urlscan.io logo urlscan.io
SecurityTrails logo

www.downloadoperagx.com Open in urlscan Pro
2600:9000:21f3:a800:1c:3a33:6440:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://9kibawd817.monster/n7rhPaf1c8e028cd7068ffbef05c910f06542726543a2?SUBID=343852&s3=64c6fafd7085ab00015e779e&ref=https...
Effective URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221...
Submission: On August 01 via manual from PL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 12 domains to perform 37 HTTP transactions. The main IP is 2600:9000:21f3:a800:1c:3a33:6440:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.downloadoperagx.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 21st 2023. Valid for: a year.
This is the only time www.downloadoperagx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3030::6815:516f (United States)

ASN13335 (CLOUDFLARENET, US)
9kibawd817.monster
1    34.141.179.97 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.179.141.34.bc.googleusercontent.com
aditmedia.g2afse.com
7    2600:9000:21f3:a800:1c:3a33:6440:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.downloadoperagx.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
11442918.fls.doubleclick.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.rs
Apex Domain
Subdomains		 Transfer
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 92
929 KB
7 downloadoperagx.com
www.downloadoperagx.com
473 KB
5 doubleclick.net
11442918.fls.doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
static.doubleclick.net — Cisco Umbrella Rank: 322
3 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79
jnn-pa.googleapis.com — Cisco Umbrella Rank: 277
33 KB
4 gstatic.com
fonts.gstatic.com
49 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 383
13 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com — Cisco Umbrella Rank: 118
16 KB
1 google.rs
adservice.google.rs — Cisco Umbrella Rank: 613694
515 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 122
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
67 KB
1 g2afse.com
aditmedia.g2afse.com — Cisco Umbrella Rank: 183071
543 B
1 9kibawd817.monster
9kibawd817.monster
3 KB
37 12
Domain Requested by
8 www.youtube.com www.downloadoperagx.com
www.youtube.com
7 www.downloadoperagx.com www.downloadoperagx.com
4 jnn-pa.googleapis.com www.youtube.com
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.downloadoperagx.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 11442918.fls.doubleclick.net 1 redirects www.googletagmanager.com
1 adservice.google.rs adservice.google.com
1 adservice.google.com 11442918.fls.doubleclick.net
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.googletagmanager.com www.downloadoperagx.com
1 fonts.googleapis.com www.downloadoperagx.com
1 aditmedia.g2afse.com 9kibawd817.monster
1 9kibawd817.monster
37 16

This site contains links to these domains. Also see Links.

Domain
www.pwnprivacy.com
Subject Issuer Validity Valid
9kibawd817.monster
E1		 2023-07-25 -
2023-10-23		 3 months crt.sh
*.g2afse.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-04 -
2023-09-04		 a year crt.sh
downloadoperagx.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-03-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google.rs
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
Frame ID: 719EED89ABD9CCF0B2467550936764A9
Requests: 16 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Frame ID: 92B12BBFA1E728D72B114CF81C705584
Requests: 16 HTTP requests in this frame

Frame: https://11442918.fls.doubleclick.net/activityi;dc_pre=CJTa6rGXu4ADFTgHogMd4sIPmA;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8d52221e6120001b895bb%26btn%3D2
Frame ID: C086F6E8998B0FFFBFCE6DB7CD5FE78B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJTa6rGXu4ADFTgHogMd4sIPmA;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8d52221e6120001b895bb%26btn%3D2
Frame ID: 791EA16AB2532F9D461F57B9F54E799B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.rs/ddm/fls/i/dc_pre=CJTa6rGXu4ADFTgHogMd4sIPmA;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8d52221e6120001b895bb%26btn%3D2
Frame ID: D740340A8163F427941B4CCC97EF5F7C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Opera GX

Page URL History Show full URLs

  1. https://9kibawd817.monster/n7rhPaf1c8e028cd7068ffbef05c910f06542726543a2?SUBID=343852&s3=64c6fafd7085ab... Page URL
  2. https://aditmedia.g2afse.com/click?pid=3580&offer_id=20098&sub2=343142&sub1=ACLVyGRmPAUA6lwCAE5MFwASAJSUFl8A Page URL
  3. https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_34... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

37
Requests

97 %
HTTPS

88 %
IPv6

12
Domains

16
Subdomains

16
IPs

3
Countries

1585 kB
Transfer

4054 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://9kibawd817.monster/n7rhPaf1c8e028cd7068ffbef05c910f06542726543a2?SUBID=343852&s3=64c6fafd7085ab00015e779e&ref=https%3A%2F%2Fwildbearads.go2affise.com%2F&q=File&s1=400_343852 Page URL
  2. https://aditmedia.g2afse.com/click?pid=3580&offer_id=20098&sub2=343142&sub1=ACLVyGRmPAUA6lwCAE5MFwASAJSUFl8A Page URL
  3. https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://11442918.fls.doubleclick.net/activityi;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8d52221e6120001b895bb%26btn%3D2 HTTP 302
  • https://11442918.fls.doubleclick.net/activityi;dc_pre=CJTa6rGXu4ADFTgHogMd4sIPmA;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8d52221e6120001b895bb%26btn%3D2
Request Chain 21
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
n7rhPaf1c8e028cd7068ffbef05c910f06542726543a2
9kibawd817.monster/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9kibawd817.monster/n7rhPaf1c8e028cd7068ffbef05c910f06542726543a2?SUBID=343852&s3=64c6fafd7085ab00015e779e&ref=https%3A%2F%2Fwildbearads.go2affise.com%2F&q=File&s1=400_343852
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:516f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86329db935eff4f2ccedc0c00ebcbd45e0faebaaf58c4914b5d89c5394b478c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7efd2bb43c30927d-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 01 Aug 2023 09:49:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BguoyuRWekQC2uXfoXBajtXCp%2BzxYMtDuZLDVM6wwQ9d4W0e2RtTMPw0i%2FuGUCPFPKnP8dmbXl1%2BEr0gLcrRONbhPXZ2JsbA4w2rIi3UEjXCS%2FvC%2FUQJlnP2rVSlereK8UHJRjM7ss3cBohEU07AtYw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
click
aditmedia.g2afse.com/ 		286 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aditmedia.g2afse.com/click?pid=3580&offer_id=20098&sub2=343142&sub1=ACLVyGRmPAUA6lwCAE5MFwASAJSUFl8A
Requested by
Host: 9kibawd817.monster
URL: https://9kibawd817.monster/n7rhPaf1c8e028cd7068ffbef05c910f06542726543a2?SUBID=343852&s3=64c6fafd7085ab00015e779e&ref=https%3A%2F%2Fwildbearads.go2affise.com%2F&q=File&s1=400_343852
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.141.179.97 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.179.141.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://9kibawd817.monster/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 01 Aug 2023 09:49:22 GMT
server
nginx
x-adjust-use-original-forwarded-for
1
Primary Request /
www.downloadoperagx.com/ef/ 		56 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a800:1c:3a33:6440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dc175e328583e43aa963adf55e2734c78c16904a2266b1987d26091ec48fcff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
74998
content-encoding
gzip
content-type
text/html
date
Mon, 31 Jul 2023 12:59:25 GMT
etag
W/"020004d93d6f2391ae672285e4184fda"
last-modified
Tue, 11 Apr 2023 18:38:20 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-cf-id
1MlLLeza-1murgm-wLTnAONEvOJwMQxxK0wJw5oqX11ZCwKAKpOSgA==
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
css2
fonts.googleapis.com/ 		3 KB
951 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;600&display=swap
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c933eb4e7d64df2a46a161f387fdbf3d94ae7f41eb3f104d8581739e8307e2b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 01 Aug 2023 09:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 09:48:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Aug 2023 09:49:23 GMT
3809.png
www.downloadoperagx.com/ef/assets/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.downloadoperagx.com/ef/assets/3809.png
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a800:1c:3a33:6440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6534c9336c47c015a49e2324e6183e8e94e56266fdb9c013ca130fcd9ac6827d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 00:21:02 GMT
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
last-modified
Tue, 11 Apr 2023 16:31:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
34100
x-amz-server-side-encryption
AES256
etag
"11085e62a22a6ba5cfe9522a2c574d63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3560
x-amz-cf-id
fZ0saMXxYPd1VWwjpjJAXttLkvMsUHXi_TE-Ox4npm8zVUcAaRoEIg==
large.png
www.downloadoperagx.com/ef/assets/ 		271 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.downloadoperagx.com/ef/assets/large.png
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a800:1c:3a33:6440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
840807c3eaa3c726705fde08bfae860f9ca089b774698f428bca071d44cb7e2f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 02:40:42 GMT
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
last-modified
Tue, 11 Apr 2023 16:31:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
25721
x-amz-server-side-encryption
AES256
etag
"851486a753c2705f3df7216ed8bdad14"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
277266
x-amz-cf-id
k3A1cGQ4q1G6SGhqh84rwq9Q_zs5HdGq0nlX0ToKqIm_Wx9uEVVKzA==
testes.png
www.downloadoperagx.com/ef/assets/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.downloadoperagx.com/ef/assets/testes.png
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a800:1c:3a33:6440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a68f91e433c7d5019cfa24accc4ff078bace799d20a457872c6a257e769b81f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 05:19:41 GMT
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
last-modified
Tue, 11 Apr 2023 16:31:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
16183
x-amz-server-side-encryption
AES256
etag
"4ad06bd4315a083ae6f10e55609a2eac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
76694
x-amz-cf-id
XE3I-r4OemZ1LJej7F9tuoYigRj1ztM1soplG_Ip1ZTWZEOIbUbIMw==
xm1k.png
www.downloadoperagx.com/ef/assets/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.downloadoperagx.com/ef/assets/xm1k.png
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a800:1c:3a33:6440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
252533d7df67fc807e0242bf4836c2bf427195ab60ef347d17d21bac3e41efa2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:57:06 GMT
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
last-modified
Tue, 11 Apr 2023 16:31:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
28338
x-amz-server-side-encryption
AES256
etag
"a894074dc33282d77ce55af476d557de"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
35753
x-amz-cf-id
zuRNU_grEajlOTCJ9PNafcZ1L95k73yvHCt8X-i9y-yS28Lk6atTjg==
brazil.png
www.downloadoperagx.com/ef/assets/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.downloadoperagx.com/ef/assets/brazil.png
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a800:1c:3a33:6440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f67e38dd08085b034fb93ef948d46eef5d874e2ee3a0b01bc146ed8b8b8251fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 00:21:40 GMT
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
last-modified
Tue, 11 Apr 2023 16:31:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
34067
x-amz-server-side-encryption
AES256
etag
"e27e4a3897ea7777f51d73274d69d812"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
42972
x-amz-cf-id
eV1Ce-h7IA_ChtHbiwhPXkcSGzKfObH26YPdRVwn8PsETYeyjs3Gag==
gtm.js
www.googletagmanager.com/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W22TDPP
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e038398d5931c796935b9813f8458084ed19ea5eec32b368b854b2486e187f36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 09:49:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68045
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Aug 2023 09:49:23 GMT
Uv-jwjKxZsk
www.youtube.com/embed/ Frame 92B1 		78 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6844bbd411ffe2faf80e95a7ee41ab093ce90739ddcb2a926c3edfdf8c84fdce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.downloadoperagx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 09:49:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
new-bkg.jpg
www.downloadoperagx.com/ef/assets/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.downloadoperagx.com/ef/assets/new-bkg.jpg
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a800:1c:3a33:6440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf3dd87f32b522a76bc5b52d9ff55e1267a55cbaf4f7ddbe3ff2125eb8e98319

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:43:14 GMT
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
last-modified
Tue, 11 Apr 2023 16:31:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
54370
x-amz-server-side-encryption
AES256
etag
"de2dea088eb51d9a1b71fabd463886fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
32246
x-amz-cf-id
CplzGyjMW2lvsiq7dQ1Og0Y5PCQ2tbmS3hZqNc5uyXL9FMePrwOAWg==
cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v9/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ace012ca5db0bd782a22d938f8bf4a7ecdda284f9515f0c79418356efd5153f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.downloadoperagx.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 19:14:01 GMT
x-content-type-options
nosniff
age
311722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9156
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 18:49:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 19:14:01 GMT
cIflMapbsEk7TDLdtEz1BwkeNIh1R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v9/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeNIh1R5_F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9da93eacb66618ccecea55a6d5adc410352d1932901b063a06ed65e7a5e37248
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.downloadoperagx.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 21:36:08 GMT
x-content-type-options
nosniff
age
389595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 18:57:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Jul 2024 21:36:08 GMT
activityi;dc_pre=CJTa6rGXu4ADFTgHogMd4sIPmA;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep...
11442918.fls.doubleclick.net/ Frame C086
Redirect Chain
  • https://11442918.fls.doubleclick.net/activityi;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0...
  • https://11442918.fls.doubleclick.net/activityi;dc_pre=CJTa6rGXu4ADFTgHogMd4sIPmA;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;u...
692 B
583 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11442918.fls.doubleclick.net/activityi;dc_pre=CJTa6rGXu4ADFTgHogMd4sIPmA;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8d52221e6120001b895bb%26btn%3D2?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W22TDPP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
ac4576612a7af804e633891d05c04a2c12c4fa92f423929472ea38ac7fa01f40
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.downloadoperagx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
407
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 09:49:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 09:49:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11442918.fls.doubleclick.net/activityi;dc_pre=CJTa6rGXu4ADFTgHogMd4sIPmA;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8d52221e6120001b895bb%26btn%3D2?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bat.js
bat.bing.com/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W22TDPP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 01 Aug 2023 09:49:23 GMT
last-modified
Fri, 28 Jul 2023 18:19:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5A5C9B3CB3674D32822242CFB3C151CB Ref B: DUS30EDGE0805 Ref C: 2023-08-01T09:49:23Z
etag
"806f3b1280c1d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12469
www-player.css
www.youtube.com/s/player/0e6aaa83/ Frame 92B1 		378 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e6aaa83/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e661ba04912a7c8b856cc3326eec59d54402e18872a3cc73a86fd6d4b86cf31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 09:43:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
367
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48028
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 23:37:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 31 Jul 2024 09:43:16 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 92B1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 08:35:58 GMT
x-content-type-options
nosniff
age
263605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 08:35:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 92B1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 05:38:49 GMT
x-content-type-options
nosniff
age
360634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 05:38:49 GMT
www-embed-player.js
www.youtube.com/s/player/0e6aaa83/www-embed-player.vflset/ Frame 92B1 		311 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e6aaa83/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66c1d81678b55bce491d7ec9fc67db808459b3eaa5aa8339170295fa921cbd88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 09:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
2058
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95340
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 23:37:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 31 Jul 2024 09:15:05 GMT
base.js
www.youtube.com/s/player/0e6aaa83/player_ias.vflset/nl_NL/ Frame 92B1 		2 MB
745 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/nl_NL/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a7921f8a314b06b219348e052528cdbee7b12f72e22d6036e900741c0bd82da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 09:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
761937
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 23:37:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 31 Jul 2024 09:01:23 GMT
fetch-polyfill.js
www.youtube.com/s/player/0e6aaa83/fetch-polyfill.vflset/ Frame 92B1 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e6aaa83/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 08:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
4635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2625
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 23:37:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 31 Jul 2024 08:32:08 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 92B1
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6395415c3b2b8fbc0a1f2cc8b174bd6c7bbb884e29ffaafda22ecd1281dace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 09:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 01 Aug 2023 09:49:23 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 92B1 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 09:43:09 GMT
x-content-type-options
nosniff
age
374
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Aug 2023 09:58:09 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 01 Aug 2023 09:49:23 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 92B1 		69 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5156b481588b2279fa1a85c2a0f060ec633de9376bc9e2674a3b47741e8f78f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 01 Aug 2023 09:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32012
x-xss-protection
0
8v4BCtBx0WForFLMkOj3_CsUilqDo66XJ8fVqCg87U4.js
www.google.com/js/th/ Frame 92B1 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/8v4BCtBx0WForFLMkOj3_CsUilqDo66XJ8fVqCg87U4.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2fe010ad071d16168ac52cc90e8f7fc2b148a5a83a3ae9727c7d5a8283ced4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:26:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
217344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14891
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Jul 2024 21:26:59 GMT
embed.js
www.youtube.com/s/player/0e6aaa83/player_ias.vflset/nl_NL/ Frame 92B1 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/nl_NL/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
725b6969208b01db2d124abcc26a4b0b7410a15275f438de7d46f4b4a3fc60b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 08:04:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
6310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8163
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 23:37:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 31 Jul 2024 08:04:13 GMT
default.webp
i.ytimg.com/vi_webp/Uv-jwjKxZsk/ Frame 92B1 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/Uv-jwjKxZsk/default.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed08b5e0c48e8b1490162105e70ee6980466887674013574bfdc42e3919cf40c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 09:33:56 GMT
x-content-type-options
nosniff
age
927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1270
x-xss-protection
0
server
sffe
etag
"1560264706"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 01 Aug 2023 11:33:56 GMT
dc_pre=CJTa6rGXu4ADFTgHogMd4sIPmA;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~ore...
adservice.google.com/ddm/fls/i/ Frame 791E 		691 B
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJTa6rGXu4ADFTgHogMd4sIPmA;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8d52221e6120001b895bb%26btn%3D2
Requested by
Host: 11442918.fls.doubleclick.net
URL: https://11442918.fls.doubleclick.net/activityi;dc_pre=CJTa6rGXu4ADFTgHogMd4sIPmA;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8d52221e6120001b895bb%26btn%3D2?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bf3cec0fd7019dea20fcb2244243658fb7834b982709033e0d4ba9867b8e05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://11442918.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
410
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 09:49:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
11002730.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/11002730.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 01 Aug 2023 09:49:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6FB4240658AD49B795BA7CCE3FD6F499 Ref B: DUS30EDGE0805 Ref C: 2023-08-01T09:49:23Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=11002730&tm=gtm002&Ver=2&mid=a1e635e4-ce23-483a-8e4a-4e2c3bd8f6bd&sid=b1dc3910305011ee8eb07190cf780c48&vid=b1dc6b30305011ee8a2645496cb17e71&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Opera%20GX&p=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8d52221e6120001b895bb%26btn%3D2&r=&lt=312&evt=pageLoad&sv=1&rn=887661
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8d52221e6120001b895bb&btn=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 01 Aug 2023 09:49:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FD9845497C5045B1AB373FD602E84037 Ref B: DUS30EDGE0805 Ref C: 2023-08-01T09:49:23Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
www.youtube.com/ Frame 92B1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?TcDuRw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 09:49:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 92B1 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2adb458c28e60c486985890b606b7fde08efc8c8912417c39cbb99d8f9d1e405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 01 Aug 2023 09:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 01 Aug 2023 09:49:23 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
dc_pre=CJTa6rGXu4ADFTgHogMd4sIPmA;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~ore...
adservice.google.rs/ddm/fls/i/ Frame D740 		194 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.rs/ddm/fls/i/dc_pre=CJTa6rGXu4ADFTgHogMd4sIPmA;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8d52221e6120001b895bb%26btn%3D2
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJTa6rGXu4ADFTgHogMd4sIPmA;src=11442918;type=pageview;cat=opera0;ord=1;num=7821970564408;auiddc=490716177.1690883363;gtm=45He37q0h1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8d52221e6120001b895bb%26btn%3D2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 09:49:23 GMT
expires
Tue, 01 Aug 2023 09:49:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame 92B1 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
X-Goog-Request-Time
1690883365357
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
X-YouTube-Client-Version
1.20230723.00.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt1VFR0N25pYU5XNCijqqOmBg%3D%3D
X-YouTube-Ad-Signals
dt=1690883363253&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 01 Aug 2023 09:49:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Tue, 01 Aug 2023 09:49:25 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer function| get_url_params function| get_url_param function| goto function| get_browser_locale function| get_browser_short_locale function| get_available_locale function| translate function| fetch_elements function| on_dom_load object| locales string| language object| google_tag_manager object| google_tag_data function| UET function| UET_init function| UET_push object| ueto_c514a39ee3 object| uetq

10 Cookies

Domain/Path Name / Value
9kibawd817.monster/ Name: bd_context
Value: EW5RI0ScQRJoh+0rlNfYnHufwoPU9CcuajgvLJ2GlZva10AQmvLVGiOVRdl5pJyr1EgtOStvHvwZ2Jbd63dCfM732HVZqlGrfYjTLkvMmOLZ/Za3MFdPsiemSxZ0UzTxFdjUwGXhE5jqE6cJlJ2gVArxoq76yj/4KIUq2DKg0n+LksV/xPpiIxMyT8fVxbnXyL4dJFN7rV/7nMglnvSJuDWrKhlVzISwRarDjgAzIPYZm08foQ1r0f6MxGCVn5NieMmlO3DeDg1M2/DrT+R1g5Do5d8ayDmAnRTYZ6VgzbVcwmjXQPVQwvlvVu2OIzmBLk+gYS7S+r3wYoKd4pQ=
aditmedia.g2afse.com/ Name: afclick
Value: 64c8d52221e6120001b895bb
aditmedia.g2afse.com/ Name: afoffers
Value: {"20098":1690883362}
.downloadoperagx.com/ Name: _gcl_au
Value: 1.1.490716177.1690883363
.youtube.com/ Name: YSC
Value: 2TxyQfvoQZo
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: uTTt7niaNW4
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.downloadoperagx.com/ Name: _uetsid
Value: b1dc3910305011ee8eb07190cf780c48
.downloadoperagx.com/ Name: _uetvid
Value: b1dc6b30305011ee8a2645496cb17e71
.bing.com/ Name: MUID
Value: 3CC3F9D92A0A67E51478EAB92BA066B6

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11442918.fls.doubleclick.net
9kibawd817.monster
aditmedia.g2afse.com
adservice.google.com
adservice.google.rs
bat.bing.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
www.downloadoperagx.com
www.google.com
www.googletagmanager.com
www.youtube.com
142.250.184.198
2600:9000:21f3:a800:1c:3a33:6440:93a1
2606:4700:3030::6815:516f
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:813::2006
2a00:1450:4001:813::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2016
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
34.141.179.97
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
1e661ba04912a7c8b856cc3326eec59d54402e18872a3cc73a86fd6d4b86cf31
252533d7df67fc807e0242bf4836c2bf427195ab60ef347d17d21bac3e41efa2
2a7921f8a314b06b219348e052528cdbee7b12f72e22d6036e900741c0bd82da
2adb458c28e60c486985890b606b7fde08efc8c8912417c39cbb99d8f9d1e405
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4dc175e328583e43aa963adf55e2734c78c16904a2266b1987d26091ec48fcff
5156b481588b2279fa1a85c2a0f060ec633de9376bc9e2674a3b47741e8f78f1
5a68f91e433c7d5019cfa24accc4ff078bace799d20a457872c6a257e769b81f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6395415c3b2b8fbc0a1f2cc8b174bd6c7bbb884e29ffaafda22ecd1281dace95
6534c9336c47c015a49e2324e6183e8e94e56266fdb9c013ca130fcd9ac6827d
66c1d81678b55bce491d7ec9fc67db808459b3eaa5aa8339170295fa921cbd88
6844bbd411ffe2faf80e95a7ee41ab093ce90739ddcb2a926c3edfdf8c84fdce
6bf3cec0fd7019dea20fcb2244243658fb7834b982709033e0d4ba9867b8e05c
725b6969208b01db2d124abcc26a4b0b7410a15275f438de7d46f4b4a3fc60b6
840807c3eaa3c726705fde08bfae860f9ca089b774698f428bca071d44cb7e2f
86329db935eff4f2ccedc0c00ebcbd45e0faebaaf58c4914b5d89c5394b478c5
9da93eacb66618ccecea55a6d5adc410352d1932901b063a06ed65e7a5e37248
ac4576612a7af804e633891d05c04a2c12c4fa92f423929472ea38ac7fa01f40
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
ace012ca5db0bd782a22d938f8bf4a7ecdda284f9515f0c79418356efd5153f5
c933eb4e7d64df2a46a161f387fdbf3d94ae7f41eb3f104d8581739e8307e2b3
cf3dd87f32b522a76bc5b52d9ff55e1267a55cbaf4f7ddbe3ff2125eb8e98319
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e038398d5931c796935b9813f8458084ed19ea5eec32b368b854b2486e187f36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed08b5e0c48e8b1490162105e70ee6980466887674013574bfdc42e3919cf40c
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f2fe010ad071d16168ac52cc90e8f7fc2b148a5a83a3ae9727c7d5a8283ced4e
f67e38dd08085b034fb93ef948d46eef5d874e2ee3a0b01bc146ed8b8b8251fe