urlscan.io logo urlscan.io
SecurityTrails logo

greenorbitly.com Open in urlscan Pro
172.67.164.94  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://googlo.it/
Effective URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaig...
Submission Tags: @phishunt_io
Submission: On January 06 via api from DE — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 31 HTTP transactions. The main IP is 172.67.164.94, located in United States and belongs to CLOUDFLARENET, US. The main domain is greenorbitly.com.
TLS certificate: Issued by GTS CA 1P5 on December 20th 2023. Valid for: 3 months.
This is the only time greenorbitly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.178.70 61969 (TEAMINTER...)
1 99.84.90.195 16509 (AMAZON-02)
2 52.1.241.53 14618 (AMAZON-AES)
1 2 172.67.156.69 13335 (CLOUDFLAR...)
14 172.67.164.94 13335 (CLOUDFLAR...)
1 142.250.185.104 15169 (GOOGLE)
1 99.84.88.75 16509 (AMAZON-02)
1 142.250.181.238 15169 (GOOGLE)
4 34.251.101.162 16509 (AMAZON-02)
31 10
4    185.53.178.70 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
googlo.it
1    99.84.90.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-90-195.muc50.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
2    52.1.241.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-241-53.compute-1.amazonaws.com
sapph-oxs.com
2    172.67.156.69 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-blocking24.net
14    172.67.164.94 (United States)

ASN13335 (CLOUDFLARENET, US)
greenorbitly.com
1    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
1    99.84.88.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-75.muc50.r.cloudfront.net
euob.thatmonkeybites3.com
1    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com
4    34.251.101.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-101-162.eu-west-1.compute.amazonaws.com
obseu.thatmonkeybites3.com
Apex Domain
Subdomains		 Transfer
14 greenorbitly.com
greenorbitly.com
194 KB
5 thatmonkeybites3.com
euob.thatmonkeybites3.com — Cisco Umbrella Rank: 244199
obseu.thatmonkeybites3.com — Cisco Umbrella Rank: 245706
39 KB
4 googlo.it
googlo.it
4 KB
2 ad-blocking24.net
ad-blocking24.net — Cisco Umbrella Rank: 170576
1 KB
2 sapph-oxs.com
sapph-oxs.com
3 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
245 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
83 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
31 8
Domain Requested by
14 greenorbitly.com sapph-oxs.com
greenorbitly.com
4 obseu.thatmonkeybites3.com euob.thatmonkeybites3.com
greenorbitly.com
4 googlo.it d38psrni17bvxu.cloudfront.net
googlo.it
2 ad-blocking24.net 1 redirects greenorbitly.com
2 sapph-oxs.com googlo.it
sapph-oxs.com
1 www.google-analytics.com www.googletagmanager.com
1 euob.thatmonkeybites3.com greenorbitly.com
1 www.googletagmanager.com greenorbitly.com
1 d38psrni17bvxu.cloudfront.net googlo.it
31 9

This site contains no links.

Subject Issuer Validity Valid
googlo.it
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
greenorbitly.com
GTS CA 1P5		 2023-12-20 -
2024-03-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.thatmonkeybites3.com
Amazon RSA 2048 M01		 2023-07-18 -
2024-08-15		 a year crt.sh
ad-blocking24.net
E1		 2024-01-03 -
2024-04-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Frame ID: AD7C1D08122D26D3C1A985F1054F2AC4
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

YTube AdSkipper

Page URL History Show full URLs

  1. https://googlo.it/ Page URL
  2. http://sapph-oxs.com/zclkvisitor/9d059ce1-ac61-11ee-9aaa-0ab00ad9393d/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. http://sapph-oxs.com/zclkredirect?visitid=9d059ce1-ac61-11ee-9aaa-0ab00ad9393d&type=js&browserWid... Page URL
  4. https://ad-blocking24.net/cp4kl7k.php?key=ebj4349gd29xfi7daa5h&cid=zr9d059ce1ac6111ee9aaa0ab00ad9393db... HTTP 302
    https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.ne... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

31
Requests

87 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

325 kB
Transfer

872 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://googlo.it/ Page URL
  2. http://sapph-oxs.com/zclkvisitor/9d059ce1-ac61-11ee-9aaa-0ab00ad9393d/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=7a0a62d0-8a28-11ee-b3d7-123f4a2b6bb7 Page URL
  3. http://sapph-oxs.com/zclkredirect?visitid=9d059ce1-ac61-11ee-9aaa-0ab00ad9393d&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false Page URL
  4. https://ad-blocking24.net/cp4kl7k.php?key=ebj4349gd29xfi7daa5h&cid=zr9d059ce1ac6111ee9aaa0ab00ad9393db95072b8d4154677862814ed53a0e8e507901546082af79b85&visit_cost=0.009500&source=lateritious-falcon&campaign_id=2270132&creative_number=0&target=charlie-bit-1n034qyrl5 HTTP 302
    https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
googlo.it/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googlo.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.70 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e90aba764b2a389869a38644032e795aa25908a9a1bcdf1a89ff640b5282a3d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Accept-Ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-Ch-Lifetime
30
Content-Encoding
gzip
Content-Length
1340
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jan 2024 07:02:54 GMT
Server
nginx
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Uw9qtSSgrOx+lV9FBmU9Mj4IcDdK5OdUJT9t+XZJ4G7VxJIa5vqYgQIe0anTAZ3w6oq3N0dUzz2F0v6kpQ+BSg==
X-Buckets
bucket011,bucket077
X-Domain
googlo.it
X-Language
italian
X-Redirect
zeropark_zeroclick
X-Subdomain
X-Template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: googlo.it
URL: https://googlo.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.90.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-90-195.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googlo.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:31:36 GMT
via
1.1 086da553b96e728b869925910597a098.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 11:12:07 GMT
server
nginx
x-amz-cf-pop
MUC50-C1
age
9078
etag
"63ce6b87-448"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1096
x-amz-cf-id
9cdyvDeWubvOyEEwKiyGLQm7dBa2whQWAJg9qcIqr3VhfJ_733ZRXQ==
track.php
googlo.it/ 		0
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googlo.it/track.php?domain=googlo.it&toggle=browserjs&uid=MTcwNDUyNDU3My45NjYxOjg3YzI1ZWM0YmQyMTJjYmNlM2VjNWNjYjA1MDQyYmZlOTgyOGE2NjY4MjE1YjdhZjI5ZGQ3NWVjZWNlMDdjZWM6NjU5OGZiMWRlYmRlYg%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.70 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

device-memory
8
Referer
https://googlo.it/
dpr
1
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
viewport-width
1600

Response headers

Date
Sat, 06 Jan 2024 07:02:54 GMT
Content-Encoding
gzip
Accept-Ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
nginx
X-Custom-Track
browserjs
Vary
Accept-Encoding
Accept-Ch-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Content-Length
20
ls.php
googlo.it/ 		16 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googlo.it/ls.php?t=6598fb1e&token=3c3bfe9be17945a55f4aa7f55ab2e377bc45617a
Requested by
Host: googlo.it
URL: https://googlo.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.70 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

device-memory
8
Referer
https://googlo.it/
dpr
1
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
viewport-width
1600

Response headers

Date
Sat, 06 Jan 2024 07:02:54 GMT
Accept-Ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Accept-Ch-Lifetime
30
Charset
utf-8
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_jnGTTApAAP46lSES9cAGWHtqYKER0oT5ClUkxjZt7WXt5ipxZkCnagaIj1ZyHLo7ZG9M041mhar3wQvpC71KZw==
X-Log-Success
6598fb1eb4cd3e25943aab04
Content-Length
16
track.php
googlo.it/ 		0
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googlo.it/track.php?click=3b57ad2025e33ed3c2dc1f6cde5c7a3dffafe1f4&domain=googlo.it&uid=MTcwNDUyNDU3My45NjYxOjg3YzI1ZWM0YmQyMTJjYmNlM2VjNWNjYjA1MDQyYmZlOTgyOGE2NjY4MjE1YjdhZjI5ZGQ3NWVjZWNlMDdjZWM6NjU5OGZiMWRlYmRlYg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTEsYnVja2V0MDc3fHx8fHx8NjU5OGZiMWRlYmRhOHx8fDE3MDQ1MjQ1NzQuMjg2M3wwOWMwMDFlMmM2YmE5OGQ1MGE3N2Y1MWMwMTkwYTRkYmUxYmI4NDgzfHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHx8fDB8MHx8MHx8fDB8MHxXMTA9fHwxfFcxMD18M2MzYmZlOWJlMTc5NDVhNTVmNGFhN2Y1NWFiMmUzNzdiYzQ1NjE3YXwwfHwwfDB8&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.70 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

device-memory
8
Referer
https://googlo.it/
dpr
1
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
viewport-width
1600

Response headers

Date
Sat, 06 Jan 2024 07:02:54 GMT
Content-Encoding
gzip
Accept-Ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
nginx
X-Custom-Track
none
Vary
Accept-Encoding
Accept-Ch-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
X-View-Match
true
Content-Length
20
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
sapph-oxs.com/zclkvisitor/9d059ce1-ac61-11ee-9aaa-0ab00ad9393d/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sapph-oxs.com/zclkvisitor/9d059ce1-ac61-11ee-9aaa-0ab00ad9393d/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=7a0a62d0-8a28-11ee-b3d7-123f4a2b6bb7
Requested by
Host: googlo.it
URL: https://googlo.it/
Protocol
HTTP/1.1
Server
52.1.241.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-241-53.compute-1.amazonaws.com
Software
pWkwJHAk /
Resource Hash
0cbc5db1573a31884d50c2677bfe9f6ba0f9a47dff7e71adf29cd21bbc79b6c0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Sat, 06 Jan 2024 07:02:55 GMT
Server
pWkwJHAk
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
zclkredirect
sapph-oxs.com/ 		712 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sapph-oxs.com/zclkredirect?visitid=9d059ce1-ac61-11ee-9aaa-0ab00ad9393d&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Requested by
Host: sapph-oxs.com
URL: http://sapph-oxs.com/zclkvisitor/9d059ce1-ac61-11ee-9aaa-0ab00ad9393d/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=7a0a62d0-8a28-11ee-b3d7-123f4a2b6bb7
Protocol
HTTP/1.1
Server
52.1.241.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-241-53.compute-1.amazonaws.com
Software
pICQBUiX /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://sapph-oxs.com/zclkvisitor/9d059ce1-ac61-11ee-9aaa-0ab00ad9393d/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=7a0a62d0-8a28-11ee-b3d7-123f4a2b6bb7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Sat, 06 Jan 2024 07:02:55 GMT
Server
pICQBUiX
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
Primary Request /
greenorbitly.com/
Redirect Chain
  • https://ad-blocking24.net/cp4kl7k.php?key=ebj4349gd29xfi7daa5h&cid=zr9d059ce1ac6111ee9aaa0ab00ad9393db95072b8d4154677862814ed53a0e8e507901546082af79b85&visit_cost=0.009500&source=lateritious-falcon...
  • https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpk...
5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Requested by
Host: sapph-oxs.com
URL: http://sapph-oxs.com/zclkredirect?visitid=9d059ce1-ac61-11ee-9aaa-0ab00ad9393d&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
44eb07234d05885f3a0ee1f6e275b04fde08c2c04cd87712f4a3031b6a9e57ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://sapph-oxs.com/zclkredirect?visitid=9d059ce1-ac61-11ee-9aaa-0ab00ad9393d&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8412192bdd9a0da1-MRS
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 06 Jan 2024 07:02:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKu6Q%2B%2BIi41yVkvXRAaG0rQIQOk0M3R5ss%2BZa6BXVBSlRIbY11lJqBZuU2NUyesUng%2FuIGHcsy69Gz%2F2JpzKSMZ9pFALtC%2BGG7ge5wm61whzmN6pwNiRlg2h8baKYErsxx8%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Next.js

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
841219287eb94c42-MXP
content-type
text/html; charset=UTF-8
date
Sat, 06 Jan 2024 07:02:56 GMT
location
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3IMQZuhEE0sfmx%2F9mJ4ntLLrmtEbY775TuKwdDlXUga3zZPu%2FvQwCwVsMN0zuyTHIDUOE%2Fhhp2GGyFp%2F01Fu1WLMruEpEzxcoaFMxdwLutZuawkDiN8u2mEOEbwelSQrMddqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js
www.googletagmanager.com/gtag/ 		238 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ebe59c1b22d92e8ad5ac96704f940eedb13b2fde64f61ea231fcb8b8237f1242
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84764
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jan 2024 07:02:57 GMT
8c3dd651469c9787e366b6d88eb7fa51.js
euob.thatmonkeybites3.com/sxp/i/ 		100 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-75.muc50.r.cloudfront.net
Software
Caddy /
Resource Hash
547ffb9cd06c62096378d942aa1686fc5b41dd98fc7ce11c985595aa4f6835c5

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:36:20 GMT
content-encoding
gzip
via
1.1 ac90d46be219b2aa8a23e6982405715c.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
MUC50-C1
age
37648
etag
"18f6d-tFKRPoim4uiMLaGgw2Lq6cqTxu4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
37319
x-amz-cf-id
nSwbYrfqlc2pZKCPWE8YdksO9gW_KvNSKM5Gol7KG0nOUa4e00ctAg==
expires
Sat, 06 Jan 2024 08:35:29 GMT
eaabcd84b27bb7b4.css
greenorbitly.com/_next/static/css/ 		40 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/css/eaabcd84b27bb7b4.css
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a722090281b4a90b3fff22d89bf4f02446f307bbb862ee43f554fc837254978f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
347304
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Dec 2023 13:30:46 GMT
server
cloudflare
etag
W/"9e79-18c91b8a383"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyczQO8DJb4%2B1SAMduPNhzRpjxoY8sB3fyvQoyvkvH6YlKI4IQQHKrCjv%2BvgtSRd9vLXJbFKaox2MCr6NMm155qyDgBgqn5A2EI6oglqFTEVxNX%2B0QQJ4t6BZKeu7LoU0x%2Bs"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8412192c7e990da1-MRS
a85a315e20706270.css
greenorbitly.com/_next/static/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/css/a85a315e20706270.css
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a09e57f0c6c676e88d3ee2bec7cc52863854fc8029270852cfcbe5d55278a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
347304
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Dec 2023 13:30:46 GMT
server
cloudflare
etag
W/"42a0-18c91b8a383"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4KE0Kk00zQM1W3Ui8xoGfLx1ufw1%2Frv7xchE0Tu7T%2Fde%2Bv8NzlPoCYenRPcBnNNSfrDYjntPAwdG21ReOKbsH7LXlVZS6UFZJYVZEzvSZOmu9odSIu9oGqF%2BFkZ5NpXBwJV"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8412192c7e9c0da1-MRS
928-a459b970dcaa21c2.js
greenorbitly.com/_next/static/chunks/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/928-a459b970dcaa21c2.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7823c53556e0b7b1aa34b75aef5eee02ef78da0bb0b242d58edf0a2cb230d14
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
347304
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Dec 2023 13:30:46 GMT
server
cloudflare
etag
W/"e0e3-18c91b8a37f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3vx8ax60Tl90LUvTKmNUzGr3S56BFsLnaFL4FoRY44Fs63Ea2v0VliyeONslclqdXYZ%2BnaRTWvegeFt7T2YvboCugC1oXXT54cV806NKR%2F8HAiZc1r9IVk1FydRE9sN9zWr"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8412192c9ecc0da1-MRS
13.b8577b29e323d207.js
greenorbitly.com/_next/static/chunks/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/13.b8577b29e323d207.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cdc2925712ed2a5c881cd7bc30ee287ed292bc621fccf2f14292d87985b404e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
347304
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Dec 2023 13:30:46 GMT
server
cloudflare
etag
W/"11b96-18c91b8a37f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BpGVhpXPjglWr3po%2B%2BwN%2FAPCg7X4tGCLLhKfsolTsDpnLMnyv6szRYTQvScky4B5yMPME1Jhvsar%2BqNGtLMKVFBL2U%2FydZ2ubWwnuX9eH3GmWXVLnk0Ko8El0TUDBHtrlA7"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8412192c9ecd0da1-MRS
webpack-b4a1b77b7d714b13.js
greenorbitly.com/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/webpack-b4a1b77b7d714b13.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbf6a4e377d3ce34060050a3c3774961a18d8e4cc58bb16765eb24be781b360a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
347304
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Dec 2023 13:30:46 GMT
server
cloudflare
etag
W/"1a82-18c91b8a37f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbzDU29g4GTIFV65B82mFLYauRC7Qv7yUqrt%2BLj3wGwRh2SyKRaniP8MX4v0N0ldty1I0YC671oZb1w02lbMeEZtMGb7FhIGtUDfD0F6BWIHZPd0Q%2F0n3%2F8UeGYGqBqkiw4s"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8412192c9ece0da1-MRS
framework-2c79e2a64abdb08b.js
greenorbitly.com/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/framework-2c79e2a64abdb08b.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
347304
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Dec 2023 13:30:46 GMT
server
cloudflare
etag
W/"226fc-18c91b8a37f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uic7EQFyncNG%2FK4NLRQPWIne%2Bp6vRLWNyXmzvjL3ApIuZu1%2F8CS3kyaxWIka%2FBtYlsuufz1nkXJBa5%2Bhm6QVc1%2Br2AkyH3HxV0GhBefaaLr2OJEkB5utvyX9uw%2F16aaoM6ou"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8412192caedb0da1-MRS
main-349ca23c9762ec02.js
greenorbitly.com/_next/static/chunks/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/main-349ca23c9762ec02.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb089706aadfae128aeec6f054cfb84e000638e4e65cd92c0a64a048fc255868
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
347304
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Dec 2023 13:30:46 GMT
server
cloudflare
etag
W/"15cfe-18c91b8a383"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbMqfEMm%2FVdTxt8FchnWrFhhZE74ssS%2F05B5l8Nq0lamsl0q04sLGkvec4DvewFfWOKstNFFdSWcxt%2FDxanDhXBaKwMjEpXiKeBUabNYNnENM3ni9yVl21GwgWKnLCeGWQoJ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8412192caedd0da1-MRS
_app-7432be77a845fe72.js
greenorbitly.com/_next/static/chunks/pages/ 		67 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/pages/_app-7432be77a845fe72.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ea05f65f108d4d2e557d7aec35d62509077ebf1917dc844e251157e8719474
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261597
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 03 Jan 2024 06:14:32 GMT
server
cloudflare
etag
W/"10c6a-18ccdf591e3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNX3B%2BKAhdVdIBvXDmAZzbxN19boWm69ub%2BiT1%2FXH1irigNHQS0beYu%2BbqgEwydyjB7JGyQnnOza7qTs4fAInfygaaqEC0N3y02D7jEOm4KdprR3Jjy28sAu%2BRf6%2F%2BrZIx6b"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8412192caedf0da1-MRS
index-6b7d39010ea4aed2.js
greenorbitly.com/_next/static/chunks/pages/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/pages/index-6b7d39010ea4aed2.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d514f91679c25dbeaff1bf7869d708c220d687339751403f239045b206f1263
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
347304
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Dec 2023 13:30:46 GMT
server
cloudflare
etag
W/"2917-18c91b8a37f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qea5jJzDgoZb1XiPC92n5B0uLx2C%2FZ4y1A29x5i3QRl%2F2CM2ZaKTOAjW4yvrn8TmDYvYglTypQCnjP44j1rpGXWvYcW1MnI75IozMGGkenuwVmIwk4mzIXstTuYjHFqeK0fi"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8412192caee00da1-MRS
_buildManifest.js
greenorbitly.com/_next/static/Vxm9QTlnFMdrLEve3mXV0/ 		1 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/Vxm9QTlnFMdrLEve3mXV0/_buildManifest.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1e418d7600d4b0ae83a0d7f07ce2af353c612acf337ffcc238d8ecbab554f7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261597
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 03 Jan 2024 06:14:32 GMT
server
cloudflare
etag
W/"52e-18ccdf591e3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77cN2lYXAaDmxCpKl9AnF7FNV76h100sDeTVqfvoZa0rbN%2BigLAR09ase66ozmavhMiY2N%2F31XeLvjRHZm6Eru0cF8SQ4YKDyUuyAX6nj5aPGgX%2Bf3%2BZCKVpvLvwWnskXSUH"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8412192caee10da1-MRS
_ssgManifest.js
greenorbitly.com/_next/static/Vxm9QTlnFMdrLEve3mXV0/ 		398 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/Vxm9QTlnFMdrLEve3mXV0/_ssgManifest.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5a206148baddea25c805271493828aefe35680df90e011fc6b0f3040f7df92a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261597
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 03 Jan 2024 06:14:32 GMT
server
cloudflare
etag
W/"18e-18ccdf591e3"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2Fa5hy2l6Pnbq08xrxcqVc2WWeCd7wlxM4zqunk%2Bvx4%2B54g%2FXSSbRGhODArOmXRn6FIxHhwwmeKzSszu4JoAwREfsoMqrsFNXvJZnWEhR9jvuzDdE0AnjRqpffsct1RwbcJw"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8412192caee30da1-MRS
icon.svg
greenorbitly.com/images/promo-images/salmon/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://greenorbitly.com/images/promo-images/salmon/icon.svg
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/_next/static/css/a85a315e20706270.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/_next/static/css/a85a315e20706270.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 03 Jan 2024 06:14:17 GMT
server
cloudflare
etag
W/"c75-18ccdf557e6"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VezIWBTkb78%2FiacNTdBDnW6cTi3fJndobJ4E0GgCwLW25JrwuPgeHEdjsyiaBzZlGoq8O1DK2xPoR05gO0lgzZhxrR9MDU7L5%2BgB8AAzRybV1EB8UubzXvZq46aBOSIIIYaH"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8412192cff4e0da1-MRS
available-in-chrome.svg
greenorbitly.com/images/browser-icons/ 		21 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://greenorbitly.com/images/browser-icons/available-in-chrome.svg
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/_next/static/css/eaabcd84b27bb7b4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/_next/static/css/eaabcd84b27bb7b4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 03 Jan 2024 06:14:17 GMT
server
cloudflare
etag
W/"5287-18ccdf557b6"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euakyJCnRW3%2BKUbYBlsy301lbndo%2BSQBD7GogzLo8PrhtXJZT%2F7rCVP%2FtTGPoMSz2B3Aa%2BR0BPPlgRXucYCW4C8USY8gYOLaXiv2uVHbJSDsNFpcBO%2F8VyMWQAgbryVXMjTJ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8412192cff500da1-MRS
cp4kl7k.php
ad-blocking24.net/ 		0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-blocking24.net/cp4kl7k.php?add_event6=1&uclick=7vxssla4fe
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.156.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:02:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4zVn%2FPo8mAAQJhV5EIWy0flk1CM8XUyDlxvoBe%2Bxnf5M7uF045MdGu%2Bhk7PtrKSPrAw%2FZ3H5Yd1iYs7Rq%2BBp5K%2BnzkOJiKc3H3KgJyfs2hYz7sCNNoOwnl7c%2BuvoojH7rwMFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8412192dab6c4c42-MXP
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je4130v9138996702&_p=1704524576719&gcd=11l1l1l1l1&dma=0&cid=29840214.1704524577&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704524577&sct=1&seg=0&dl=https%3A%2F%2Fgreenorbitly.com%2F%3Fextension%3Dytube_adskipper%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dad-blocking24.net%26flow%3Dbinom%26campaignId%3D10595%26trafficsource%3D16%26src%3Dlateritious-falcon%26cid%3D1a6e37vxssla4fe704%26lpkey%3D173504cc52ac487776%26uclick%3D7vxssla4fe%26uclickhash%3D7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e&dr=http%3A%2F%2Fsapph-oxs.com%2F&dt=YTube%20AdSkipper&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1620
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 07:02:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://greenorbitly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ct
obseu.thatmonkeybites3.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/ct?id=46468&url=https%3A%2F%2Fgreenorbitly.com%2F%3Fextension%3Dytube_adskipper%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dad-blocking24.net%26flow%3Dbinom%26campaignId%3D10595%26trafficsource%3D16%26src%3Dlateritious-falcon%26cid%3D1a6e37vxssla4fe704%26lpkey%3D173504cc52ac487776%26uclick%3D7vxssla4fe%26uclickhash%3D7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1704524577410&hl=3&op=0&ag=570513631&rand=530117012220170200085960852020507401084186016823592182611276547702152008765012921261&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=http%3A%2F%2Fsapph-oxs.com%2F&ss=1600x1200&nc=0&at=&di=W1siZWYiLDE4NzJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjUsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDYsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsOCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCw1LDAsMCwxLDAsMCwwLDAsMiwwIl0sWy0xLCItIl0sWy0yLCI3LGVBSFdYMS9mM3F6Q3Zia3V5bVF3Z2xJYUYzcEVzUkVFVHBvVmRGVkJRUXBSY1JCRlNLSUlnaVJJcjBLaEpScXBTQXRDQWtRSHBJenliYlhwbVpyLzUvZDk2YnpjdVNBUEovR3QiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yMCwiMjk4NDAyMTQuMTcwNDUyNDU3NyJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoxMTIwMDAwMCxcInVqaHNcIjoxMDAwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDkuNiwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE3MDQ1MjQ1NzczNjEsLTFdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDU1MSwwLDEyLDAsMCw0MTQsMTA5LC0xLDAsMTE2OS42LDExNjkuNiwxNzM2LDE3MzYiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsMyxmYWxzZSx0cnVlLG51bGwsMCx0cnVlLHRydWVdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwMTAxMTAxMDAwMDAxIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIjYyMCw2NzcsMCwwLDAsNTYyLDAsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCw2ODQsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiRXVyb3BlL1JvbWUsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjEwMCJdLFstNTQsIi0iXSxbLTU1LCIxIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUTRJQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZGNYQmtSVVUxTlNVb0RGaFpjVEZaYkYwMVJXRTFVVmxkU1hFQmJVRTFjU2dvWFdsWlVGa3BCU1JaUUZnRmFDbDFkRHd3SURROEFXZ0FPQVE1Y0NnOFBXdzlkQVFGY1d3NWZXQXdJRjFOS0F3Z0REdzhJQ3cwUUZWaE5HVTBYWEVGSlZrdE5TaGtSVVUxTlNVb0RGaFpjVEZaYkYwMVJXRTFVVmxkU1hFQmJVRTFjU2dvWFdsWlVGa3BCU1JaUUZnRmFDbDFkRHd3SURROEFXZ0FPQVE9PSJdLFstNTgsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy02MCwyMjJdLFstNjEsIntcIndnc2xcIjpcIjA7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTYyLCI4MCJdLFstNjMsIjEiXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFstNjUsIi0iXSxbLTY2LCJnZW9sb2NhdGlvbixzdG9yYWdlYWNjZXNzLGdhbWVwYWQsY2hlY3QsbWlkaSxkaXNwbGF5Y2FwdHVyZSx1c2IsbG9jYWxmb250cyxwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LG90cGNyZWRlbnRpYWxzLGNodWFmb3JtZmFjdG9yLGVuY3J5cHRlZG1lZGlhLGNoc2F2ZWRhdGEsY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjaHVhd293NjQsY2hkb3dubGluayxjaHByZWZlcnNjb2xvcnNjaGVtZSxzeW5jeGhyLGNodWFtb2RlbCxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxneXJvc2NvcGUsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEsbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxjbGlwYm9hcmR3cml0ZSxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy02NywiMjUzMjMxMjg4ODoyNCJdLFstNjgsIi0iXSxbImRkYiIsIjAsOCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDEsMiwxMSwwLDEsMCwwLDAsMCwwLDEsMCwwLDAsMCwxLDAsNSwwLDAsMCwwLDAsMCwyNCwwIl0sWyJibmNoIiw4M10sWyJhYm5jaCIsODRdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=jp3iEl5GH3&pto=1785&ver=58&gac=29840214.1704524577&mei=&ap=&fe=1&duid=1.1704524577.2yZTjgSOuNZG3XsK&suid=1.1704524577.QdE061qKWirowMDa&tuid=1.1704524577.CFcRuttRV9FvQzQj&fbc=-&gtm=W10%3D&it=22%2C1079%2C613&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.251.101.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-101-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
241889f0a10cef6ec466e7567a2d9ec64ce433ee8a62871db5f649437b8b941e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Sat, 06 Jan 2024 07:02:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1559
expires
Fri, 01 Jan 1990 00:00:00 GMT
tc_imp.gif
obseu.thatmonkeybites3.com/tracker/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obseu.thatmonkeybites3.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aeac237ee428d9a9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a17896b2f17071a10acf9f29f671bd1d0810f253b4efa2e2451803ad666c6566356269404085f60565dc0ef631a77be26bb25cb43e29233f54c6ea505337c13c451ec46ec8bc59a7ee46a56a82b9eec47679c796e092818c5871d61eb72bffeb1ba131be20ecca7478c31db6bda508e1547f77303fd1f564c2acf503ed79ffca8328828bf7d8557ec4b7274a7d43169230121e118f58109ac5d6ead83c6771e217dcf965d78c9df014b3545730715a7902a60740ebafb4b709cc8a478c1a2026d182facb8a6928a6bac9f8b1bf95c8e0d3d37c9eeceb3a26691dbea6f96330ad1adcd2d1e44a2323baec11d61eedfa9669314a113a08e19c249c3cf63d67d77ca8b2dca3dd496a8b085f0fc4e68a37ae8e4b87b0870e09a7dc3eb1fac4a1349930804c6898ec49ee79327c82ded9db39971e56e6933943c3984999e4378c1eb7da40cebd74d9d72f0714f47538837b104e1c1a370bb8c34981fe1c0dcd56a8f504f61f80e421f724e6883a86db9508bcc8c28a89121fc9323c881e2fb71a4b6b80c3429d3be1a52cbb40d5e09f5fdef23e669cfe75de9f66df02fad6dc41781568eec65985f64f9f8c33a6c603e157952081aabb08a39d105f10d0d0075a9b0198a9f1808e8e49fe1e925cfece3ff83f8aba2184a3eaa1482be5e698445735e843f042237fb7ce93e5a81b79067dc35c160d8f7759ee355c838572c27443450df9cb5df6a2e489d5e0dd69085eab49c061898eabd6096d23b3889db0f3429bccec45e61e161985dc949b53bce00c7da47ada838e3879a90cd1621b0be29698175af91a2f804967e4d7217887a1142bba2439da945d8939fd4468fd2d1664c7512fc2fa117f211f6c163892d0070017a2562be12cd9f600ae470d2bbe76681dd479e272bfa50786cdfbbc31648b020b3d7478b43685f14ae313edcbdcb7a9c064dc6dc46ff9ba4ab9248c85f5c2a11f275245682910b5cbe39e5fac42a88c1f01c0b2ed136795d5a8b6e04f493fc05038c70338f858d2acac8a7c95824a62db80f694acf4c2563d6d30d5d96d5ebd7feaf10e633ba73d325c0931fc2edfc372aec8040de83b8b2c6efcbcc34428ce639489a3f920a9e42fce52ba8cfcbc96cb386d5f8fc5a6695e1e6fe4bdd49895216611274d7913936df64f640d48a36ae1534ff6c5ece34b5926275a56774165981f5d82d80db333e6b1369898bcfb080298814bcac363b9486130f0c5f6b70558779e498041280cda7c68ce5ddbea0dd6ba7acde0d206f467c742d66598f0c530df2b4f3952398cd6c43cbed2bf5d509c0e8b7998ef1a258a34c8d53f83caecaadc5c37976cbd48ebb6e656c108deadbb47b62c79a3f217fe00efc32750ca70db77ec23d488c08038bc2a9e795d182ac817b8039978d6e92bce28b15afd9a62c188e9a8923bf73ea8b9b093491df64dfda7b69b61506f0544f72157eb4d3705be5176a6577e9218088a7301aa92f4b0f25d6b6ade53e8b0264759ab8d18bd736a84627410f3b7ac2296863a7&cri=jp3iEl5GH3&ts=615&cb=1704524578025
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.251.101.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-101-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://greenorbitly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Sat, 06 Jan 2024 07:02:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
8e296cb5-62ef-4f6f-9171-5f4c9e0e063e
https://greenorbitly.com/ 		261 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://greenorbitly.com/8e296cb5-62ef-4f6f-9171-5f4c9e0e063e
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce41c8266fa54545651437ce22bd9af5c232575ce0a0a5882912264e40ac763a

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
261
Content-Type
45e5068e-966b-4494-bf33-759e848c3345
https://greenorbitly.com/ 		529 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://greenorbitly.com/45e5068e-966b-4494-bf33-759e848c3345
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=ad-blocking24.net&flow=binom&campaignId=10595&trafficsource=16&src=lateritious-falcon&cid=1a6e37vxssla4fe704&lpkey=173504cc52ac487776&uclick=7vxssla4fe&uclickhash=7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20c1da6b3e5cee3d04cfcf8fbe2b752f6ae082df26655f4d580f4d8b6360d6cb

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
529
Content-Type
mon
obseu.thatmonkeybites3.com/ 		0
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/mon
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.251.101.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-101-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://greenorbitly.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://greenorbitly.com
date
Sat, 06 Jan 2024 07:02:59 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
mon
obseu.thatmonkeybites3.com/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obseu.thatmonkeybites3.com/mon
Requested by
Host: euob.thatmonkeybites3.com
URL: https://euob.thatmonkeybites3.com/sxp/i/8c3dd651469c9787e366b6d88eb7fa51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.251.101.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-101-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://greenorbitly.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://greenorbitly.com
date
Sat, 06 Jan 2024 07:03:01 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| gtag object| dataLayer object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_tag_manager object| google_tag_data object| gaGlobal function| __ctcg_ct_46468_exec object| _cq

19 Cookies

Domain/Path Name / Value
ad-blocking24.net/ Name: uclick
Value: 7vxssla4fe
ad-blocking24.net/ Name: uclickhash
Value: 7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
.greenorbitly.com/ Name: extension
Value: ytube_adskipper
.greenorbitly.com/ Name: promo
Value: salmon
.greenorbitly.com/ Name: big
Value: none
.greenorbitly.com/ Name: clk_domain
Value: ad-blocking24.net
.greenorbitly.com/ Name: flow
Value: binom
.greenorbitly.com/ Name: campaignId
Value: 10595
.greenorbitly.com/ Name: trafficsource
Value: 16
.greenorbitly.com/ Name: src
Value: lateritious-falcon
.greenorbitly.com/ Name: cid
Value: 1a6e37vxssla4fe704
.greenorbitly.com/ Name: lpkey
Value: 173504cc52ac487776
.greenorbitly.com/ Name: uclick
Value: 7vxssla4fe
.greenorbitly.com/ Name: uclickhash
Value: 7vxssla4fe-7vxssla4fe-6j0-0-xsa9-8puo-8pfv-2fcf4e
.greenorbitly.com/ Name: _ga_D9B6K7HFTW
Value: GS1.1.1704524577.1.0.1704524577.0.0.0
.greenorbitly.com/ Name: _ga
Value: GA1.1.29840214.1704524577
.greenorbitly.com/ Name: _cq_duid
Value: 1.1704524577.2yZTjgSOuNZG3XsK
.greenorbitly.com/ Name: _cq_suid
Value: 1.1704524577.QdE061qKWirowMDa
obseu.thatmonkeybites3.com/ Name: cg_uuid
Value: bcc8894e4fce71941bcc57f80eb26a8e

1 Console Messages

Source Level URL
Text
worker verbose URL: blob:https://greenorbitly.com/8e296cb5-62ef-4f6f-9171-5f4c9e0e063e(Line 1)
Message:
Error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-blocking24.net
d38psrni17bvxu.cloudfront.net
euob.thatmonkeybites3.com
googlo.it
greenorbitly.com
obseu.thatmonkeybites3.com
sapph-oxs.com
www.google-analytics.com
www.googletagmanager.com
142.250.181.238
142.250.185.104
172.67.156.69
172.67.164.94
185.53.178.70
34.251.101.162
52.1.241.53
99.84.88.75
99.84.90.195
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
0cbc5db1573a31884d50c2677bfe9f6ba0f9a47dff7e71adf29cd21bbc79b6c0
20c1da6b3e5cee3d04cfcf8fbe2b752f6ae082df26655f4d580f4d8b6360d6cb
241889f0a10cef6ec466e7567a2d9ec64ce433ee8a62871db5f649437b8b941e
44eb07234d05885f3a0ee1f6e275b04fde08c2c04cd87712f4a3031b6a9e57ba
547ffb9cd06c62096378d942aa1686fc5b41dd98fc7ce11c985595aa4f6835c5
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
7cdc2925712ed2a5c881cd7bc30ee287ed292bc621fccf2f14292d87985b404e
85ea05f65f108d4d2e557d7aec35d62509077ebf1917dc844e251157e8719474
8d514f91679c25dbeaff1bf7869d708c220d687339751403f239045b206f1263
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a1e418d7600d4b0ae83a0d7f07ce2af353c612acf337ffcc238d8ecbab554f7b
a6a09e57f0c6c676e88d3ee2bec7cc52863854fc8029270852cfcbe5d55278a2
a722090281b4a90b3fff22d89bf4f02446f307bbb862ee43f554fc837254978f
a7823c53556e0b7b1aa34b75aef5eee02ef78da0bb0b242d58edf0a2cb230d14
cb089706aadfae128aeec6f054cfb84e000638e4e65cd92c0a64a048fc255868
ce41c8266fa54545651437ce22bd9af5c232575ce0a0a5882912264e40ac763a
dbf6a4e377d3ce34060050a3c3774961a18d8e4cc58bb16765eb24be781b360a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a206148baddea25c805271493828aefe35680df90e011fc6b0f3040f7df92a
e90aba764b2a389869a38644032e795aa25908a9a1bcdf1a89ff640b5282a3d1
ebe59c1b22d92e8ad5ac96704f940eedb13b2fde64f61ea231fcb8b8237f1242
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7