzf2q====?u=https%3A%2F%2Fpixel-eu.rtbix.xyz%2Fi%3Fee%3DN9LIDM4oQ6lWgxUDcTAcjcb-t7WI2GY4gk9pzmb1Ofq61Wu-NyGrh1VLvgRbT6yC2S3Yf6h5rXMJRgCyaKeFY49CrMQAB-97WbXtTAIcoNU2GrAamjfct9d45nOi22xb74KYbr0T5qKN0pXduDdPbQjRLGBa-gyvsxqswjEzpdzyRwCkhsJjRu3tIUE7p-CAatGjXpYHCTMvAnG9ZEGGaCEa2vk7VqdKE2dQJj22XacWEIDJhvl-q5mg7EkJ5I5-3E01T5xwkUkEGChqXq8C9SGbQcdAZt5OEH0wfsVStWE(Line 10)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=continue-blocking-ads.xyz&flow=binom&campaignId=30023&trafficsource=60&src=1403549917691363&cid=cngg7hb2r96s739f6g90&lpkey=1709236ece109886dcc5be034dccc92f717a045681&isV2=true
Message:
Access to XMLHttpRequest at 'https://continue-blocking-ads.xyz/click?upd_clickid=cngg7hb2r96s739f6g90&add_event6=1' from origin 'https://greenorbitly.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://continue-blocking-ads.xyz/click?upd_clickid=cngg7hb2r96s739f6g90&add_event6=1
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

continue-blocking-ads.xyz
greenorbitly.com
pixel-eu.rtbix.xyz
region1.google-analytics.com
s.viiqoyqt.com
www.googletagmanager.com
continue-blocking-ads.xyz
2001:4860:4802:32::36
2606:4700:3032::ac43:a45e
2606:4700:3034::ac43:d702
2a00:1450:4001:812::2008
31.220.27.135
52.58.28.63
049cb98d133b99a75da84e53e0e4a672d9eb369b828eeaa14845f130d3653b55
15cce7291e51d067e5b2f075aae7b8a22b2f8a619aa779acf99015fc9deb925c
36220a2261088abab66cbbb670ac92fddd579245c29c01ba42adbcd875464ebc
3e096fe3967f7b94d0ec43bbc49cc7a3d41c8a72a53420e724984e1a78fe56df
5f72506cc45b5f5322d004f8289b403435d4802e948c11eafd3eb99c6c69bf6e
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
87c7229e50e5c91bf598918311998b6cadaaffa306ac788594250a1cc56a1cf4
907c0fe891c850b16da4436d24c4f4dda3834ad6ffb09b311273b7e866ef607b
a7189c1c66fa205740ef67decd0982f9cb38f381bdc7ed292ad87a0908c293ae
e30c3c652c4510b174583cdc85a60767f719b1bb68c8036d105138667d7685a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eccf78b356675f020c22041837c867b733abbf607748b8c9dcd66fd86a6007d3
ed128b4a5d3831d32152770519633743ed977cb64a117d3216c4b0a3f8ded26b
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
ee38a9bbc713511033fe3c71c22cd4bdd59c683806825c153859fcdac3d162d7
f4e59fa1d8c0577cb11717041dedf494a81801f312622c3bd3d0914d51a12808
f7b4b8c2673e415b84baa9cf62a8900864fd65ff60493cc6853284dce9321ae8