urlscan.io logo urlscan.io
SecurityTrails logo

downloadoperagx.com Open in urlscan Pro
13.225.80.85  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://downloadoperagx.com/
Effective URL: https://downloadoperagx.com/
Submission: On February 14 via manual from DK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 29 HTTP transactions. The main IP is 13.225.80.85, located in United States and belongs to AMAZON-02, US. The main domain is downloadoperagx.com. The Cisco Umbrella rank of the primary domain is 130042.
TLS certificate: Issued by Amazon on September 21st 2021. Valid for: a year.
This is the only time downloadoperagx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 13.225.80.85 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.185.198 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 20.85.30.134 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
29 14
5    13.225.80.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-85.fra2.r.cloudfront.net
downloadoperagx.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
11442918.fls.doubleclick.net
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
j.clarity.ms
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
Apex Domain
Subdomains		 Transfer
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
707 KB
5 doubleclick.net
11442918.fls.doubleclick.net — Cisco Umbrella Rank: 195250
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
static.doubleclick.net — Cisco Umbrella Rank: 309
2 KB
5 downloadoperagx.com
downloadoperagx.com — Cisco Umbrella Rank: 130042
455 KB
4 clarity.ms
j.clarity.ms — Cisco Umbrella Rank: 2022
c.clarity.ms — Cisco Umbrella Rank: 693
23 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 331
c.bing.com — Cisco Umbrella Rank: 212
13 KB
3 gstatic.com
fonts.gstatic.com
34 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 59
15 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 9027
870 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
49 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1016 B
29 10
Domain Requested by
8 www.youtube.com downloadoperagx.com
www.youtube.com
5 downloadoperagx.com 1 redirects downloadoperagx.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
downloadoperagx.com
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 c.clarity.ms 1 redirects downloadoperagx.com
2 j.clarity.ms bat.bing.com
j.clarity.ms
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 11442918.fls.doubleclick.net 1 redirects www.googletagmanager.com
1 adservice.google.de adservice.google.com
1 c.bing.com 1 redirects
1 adservice.google.com 11442918.fls.doubleclick.net
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.googletagmanager.com downloadoperagx.com
1 fonts.googleapis.com downloadoperagx.com
29 15

This site contains links to these domains. Also see Links.

Domain
www.pwnprivacy.com
Subject Issuer Validity Valid
downloadoperagx.com
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://downloadoperagx.com/
Frame ID: 7F5B78A689C4FA37CE2FDCA980843E93
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Frame ID: 292DC624681B05F953219E20BF499237
Requests: 12 HTTP requests in this frame

Frame: https://11442918.fls.doubleclick.net/activityi;dc_pre=COnX5d2g__UCFRXO1QodlxAIlw;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F
Frame ID: F3382069C9CAE3EEEF402CE530334779
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COnX5d2g__UCFRXO1QodlxAIlw;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F
Frame ID: C7EBB25714F9023FB1743087EDD71301
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COnX5d2g__UCFRXO1QodlxAIlw;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F
Frame ID: 0DC1A459C68D51B20B5A371100CE8504
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Opera GX

Page URL History Show full URLs

  1. http://downloadoperagx.com/ HTTP 301
    https://downloadoperagx.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

29
Requests

93 %
HTTPS

71 %
IPv6

10
Domains

15
Subdomains

14
IPs

3
Countries

1298 kB
Transfer

3394 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://downloadoperagx.com/ HTTP 301
    https://downloadoperagx.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://11442918.fls.doubleclick.net/activityi;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F HTTP 302
  • https://11442918.fls.doubleclick.net/activityi;dc_pre=COnX5d2g__UCFRXO1QodlxAIlw;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F
Request Chain 17
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 23
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=C4B8C1685F5D41878C66937F3ADC53BA&RedC=c.clarity.ms&MXFR=378B0BE13BC560360D1B1AAA3FC56E4A HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=C4B8C1685F5D41878C66937F3ADC53BA&MUID=25DAA608D2136C040038B743D3786DD6

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
downloadoperagx.com/
Redirect Chain
  • http://downloadoperagx.com/
  • https://downloadoperagx.com/
33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://downloadoperagx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-85.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b51ef018f373fe5ecdb73fbc41bf12c863a811ffa758c43b97bea66bedb6741

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
last-modified
Fri, 21 Jan 2022 16:20:39 GMT
server
AmazonS3
content-encoding
gzip
date
Mon, 14 Feb 2022 06:39:29 GMT
etag
W/"c915e4e541daed4337ff6cad7b925a7d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
WWNxQkY09ZIp71uz5BmOhHYhf0X2hgcbs32GAcJWZFm4BkFYYpFLvA==
age
23188

Redirect headers

Server
CloudFront
Date
Mon, 14 Feb 2022 13:03:41 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://downloadoperagx.com/
X-Cache
Redirect from cloudfront
Via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
ulTpJFSc4OV6H_eaAHuXXcgAsl75_qMjR542VusX6-__8E-DEHNU_g==
css2
fonts.googleapis.com/ 		3 KB
1016 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;600&display=swap
Requested by
Host: downloadoperagx.com
URL: https://downloadoperagx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a4c7d24c14014861572f6cba513a8edffde8385d3bfefebdc32d1939332711fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:22:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Feb 2022 13:03:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Feb 2022 13:03:41 GMT
3809.png
downloadoperagx.com/assets/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://downloadoperagx.com/assets/3809.png
Requested by
Host: downloadoperagx.com
URL: https://downloadoperagx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-85.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a9a18c629393d37153b6e200a557b36ab68bb6bb5068061f4d2a752733e720c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 08:05:06 GMT
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified
Thu, 11 Nov 2021 16:01:49 GMT
server
AmazonS3
age
17941
etag
"21f7ce215aae34f2e02075c53073aad6"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
7265
x-amz-cf-id
MojfDuf-Dp-Naw7qfFB8d_5XTX9ZpY3-v4CRTtiZKaQt-l_LEH49Mg==
xm1k.png
downloadoperagx.com/assets/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://downloadoperagx.com/assets/xm1k.png
Requested by
Host: downloadoperagx.com
URL: https://downloadoperagx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-85.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5e800a0f0f0b3b5ee1e6be0d7dceef5b7c2f88a33345e310afea6aa846fd01e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:20:33 GMT
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified
Thu, 11 Nov 2021 16:01:49 GMT
server
AmazonS3
age
24202
etag
"fb296fd6be55555670e23ef9e4d3176a"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
121947
x-amz-cf-id
Ft2VR4zb-IExxtb4yuZGB04zXPxzBDDx1w87kXPt7wG-Ww5nQZ6vfw==
gtm.js
www.googletagmanager.com/ 		132 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W22TDPP
Requested by
Host: downloadoperagx.com
URL: https://downloadoperagx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
030c7ac46bb7e3cdbb2c4c1bb951161c5c6cbe8637333ad37c43b822ed7ea4ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:03:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50038
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Feb 2022 13:03:41 GMT
Uv-jwjKxZsk
www.youtube.com/embed/ Frame 292D 		60 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Requested by
Host: downloadoperagx.com
URL: https://downloadoperagx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed7b9295ce930e636aa5bcc9326dbd3b0a9fba4480fa4820de9e4d88563a4612
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://downloadoperagx.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 14 Feb 2022 13:03:41 GMT
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
xwk9.png
downloadoperagx.com/assets/ 		319 KB
320 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://downloadoperagx.com/assets/xwk9.png
Requested by
Host: downloadoperagx.com
URL: https://downloadoperagx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-85.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8065cf86dfb65f5edf4a56a0dabb581f5248216922d4e4a198f2358279721565

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 03:47:55 GMT
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified
Thu, 11 Nov 2021 16:01:50 GMT
server
AmazonS3
age
33602
etag
"98bad9c0e22d83f92c81af7450e962a3"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
326592
x-amz-cf-id
Ei9fMBZrNkXbkiUWPwYPy2sQ86u9G4alGEzXXlw9Mo3ccUcdaaPLPw==
cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v8/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/chakrapetch/v8/cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ace012ca5db0bd782a22d938f8bf4a7ecdda284f9515f0c79418356efd5153f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://downloadoperagx.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:33:11 GMT
x-content-type-options
nosniff
age
408630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9156
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:42 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:33:11 GMT
cIflMapbsEk7TDLdtEz1BwkeNIh1R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v8/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/chakrapetch/v8/cIflMapbsEk7TDLdtEz1BwkeNIh1R5_F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9da93eacb66618ccecea55a6d5adc410352d1932901b063a06ed65e7a5e37248
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://downloadoperagx.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:33:11 GMT
x-content-type-options
nosniff
age
408630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9104
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:33:11 GMT
activityi;dc_pre=COnX5d2g__UCFRXO1QodlxAIlw;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F
11442918.fls.doubleclick.net/ Frame F338
Redirect Chain
  • https://11442918.fls.doubleclick.net/activityi;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F?
  • https://11442918.fls.doubleclick.net/activityi;dc_pre=COnX5d2g__UCFRXO1QodlxAIlw;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2...
491 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11442918.fls.doubleclick.net/activityi;dc_pre=COnX5d2g__UCFRXO1QodlxAIlw;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W22TDPP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
a010c989638998bc4b37e0a91c022ef6da9c28c2e14f9ad29830afd297c94bfa
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 14 Feb 2022 13:03:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
389
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 14 Feb 2022 13:03:42 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://11442918.fls.doubleclick.net/activityi;dc_pre=COnX5d2g__UCFRXO1QodlxAIlw;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W22TDPP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:03:41 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FDFC8CDB4E68412CA8AEF59431281BEC Ref B: FRAEDGE1414 Ref C: 2022-02-14T13:03:41Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11333
www-player-webp.css
www.youtube.com/s/player/96dcbc8c/ Frame 292D 		342 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b77abfeaea1a4ad2f58b86aa6b30e3c8b3bdc13c2732e89ad4c4ea5af427309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 12:39:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
1468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47770
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 14 Feb 2023 12:39:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 292D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 11:18:05 GMT
x-content-type-options
nosniff
age
524736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 11:18:05 GMT
www-embed-player.js
www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/ Frame 292D 		282 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e8237174d7df397d5743d7809d2135cc46113bf5e01616719f8626e539683a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 20:27:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
59748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86941
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 13 Feb 2023 20:27:53 GMT
base.js
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/ Frame 292D 		2 MB
537 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
727ee83ad0a259323db01b52f54200bf003c7dc6fccf76964c0c3231ef456291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:48:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
418496
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
549860
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:48:45 GMT
fetch-polyfill.js
www.youtube.com/s/player/96dcbc8c/fetch-polyfill.vflset/ Frame 292D 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 00:51:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
130317
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3338
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 13 Feb 2023 00:51:44 GMT
11002730.js
bat.bing.com/p/action/ 		685 B
760 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/11002730.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
2c1a3c8f1222bb5ae8e502f039d1873edf5e8610e89d1affa4d7befe746b42f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 13:03:41 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E957338BF52E467AA28C400C17369E81 Ref B: FRAEDGE1414 Ref C: 2022-02-14T13:03:41Z
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
591
0
bat.bing.com/action/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=11002730&tm=gtm002&Ver=2&mid=d816ac79-8508-4a0f-849a-fee1173550ca&sid=88b180308d9611ec90581d6b50def4e2&vid=88b18da08d9611ec809193563387253b&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Opera%20GX&p=https%3A%2F%2Fdownloadoperagx.com%2F&r=&lt=222&evt=pageLoad&msclkid=N&sv=1&rn=669747
Requested by
Host: downloadoperagx.com
URL: https://downloadoperagx.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 13:03:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A0CEFDAE08A743BAAA4DDF31CC450DBD Ref B: FRAEDGE1414 Ref C: 2022-02-14T13:03:41Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 292D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H3
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6060970acfd48b013972e1e80e674fd12779a4e5bafa1c8692319bb2621b59f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:03:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 14 Feb 2022 13:03:42 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 292D 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 12:59:18 GMT
x-content-type-options
nosniff
age
264
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Feb 2022 13:14:18 GMT
AK-wjM5fFWkW--b9hYESLM5nC4w5_J8gYPCaluQQslU.js
www.google.com/js/th/ Frame 292D 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/AK-wjM5fFWkW--b9hYESLM5nC4w5_J8gYPCaluQQslU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00afb08cce5f156916fbe6fd8581122cce670b8c39fc9f2060f09a96e410b255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 00:36:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
304020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13514
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Feb 2023 00:36:42 GMT
embed.js
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/ Frame 292D 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e15d1f3aa3eb16096ff635b9ae2dd2c4a7347e0f334769d104cd6df581d20798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:48:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
418496
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7710
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:48:46 GMT
dc_pre=COnX5d2g__UCFRXO1QodlxAIlw;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F
adservice.google.com/ddm/fls/i/ Frame C7EB 		490 B
858 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=COnX5d2g__UCFRXO1QodlxAIlw;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F
Requested by
Host: 11442918.fls.doubleclick.net
URL: https://11442918.fls.doubleclick.net/activityi;dc_pre=COnX5d2g__UCFRXO1QodlxAIlw;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c16f7ae9b733162ecbc3c3fc49956999568763e85de47d3726bf082c69b2401e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://11442918.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 14 Feb 2022 13:03:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
389
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
clarity.js
j.clarity.ms/s/0.6.32/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/s/0.6.32/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/11002730.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:03:42 GMT
content-encoding
br
etag
"1d8191fe855c690"
last-modified
Thu, 03 Feb 2022 17:03:04 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=C4B8C1685F5D41878C66937F3ADC53BA&RedC=c.clarity.ms&MXFR=378B0BE13BC560360D1B1AAA3FC56E4A
  • https://c.clarity.ms/c.gif?CtsSyncId=C4B8C1685F5D41878C66937F3ADC53BA&MUID=25DAA608D2136C040038B743D3786DD6
42 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=C4B8C1685F5D41878C66937F3ADC53BA&MUID=25DAA608D2136C040038B743D3786DD6
Requested by
Host: downloadoperagx.com
URL: https://downloadoperagx.com/
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 13:03:41 GMT
last-modified
Wed, 12 Jan 2022 02:05:35 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"9ea1ae3587d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 13:03:42 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 66C4969BFBEC42CBA1C8A4276DADB415 Ref B: FRAEDGE1414 Ref C: 2022-02-14T13:03:42Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=C4B8C1685F5D41878C66937F3ADC53BA&MUID=25DAA608D2136C040038B743D3786DD6
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
generate_204
www.youtube.com/ Frame 292D 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?OCEERg
Requested by
Host: downloadoperagx.com
URL: https://downloadoperagx.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:03:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dc_pre=COnX5d2g__UCFRXO1QodlxAIlw;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F
adservice.google.de/ddm/fls/i/ Frame 0DC1 		194 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=COnX5d2g__UCFRXO1QodlxAIlw;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COnX5d2g__UCFRXO1QodlxAIlw;src=11442918;type=pageview;cat=opera0;ord=1;num=8963257804569;gtm=2wg290;auiddc=35608789.1644843822;~oref=https%3A%2F%2Fdownloadoperagx.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 14 Feb 2022 13:03:42 GMT
expires
Mon, 14 Feb 2022 13:03:42 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
collect
j.clarity.ms/ 		0
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://downloadoperagx.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://downloadoperagx.com
date
Mon, 14 Feb 2022 13:03:42 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
log_event
www.youtube.com/youtubei/v1/ Frame 292D 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
X-YouTube-Client-Version
1.20220208.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtfV0RnWDZ2Z2VWMCitpqmQBg%3D%3D
X-YouTube-Ad-Signals
dt=1644843822029&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 14 Feb 2022 13:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Mon, 14 Feb 2022 13:03:44 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| dataLayer function| get_url_params function| get_url_param function| goto function| get_browser_locale function| get_browser_short_locale function| get_available_locale function| translate function| fetch_elements function| on_dom_load object| locales string| language object| google_tag_manager object| google_tag_data function| UET function| UET_init function| UET_push object| ueto_6cda58a44c object| uetq function| clarity

13 Cookies

Domain/Path Name / Value
.downloadoperagx.com/ Name: _gcl_au
Value: 1.1.35608789.1644843822
.youtube.com/ Name: YSC
Value: 0acXyPM-AU4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: _WDgX6vgeV0
.bing.com/ Name: MUID
Value: 25DAA608D2136C040038B743D3786DD6
.downloadoperagx.com/ Name: _uetsid
Value: 88b180308d9611ec90581d6b50def4e2
.downloadoperagx.com/ Name: _uetvid
Value: 88b18da08d9611ec809193563387253b
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.c.bing.com/ Name: SRM_B
Value: 25DAA608D2136C040038B743D3786DD6
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 25DAA608D2136C040038B743D3786DD6
.c.clarity.ms/ Name: ANONCHK
Value: 0
.downloadoperagx.com/ Name: _clck
Value: l5h4zq|1|eyz|0
.downloadoperagx.com/ Name: _clsk
Value: 9xe8o8|1644843822905|1|1|j.clarity.ms/collect

2 Console Messages

Source Level URL
Text
other warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-W22TDPP(Line 50)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-W22TDPP(Line 50)
Message:
Unrecognized feature: 'conversion-measurement'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11442918.fls.doubleclick.net
adservice.google.com
adservice.google.de
bat.bing.com
c.bing.com
c.clarity.ms
downloadoperagx.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
j.clarity.ms
static.doubleclick.net
www.google.com
www.googletagmanager.com
www.youtube.com
13.225.80.85
142.250.185.198
20.85.30.134
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2004
52.142.114.2
00afb08cce5f156916fbe6fd8581122cce670b8c39fc9f2060f09a96e410b255
030c7ac46bb7e3cdbb2c4c1bb951161c5c6cbe8637333ad37c43b822ed7ea4ba
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0e8237174d7df397d5743d7809d2135cc46113bf5e01616719f8626e539683a0
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
2c1a3c8f1222bb5ae8e502f039d1873edf5e8610e89d1affa4d7befe746b42f1
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
3b77abfeaea1a4ad2f58b86aa6b30e3c8b3bdc13c2732e89ad4c4ea5af427309
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
6060970acfd48b013972e1e80e674fd12779a4e5bafa1c8692319bb2621b59f9
6b51ef018f373fe5ecdb73fbc41bf12c863a811ffa758c43b97bea66bedb6741
727ee83ad0a259323db01b52f54200bf003c7dc6fccf76964c0c3231ef456291
8065cf86dfb65f5edf4a56a0dabb581f5248216922d4e4a198f2358279721565
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8a9a18c629393d37153b6e200a557b36ab68bb6bb5068061f4d2a752733e720c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9da93eacb66618ccecea55a6d5adc410352d1932901b063a06ed65e7a5e37248
a010c989638998bc4b37e0a91c022ef6da9c28c2e14f9ad29830afd297c94bfa
a4c7d24c14014861572f6cba513a8edffde8385d3bfefebdc32d1939332711fc
ace012ca5db0bd782a22d938f8bf4a7ecdda284f9515f0c79418356efd5153f5
c16f7ae9b733162ecbc3c3fc49956999568763e85de47d3726bf082c69b2401e
c5e800a0f0f0b3b5ee1e6be0d7dceef5b7c2f88a33345e310afea6aa846fd01e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e15d1f3aa3eb16096ff635b9ae2dd2c4a7347e0f334769d104cd6df581d20798
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed7b9295ce930e636aa5bcc9326dbd3b0a9fba4480fa4820de9e4d88563a4612
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9