urlscan.io logo urlscan.io
SecurityTrails logo

www.downloadoperagx.com Open in urlscan Pro
13.225.78.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://9kibawd817.monster/n7rhPaf1c8e028cd7068ffbef05c910f06542726543a2?SUBID=343852&s3=64c6fafd7085ab00015e779e&ref=https...
Effective URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d2...
Submission: On August 01 via manual from PL — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 32 HTTP transactions. The main IP is 13.225.78.114, located in United States and belongs to AMAZON-02, US. The main domain is www.downloadoperagx.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 21st 2023. Valid for: a year.
This is the only time www.downloadoperagx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.21.81.111 13335 (CLOUDFLAR...)
1 34.141.179.97 396982 (GOOGLE-CL...)
7 13.225.78.114 16509 (AMAZON-02)
1 74.125.24.95 15169 (GOOGLE)
1 172.253.118.97 15169 (GOOGLE)
6 74.125.130.136 15169 (GOOGLE)
4 64.233.170.94 15169 (GOOGLE)
1 2 74.125.24.149 ()
2 204.79.197.200 ()
32 10
1    104.21.81.111 (None, )

ASN13335 (CLOUDFLARENET, US)
9kibawd817.monster
1    34.141.179.97 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.179.141.34.bc.googleusercontent.com
aditmedia.g2afse.com
7    13.225.78.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-114.fra2.r.cloudfront.net
www.downloadoperagx.com
1    74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net
fonts.googleapis.com
1    172.253.118.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f97.1e100.net
www.googletagmanager.com
6    74.125.130.136 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f136.1e100.net
www.youtube.com
4    64.233.170.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f94.1e100.net
fonts.gstatic.com
2    74.125.24.149 (None, )

ASN- ()
11442918.fls.doubleclick.net
2    204.79.197.200 (None, )

ASN- ()
bat.bing.com
Apex Domain
Subdomains		 Transfer
7 downloadoperagx.com
www.downloadoperagx.com
473 KB
6 youtube.com
www.youtube.com — Cisco Umbrella Rank: 92
927 KB
4 gstatic.com
fonts.gstatic.com
49 KB
2 bing.com
bat.bing.com
13 KB
2 doubleclick.net
11442918.fls.doubleclick.net
googleads.g.doubleclick.net Failed
static.doubleclick.net Failed
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
67 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79
jnn-pa.googleapis.com Failed
951 B
1 g2afse.com
aditmedia.g2afse.com — Cisco Umbrella Rank: 183071
541 B
1 9kibawd817.monster
9kibawd817.monster
2 KB
0 ytimg.com Failed
i.ytimg.com Failed
0 google.com Failed
www.google.com Failed
adservice.google.com Failed
32 11
Domain Requested by
7 www.downloadoperagx.com www.downloadoperagx.com
6 www.youtube.com www.downloadoperagx.com
www.youtube.com
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 bat.bing.com www.googletagmanager.com
bat.bing.com
www.downloadoperagx.com
2 11442918.fls.doubleclick.net 1 redirects www.googletagmanager.com
1 www.googletagmanager.com www.downloadoperagx.com
1 fonts.googleapis.com www.downloadoperagx.com
1 aditmedia.g2afse.com 9kibawd817.monster
1 9kibawd817.monster
0 adservice.google.com Failed 11442918.fls.doubleclick.net
0 i.ytimg.com Failed www.youtube.com
0 www.google.com Failed www.youtube.com
0 jnn-pa.googleapis.com Failed www.youtube.com
0 static.doubleclick.net Failed www.youtube.com
0 googleads.g.doubleclick.net Failed www.youtube.com
32 15

This site contains links to these domains. Also see Links.

Domain
www.pwnprivacy.com
Subject Issuer Validity Valid
9kibawd817.monster
E1		 2023-07-25 -
2023-10-23		 3 months crt.sh
*.g2afse.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-04 -
2023-09-04		 a year crt.sh
downloadoperagx.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-03-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh

This page contains 4 frames:

Primary Page: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
Frame ID: B468610561642CC43D674B38AE7A965D
Requests: 16 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Frame ID: 2E7DF9B954593110AB85A6EE5A1255B2
Requests: 13 HTTP requests in this frame

Frame: https://11442918.fls.doubleclick.net/activityi;dc_pre=CLyS9dWeu4ADFQaoSwUdVMsMiA;src=11442918;type=pageview;cat=opera0;ord=1;num=9577058697332;auiddc=966458021.1690885318;gtm=45He37q0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8dcc1d25a00000194ade5%26btn%3D2
Frame ID: 6AAFA4D4E30227A060218DB42896EDBF
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLyS9dWeu4ADFQaoSwUdVMsMiA;src=11442918;type=pageview;cat=opera0;ord=1;num=9577058697332;auiddc=966458021.1690885318;gtm=45He37q0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8dcc1d25a00000194ade5%26btn%3D2
Frame ID: 228D60CA806D87023055ED97B0D5051D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Opera GX

Page URL History Show full URLs

  1. https://9kibawd817.monster/n7rhPaf1c8e028cd7068ffbef05c910f06542726543a2?SUBID=343852&s3=64c6fafd7085ab... Page URL
  2. https://aditmedia.g2afse.com/click?pid=3580&offer_id=20098&sub2=343142&sub1=AL_cyGRmPAUA6lwCAEFVFwASAGFFlp0A Page URL
  3. https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_34... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

32
Requests

75 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

10
IPs

3
Countries

1533 kB
Transfer

3941 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://9kibawd817.monster/n7rhPaf1c8e028cd7068ffbef05c910f06542726543a2?SUBID=343852&s3=64c6fafd7085ab00015e779e&ref=https%3A%2F%2Fwildbearads.go2affise.com%2F&q=File&s1=400_343852 Page URL
  2. https://aditmedia.g2afse.com/click?pid=3580&offer_id=20098&sub2=343142&sub1=AL_cyGRmPAUA6lwCAEFVFwASAGFFlp0A Page URL
  3. https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://11442918.fls.doubleclick.net/activityi;src=11442918;type=pageview;cat=opera0;ord=1;num=9577058697332;auiddc=966458021.1690885318;gtm=45He37q0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8dcc1d25a00000194ade5%26btn%3D2 HTTP 302
  • https://11442918.fls.doubleclick.net/activityi;dc_pre=CLyS9dWeu4ADFQaoSwUdVMsMiA;src=11442918;type=pageview;cat=opera0;ord=1;num=9577058697332;auiddc=966458021.1690885318;gtm=45He37q0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8dcc1d25a00000194ade5%26btn%3D2

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
n7rhPaf1c8e028cd7068ffbef05c910f06542726543a2
9kibawd817.monster/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9kibawd817.monster/n7rhPaf1c8e028cd7068ffbef05c910f06542726543a2?SUBID=343852&s3=64c6fafd7085ab00015e779e&ref=https%3A%2F%2Fwildbearads.go2affise.com%2F&q=File&s1=400_343852
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.81.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7efd5b4acd52a961-SYD
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 01 Aug 2023 10:21:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBXpaIYT7yP%2FpTyCLtfwz5NOOt8QlYXpgMD%2Fkqsifi6nwDLfAa0daq2JsX0tMtS%2Bq4YDT2DBuxU2It%2FCa9D%2BRDB089pEL1trjh5PxjehP0kvCUavWDweT2eEBPQ22PMBhGnBvQs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
click
aditmedia.g2afse.com/ 		286 B
541 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aditmedia.g2afse.com/click?pid=3580&offer_id=20098&sub2=343142&sub1=AL_cyGRmPAUA6lwCAEFVFwASAGFFlp0A
Requested by
Host: 9kibawd817.monster
URL: https://9kibawd817.monster/n7rhPaf1c8e028cd7068ffbef05c910f06542726543a2?SUBID=343852&s3=64c6fafd7085ab00015e779e&ref=https%3A%2F%2Fwildbearads.go2affise.com%2F&q=File&s1=400_343852
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.141.179.97 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.179.141.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://9kibawd817.monster/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 01 Aug 2023 10:21:53 GMT
server
nginx
x-adjust-use-original-forwarded-for
1
Primary Request /
www.downloadoperagx.com/ef/ 		56 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-114.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4dc175e328583e43aa963adf55e2734c78c16904a2266b1987d26091ec48fcff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
76951
content-encoding
gzip
content-type
text/html
date
Mon, 31 Jul 2023 12:59:25 GMT
etag
W/"020004d93d6f2391ae672285e4184fda"
last-modified
Tue, 11 Apr 2023 18:38:20 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-id
NXg6byP1srUVUe7oeZCbGNXimI8qnR5cnYk3Q20U8-wghT3f-d4RFw==
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
css2
fonts.googleapis.com/ 		3 KB
951 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;600&display=swap
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
c933eb4e7d64df2a46a161f387fdbf3d94ae7f41eb3f104d8581739e8307e2b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 01 Aug 2023 10:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 10:21:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Aug 2023 10:21:56 GMT
3809.png
www.downloadoperagx.com/ef/assets/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.downloadoperagx.com/ef/assets/3809.png
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-114.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6534c9336c47c015a49e2324e6183e8e94e56266fdb9c013ca130fcd9ac6827d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 00:21:02 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
last-modified
Tue, 11 Apr 2023 16:31:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
36053
x-amz-server-side-encryption
AES256
etag
"11085e62a22a6ba5cfe9522a2c574d63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3560
x-amz-cf-id
reGlo8BAjntKJCa1_GewgIzqCZT1TmFiIh4ThKGCSVN6fLCj9x86aw==
large.png
www.downloadoperagx.com/ef/assets/ 		271 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.downloadoperagx.com/ef/assets/large.png
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-114.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
840807c3eaa3c726705fde08bfae860f9ca089b774698f428bca071d44cb7e2f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 02:40:42 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
last-modified
Tue, 11 Apr 2023 16:31:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
27675
x-amz-server-side-encryption
AES256
etag
"851486a753c2705f3df7216ed8bdad14"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
277266
x-amz-cf-id
lDZfVAfsw-MXn5uyDHWMGecJJYgLyJ9eQ7zABvck0-FYfqlAdqnDGQ==
testes.png
www.downloadoperagx.com/ef/assets/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.downloadoperagx.com/ef/assets/testes.png
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-114.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a68f91e433c7d5019cfa24accc4ff078bace799d20a457872c6a257e769b81f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 05:19:41 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
last-modified
Tue, 11 Apr 2023 16:31:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
18136
x-amz-server-side-encryption
AES256
etag
"4ad06bd4315a083ae6f10e55609a2eac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
76694
x-amz-cf-id
Kt5z7jaNUVXTU_iJE2J_8Oin9spFaeyGRZx29tZVAjkprRHt3kkgig==
xm1k.png
www.downloadoperagx.com/ef/assets/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.downloadoperagx.com/ef/assets/xm1k.png
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-114.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
252533d7df67fc807e0242bf4836c2bf427195ab60ef347d17d21bac3e41efa2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 01:57:06 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
last-modified
Tue, 11 Apr 2023 16:31:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
30291
x-amz-server-side-encryption
AES256
etag
"a894074dc33282d77ce55af476d557de"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
35753
x-amz-cf-id
rDFB_AzRPLi5EO0A9P1Vwcc6JsojuvB10x8GRg_A4JGHblhCKM9TUw==
brazil.png
www.downloadoperagx.com/ef/assets/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.downloadoperagx.com/ef/assets/brazil.png
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-114.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f67e38dd08085b034fb93ef948d46eef5d874e2ee3a0b01bc146ed8b8b8251fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 00:21:40 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
last-modified
Tue, 11 Apr 2023 16:31:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
36020
x-amz-server-side-encryption
AES256
etag
"e27e4a3897ea7777f51d73274d69d812"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
42972
x-amz-cf-id
W_bXHJi6nGZQFfOnuPm6lzGWBRIGyZXTI7USzVXw0k3NCZhZ1VW3KQ==
gtm.js
www.googletagmanager.com/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W22TDPP
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
81f99d47fd0b9e2b61fe42308b659ba6ae012af6afe3f2052cba5efebdf8a06f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 10:21:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68067
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Aug 2023 10:21:57 GMT
Uv-jwjKxZsk
www.youtube.com/embed/ Frame 2E7D 		77 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f136.1e100.net
Software
ESF /
Resource Hash
8dfd1cf7fa27107d53873c10e1e0071419588c9e36a28749844d64c43ca48c9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.downloadoperagx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-FMdRWzHzJp7emlDMAcznQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 10:21:57 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
new-bkg.jpg
www.downloadoperagx.com/ef/assets/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.downloadoperagx.com/ef/assets/new-bkg.jpg
Requested by
Host: www.downloadoperagx.com
URL: https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-114.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf3dd87f32b522a76bc5b52d9ff55e1267a55cbaf4f7ddbe3ff2125eb8e98319

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downloadoperagx.com/ef/?tl=aHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw==&sub1=3580_343142&sub2=64c8dcc1d25a00000194ade5&btn=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 18:43:14 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
last-modified
Tue, 11 Apr 2023 16:31:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
56323
x-amz-server-side-encryption
AES256
etag
"de2dea088eb51d9a1b71fabd463886fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
32246
x-amz-cf-id
O_zbxBDaJtLOMyoMo-53nQK_KtWN3ZaKYhtm_iy7Rd4i2zPrM_ZdqQ==
cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v9/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
sffe /
Resource Hash
ace012ca5db0bd782a22d938f8bf4a7ecdda284f9515f0c79418356efd5153f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.downloadoperagx.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 06:14:56 GMT
x-content-type-options
nosniff
age
360421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9156
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 18:49:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 06:14:56 GMT
cIflMapbsEk7TDLdtEz1BwkeNIh1R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v9/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeNIh1R5_F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
sffe /
Resource Hash
9da93eacb66618ccecea55a6d5adc410352d1932901b063a06ed65e7a5e37248
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.downloadoperagx.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 04:00:02 GMT
x-content-type-options
nosniff
age
282115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 18:57:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 04:00:02 GMT
www-player.css
www.youtube.com/s/player/0e6aaa83/ Frame 2E7D 		378 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e6aaa83/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f136.1e100.net
Software
sffe /
Resource Hash
1e661ba04912a7c8b856cc3326eec59d54402e18872a3cc73a86fd6d4b86cf31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
474486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48028
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 23:37:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 25 Jul 2024 22:33:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2E7D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 07:23:57 GMT
x-content-type-options
nosniff
age
356280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 07:23:57 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2E7D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 16:44:54 GMT
x-content-type-options
nosniff
age
322623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 16:44:54 GMT
embed.js
www.youtube.com/s/player/0e6aaa83/player_ias.vflset/en_GB/ Frame 2E7D 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/en_GB/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f136.1e100.net
Software
sffe /
Resource Hash
c597b65c5d65f18d6585dabe31a24e951e0c8df01306d1d0e0f0f49237ba24b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:47:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
473690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8084
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 23:37:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 25 Jul 2024 22:47:07 GMT
www-embed-player.js
www.youtube.com/s/player/0e6aaa83/www-embed-player.vflset/ Frame 2E7D 		311 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e6aaa83/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f136.1e100.net
Software
sffe /
Resource Hash
66c1d81678b55bce491d7ec9fc67db808459b3eaa5aa8339170295fa921cbd88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
474327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95340
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 23:37:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 25 Jul 2024 22:36:30 GMT
base.js
www.youtube.com/s/player/0e6aaa83/player_ias.vflset/en_GB/ Frame 2E7D 		2 MB
744 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/en_GB/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f136.1e100.net
Software
sffe /
Resource Hash
5d81d48907af6c0e73789238d62eaa11d520e3b06dea05b4f3d25542a9932bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:47:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
761108
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 23:37:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 25 Jul 2024 22:47:07 GMT
fetch-polyfill.js
www.youtube.com/s/player/0e6aaa83/fetch-polyfill.vflset/ Frame 2E7D 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e6aaa83/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f136.1e100.net
Software
sffe /
Resource Hash
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
474486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2625
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 23:37:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 25 Jul 2024 22:33:51 GMT
activityi;dc_pre=CLyS9dWeu4ADFQaoSwUdVMsMiA;src=11442918;type=pageview;cat=opera0;ord=1;num=9577058697332;auiddc=966458021.1690885318;gtm=45He37q0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epve...
11442918.fls.doubleclick.net/ Frame 6AAF
Redirect Chain
  • https://11442918.fls.doubleclick.net/activityi;src=11442918;type=pageview;cat=opera0;ord=1;num=9577058697332;auiddc=966458021.1690885318;gtm=45He37q0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;e...
  • https://11442918.fls.doubleclick.net/activityi;dc_pre=CLyS9dWeu4ADFQaoSwUdVMsMiA;src=11442918;type=pageview;cat=opera0;ord=1;num=9577058697332;auiddc=966458021.1690885318;gtm=45He37q0;uaa=;uab=;uaf...
690 B
584 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11442918.fls.doubleclick.net/activityi;dc_pre=CLyS9dWeu4ADFQaoSwUdVMsMiA;src=11442918;type=pageview;cat=opera0;ord=1;num=9577058697332;auiddc=966458021.1690885318;gtm=45He37q0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8dcc1d25a00000194ade5%26btn%3D2?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W22TDPP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
5bc1a16f7b01daa117e49154c202ab6cb9e0cd5d6043b2c9166912584b503abe
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.downloadoperagx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
408
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 10:21:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 10:21:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11442918.fls.doubleclick.net/activityi;dc_pre=CLyS9dWeu4ADFQaoSwUdVMsMiA;src=11442918;type=pageview;cat=opera0;ord=1;num=9577058697332;auiddc=966458021.1690885318;gtm=45He37q0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8dcc1d25a00000194ade5%26btn%3D2?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bat.js
bat.bing.com/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W22TDPP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 01 Aug 2023 10:21:57 GMT
last-modified
Fri, 28 Jul 2023 18:19:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1B22E10097A74D63B0B1EBAA23660429 Ref B: SYD03EDGE0911 Ref C: 2023-08-01T10:21:58Z
etag
"806f3b1280c1d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12469
id
googleads.g.doubleclick.net/pagead/ Frame 2E7D 		0
0
ad_status.js
static.doubleclick.net/instream/ Frame 2E7D 		0
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2E7D 		0
0
8v4BCtBx0WForFLMkOj3_CsUilqDo66XJ8fVqCg87U4.js
www.google.com/js/th/ Frame 2E7D 		0
0
default.webp
i.ytimg.com/vi_webp/Uv-jwjKxZsk/ Frame 2E7D 		0
0
11002730.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/11002730.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.downloadoperagx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 01 Aug 2023 10:21:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 53233E5B4D0A45EFBC6CF1217D9F14A5 Ref B: SYD03EDGE0911 Ref C: 2023-08-01T10:21:58Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
0
dc_pre=CLyS9dWeu4ADFQaoSwUdVMsMiA;src=11442918;type=pageview;cat=opera0;ord=1;num=9577058697332;auiddc=966458021.1690885318;gtm=45He37q0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=...
adservice.google.com/ddm/fls/i/ Frame 228D 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/id
Domain
static.doubleclick.net
URL
https://static.doubleclick.net/instream/ad_status.js
Domain
jnn-pa.googleapis.com
URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Domain
jnn-pa.googleapis.com
URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Domain
www.google.com
URL
https://www.google.com/js/th/8v4BCtBx0WForFLMkOj3_CsUilqDo66XJ8fVqCg87U4.js
Domain
i.ytimg.com
URL
https://i.ytimg.com/vi_webp/Uv-jwjKxZsk/default.webp
Domain
bat.bing.com
URL
https://bat.bing.com/action/0?ti=11002730&tm=gtm002&Ver=2&mid=e0b938e2-93bd-474e-a1d2-ee77f469bf10&sid=3f173bb0305511ee8da7851e738854c4&vid=3f176dc0305511eeb655b1e96cbe36d4&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Opera%20GX&p=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8dcc1d25a00000194ade5%26btn%3D2&r=&lt=3077&evt=pageLoad&sv=1&rn=40819
Domain
adservice.google.com
URL
https://adservice.google.com/ddm/fls/i/dc_pre=CLyS9dWeu4ADFQaoSwUdVMsMiA;src=11442918;type=pageview;cat=opera0;ord=1;num=9577058697332;auiddc=966458021.1690885318;gtm=45He37q0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.downloadoperagx.com%2Fef%2F%3Ftl%3DaHR0cHM6Ly93d3cuZ2V0Z3gubmV0L2NtcC8yNlJaNlRIL1RGNUgzVw%3D%3D%26sub1%3D3580_343142%26sub2%3D64c8dcc1d25a00000194ade5%26btn%3D2

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer function| get_url_params function| get_url_param function| goto function| get_browser_locale function| get_browser_short_locale function| get_available_locale function| translate function| fetch_elements function| on_dom_load object| locales string| language object| google_tag_manager object| google_tag_data

6 Cookies

Domain/Path Name / Value
9kibawd817.monster/ Name: bd_context
Value: kZ2MBGprIehtU/4DxBMFQYLmSh0jqcr35a8Sgy4Q7MX32uGSM4M3L2J89q4mJ79mZzJB6w9hoOs6F0KRlcSJiIUqpS/smobIlSzUZYaiq7xOy0951N5puF8SILPGnD4IRObLGu3Xm0khcbn66dnTpMA/wpTJWlMKy2kvOL2a5OCbvHWJZGKbG1SI01aWE1ZnYye3T9CU2oUpZPhF5kk41nSHcWx3+jIitp5vN+ZhQhFULXtyF1B8b81Lvy2wE96nhS5wme3T7xYzdrC6wUxCsxPcQZoZ/xhHFrxn+EUVBpt3xVO2fyOAgrccO0NDyGRr00G/mHnNQQeiosnp
aditmedia.g2afse.com/ Name: afclick
Value: 64c8dcc1d25a00000194ade5
aditmedia.g2afse.com/ Name: afoffers
Value: {"20098":1690885313}
.youtube.com/ Name: YSC
Value: GWmT4b13hoU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 75UZljF-_kU
.downloadoperagx.com/ Name: _gcl_au
Value: 1.1.966458021.1690885318

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11442918.fls.doubleclick.net
9kibawd817.monster
aditmedia.g2afse.com
adservice.google.com
bat.bing.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
www.downloadoperagx.com
www.google.com
www.googletagmanager.com
www.youtube.com
adservice.google.com
bat.bing.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
www.google.com
104.21.81.111
13.225.78.114
172.253.118.97
204.79.197.200
34.141.179.97
64.233.170.94
74.125.130.136
74.125.24.149
74.125.24.95
1e661ba04912a7c8b856cc3326eec59d54402e18872a3cc73a86fd6d4b86cf31
252533d7df67fc807e0242bf4836c2bf427195ab60ef347d17d21bac3e41efa2
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4dc175e328583e43aa963adf55e2734c78c16904a2266b1987d26091ec48fcff
5a68f91e433c7d5019cfa24accc4ff078bace799d20a457872c6a257e769b81f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bc1a16f7b01daa117e49154c202ab6cb9e0cd5d6043b2c9166912584b503abe
5d81d48907af6c0e73789238d62eaa11d520e3b06dea05b4f3d25542a9932bc8
6534c9336c47c015a49e2324e6183e8e94e56266fdb9c013ca130fcd9ac6827d
66c1d81678b55bce491d7ec9fc67db808459b3eaa5aa8339170295fa921cbd88
81f99d47fd0b9e2b61fe42308b659ba6ae012af6afe3f2052cba5efebdf8a06f
840807c3eaa3c726705fde08bfae860f9ca089b774698f428bca071d44cb7e2f
8dfd1cf7fa27107d53873c10e1e0071419588c9e36a28749844d64c43ca48c9d
9da93eacb66618ccecea55a6d5adc410352d1932901b063a06ed65e7a5e37248
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
ace012ca5db0bd782a22d938f8bf4a7ecdda284f9515f0c79418356efd5153f5
c597b65c5d65f18d6585dabe31a24e951e0c8df01306d1d0e0f0f49237ba24b7
c933eb4e7d64df2a46a161f387fdbf3d94ae7f41eb3f104d8581739e8307e2b3
cf3dd87f32b522a76bc5b52d9ff55e1267a55cbaf4f7ddbe3ff2125eb8e98319
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f67e38dd08085b034fb93ef948d46eef5d874e2ee3a0b01bc146ed8b8b8251fe