greenorbitly.com Open in urlscan Pro
2606:4700:3032::ac43:a45e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://a5.clipwavenet.com/
Effective URL:
https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId...
Submission: On March 14 via api (March 14th 2024, 11:59:53 am UTC) from US — Scanned from US

Summary HTTP 69 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 15 domains to perform 69 HTTP transactions. The main IP is 2606:4700:3032::ac43:a45e, located in United States and belongs to CLOUDFLARENET, US. The main domain is greenorbitly.com. The Cisco Umbrella rank of the primary domain is 368488.
TLS certificate: Issued by GTS CA 1P5 on February 17th 2024. Valid for: 3 months.

This is the only time greenorbitly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3033::6815:5151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
1 3	23.53.35.234 23.53.35.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2600:1408:c40... 2600:1408:c400:1882::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	23.53.35.239 23.53.35.239	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1408:c40... 2600:1408:c400:588::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	52.58.28.63 52.58.28.63	16509 (AMAZON-02) (AMAZON-02)
16	2606:4700:303... 2606:4700:3032::ac43:a45e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
69	15

7 2606:4700:3033::6815:5151 (United States)

ASN13335 (CLOUDFLARENET, US)

a5.clipwavenet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1.clipwavenet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.clipwavenet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

shaumtol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.53.35.234 (Ashburn, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-35-234.deploy.static.akamaitechnologies.com

ak.alklinker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:1882::11a6 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.35.239 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-35-239.deploy.static.akamaitechnologies.com

ak.ocoaksib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:588::11a6 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.28.63 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com

track.instant-adblock.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3032::ac43:a45e (United States)

ASN13335 (CLOUDFLARENET, US)

greenorbitly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	greenorbitly.com greenorbitly.com — Cisco Umbrella Rank: 368488	303 KB
9	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 30771 Failed
7	clipwavenet.com a5.clipwavenet.com b1.clipwavenet.com c1.clipwavenet.com	50 KB
5	shaumtol.com shaumtol.com — Cisco Umbrella Rank: 269924 Failed	30 KB
3	alklinker.com 1 redirects ak.alklinker.com — Cisco Umbrella Rank: 906315	16 KB
3	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11818 Failed	2 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1435 c.go-mpulse.net — Cisco Umbrella Rank: 659	50 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	254 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	85 KB
1	instant-adblock.xyz 1 redirects track.instant-adblock.xyz	440 B
1	ocoaksib.com ak.ocoaksib.com — Cisco Umbrella Rank: 119310	2 KB
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 37995	469 B
0	amunfezanttor.com Failed amunfezanttor.com Failed
69	15

	Domain	Requested by
16	greenorbitly.com	ak.ocoaksib.com greenorbitly.com
9	jouteetu.net	shaumtol.com
5	shaumtol.com	a5.clipwavenet.com b1.clipwavenet.com shaumtol.com c1.clipwavenet.com
3	ak.alklinker.com	1 redirects c1.clipwavenet.com ak.alklinker.com
3	my.rtmark.net	shaumtol.com ak.alklinker.com ak.ocoaksib.com
3	c1.clipwavenet.com	b1.clipwavenet.com c1.clipwavenet.com shaumtol.com
2	fonts.gstatic.com	fonts.googleapis.com
2	b1.clipwavenet.com	a5.clipwavenet.com b1.clipwavenet.com shaumtol.com
2	a5.clipwavenet.com	a5.clipwavenet.com
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	greenorbitly.com
1	www.googletagmanager.com	greenorbitly.com
1	track.instant-adblock.xyz	1 redirects greenorbitly.com
1	c.go-mpulse.net	s.go-mpulse.net
1	ak.ocoaksib.com
1	datatechone.com	ak.alklinker.com
1	s.go-mpulse.net	ak.alklinker.com
0	amunfezanttor.com Failed	shaumtol.com
69	18

This site contains no links.

Subject Issuer	Validity	Valid
clipwavenet.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
shaumtol.com R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
ak.hetaruwg.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
jouteetu.net R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-03-06` - `2025-03-06`	a year	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
greenorbitly.com GTS CA 1P5	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
Frame ID: 31F436BC3D05AEE8E0F614F99ACFB790
Requests: 65 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
Frame ID: F769EF2797CB59873BAAA25CA32FB38F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

YTube AdSkipper

Page URL History Show full URLs

https://a5.clipwavenet.com/ Page URL
https://b1.clipwavenet.com/?cnv_id=undefined Page URL
https://c1.clipwavenet.com/?cnv_id=undefined Page URL
https://ak.alklinker.com/afu.php?zoneid=5708025 Page URL
https://ak.alklinker.com/?z=5708025&syncedCookie=true&rhd=false HTTP 302
https://ak.ocoaksib.com/4/6118780/?var=5708025&btz=Pacific/Honolulu&bto=600 Page URL
https://track.instant-adblock.xyz/click?key=fickwiw7fy7yshltu1k2&visitor_id=792111386066170416&cost=0.004672&z... HTTP 307
https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&f... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

69
Requests

74 %
HTTPS

53 %
IPv6

15
Domains

18
Subdomains

15
IPs

4
Countries

570 kB
Transfer

1522 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://a5.clipwavenet.com/ Page URL
https://b1.clipwavenet.com/?cnv_id=undefined Page URL
https://c1.clipwavenet.com/?cnv_id=undefined Page URL
https://ak.alklinker.com/afu.php?zoneid=5708025 Page URL
https://ak.alklinker.com/?z=5708025&syncedCookie=true&rhd=false HTTP 302
https://ak.ocoaksib.com/4/6118780/?var=5708025&btz=Pacific/Honolulu&bto=600 Page URL
https://track.instant-adblock.xyz/click?key=fickwiw7fy7yshltu1k2&visitor_id=792111386066170416&cost=0.004672&zoneid=6118780&campaignid=7744863&bannerid=19839481&subzoneid=0 HTTP 307
https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://ak.alklinker.com/?z=5708025&syncedCookie=true&rhd=false HTTP 302
https://ak.ocoaksib.com/4/6118780/?var=5708025&btz=Pacific/Honolulu&bto=600

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
a5.clipwavenet.com/ 11 KB
5 KB 403ms
323ms Document
text/html 2606:4700:3033::6815:5151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a5.clipwavenet.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86441982d95f6dcb-MIA
content-encoding: br
content-type: text/html
date: Thu, 14 Mar 2024 11:59:47 GMT
last-modified: Mon, 11 Mar 2024 00:14:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UtJatUBZ76DAmLPAbDQAfisxEJ%2F5dJvE6Qa2PgsDUaPk%2FFAId9r1PJBsJk9sowXNEoT%2FWJMUHh%2BYTLi9aeA55qht0AGsCANEtfOpi%2FMxGJuN%2F9yq1936cXdFvVjKU2WEctdUBux0%2B7amS9WLI2%2BExWw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 play.png
a5.clipwavenet.com/images/play/ 11 KB
11 KB 316ms
315ms Image
image/png 2606:4700:3033::6815:5151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a5.clipwavenet.com/images/play/play.png
Requested by: Host: a5.clipwavenet.com
URL: https://a5.clipwavenet.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a5.clipwavenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Mar 2019 13:22:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c8a558a-2b07"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VVhHy7puP4bFZzlNJT%2Fa6MR6d1x%2F4QpVZJ%2BH95SJHtX8tLkPWxZKCYiCJj%2BRgxJG8NRn1%2FZSkpVIzWD59XjPI6V%2FwlpiQlT8TnhE3vkwvvOL2HOnwKG4WVDLwJF6cizbnKtXfd5HcBh1oiWgkMr753M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 864419850b1e6dcb-MIA
alt-svc: h3=":443"; ma=86400
content-length: 11015
expires: Sat, 13 Apr 2024 11:59:48 GMT

GET micro.tag.min.js
shaumtol.com/pfe/current/ 0
0

GET
H2 200 /
b1.clipwavenet.com/ 11 KB
5 KB 344ms
326ms Document
text/html 2606:4700:3033::6815:5151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b1.clipwavenet.com/?cnv_id=undefined
Requested by: Host: a5.clipwavenet.com
URL: https://a5.clipwavenet.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://a5.clipwavenet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 864419852b456dcb-MIA
content-encoding: br
content-type: text/html
date: Thu, 14 Mar 2024 11:59:48 GMT
last-modified: Mon, 11 Mar 2024 00:14:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CzlqcDFbhd3bAxtI2zYMlIldIslM1NU7dk3ocxGeCC6vr4VrVX09apkyM5UuIFFKlmsu75WupU0K%2BUF7AyAUfA7oWlweW5Duh7z10SxLH3YiExtS2Gt5IKLPF9YgttQvUpmtVHUUL3Geqlg3GFeAyh0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 micro.tag.min.js
shaumtol.com/pfe/current/ 35 KB
14 KB 130ms
130ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js
Requested by: Host: b1.clipwavenet.com
URL: https://b1.clipwavenet.com/?cnv_id=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b1.clipwavenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 11:59:48 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2024 08:40:28 GMT
server: nginx
etag: W/"65f014fc-8a1a"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3 200 play.png
b1.clipwavenet.com/images/play/ 11 KB
11 KB 36ms
35ms Image
image/png 2606:4700:3033::6815:5151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1.clipwavenet.com/images/play/play.png
Requested by: Host: b1.clipwavenet.com
URL: https://b1.clipwavenet.com/?cnv_id=undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b1.clipwavenet.com/?cnv_id=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85278
alt-svc: h3=":443"; ma=86400
content-length: 11015
last-modified: Thu, 14 Mar 2019 13:22:18 GMT
server: cloudflare
etag: "5c8a558a-2b07"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YIMIpz3GYsIXtzFFdWOtbvrb6l1d62KRbyVtP4XvFtrv4gSVZhUJpji8xD2UpuMrC3Xo0vU48KlsP39MUn6CUjIsInI%2FbiEB7hWfDwKwQuLYPEyTJ9vZ5ks3ox1%2FlD519O%2FDF7QEkVKXW5NJbK0vmhM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86441987e8498dde-MIA
expires: Fri, 12 Apr 2024 12:18:30 GMT

GET
H2 200 / Show response
c1.clipwavenet.com/ 11 KB
5 KB 392ms
320ms Document
text/html 2606:4700:3033::6815:5151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.clipwavenet.com/?cnv_id=undefined
Requested by: Host: b1.clipwavenet.com
URL: https://b1.clipwavenet.com/?cnv_id=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f511bd2f4f680833aec79b19a722cbc8994f0d77cbaa59618f6ac23694564b2

Request headers

Referer: https://b1.clipwavenet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 864419885f166dcb-MIA
content-encoding: br
content-type: text/html
date: Thu, 14 Mar 2024 11:59:48 GMT
last-modified: Mon, 11 Mar 2024 00:14:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ObfImRnwMaadVm1XI%2BAFekXfVF07Cj2qOzxOEoiluFcbyzToH6yjdAcTLnC29xmJEMj6iazCF%2F7VAU2SvnwhDy%2B2jFvwmEmKHvkP%2B5%2F6JrbwaU40mNlUty5xfm2Uh2N5TXR%2BckWx6C0NB9ebzd83Br4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST custom
jouteetu.net/ 0
0

GET sw-check-permissions-1df5e.js
b1.clipwavenet.com/ 0
0

POST custom
jouteetu.net/ 0
0

POST
H2 200 zone
shaumtol.com/ 0
260 B 131ms
130ms Ping
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shaumtol.com/zone?&pub=0&zone_id=5708017&is_mobile=false&domain=b1.clipwavenet.com&var=&ymid=undefined&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=c448cd06-f8ca-4cc1-b9df-eb96d6710b8d&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b1.clipwavenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-trace-id: f354ba5a2f8988bfae21d77d0ff6b44a
date: Thu, 14 Mar 2024 11:59:48 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://b1.clipwavenet.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

POST custom
jouteetu.net/ 0
0

GET gid.js
my.rtmark.net/ 0
0

POST custom
jouteetu.net/ 0
0

GET zone
shaumtol.com/ 0
0

OPTIONS event
amunfezanttor.com/ Frame 0
0

POST event
amunfezanttor.com/ 0
0

POST custom
jouteetu.net/ 0
0

POST event
amunfezanttor.com/ 0
0

POST custom
jouteetu.net/ 0
0

GET
H2 200 micro.tag.min.js
shaumtol.com/pfe/current/ 35 KB
14 KB 166ms
166ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js
Requested by: Host: c1.clipwavenet.com
URL: https://c1.clipwavenet.com/?cnv_id=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.clipwavenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 11:59:48 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2024 08:40:28 GMT
server: nginx
etag: W/"65f014fc-8a1a"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3 200 play.png
c1.clipwavenet.com/images/play/ 11 KB
11 KB 327ms
327ms Image
image/png 2606:4700:3033::6815:5151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.clipwavenet.com/images/play/play.png
Requested by: Host: c1.clipwavenet.com
URL: https://c1.clipwavenet.com/?cnv_id=undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.clipwavenet.com/?cnv_id=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:49 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Mar 2019 13:22:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c8a558a-2b07"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mg1pelZVZFiBqSRGViAYKCjaN9Uax1e3L2rBNbkyW7flmWUyEng%2FwBuyIHJxzQdYyv1zkITHJP30xuLAX5MAjFDYxbbVk%2F2TGOHA2ITgvxDx31uR2HVo7zi226Ssum1%2BmU%2FyyiENb2fKfp2LSgc24Ck%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8644198a7ab58dde-MIA
alt-svc: h3=":443"; ma=86400
content-length: 11015
expires: Sat, 13 Apr 2024 11:59:49 GMT

GET
H2 200 afu.php Show response
ak.alklinker.com/ 36 KB
15 KB 691ms
425ms Document
text/html 23.53.35.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ak.alklinker.com/afu.php?zoneid=5708025

Requested by

Host: c1.clipwavenet.com
URL: https://c1.clipwavenet.com/?cnv_id=undefined

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.35.234 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-35-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

1dd2da23811d48b7226521eb49838d5f2dcd3e3602705d93cb56999f319b4543

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://c1.clipwavenet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 13886
content-type: text/html; charset=utf8
date: Thu, 14 Mar 2024 11:59:49 GMT
expires: Thu, 14 Mar 2024 11:59:49 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server-timing: cdn-cache; desc=MISS edge; dur=366 origin; dur=7 ak_p; desc="1710417589044_389287850_566796839_37157_662_50_108_255";dur=1
strict-transport-security: max-age=1
timing-allow-origin: * *
vary: Accept-Encoding
x-akamai-transformed: 9 13387 0 pmb=mRUM,1
x-content-type-options: nosniff
x-trace-id: 9b98e509c92168e66a16882f2a16b0d3

POST
H2 200 custom
jouteetu.net/ 0
0 309ms
258ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c1.clipwavenet.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sw-check-permissions-1df5e.js
c1.clipwavenet.com/ 0
769 B 324ms
324ms Other
application/javascript 2606:4700:3033::6815:5151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.clipwavenet.com/sw-check-permissions-1df5e.js?ymid=undefined&zoneId=5708017
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.clipwavenet.com/?cnv_id=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 10 Mar 2024 22:54:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ee3a38-236"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XAYhyJtAJ0UiVEU6I5i3oDTly5NURXGZlKpvBBgHAIDEQvd54bw792Iz9P8lYn0xduZa6kxFb%2FwEXfijSozv%2BRln4GmIjqDRz298tk39SDWwExqQBEZP9u%2Bux%2Fvj4OvRT%2B7peCl3IDOIioMdFXYpbmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 8644198bcbe38dde-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Mar 2024 23:59:49 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 306ms
257ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c1.clipwavenet.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
shaumtol.com/ 0
260 B 131ms
130ms Ping
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shaumtol.com/zone?&pub=0&zone_id=5708017&is_mobile=false&domain=c1.clipwavenet.com&var=&ymid=undefined&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=01f1852f-c5a4-4332-8f48-fd0cc5ad084f&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.clipwavenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-trace-id: 8a7851df6aa23e8f3ea40c15c79a9788
date: Thu, 14 Mar 2024 11:59:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://c1.clipwavenet.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

POST
H2 200 custom
jouteetu.net/ 0
0 308ms
259ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c1.clipwavenet.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 309ms
260ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c1.clipwavenet.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js
my.rtmark.net/ 65 B
547 B 179ms
131ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5708017&checkDuplicate=true&ymid=undefined&var=

Requested by

Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.clipwavenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://c1.clipwavenet.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 306ms
258ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c1.clipwavenet.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 271ms
266ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c1.clipwavenet.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 177ms
177ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c1.clipwavenet.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zone
shaumtol.com/ 802 B
1 KB 135ms
133ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shaumtol.com/zone?&pub=0&zone_id=5708017&is_mobile=false&domain=c1.clipwavenet.com&var=&ymid=undefined&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=01f1852f-c5a4-4332-8f48-fd0cc5ad084f&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.clipwavenet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-trace-id: 4d1923dddae4c3a715890878f3b83061
date: Thu, 14 Mar 2024 11:59:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://c1.clipwavenet.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 802

POST
H2 200 custom
jouteetu.net/ 0
0 134ms
133ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c1.clipwavenet.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 133ms
132ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=undefined&sw=/sw-check-permissions-1df5e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c1.clipwavenet.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
s.go-mpulse.net/boomerang/ Frame F769 205 KB
49 KB 180ms
56ms Script
application/javascript 2600:1408:c400:1882::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
Requested by: Host: ak.alklinker.com
URL: https://ak.alklinker.com/afu.php?zoneid=5708025
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:1882::11a6 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ak.alklinker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:49 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Mon, 05 Feb 2024 09:13:32 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 sftouch
ak.alklinker.com/ 2 B
677 B 136ms
136ms Ping
text/plain 23.53.35.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ak.alklinker.com/sftouch?userId=00801f96c1a94c29ea4c6537d74f61e8&z=5708025&p_rid=907e75e3-01e1-4062-9f55-11fe8767517f&p_src=sf&branchId=400701&rb=MWiI-oJH1VxWsHxGmU8dA1sH4SpmCNtDt2xBsNEdNA0Pn00NegSNpQTzZtVLNLs_hKBfN145mXaUuRM3ti2bRNUz4GWxGIGViIskrqcsj8OC_4CFwB1KapdU9d-m09tGwjiZtWhKrheFd06GqDtw77dbW1ks0_9_-ezPvPXE4aFc6BpBYsdjSlP2T0merzPyTElpbnFgO5_UJxAuqXALAN-HTdaV_XenjPLdXmtSh4zGhc7_OkDxVHx0d2kcS51UG6XF2dXbnOHb21PXuq9sb2fdAkMa050uqkqQ3MTelb0dYHSZ5IpiT1cpgNx0Ee1tDn8J2dpF22vHOi7Y

Requested by

Host: ak.alklinker.com
URL: https://ak.alklinker.com/afu.php?zoneid=5708025

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.35.234 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-35-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ak.alklinker.com/afu.php?zoneid=5708025
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=1
date: Thu, 14 Mar 2024 11:59:49 GMT
x-content-type-options: nosniff
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=3, ak_p; desc="1710417589596_389287850_566801352_8369_658_50_0_109";dur=1
content-length: 2
x-trace-id: 1a5da2b1e0121434506283c58229ce92
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://ak.alklinker.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Thu, 14 Mar 2024 11:59:49 GMT

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
469 B 410ms
135ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=907e75e3-01e1-4062-9f55-11fe8767517f
Requested by: Host: ak.alklinker.com
URL: https://ak.alklinker.com/afu.php?zoneid=5708025
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: https://ak.alklinker.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 14 Mar 2024 11:59:49 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://ak.alklinker.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 132ms
132ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00801f96c1a94c29ea4c6537d74f61e8&z=5708025&p_rid=907e75e3-01e1-4062-9f55-11fe8767517f&p_src=sf

Requested by

Host: ak.alklinker.com
URL: https://ak.alklinker.com/afu.php?zoneid=5708025

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ak.alklinker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2

200

/
ak.ocoaksib.com/4/6118780/
Redirect Chain

https://ak.alklinker.com/?z=5708025&syncedCookie=true&rhd=false
https://ak.ocoaksib.com/4/6118780/?var=5708025&btz=Pacific/Honolulu&bto=600

2 KB
2 KB

415ms
248ms

Document
text/html

23.53.35.239
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.ocoaksib.com/4/6118780/?var=5708025&btz=Pacific/Honolulu&bto=600
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.35.239 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-35-239.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ak.alklinker.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 719
content-type: text/html; charset=utf8
date: Thu, 14 Mar 2024 11:59:50 GMT
expires: Thu, 14 Mar 2024 11:59:50 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://track.instant-adblock.xyz>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache
timing-allow-origin: *
vary: Accept-Encoding
x-trace-id: 2390c5f833f1879ac6d1fd9dfcbf94ad

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ak.alklinker.com
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Thu, 14 Mar 2024 11:59:50 GMT
expires: Thu, 14 Mar 2024 11:59:50 GMT
link: <https://ak.ocoaksib.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://ak.ocoaksib.com/4/6118780/?var=5708025&btz=Pacific/Honolulu&bto=600
pragma: no-cache
referrer-policy: no-referrer
server-timing: cdn-cache; desc=MISS edge; dur=246 origin; dur=59 ak_p; desc="1710417589795_389287850_566803449_30533_662_50_0_255";dur=1
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: d37cc3834be29fd408a4d3dbdc154ee5

GET
H2 200 config.json
c.go-mpulse.net/api/ Frame F769 51 B
214 B 281ms
158ms XHR
application/json 2600:1408:c400:588::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B&d=ak.alklinker.com&t=5701392&v=1.720.0&if=&sl=0&si=92e82f4b-1b36-4611-8808-4dd46367f928-sac6np&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=764622
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:588::11a6 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ak.alklinker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Mar 2024 11:59:50 GMT
cache-control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 51
content-type: application/json

POST
H2 200 img.gif
my.rtmark.net/ 43 B
506 B 132ms
131ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00801fd4ed3f4342f35b8c25c1797462

Requested by

Host: ak.ocoaksib.com
URL: https://ak.ocoaksib.com/4/6118780/?var=5708025&btz=Pacific/Honolulu&bto=600

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:50 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://ak.ocoaksib.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2

200

Primary Request / Show response
greenorbitly.com/
Redirect Chain

https://track.instant-adblock.xyz/click?key=fickwiw7fy7yshltu1k2&visitor_id=792111386066170416&cost=0.004672&zoneid=6118780&campaignid=7744863&bannerid=19839481&subzoneid=0
https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d...

10 KB
6 KB

335ms
262ms

Document
text/html

2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true

Requested by

Host: ak.ocoaksib.com
URL: https://ak.ocoaksib.com/4/6118780/?var=5708025&btz=Pacific/Honolulu&bto=600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

cfe1a622b26dbbc7dd8387ca19211807c4350307e7639261db2ce027d56f481a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ak.ocoaksib.com/partitial/5117854/?var=6118780&ab2r=0&prfrev=false&rhd=false&sf=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86441998c88531d2-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 14 Mar 2024 11:59:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VPH5bCV3Mg0Et4bqi3jZCDG1kDnH9ONEZscOXz0avhTuure4DacZ3Yxv2VnxG0nuyI2LCVNKkx3xt3TaA6IPD6XPu8h9ibD1Wmw780xXSjXDqE%2Bg503P%2BP11oLowRjkmY9idJuXfDz4JLhTBWSL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Next.js

Redirect headers

content-length: 0
date: Thu, 14 Mar 2024 11:59:51 GMT
location: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
server: Caddy
x-request-id: 544e329f-0a0a-4f1c-8116-5095c51b2f39

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
85 KB 450ms
69ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW

Requested by

Host: greenorbitly.com
URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6897185e6c4a483a4965408873f53a7498e079ffa193b75cfe525d22cd9ddc00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87066
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Mar 2024 11:59:51 GMT

GET
H2 200 cf7339307351fa49.css
greenorbitly.com/_next/static/css/ 53 KB
28 KB 39ms
37ms Stylesheet
text/css 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenorbitly.com/_next/static/css/cf7339307351fa49.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

303649187ebfd4475f20bd54df5daf37379f6a8472e45f484532d84eafd3081b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47406
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Mar 2024 22:48:46 GMT
server: cloudflare
etag: W/"d480-18e3a00f9aa"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cB2mBFQ%2FKTrZY6dOMwFoSyrjxZ%2F36ogs16f8L5twcrgQLmalkPw6LYGEiqfJVgzcbIJFJsyFceJ9onjNUZ%2FGEm5FHnq3xuKTPeRr90%2B33fXWxM4LDazr1fmYDHdijSl6GMP28bb9wyn2QLDnktzc"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8644199a7a3f31d2-MIA

GET
H2 200 4ccb77213403c1ea.css
greenorbitly.com/_next/static/css/ 8 KB
3 KB 37ms
37ms Stylesheet
text/css 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenorbitly.com/_next/static/css/4ccb77213403c1ea.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa2605c958a32e3c8af08ad6a6c12c9d9100fe8f5db230ab94f0bed9ba22b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47401
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Mar 2024 22:48:46 GMT
server: cloudflare
etag: W/"1f0a-18e3a00f9aa"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxytpexqJQk%2BvUUFWfaukXWL%2BR2Ox3VSV7Tl4kYSa%2FftToe0VU68kI3ylng%2Bmi0v9PCnv1ApGo84wtGLOQtjgypfMMPKlu%2B8W%2BxDKi4QyIdg7HbkOZgegC5AXNIEA2jJ1HR5UusyCgGs8FZdBLyh"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8644199a7a4131d2-MIA

GET
H2 200 928-e4c7df5ef9f3dd1f.js Show response
greenorbitly.com/_next/static/chunks/ 96 KB
32 KB 41ms
38ms Script
application/javascript 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenorbitly.com/_next/static/chunks/928-e4c7df5ef9f3dd1f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1361af56d814402a14433af85b84a0f2e1015a216f86a4e5cf093c407c9cfff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47406
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Mar 2024 22:48:46 GMT
server: cloudflare
etag: W/"17f14-18e3a00f9a6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPGLCFn%2Fg02kpTZE8uA6UaBEB3v1nEOUEOzWNvemUO9aD2umyubvpMC%2FwfXfA%2BFEqj%2BaLteY8OlsBCt8xTyq6OtGDDMtGpa%2Bi7IBdeAU2oqLmDuPXq1rWswRTvc3%2FyZOWMzSyuwBehLyIH7LgcSZ"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8644199a8a5331d2-MIA

GET
H2 200 166.a039e633d4010ee3.js Show response
greenorbitly.com/_next/static/chunks/ 16 KB
6 KB 38ms
36ms Script
application/javascript 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenorbitly.com/_next/static/chunks/166.a039e633d4010ee3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b2c3c7826a70658f5f2419a0fb5fac4155669ffc6227e74f2b32df314533c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47405
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Mar 2024 22:48:46 GMT
server: cloudflare
etag: W/"3e9a-18e3a00f9aa"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2K2Ej8qmLpgSGEBDHAFpzSXFBA9bI91F1pLB1uxyL5DvJhWPqW4qdeemeMPYr0TqzwGUd65qbU87YyXkj%2BwsvnO%2B%2Brgt1FibTE9S50JqVrNJZdm8rfbpUSvwulSHErnZdN8BclJ%2FIwKxlTswyGf"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8644199a8a5431d2-MIA

GET
H2 200 242.f88f618fa11bd466.js Show response
greenorbitly.com/_next/static/chunks/ 181 KB
37 KB 68ms
66ms Script
application/javascript 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenorbitly.com/_next/static/chunks/242.f88f618fa11bd466.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c926213908854f844c1a872661da5f34975f1e091a0b96c16f314ffd79e82522

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47401
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Mar 2024 22:48:46 GMT
server: cloudflare
etag: W/"2d463-18e3a00f9a6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLU3ctX%2BW%2Bkken2i20XEaxFUgzB0GeHsY332070PQhJm%2Bm%2BrT2BXzror1d71Ic1qV4%2BG6kHPeYobCpMZ5M5jMZK7LZLUIfh3A%2F8rdr1T5bErY%2BHMJrU0K38W9LfSf8XmuIwfPM248fdfGWgAX1Fl"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8644199a8a5731d2-MIA

GET
H2 200 webpack-bc3b7c2132bc29ea.js Show response
greenorbitly.com/_next/static/chunks/ 9 KB
5 KB 69ms
67ms Script
application/javascript 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenorbitly.com/_next/static/chunks/webpack-bc3b7c2132bc29ea.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e067b49ceb05dae60ad8c5ce166b1f8e9a844f18ced2728b73518fd3db0893f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47401
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Mar 2024 22:48:46 GMT
server: cloudflare
etag: W/"22d3-18e3a00f9a6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1YOxBtg7DvYlxFhb9QobYCe12nrGcyVcs49%2FbQwAWAnlSGXn%2F5QU%2FdzcL1His5PqeyB1msg4xroMfexMX6x4Fu8gj2TOsTFk%2FM4K8rJVJGfC6IMxLWJe%2B0qqPWlA%2BGL8hweYb%2B6Aq6x%2B23uYqej"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8644199a8a5931d2-MIA

GET
H2 200 framework-cd1a3b9417e48a3d.js Show response
greenorbitly.com/_next/static/chunks/ 231 KB
82 KB 69ms
67ms Script
application/javascript 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenorbitly.com/_next/static/chunks/framework-cd1a3b9417e48a3d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19367050a7eb866556d5c7e82cc076e1971122084ecfda249512f7dbe3aa551f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47401
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Mar 2024 22:48:46 GMT
server: cloudflare
etag: W/"39b0c-18e3a00f9a6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2Bl5mHKtHCcQOEXrnJJ6OvHRw8Ew1FjIeB1m7SGcT5IYH%2BRl44Afr9flxxqmswdpgr81dPupzJ%2FEe8kwHmxCADU%2F%2FTeNNYEINCGdwWIcRA6twYhAF5tDl1QxrTvkIKJc3RFVxr6SZIGjK%2Bgxgvg4"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8644199a8a5b31d2-MIA

GET
H2 200 main-827d11337fa3eeef.js Show response
greenorbitly.com/_next/static/chunks/ 135 KB
48 KB 68ms
67ms Script
application/javascript 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenorbitly.com/_next/static/chunks/main-827d11337fa3eeef.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd793ca16b2c618bb775ada27dc17b43d581e9e15076ad09746da8ca68a92f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47401
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Mar 2024 22:48:46 GMT
server: cloudflare
etag: W/"21d2d-18e3a00f9a6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwluCcjmaDM1RbhBmu9DijdtyM9%2BxGwkSbVEzRiFHA41TlcwiWDS1NGqMCCHuQUoeyEnf1bemfy0DQA6%2B9Y7dh%2Bhmfn3NUgIrf2ZZzbmWE5evdXtYqFytHg4l%2BsUksPrhdEbfpQm7ugp2QUyZ1DL"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8644199a8a5d31d2-MIA

GET
H2 200 _app-5ae975effff43779.js Show response
greenorbitly.com/_next/static/chunks/pages/ 79 KB
38 KB 58ms
57ms Script
application/javascript 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenorbitly.com/_next/static/chunks/pages/_app-5ae975effff43779.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

394402dee1b6c9fbf9db2088640262b4df8c5ced29d4dda6d399529b3260a5bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47401
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Mar 2024 22:48:46 GMT
server: cloudflare
etag: W/"13a99-18e3a00f9aa"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xeeq09iQXolzqxHfNmeLhrHE7cOUy%2B0lYQX%2FtuKOWVDBmMPVps0%2B94CFNOq%2BBjiuFgQce8BC2QaLLfEPygnMfkfY5aJRyATHY62QNdrvMKyZwf%2Fshoj2MoM4TEMCZytKPWIwpl5JsC%2FRJQJXgE97"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8644199a8a5f31d2-MIA

GET
H2 200 index-a4602190c37bc87a.js Show response
greenorbitly.com/_next/static/chunks/pages/ 18 KB
7 KB 70ms
68ms Script
application/javascript 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenorbitly.com/_next/static/chunks/pages/index-a4602190c37bc87a.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7c568a77b609af46b9992bb4280a5bcfb191e5062a732b8484e281fd848ff94

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 479405
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Mar 2024 22:48:28 GMT
server: cloudflare
etag: W/"47db-18e2040e8ce"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BWfbCfaFpRnCKNBorjfZ5JcdPtw6FtlBagz6m6kbN9gXS14CU0MXNk5k8Qp2xzy%2Fib2OfGKpmszC%2B%2BYZtvB8FDIZD0iXeDTNMYR%2F4RgvH1M4%2FFoRbKkcdEbPSGGIKl6u8ra9RNeAluMygJOZBUR"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8644199a9a7631d2-MIA

GET
H2 200 _buildManifest.js Show response
greenorbitly.com/_next/static/A64vbJ-yjIS-HSCoFcJeA/ 997 B
807 B 69ms
68ms Script
application/javascript 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenorbitly.com/_next/static/A64vbJ-yjIS-HSCoFcJeA/_buildManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d70e48cc0f58a60ac236b9a6de13376e9d1debfb9179a9fd2ef858ded5b5d47f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47402
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Mar 2024 22:48:46 GMT
server: cloudflare
etag: W/"3e5-18e3a00f9aa"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYOr1mGF%2F1HaJpNoj%2FaYYQHxGZ5M5WMc%2BE0ktB8u8kKvrwjUf%2BFpwrD5CPctYR2SjHntPaGGZh0OtT4iW2yrWWeBD348cFqtBXijG9mJ7Pxq40pfqkXdI1XRlSDG9oJsfUD8nbY2Y8WfmGAmCCzR"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8644199a9a7831d2-MIA

GET
H2 200 _ssgManifest.js Show response
greenorbitly.com/_next/static/A64vbJ-yjIS-HSCoFcJeA/ 77 B
359 B 69ms
68ms Script
application/javascript 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenorbitly.com/_next/static/A64vbJ-yjIS-HSCoFcJeA/_ssgManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47402
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Mar 2024 22:48:46 GMT
server: cloudflare
etag: W/"4d-18e3a00f9aa"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RY4z%2FeBytwXzyNdVpruOXWs3QD1BYe3tOh0UAdFPiGZDw81gAXhAr7lzVQyWBkwNIXpGzfOlTXx1FjVOSOKkLQOOJQrbdSiwzRmykJ5scYesksLPcTWmTsjepNPTxxKxEb%2FTzU4%2ByycJUQogc1L%2B"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8644199a9a7931d2-MIA

GET
H2 200 email-decode.min.js Show response
greenorbitly.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 30ms
30ms Script
application/javascript 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greenorbitly.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Mar 2024 17:53:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65eb5097-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IodaJzguf4YcXCELSofuyK1RzaMoVgfjOyfmrzu%2B9bI3rrKieMxaKYawbvnKx8UqVxsW3o9HXZaLR1nlYp1%2BkDprX%2BpxX9Pqm8MFzOYIQGDVqfv2oNlYDvjSPybJi%2By0azY9eJCS4s5JUljIF7Fj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8644199a7a4231d2-MIA
expires: Sat, 16 Mar 2024 11:59:51 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 411ms
70ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap

Requested by

Host: greenorbitly.com
URL: https://greenorbitly.com/_next/static/css/4ccb77213403c1ea.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59031fbe9c55f4bb1626065b56161ab7bdd3ae68912586f6f0e9735cc4badb64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Mar 2024 11:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 11:38:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Mar 2024 11:59:51 GMT

GET
H3 200 logo.svg
greenorbitly.com/images/extension-icons/ytube-adskipper/ 938 B
988 B 152ms
152ms Image
image/svg+xml 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greenorbitly.com/images/extension-icons/ytube-adskipper/logo.svg

Requested by

Host: greenorbitly.com
URL: https://greenorbitly.com/_next/static/css/cf7339307351fa49.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ffc1c02932be6e4f64283a46eac9d3274eab5bfacd4f7d6535060ce0199334a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/_next/static/css/cf7339307351fa49.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Mar 2024 22:48:32 GMT
server: cloudflare
etag: W/"3aa-18e3a00c362"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2QzXK2CDzG27LlUPWtCgl3MQ6kMBprJPNr00iRR4hefR7bKvqi9XEG8TajN72kM8H4uo3orb5x8SJUZqL2lFQrlf8Pm9jMpewJD%2BdwGjmwdbXhY764JC%2BjOlzmqtKQI419bNO4xXutSTVCTteyM"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8644199d4d725f1f-MIA

GET
H3 200 available-in-chrome.svg
greenorbitly.com/images/browser-icons/ 21 KB
8 KB 154ms
154ms Image
image/svg+xml 2606:4700:3032::ac43:a45e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greenorbitly.com/images/browser-icons/available-in-chrome.svg

Requested by

Host: greenorbitly.com
URL: https://greenorbitly.com/_next/static/css/cf7339307351fa49.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:a45e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/_next/static/css/cf7339307351fa49.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 11:59:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Mar 2024 22:48:32 GMT
server: cloudflare
etag: W/"5287-18e3a00c34e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u250kc%2FDl4T2zRGHvF2tKYGsrcJ1z9VfVWOBHVlw8dgDKduZeF8OsBDxr6%2BTwj1O6X9NKzgZnHkt2xq558dsvVopUIMNmSBsUMu3PGyH9yUiIvPajK2djiONDsoPX1JSi1f6ea5k91TJkTL8SkpE"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8644199d4d735f1f-MIA

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 171ms
65ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://greenorbitly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 13:28:34 GMT
x-content-type-options: nosniff
age: 340278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Mar 2025 13:28:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 158ms
52ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://greenorbitly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 22:16:36 GMT
x-content-type-options: nosniff
age: 567796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Mar 2025 22:16:36 GMT

GET click
track.instant-adblock.xyz/ 0
0

POST
H2 204 collect
www.google-analytics.com/g/ 0
254 B 112ms
41ms Ping
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je43b0v9138996702za200&_p=1710417591425&gcd=13l3l3l3l1&npa=0&dma=0&cid=1126064306.1710417592&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710417592&sct=1&seg=0&dl=https%3A%2F%2Fgreenorbitly.com%2F%3Fextension%3Dytube_adskipper%26promo%3Dblue%26clk_domain%3Dtrack.instant-adblock.xyz%26flow%3Dbinom%26campaignId%3D10557%26trafficsource%3D32%26src%3D6118780%26cid%3Dcnpeddr2r96s73e8lj6g%26lpkey%3D17104823d1aa2c4fa604735083cafbab3761b17891%26isV2%3Dtrue&dt=YTube%20AdSkipper&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1397
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://greenorbitly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 11:59:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://greenorbitly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: b1.clipwavenet.com
URL: https://b1.clipwavenet.com/sw-check-permissions-1df5e.js?ymid=undefined&zoneId=5708017

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: my.rtmark.net
URL: https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5708017&checkDuplicate=true&ymid=undefined&var=

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: shaumtol.com
URL: https://shaumtol.com/zone?&pub=0&zone_id=5708017&is_mobile=false&domain=b1.clipwavenet.com&var=&ymid=undefined&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=c448cd06-f8ca-4cc1-b9df-eb96d6710b8d&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Domain: amunfezanttor.com
URL: https://amunfezanttor.com/event

Domain: amunfezanttor.com
URL: https://amunfezanttor.com/event

Domain: amunfezanttor.com
URL: https://amunfezanttor.com/event

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: amunfezanttor.com
URL: https://amunfezanttor.com/event

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: track.instant-adblock.xyz
URL: https://track.instant-adblock.xyz/click?upd_clickid=cnpeddr2r96s73e8lj6g&add_event6=1

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.rtmark.net/	1970-01-21 03:52:33	Name: ID Value: ed8f70098be34a88aadff1384706b2a5
ak.alklinker.com/	1970-01-21 03:52:33	Name: oaidts Value: 1710417589
ak.alklinker.com/	1970-01-21 03:52:33	Name: OAID Value: ed8f70098be34a88aadff1384706b2a5
ak.alklinker.com/	1970-01-20 19:17:02	Name: syncedCookie Value: true
ak.ocoaksib.com/	1970-01-21 03:52:33	Name: OAID Value: 00801fd4ed3f4342f35b8c25c1797462
ak.ocoaksib.com/	1970-01-21 03:52:33	Name: oaidts Value: 1710417590
.ak.alklinker.com/	1970-01-20 19:17:02	Name: RT Value: "z=1&dm=ak.alklinker.com&si=92e82f4b-1b36-4611-8808-4dd46367f928&ss=ltr6gy2l&sl=1&tt=ok&rl=1&ld=zi&hd=1cn"
track.instant-adblock.xyz/	1970-01-21 03:52:33	Name: uclick Value: m+yNxlleMNo10uenOGCYtA3weqQQB4M0r0cWpmzFq/dFZ7kwvbenGvsOvaEPA7DyV01vCi8=
track.instant-adblock.xyz/	1970-01-21 03:52:33	Name: bcid Value: cnpeddr2r96s73e8lj6g
track.instant-adblock.xyz/	1970-01-21 03:52:33	Name: cid Value: cnpeddr2r96s73e8lj6g
.greenorbitly.com/	1970-01-21 04:42:57	Name: extension Value: ytube_adskipper
.greenorbitly.com/	1970-01-21 04:42:57	Name: promo Value: blue
.greenorbitly.com/	1970-01-21 04:42:57	Name: clk_domain Value: track.instant-adblock.xyz
.greenorbitly.com/	1970-01-21 04:42:57	Name: flow Value: binom
.greenorbitly.com/	1970-01-21 04:42:57	Name: campaignId Value: 10557
.greenorbitly.com/	1970-01-21 04:42:57	Name: trafficsource Value: 32
.greenorbitly.com/	1970-01-21 04:42:57	Name: src Value: 6118780
.greenorbitly.com/	1970-01-21 04:42:57	Name: cid Value: cnpeddr2r96s73e8lj6g
.greenorbitly.com/	1970-01-21 04:42:57	Name: lpkey Value: 17104823d1aa2c4fa604735083cafbab3761b17891
.greenorbitly.com/	1970-01-21 04:42:57	Name: isV2 Value: true
.greenorbitly.com/	1970-01-21 04:42:57	Name: _ga_D9B6K7HFTW Value: GS1.1.1710417592.1.0.1710417592.0.0.0
.greenorbitly.com/	1970-01-21 04:42:57	Name: _ga Value: GA1.1.1126064306.1710417592

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://c1.clipwavenet.com/?cnv_id=undefined Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ak.alklinker.com/afu.php?zoneid=5708025 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ak.alklinker.com/afu.php?zoneid=5708025 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ak.ocoaksib.com/partitial/5117854/?var=6118780&ab2r=0&prfrev=false&rhd=false&sf=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ak.ocoaksib.com/partitial/5117854/?var=6118780&ab2r=0&prfrev=false&rhd=false&sf=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://greenorbitly.com/?extension=ytube_adskipper&promo=blue&clk_domain=track.instant-adblock.xyz&flow=binom&campaignId=10557&trafficsource=32&src=6118780&cid=cnpeddr2r96s73e8lj6g&lpkey=17104823d1aa2c4fa604735083cafbab3761b17891&isV2=true Message: Access to XMLHttpRequest at 'https://track.instant-adblock.xyz/click?upd_clickid=cnpeddr2r96s73e8lj6g&add_event6=1' from origin 'https://greenorbitly.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://track.instant-adblock.xyz/click?upd_clickid=cnpeddr2r96s73e8lj6g&add_event6=1 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a5.clipwavenet.com
ak.alklinker.com
ak.ocoaksib.com
amunfezanttor.com
b1.clipwavenet.com
c.go-mpulse.net
c1.clipwavenet.com
datatechone.com
fonts.googleapis.com
fonts.gstatic.com
greenorbitly.com
jouteetu.net
my.rtmark.net
s.go-mpulse.net
shaumtol.com
track.instant-adblock.xyz
www.google-analytics.com
www.googletagmanager.com
amunfezanttor.com
b1.clipwavenet.com
jouteetu.net
my.rtmark.net
shaumtol.com
track.instant-adblock.xyz
139.45.195.8
139.45.197.250
139.45.197.251
2001:4860:4802:38::178
23.53.35.234
23.53.35.239
2600:1408:c400:1882::11a6
2600:1408:c400:588::11a6
2606:4700:3032::ac43:a45e
2606:4700:3033::6815:5151
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c19::61
37.48.68.71
52.58.28.63
0e067b49ceb05dae60ad8c5ce166b1f8e9a844f18ced2728b73518fd3db0893f
0f511bd2f4f680833aec79b19a722cbc8994f0d77cbaa59618f6ac23694564b2
0ffc1c02932be6e4f64283a46eac9d3274eab5bfacd4f7d6535060ce0199334a
19367050a7eb866556d5c7e82cc076e1971122084ecfda249512f7dbe3aa551f
1aa2605c958a32e3c8af08ad6a6c12c9d9100fe8f5db230ab94f0bed9ba22b2c
1dd2da23811d48b7226521eb49838d5f2dcd3e3602705d93cb56999f319b4543
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
303649187ebfd4475f20bd54df5daf37379f6a8472e45f484532d84eafd3081b
394402dee1b6c9fbf9db2088640262b4df8c5ced29d4dda6d399529b3260a5bd
4b2c3c7826a70658f5f2419a0fb5fac4155669ffc6227e74f2b32df314533c40
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
59031fbe9c55f4bb1626065b56161ab7bdd3ae68912586f6f0e9735cc4badb64
6897185e6c4a483a4965408873f53a7498e079ffa193b75cfe525d22cd9ddc00
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c1361af56d814402a14433af85b84a0f2e1015a216f86a4e5cf093c407c9cfff
c7c568a77b609af46b9992bb4280a5bcfb191e5062a732b8484e281fd848ff94
c926213908854f844c1a872661da5f34975f1e091a0b96c16f314ffd79e82522
cd793ca16b2c618bb775ada27dc17b43d581e9e15076ad09746da8ca68a92f50
cfe1a622b26dbbc7dd8387ca19211807c4350307e7639261db2ce027d56f481a
d70e48cc0f58a60ac236b9a6de13376e9d1debfb9179a9fd2ef858ded5b5d47f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

greenorbitly.com Open in urlscan Pro 2606:4700:3032::ac43:a45e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

74 %HTTPS

53 %IPv6

15 Domains

18 Subdomains

15 IPs

4 Countries

570 kBTransfer

1522 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

greenorbitly.com Open in urlscan Pro
2606:4700:3032::ac43:a45e Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

74 %
HTTPS

53 %
IPv6

15
Domains

18
Subdomains

15
IPs

4
Countries

570 kB
Transfer

1522 kB
Size

22
Cookies

69 HTTP transactions
0 data transactions