urlscan.io logo urlscan.io
SecurityTrails logo

greenorbitly.com Open in urlscan Pro
2606:4700:3032::ac43:a45e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://go-via.cc/lgvqcf
Effective URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaig...
Submission: On May 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3032::ac43:a45e, located in United States and belongs to CLOUDFLARENET, US. The main domain is greenorbitly.com. The Cisco Umbrella rank of the primary domain is 469611.
TLS certificate: Issued by GTS CA 1P5 on April 16th 2024. Valid for: 3 months.
This is the only time greenorbitly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 7 139.45.197.243 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
1 1 52.58.28.63 16509 (AMAZON-02)
17 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
33 8
4    2606:4700:3031::ac43:adf8 (United States)

ASN13335 (CLOUDFLARENET, US)
go-via.cc
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)
hautoust.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    52.58.28.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com
datatechdrift.com
17    2606:4700:3032::ac43:a45e (United States)

ASN13335 (CLOUDFLARENET, US)
greenorbitly.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
17 greenorbitly.com
greenorbitly.com — Cisco Umbrella Rank: 469611
338 KB
7 hautoust.com
hautoust.com — Cisco Umbrella Rank: 271748
18 KB
4 go-via.cc
go-via.cc
12 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
192 KB
1 datatechdrift.com
datatechdrift.com — Cisco Umbrella Rank: 415512
441 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11881
491 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404 Failed
254 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
28 KB
33 8
Domain Requested by
17 greenorbitly.com hautoust.com
greenorbitly.com
7 hautoust.com 1 redirects go-via.cc
hautoust.com
4 go-via.cc 1 redirects cdnjs.cloudflare.com
2 www.googletagmanager.com go-via.cc
greenorbitly.com
1 datatechdrift.com 1 redirects greenorbitly.com
1 my.rtmark.net hautoust.com
1 region1.google-analytics.com www.googletagmanager.com
1 cdnjs.cloudflare.com go-via.cc
33 8

This site contains no links.

Subject Issuer Validity Valid
go-via.cc
GTS CA 1P5		 2024-04-16 -
2024-07-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
hautoust.com
R3		 2024-03-21 -
2024-06-19		 3 months crt.sh
rtmark.net
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh
greenorbitly.com
GTS CA 1P5		 2024-04-16 -
2024-07-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Frame ID: D0BB4C6DE87A768B63B7E77A598F6849
Requests: 32 HTTP requests in this frame

Frame: https://go-via.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Frame ID: 663C791504FCD6F219C905AC79FF1A8A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

YTube AdSkipper

Page URL History Show full URLs

  1. http://go-via.cc/lgvqcf HTTP 307
    https://go-via.cc/lgvqcf Page URL
  2. https://hautoust.com/4/7381765 Page URL
  3. https://hautoust.com/?z=7381765&syncedCookie=true&rhd=false HTTP 302
    https://hautoust.com/4/6118780/?var=7381765&btz=Europe/Berlin&bto=-120&bar=x Page URL
  4. https://datatechdrift.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=809678994378334869&cost=0.004168&z... HTTP 307
    https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.co... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

91 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

588 kB
Transfer

1635 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://go-via.cc/lgvqcf HTTP 307
    https://go-via.cc/lgvqcf Page URL
  2. https://hautoust.com/4/7381765 Page URL
  3. https://hautoust.com/?z=7381765&syncedCookie=true&rhd=false HTTP 302
    https://hautoust.com/4/6118780/?var=7381765&btz=Europe/Berlin&bto=-120&bar=x Page URL
  4. https://datatechdrift.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=809678994378334869&cost=0.004168&zoneid=6118780&campaignid=7594104&bannerid=19423511&subzoneid=0 HTTP 307
    https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://go-via.cc/lgvqcf HTTP 307
  • https://go-via.cc/lgvqcf
Request Chain 4
  • https://go-via.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://go-via.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Request Chain 11
  • https://hautoust.com/?z=7381765&syncedCookie=true&rhd=false HTTP 302
  • https://hautoust.com/4/6118780/?var=7381765&btz=Europe/Berlin&bto=-120&bar=x

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
lgvqcf
go-via.cc/
Redirect Chain
  • http://go-via.cc/lgvqcf
  • https://go-via.cc/lgvqcf
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go-via.cc/lgvqcf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:adf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa1c38ac5b62afd81bdf084f1592afd95f8780fe1c629f317e2260aab647256f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87d38a82f8c01968-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 01 May 2024 23:27:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WIOhrdjuJpJ%2BqLdPDtq15MzI7vTRKAGS9bngA6VV1ibqresT%2Bx2QH70JjrpbeC1fELCb3wbg06PveqnNQjBWs%2B977jX1%2BU1pKCVz1U5%2FMuG7ZmUKh4%2FJDj6t04urWYoNWCs83%2FILRLE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-clacks-overhead
GNU Terry Pratchett

Redirect headers

Location
https://go-via.cc/lgvqcf
Non-Authoritative-Reason
HttpsUpgrades
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/jquery.min.js
Requested by
Host: go-via.cc
URL: https://go-via.cc/lgvqcf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://go-via.cc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
501863
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
28112
last-modified
Wed, 21 Dec 2022 00:05:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63a24ddb-6dd0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2BDTaCh8suqScCijcmQXeQYjDp7OJpVbWIZZOMHeisSuQM%2BK33tbJuWhhlTeAvDtsAdCNrK5ClROPEkRrzGqFIw2UC1stsgz1h1en3KUYaxvQuLgV0tw%2FM5zi0Ixt63v%2F0SSBRLyGHn%2B4p7Eq5c1OqjI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87d38a83487c19a0-FRA
expires
Mon, 21 Apr 2025 23:27:14 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TP9PD24S5Y
Requested by
Host: go-via.cc
URL: https://go-via.cc/lgvqcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://go-via.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103826
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 01 May 2024 23:27:14 GMT
reghop.php
go-via.cc/h/ 		1 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go-via.cc/h/reghop.php?h=2214&r=
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:adf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
*/*
Referer
https://go-via.cc/lgvqcf
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:14 GMT
content-encoding
br
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y45dnxXVcw%2Fkz57kD87CaRE4woef514myQq2dDHnpNetD8kKkD3EO7pwQUucv97G8Rx5otSr%2FbRyrTDh%2FlCwE5qMqQ0LJaFJLDabNpFW6iMrEB7vFo9mWxHUS60exk8HYVS%2FAsVnQ88%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
87d38a83791b1968-FRA
alt-svc
h3=":443"; ma=86400
main.js
go-via.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/ Frame 663C
Redirect Chain
  • https://go-via.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://go-via.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go-via.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Protocol
H3
Server
2606:4700:3031::ac43:adf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 01 May 2024 23:27:14 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mNUyAl6SbKNUtzD7%2FEtvBf7YbuIqnwsTagXCmmB8kSu4HJ2R9uFTKujEtGSqG53zXI6zgVHmiImHgOWW8smrPW0XetWto6ZS0qPS7D8VmY29ugOrNOmLX%2FrltvOeXzNda8lgwMPPwiU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87d38a83b9421968-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 01 May 2024 23:27:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O8FnsuDmJaFlzZdxTjlwoKX2CajtdiIx%2BxTwP5jfxg7sahjh%2F7mQK1skw5AbZPKitrd%2F%2BXjAMmPQs0ZIquMLxpHC1Uepyl5wz6JrxFzp833fDcfAfR59SPfx6nD%2FjfSTK41eh4%2B1Xqs%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
87d38a8389261968-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
7381765
hautoust.com/4/ 		33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hautoust.com/4/7381765
Requested by
Host: go-via.cc
URL: https://go-via.cc/lgvqcf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
48000d2d5da79231d9c2d8910aa41471766e0abe3d2203f131a3ac4d17193747
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://go-via.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Wed, 01 May 2024 23:27:14 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
91dd4bb55869456f0de8fd8b3532b3db
collect
region1.google-analytics.com/g/ 		0
0
sftouch
hautoust.com/ 		2 B
601 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://hautoust.com/sftouch?userId=00804fcf5a4443f7f10e448db100a36d&z=7381765&p_rid=27d66b50-9227-40b2-9e0e-a4b96f3a17b9&p_src=sf&branchId=0&rb=rK0uzmy3Dr1dXKEns4SXV5pWdwwox5bzziHJr1zfnTlbpr9agakTO9CY7ZVjndwd49OCydJ-ZlRS1xU6OE41MlATPyCFqD0aAA2BvLvgMxGqpboW9Ou0v2Nh2BOYrzdbyUezQlE4zMzEd0n3bbvtgS-6LVDNHvg2N6IWWQthdudlf1lisDdWXZxWKp-AlrP4du-qeIWihD3FgUfrU4RwKNKz6aSBzjOH6FT3n-RIqQzvl52Ycl7s_tbEqv4VhkpqW_4XUq9jjz9qD_rVxFskCXl15iVn5lIwFP8KN3Phre-QEXGR_nTB_18AiG7_HhUaGOfCCw==
Requested by
Host: hautoust.com
URL: https://hautoust.com/4/7381765
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.78"
Referer
https://hautoust.com/4/7381765
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.78", "Google Chrome";v="124.0.6367.78", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:14 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
d7120e38a0815a121536cadb838ba90a
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://hautoust.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=00804fcf5a4443f7f10e448db100a36d&z=7381765&p_rid=27d66b50-9227-40b2-9e0e-a4b96f3a17b9&p_src=sf
Requested by
Host: hautoust.com
URL: https://hautoust.com/4/7381765
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hautoust.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:14 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
hautoust.com/log/ 		12 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hautoust.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=27d66b50-9227-40b2-9e0e-a4b96f3a17b9
Requested by
Host: hautoust.com
URL: https://hautoust.com/4/7381765
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.78"
Content-Type
text/plain;charset=UTF-8
Referer
https://hautoust.com/4/7381765
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.78", "Google Chrome";v="124.0.6367.78", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:14 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hautoust.com
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
favicon.ico
hautoust.com/ 		0
150 B 		Other
General
Check archive.org
Download Go to
Full URL
https://hautoust.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.78"
Referer
https://hautoust.com/4/7381765
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.78", "Google Chrome";v="124.0.6367.78", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Wed, 01 May 2024 23:27:14 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
hautoust.com/4/6118780/
Redirect Chain
  • https://hautoust.com/?z=7381765&syncedCookie=true&rhd=false
  • https://hautoust.com/4/6118780/?var=7381765&btz=Europe/Berlin&bto=-120&bar=x
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hautoust.com/4/6118780/?var=7381765&btz=Europe/Berlin&bto=-120&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://hautoust.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"124.0.6367.78"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.78", "Google Chrome";v="124.0.6367.78", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Wed, 01 May 2024 23:27:14 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://datatechdrift.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
6c6833251c00d8edc778652b5666a070

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://hautoust.com
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Wed, 01 May 2024 23:27:14 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://hautoust.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://hautoust.com/4/6118780/?var=7381765&btz=Europe/Berlin&bto=-120&bar=x
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
a6892d6b4f8445ef7c112501aeceec86
favicon.ico
hautoust.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://hautoust.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.78"
Referer
https://hautoust.com/afu.php?zoneid=7381765&var=7381765&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=124.0.6367.78
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.78", "Google Chrome";v="124.0.6367.78", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Wed, 01 May 2024 23:27:14 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
Primary Request /
greenorbitly.com/
Redirect Chain
  • https://datatechdrift.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=809678994378334869&cost=0.004168&zoneid=6118780&campaignid=7594104&bannerid=19423511&subzoneid=0
  • https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=171468...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Requested by
Host: hautoust.com
URL: https://hautoust.com/4/6118780/?var=7381765&btz=Europe/Berlin&bto=-120&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
1a031c4c223a3f8a5cc4fb7344ce922bbf596f10c491c0f19cc6ca081663ba2e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hautoust.com/partitial/5117854?var=6118780&ab2r=0&prfrev=false&rhd=false&sf=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87d38a87783c5d9d-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 01 May 2024 23:27:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0HR07NOFLYti6yaJhuptSrkXQHVxcmw67MBGBI2AsDDdBf9rOBqAyTg37gFbcn3QsFYlqMnk%2BKO4ocmCxwYCNxYCg9F2l7%2F%2FnWG0JHTuVe2W1vWHrS5j%2BQ3F1ARNi2pYFxU0FXguqwKzVW9wpVV%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Next.js

Redirect headers

content-length
0
date
Wed, 01 May 2024 23:27:15 GMT
location
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
server
Caddy
x-request-id
b1cacee3-4ef8-48ab-a484-0ce3c5edce0f
js
www.googletagmanager.com/gtag/ 		258 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0575302c23b1a447dbc8661d5306e91f4840ae2777db5a71c6c2992fb44a5296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92186
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 01 May 2024 23:27:15 GMT
9d92a176c9608aa4.css
greenorbitly.com/_next/static/css/ 		102 B
625 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/css/9d92a176c9608aa4.css
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3475088
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Mar 2024 22:49:00 GMT
server
cloudflare
etag
W/"66-18e63340fc4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WBfbk5P3ypgfOqtpiMuzBRiukBOBOrFxuOlmoa0vX6no8%2F9K9MfrA1JLWlX4bIkTNL2lcFD0iff8IYslfqRR4efJl%2Fs7CcFKyYu1WA9s%2FUjUqM3pkGaU4%2BcI%2BqSX%2B9EY4675tSK%2BOS5PdLjq1XRM"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87d38a87c85c5d9d-FRA
2253152349334368.css
greenorbitly.com/_next/static/css/ 		53 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/css/2253152349334368.css
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29b38ab0ea3e0136e4e86c66039bd9e67e9257463eedca42ec77c53d9505412c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2017
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 May 2024 22:48:47 GMT
server
cloudflare
etag
W/"d53b-18f365899c2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBmkuSgUvP0tADKOV0W8vR8nWjNXiYAlbh%2BXo21ZZR1dczFuDZQQtaQ3jMk9Vm3Ppsp3Bg8Ez5niIWjP9eBk8HDBjQApQ7wfHRbsrOssVgbci%2FCrLc%2F9lLoQnu07MWyt4xiJNmg%2BAR%2B5%2BCCL8m91"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87d38a87c85d5d9d-FRA
50ca8869732a54c1.css
greenorbitly.com/_next/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/css/50ca8869732a54c1.css
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f881aba1ea6770337d10895a91477d926e43f2d81a9a8567ea9e02ec5035c9d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2017
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 May 2024 22:48:47 GMT
server
cloudflare
etag
W/"c99-18f365899be"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wIMXEYm3CSPHFeBhi5Bkac8lZf31q4JkZKXOROJEtn3m80IeuVvwEwvB%2ByFIgxnyco5TdBIMyeQ1%2Ff06QE1ChXtv1IgaHGnpTWTpbfNB3t6EQzrBV4bcHqx2I3z%2FC7C%2F1Z1vY%2BETadOcVUS%2BNAN0"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87d38a87c85e5d9d-FRA
928-7b068c156aaeccb0.js
greenorbitly.com/_next/static/chunks/ 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/928-7b068c156aaeccb0.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de3a95963ade7dc03712280abe3b0071f5ab4105e94037f17e79c37f22da545b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261062
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 28 Apr 2024 22:48:51 GMT
server
cloudflare
etag
W/"1bd89-18f26e59798"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YBBBTLpFSbALDphddMPR88SN6j8mfiPWlkKJb4t%2FhEbmHEQDdEkblIsDBwN5RrTa6YHk%2BjsHuE5gCSfjJIHt5wyKiY5bjSrW8fD26h7fsCXhwNMWtFd%2FVoto8QsI5KFAoL1e%2BFIjIZuqdI%2FBbWrj"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87d38a87d8665d9d-FRA
166.f5291da87b4d3854.js
greenorbitly.com/_next/static/chunks/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/166.f5291da87b4d3854.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c38df1edad1990cbe9ada06e62cae9c83540bdcf0dcf55a2a0b02d61842b1440
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2017
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 May 2024 22:48:47 GMT
server
cloudflare
etag
W/"499a-18f365899c6"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQRASRg8Pmc51IA2lgxGGn7kNxjFBaNxQCWcCFwxsekdIJ9n86xDqPymU7IoEe78nRTiyla5Yj9wQvushwxy6kpwAEOePC8D5bx9Ld0YXjETOaaVEtFAalPJesqxmsUi%2Bm6UThrMEBkEMGwt%2BNsN"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87d38a87d8675d9d-FRA
983.6b2cddc3e08208e9.js
greenorbitly.com/_next/static/chunks/ 		141 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/983.6b2cddc3e08208e9.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef08dbc2949792c46b2abc6f42c6a352523c26ef408984fb52794a72928eebf6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2017
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 May 2024 22:48:47 GMT
server
cloudflare
etag
W/"234f1-18f365899c6"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X09b6V8K1RgCTLXb8vBDpvNt%2Bn66Y%2F6ZRjAVhDJ4qJmlHD54lMMa0c9RUhnMibyXCweryYJ%2FCIeaBoMziCdexzOQJM%2FkOVFD7koVQO4q2hzjQe3NsJtbjvcjwuFxch9CkfGNpDBdodmC6Yb2O36%2B"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87d38a87d86a5d9d-FRA
webpack-2b03e7713188dd52.js
greenorbitly.com/_next/static/chunks/ 		10 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/webpack-2b03e7713188dd52.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c0207f9376bf375d51901ede3dc2eabea55745950ee813e22aa7c6a2932919
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2017
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 May 2024 22:48:47 GMT
server
cloudflare
etag
W/"28d1-18f365899c2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fs6DyQOMSCVTR6e34YvCJrXTlzwM8XvTRb%2FWuuqKDH3dv1awEiDanVqYSdMCero3NLuaMocgMSyKvkQGNcGCnm%2BsOKo1T%2B4WW54DW6vl1NBbjeA78xNN25g%2BbrXJG76ecb6zweIlL7L%2BkjRXEZSV"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87d38a87d86b5d9d-FRA
framework-11af704958927554.js
greenorbitly.com/_next/static/chunks/ 		285 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/framework-11af704958927554.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5100865aadb82e73f1ae816910edb9efc727deef599970f80f87d1fd425d2b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2017
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 May 2024 22:48:47 GMT
server
cloudflare
etag
W/"47240-18f365899c2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QQfrgTjaOTlLNLsalp527FZIhGbc9vv6PuGNLY6xc4k5gAc2j23bJCpvV7n8FTUKKhKanq5foD0wcFYnpSTxkU%2BMQqzsPfA%2BHHyea5X01VrHUA%2FS5hJ5gdpOZ8tL7VcEmSpzctedtrvarZCyI%2BP5"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87d38a87d86c5d9d-FRA
main-4fbdaef4b18ad4e3.js
greenorbitly.com/_next/static/chunks/ 		154 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/main-4fbdaef4b18ad4e3.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ff470e5f0c9d0ee2df0f43c7d23434c524f304a554c63ae6b7f01654c468043
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261062
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 28 Apr 2024 22:48:51 GMT
server
cloudflare
etag
W/"269dc-18f26e5979c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AscNd9hC4NRqH4HJt%2BL7EkmGaGsqYMv%2Bf99GU2sY%2BxJdwQ4IxlUZGjnV9FPVW6TdQA0z4eP1TbXpjvJ%2BpYOzNCHxtZuceGqNxX2ydZaa0%2BaqzRlZq8GgRmXqlPHLOjyIqhT0bJLEWxerJVMEYV74"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87d38a87d8715d9d-FRA
_app-6f5debf49342a663.js
greenorbitly.com/_next/static/chunks/pages/ 		82 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/pages/_app-6f5debf49342a663.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deb1663b1cc7de1d578d7abf70a9ef3d6a6ee2c97183ab74373a2caf17482ea5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261062
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 28 Apr 2024 22:48:51 GMT
server
cloudflare
etag
W/"146f0-18f26e59798"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=muO8N9YzDrKY09oyCU2hf89bcdcRja8UEXLagAcXQewRS1d5oVuzALAVeQQh%2BG7S6Fp9QqmeUQfOTl8wkWLhy0PT4HgEltvFgw3CXezXo5hV535dGuwzsVL0R30D7k3%2BHU6tgn%2BCB8V6C94kvbQh"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87d38a87d8735d9d-FRA
index-a95f0265d3f470ce.js
greenorbitly.com/_next/static/chunks/pages/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/chunks/pages/index-a95f0265d3f470ce.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab89004474c0aa537f954efccc09be51a634ce43f7c717a658390846b91ceb61
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261062
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 28 Apr 2024 22:48:51 GMT
server
cloudflare
etag
W/"52ac-18f26e59798"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bA5rqLHwNwiFWTwYYpbRJvecaQC5L6ujsxvn1D4Zay07jODE%2BXeb8RzZ98sifnG3uVfFqqB10sNUi2YOKnx%2FzR1XyYR6QYxil2x2ZyDshEH0%2FGUHUIt7x27alXtMI5bO%2Fb0MT6297yJ%2Fg8FRAnLU"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87d38a87d8765d9d-FRA
_buildManifest.js
greenorbitly.com/_next/static/wj_FAMe1ug93tRXi3x4Sc/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/wj_FAMe1ug93tRXi3x4Sc/_buildManifest.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c43c2837d4f38f509580b20b8335231ff10bd7e8990ded62a19278a2a864f5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2017
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 May 2024 22:48:47 GMT
server
cloudflare
etag
W/"407-18f365899c2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9pjPPFL9zXFav%2FCOVA5enWmlN8igUv2hTaBFVL%2F06jtDLehEIZP6ErRH%2BC0X%2B88C5EFXZllDwkxaC5sHTLEXGJinVtsouNDbrKLOnweXgWxnOxCNN50BsbFwMmM%2Fq5zH2GMeU9k42%2BP1l6V43jKi"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87d38a87d8785d9d-FRA
_ssgManifest.js
greenorbitly.com/_next/static/wj_FAMe1ug93tRXi3x4Sc/ 		77 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/_next/static/wj_FAMe1ug93tRXi3x4Sc/_ssgManifest.js
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2017
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 May 2024 22:48:47 GMT
server
cloudflare
etag
W/"4d-18f365899c2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gd6k7VtM19efP6Ex2Bojcey4sbvb2Q97G1mAsnebcsUoR3S75l094kEJYPBHhZIxYeZhiMgJtmYkFBAL5liZ%2FWjS1EOTz2SzD0oBCNYDnrr06wrfWlQNyR6pAWXzRhOqb55Hhzz60UyFwf2xX4jG"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87d38a87d8795d9d-FRA
icon.svg
greenorbitly.com/images/promo-images/salmon/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://greenorbitly.com/images/promo-images/salmon/icon.svg
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/_next/static/css/50ca8869732a54c1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/_next/static/css/50ca8869732a54c1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 May 2024 22:48:32 GMT
server
cloudflare
etag
W/"c75-18f36585ec5"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=runFQe9k6WtGI6i1nz0FBYJtb8s5kNQLzmJWfvI%2FOO%2B4dyJUNYr0kX%2BRdYOhOKEXJwrcD5R46nRhCiZXTaZ%2BLYc3LCuJCzhqiel%2FMAwA3UKUO2euk4J2414tVBeZkYqoSexybvszHU48T%2FSvu%2FSt"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
87d38a8818915d9d-FRA
available-in-chrome.svg
greenorbitly.com/images/browser-icons/ 		21 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://greenorbitly.com/images/browser-icons/available-in-chrome.svg
Requested by
Host: greenorbitly.com
URL: https://greenorbitly.com/_next/static/css/2253152349334368.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/_next/static/css/2253152349334368.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 May 2024 22:48:32 GMT
server
cloudflare
etag
W/"5287-18f36585ea1"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5UMz2KxbZehjojnCvH28cd%2BWVYpI%2FAhOUf3FXeKfUsA4%2B4fplPJ62FSfC1FGtisqoloe%2FUBPR5WQe06nAqLYr3oOzUuShAAyb3ct1ZY3lLOYxCAgBkWdJMZgYOk%2Bdn9AErtahBmB4neR%2BPKca4GP"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
87d38a8818925d9d-FRA
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je44t0v9138996702za200&_p=1714606035171&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=434583019.1714606035&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714606035&sct=1&seg=0&dl=https%3A%2F%2Fgreenorbitly.com%2F%3Fextension%3Dytube_adskipper%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Ddatatechdrift.com%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D32%26src%3D6118780%26cid%3Dcopcvkr2r96s73c961m0%26lpkey%3D17146895536478a4c8be14fa07ec1b30d04db06335%26isV2%3Dtrue&dt=YTube%20AdSkipper&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=359
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 01 May 2024 23:27:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://greenorbitly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
click
datatechdrift.com/ 		0
0
favicon.ico
greenorbitly.com/images/extension-icons/ytube-adskipper/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://greenorbitly.com/images/extension-icons/ytube-adskipper/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a50d59f092cfa8b87b6b2ed6742805559faff8421d625acf90eed3c34422f10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:27:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 May 2024 22:48:32 GMT
server
cloudflare
etag
W/"3aee-18f36585ead"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/x-icon
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OnvB1EXYxW217MaahcCPuAfx39X90jrXQ3RImsg5Wnb9ql2vlBAySu9V7JACVxRAbY0MI2Cqk%2FT0NOBsGn3b8NGSwAfS81AWqYcCXtBd3q8mo2MW18kcreZmJHiGUb7%2FB5ClXIec8OTHxJXv%2FYlp"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
87d38a8959195d9d-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TP9PD24S5Y&gtm=45je44t0v899704269za200&_p=1714606034465&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1558774772.1714606035&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714606034&sct=1&seg=0&dl=https%3A%2F%2Fgo-via.cc%2Flgvqcf&dt=Two%20Malaysian%20Helicopters%20Practicing%20for%20a%20Royal%20Malaysian%20Navy%20Event%20Collide%20%7C%20Go-Via.cc&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=141
Domain
datatechdrift.com
URL
https://datatechdrift.com/click?upd_clickid=copcvkr2r96s73c961m0&add_event6=1

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| a38b function| a38a object| webpackChunk_N_E function| a14b function| a14a function| a37b function| a37a function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| a1b function| a1a function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_tag_manager object| google_tag_data object| gaGlobal

22 Cookies

Domain/Path Name / Value
.go-via.cc/ Name: _ga
Value: GA1.1.1558774772.1714606035
.go-via.cc/ Name: _ga_TP9PD24S5Y
Value: GS1.1.1714606034.1.0.1714606034.0.0.0
hautoust.com/ Name: OAID
Value: 00804fcf5a4443f7f10e448db100a36d
hautoust.com/ Name: oaidts
Value: 1714606034
my.rtmark.net/ Name: ID
Value: 00804fcf5a4443f7f10e448db100a36d
hautoust.com/ Name: syncedCookie
Value: true
datatechdrift.com/ Name: uclick
Value: zbyJkQ8KMd0117GgP2CY4iDV/qBbv+US1r/hNXpiswU73kF1usplSvYxbk7PLQqBk5nv8OY=
datatechdrift.com/ Name: bcid
Value: copcvkr2r96s73c961m0
datatechdrift.com/ Name: cid
Value: copcvkr2r96s73c961m0
.greenorbitly.com/ Name: extension
Value: ytube_adskipper
.greenorbitly.com/ Name: promo
Value: salmon
.greenorbitly.com/ Name: big
Value: none
.greenorbitly.com/ Name: clk_domain
Value: datatechdrift.com
.greenorbitly.com/ Name: flow
Value: binom
.greenorbitly.com/ Name: campaignId
Value: 10557
.greenorbitly.com/ Name: trafficsource
Value: 32
.greenorbitly.com/ Name: src
Value: 6118780
.greenorbitly.com/ Name: cid
Value: copcvkr2r96s73c961m0
.greenorbitly.com/ Name: lpkey
Value: 17146895536478a4c8be14fa07ec1b30d04db06335
.greenorbitly.com/ Name: isV2
Value: true
.greenorbitly.com/ Name: _ga_D9B6K7HFTW
Value: GS1.1.1714606035.1.0.1714606035.0.0.0
.greenorbitly.com/ Name: _ga
Value: GA1.1.434583019.1714606035

3 Console Messages

Source Level URL
Text
other warning URL: https://hautoust.com/4/7381765
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=copcvkr2r96s73c961m0&lpkey=17146895536478a4c8be14fa07ec1b30d04db06335&isV2=true
Message:
Access to XMLHttpRequest at 'https://datatechdrift.com/click?upd_clickid=copcvkr2r96s73c961m0&add_event6=1' from origin 'https://greenorbitly.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://datatechdrift.com/click?upd_clickid=copcvkr2r96s73c961m0&add_event6=1
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
datatechdrift.com
go-via.cc
greenorbitly.com
hautoust.com
my.rtmark.net
region1.google-analytics.com
www.googletagmanager.com
datatechdrift.com
region1.google-analytics.com
139.45.195.8
139.45.197.243
2001:4860:4802:32::36
2606:4700:3031::ac43:adf8
2606:4700:3032::ac43:a45e
2606:4700::6811:190e
2a00:1450:4001:827::2008
52.58.28.63
0575302c23b1a447dbc8661d5306e91f4840ae2777db5a71c6c2992fb44a5296
1a031c4c223a3f8a5cc4fb7344ce922bbf596f10c491c0f19cc6ca081663ba2e
29b38ab0ea3e0136e4e86c66039bd9e67e9257463eedca42ec77c53d9505412c
48000d2d5da79231d9c2d8910aa41471766e0abe3d2203f131a3ac4d17193747
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ff470e5f0c9d0ee2df0f43c7d23434c524f304a554c63ae6b7f01654c468043
5a50d59f092cfa8b87b6b2ed6742805559faff8421d625acf90eed3c34422f10
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
83c0207f9376bf375d51901ede3dc2eabea55745950ee813e22aa7c6a2932919
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
9c43c2837d4f38f509580b20b8335231ff10bd7e8990ded62a19278a2a864f5b
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
ab89004474c0aa537f954efccc09be51a634ce43f7c717a658390846b91ceb61
c38df1edad1990cbe9ada06e62cae9c83540bdcf0dcf55a2a0b02d61842b1440
de3a95963ade7dc03712280abe3b0071f5ab4105e94037f17e79c37f22da545b
deb1663b1cc7de1d578d7abf70a9ef3d6a6ee2c97183ab74373a2caf17482ea5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5100865aadb82e73f1ae816910edb9efc727deef599970f80f87d1fd425d2b4
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
ef08dbc2949792c46b2abc6f42c6a352523c26ef408984fb52794a72928eebf6
f881aba1ea6770337d10895a91477d926e43f2d81a9a8567ea9e02ec5035c9d3
fa1c38ac5b62afd81bdf084f1592afd95f8780fe1c629f317e2260aab647256f