urlscan.io logo urlscan.io
SecurityTrails logo

www.opera.com Open in urlscan Pro
3.19.105.170  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://7llkww.viadigitalconsulting.com/
Effective URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_so...
Submission: On July 06 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 25 domains to perform 59 HTTP transactions. The main IP is 3.19.105.170, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.opera.com. The Cisco Umbrella rank of the primary domain is 35295.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 17th 2024. Valid for: a year.
This is the only time www.opera.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

OperaGXSetup.exe 3 MB application/x-dosexec
MIME: PE32 executable (GUI) Intel 80386, for MS Windows
Size: 3 MB (3267552 bytes, 100% done)
Downloaded from: https://net.geo.opera.com/opera_gx/stable/windows?edition=std-2&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&edition=std-2&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_id=601de203db0b4f519f67a19d8df18df9&http_referrer=https%3A%2F%2Fwww.opera.com%2Fget%2Fopera-gx%3Futm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2&utm_site=opera_com&utm_lastpage=opera.com%2Fget%2Fopera-gx&utm_id=601de203db0b4f519f67a19d8df18df9&dl_token=33378980

Domain & IP information

1    167.114.27.228 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: r5.a1center.net
7llkww.viadigitalconsulting.com
1    194.1.147.36 (Manchester, United Kingdom)

ASN210250 (WPX, BG)
PTR: wpx.net
wimberleylibrary.org
2    2606:4700:3033::ac43:abc3 (United States)

ASN13335 (CLOUDFLARENET, US)
wwp.psmad.com
1    164.90.192.218 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
mgcrspub.froepse.com
1    2606:4700:3034::ac43:c8e6 (United States)

ASN13335 (CLOUDFLARENET, US)
bf.lmdfmd.com
2    2a02:4780:a:1471:0:1c05:4462:2 (Manchester, United Kingdom)

ASN47583 (AS-HOSTINGER, CY)
akumahapa.technologi.site
matigan.technologi.site
3    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.highrevenuenetwork.com
2    3.216.219.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-219-191.compute-1.amazonaws.com
www.bobgames-prolister.com
1    2606:4700:3037::ac43:d299 (United States)

ASN13335 (CLOUDFLARENET, US)
www.savinist.com
2    3.19.105.170 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-105-170.us-east-2.compute.amazonaws.com
www.opera.com
22    2600:1408:ec00:584::2d54 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn-production-opera-website.operacdn.com
1    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2607:f8b0:400d:c02::61 (None, )

ASN- ()
www.googletagmanager.com
1    2001:4c28:3000:622:107:167:110:216 (None, )

ASN- ()
net.geo.opera.com
2    2607:f8b0:400d:c0c::5e (None, )

ASN- ()
fonts.gstatic.com
1    2607:f8b0:4004:c1d::8a (None, )

ASN- ()
www.google-analytics.com
1    2a04:4e42:400::396 (None, )

ASN- ()
www.redditstatic.com
1    18.239.183.69 (None, )

ASN- ()
static.hotjar.com
1    2001:4860:4802:38::181 (None, )

ASN- ()
analytics.google.com
Apex Domain
Subdomains		 Transfer
22 operacdn.com
cdn-production-opera-website.operacdn.com — Cisco Umbrella Rank: 74900
209 KB
5 googletagmanager.com
www.googletagmanager.com
485 KB
3 opera.com
www.opera.com — Cisco Umbrella Rank: 35295
net.geo.opera.com
9 KB
3 highrevenuenetwork.com
www.highrevenuenetwork.com — Cisco Umbrella Rank: 301417
5 KB
2 gstatic.com
fonts.gstatic.com
20 KB
2 bobgames-prolister.com
www.bobgames-prolister.com — Cisco Umbrella Rank: 198130
1 KB
2 technologi.site
akumahapa.technologi.site
matigan.technologi.site
2 KB
2 psmad.com
wwp.psmad.com
5 KB
1 google.com
analytics.google.com
1 hotjar.com
static.hotjar.com
script.hotjar.com Failed
4 KB
1 redditstatic.com
www.redditstatic.com
13 KB
1 google-analytics.com
www.google-analytics.com
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
959 B
1 savinist.com
www.savinist.com — Cisco Umbrella Rank: 207260
960 B
1 lmdfmd.com
bf.lmdfmd.com
465 B
1 froepse.com
mgcrspub.froepse.com — Cisco Umbrella Rank: 783803
3 KB
1 wimberleylibrary.org
wimberleylibrary.org
538 B
1 viadigitalconsulting.com
7llkww.viadigitalconsulting.com
263 B
0 reddit.com Failed
pixel-config.reddit.com Failed
alb.reddit.com Failed
0 googleadservices.com Failed
www.googleadservices.com Failed
0 google.ca Failed
www.google.ca Failed
0 facebook.net Failed
connect.facebook.net Failed
0 licdn.com Failed
snap.licdn.com Failed
0 doubleclick.net Failed
googleads.g.doubleclick.net Failed
stats.g.doubleclick.net Failed
11199305.fls.doubleclick.net Failed
ad.doubleclick.net Failed
0 proftrafficcounter.com Failed
proftrafficcounter.com Failed
59 25
Domain Requested by
22 cdn-production-opera-website.operacdn.com www.opera.com
cdn-production-opera-website.operacdn.com
5 www.googletagmanager.com www.opera.com
www.googletagmanager.com
3 www.highrevenuenetwork.com 1 redirects matigan.technologi.site
2 fonts.gstatic.com fonts.googleapis.com
2 www.opera.com cdn-production-opera-website.operacdn.com
2 www.bobgames-prolister.com 2 redirects
2 wwp.psmad.com 1 redirects wimberleylibrary.org
1 analytics.google.com cdn-production-opera-website.operacdn.com
1 static.hotjar.com www.googletagmanager.com
1 www.redditstatic.com www.googletagmanager.com
cdn-production-opera-website.operacdn.com
1 www.google-analytics.com www.googletagmanager.com
www.opera.com
1 net.geo.opera.com cdn-production-opera-website.operacdn.com
1 fonts.googleapis.com www.opera.com
1 www.savinist.com 1 redirects
1 matigan.technologi.site
1 akumahapa.technologi.site wwp.psmad.com
1 bf.lmdfmd.com 1 redirects
1 mgcrspub.froepse.com 1 redirects
1 wimberleylibrary.org
1 7llkww.viadigitalconsulting.com 1 redirects
0 script.hotjar.com Failed static.hotjar.com
0 alb.reddit.com Failed www.opera.com
0 pixel-config.reddit.com Failed cdn-production-opera-website.operacdn.com
0 www.googleadservices.com Failed www.googletagmanager.com
0 ad.doubleclick.net Failed www.opera.com
0 11199305.fls.doubleclick.net Failed www.googletagmanager.com
0 www.google.ca Failed www.opera.com
0 stats.g.doubleclick.net Failed www.googletagmanager.com
0 connect.facebook.net Failed wimberleylibrary.org
0 snap.licdn.com Failed www.googletagmanager.com
0 googleads.g.doubleclick.net Failed www.opera.com
0 proftrafficcounter.com Failed www.highrevenuenetwork.com
59 32

This site contains links to these domains. Also see Links.

Domain
net.geo.opera.com
twitter.com
www.twitch.tv
discord.gg
www.youtube.com
www.reddit.com
www.tiktok.com
Subject Issuer Validity Valid
wimberleylibrary.org
R11		 2024-06-08 -
2024-09-06		 3 months crt.sh
psmad.com
GTS CA 1P5		 2024-05-09 -
2024-08-07		 3 months crt.sh
akumahapa.technologi.site
R3		 2024-06-03 -
2024-09-01		 3 months crt.sh
matigan.technologi.site
ZeroSSL RSA Domain Secure Site CA		 2024-06-02 -
2024-08-31		 3 months crt.sh
highrevenuenetwork.com
R10		 2024-06-10 -
2024-09-08		 3 months crt.sh
www.opera.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-17 -
2025-07-02		 a year crt.sh
*.operacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-20 -
2024-11-21		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
net.geo.opera.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-03-06 -
2025-03-13		 a year crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Frame ID: AF1FAE99A00A8C8C9790C7C5643E7F3B
Requests: 57 HTTP requests in this frame

Frame: https://net.geo.opera.com/opera_gx/stable/windows?edition=std-2&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&edition=std-2&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_id=601de203db0b4f519f67a19d8df18df9&http_referrer=https%3A%2F%2Fwww.opera.com%2Fget%2Fopera-gx%3Futm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2&utm_site=opera_com&utm_lastpage=opera.com%2Fget%2Fopera-gx&utm_id=601de203db0b4f519f67a19d8df18df9&dl_token=33378980
Frame ID: C492B894500418D3025B4363ED550ADA
Requests: 1 HTTP requests in this frame

Frame: https://11199305.fls.doubleclick.net/activityi;src=11199305;type=con;cat=opera0;ord=3720848942309;npa=0;auiddc=1981220841.1720231169;ps=1;pcor=515859994;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8811573329za201zb811573329;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.opera.com%2Fcomputer%2Fthanks%3Fni%3Deapgx%26os%3Dwindows%26utm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2
Frame ID: B71ED4D68E2CBCC76835933EE15F527D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Thanks for downloading Opera

Page URL History Show full URLs

  1. https://7llkww.viadigitalconsulting.com/ HTTP 302
    https://wimberleylibrary.org/dup-installer/karo-pride/ Page URL
  2. https://wwp.psmad.com/redirect-zone/76133339 HTTP 307
    https://wwp.psmad.com/redirect-zone/76133339 Page URL
  3. https://wwp.psmad.com/zone/76133339?frame=0&ancestorOrigins=0&originalReferrer=https%3A%2F%2Fwimbe... HTTP 302
    https://mgcrspub.froepse.com/?feedid=popzone29490&subid=site_24514_29490_1&uuid=ebe614e8-7536-4987-9a65-e... HTTP 302
    https://bf.lmdfmd.com/api/v1/backfill?feedid=popzone29490&subid=site_24514_29490_1&uuid=ebe614e8-7... HTTP 302
    https://akumahapa.technologi.site/ Page URL
  4. https://matigan.technologi.site/?Referer=ok.ru Page URL
  5. https://www.highrevenuenetwork.com/yqppizzg?key=8e6e1ce7c72bae25252eaae2bbd27685 Page URL
  6. https://www.highrevenuenetwork.com/api/users?token=L3lxcHBpenpnP2tleT04ZTZlMWNlN2M3MmJhZTI1MjUyZWFhZTJiYmQyNzY4... HTTP 302
    https://www.bobgames-prolister.com/0d561d3b-0ed9-4618-80ff-f19e1a335f24?placement=23366732&campaign=1055464&Lan... HTTP 307
    https://www.bobgames-prolister.com/0d561d3b-0ed9-4618-80ff-f19e1a335f24/2?placement=23366732&campaign=1055464&L... HTTP 302
    https://www.savinist.com/6PZLZJ7/KM15N5P/?uid=4887&source_id=c8681725-3bf8-4820-b7a2-6aa5d9502b94&sub... HTTP 302
    https://www.opera.com/get/opera-gx?utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_sourc... Page URL
  7. https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

59
Requests

73 %
HTTPS

63 %
IPv6

25
Domains

32
Subdomains

15
IPs

4
Countries

747 kB
Transfer

2157 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://7llkww.viadigitalconsulting.com/ HTTP 302
    https://wimberleylibrary.org/dup-installer/karo-pride/ Page URL
  2. https://wwp.psmad.com/redirect-zone/76133339 HTTP 307
    https://wwp.psmad.com/redirect-zone/76133339 Page URL
  3. https://wwp.psmad.com/zone/76133339?frame=0&ancestorOrigins=0&originalReferrer=https%3A%2F%2Fwimberleylibrary.org%2F&v=RYe9XXq6spN34B%2B3tZKLkIxt%2FYuyI76hihKwcefQV0b968kV4ZOrzHv%2BZ2cn4HTO8IpzzHP%2BsvK25MEd3xByLwBkL8vppJ%2B%2BWWfpAW8KePiJsOlI5n8TzOQ9hekCkUj6RV8ATP0L4mKBTsJaFeg7RGGZ3yncw3dD%2BGvtqb7mNVSn4Ieej7ydEITEStXlWvdF9CmsugAR9AQ6pjHRM7w3Ys603%2FXRDtc1imcyGqjVHi9nlExqrQnWBuQtJK08zsLsqRf%2F7m8rxbjvwH3eUfnP6gI7TsUkFUqcJ6VypfIFul1NwmoPqVD88zy8mHicTaAn6YaJi6EcvsOhEAMidhw86A%3D%3D&st=1720231155910&uuid=0b8f15ed-ae11-4c56-81d8-afd8dda89510 HTTP 302
    https://mgcrspub.froepse.com/?feedid=popzone29490&subid=site_24514_29490_1&uuid=ebe614e8-7536-4987-9a65-e5dbb4d20fdd&ep=R7GQODCZTPWYMJBTVTU2ISWVAK7BNBP2BJA34BRZ336BYFZQ27SHWG7IGMWEW54JTDZNR2JTMPRWLGWLIOB6T6O2CLW7YHYFVJRIKCIWDGYEORI4MH4XMKMLTAYYOFRZ22DU6HVLVFXH5KFYQT6SQCHSK6KZPJB4HQ46AU2LQUCJTN6YVCDUWKKKD7QJI4L4QQUHQMU535FIB33UH7RKRPZTXY6MC7ZLVOKIUYZ34ZVVB7OUYP5W5V4CGMPU5E2A3IYKBGISQPTX7UMWU3WF5IER7DLG6362ESL2TI4ZHHALH25NSUE3NKUWYBXSRROPHUYHSD6NES6CRLQSG3AX26LNG5HWB2SCKGMAIBQUAA3LARK7MRMZSCHEEMFTRHQXAQKSP5TTX73B7TW2YENH3E5IFIJBH2QM7CEF74JM2WUOTEO56OQ3T4DTTUOFYWB7NU2MUSNEBYNIZZEKKAA2OLJNAE2AAXBTRICPOZGKTWGST5XV5XJD76K5KENQVXM5B4WA6KUTVWE3COQYXQE2VW4NKAHGXD2GIYORAQF6NMTACDYK3AR7TRVNCXZTKTWIKUAFTUTB72HUEGAPD63726X72HDCLA4IXQLJNVXBAV6H4UXN5WUQEE4JNT73FUGB22DBZZYMRZZG6P4OPATCCV6LGEVYBSNSXHSZ6HXFAPJR4PWLYV4ZJKG3WO25DPOL3AHL3EZZJOG6MVOWA2VQL7X2TETLE4NHNLB2KIPHVKZ3VBVYNITS3EFT6J6SXKIL2CG4VADXDZ3GGMHV2FBV6FP6SN5YQOVP47G2CBANNEOW7SGCR3FHAA6MOP7E72FIRIA7XFZYECCJPGJSTR5IOTD2Y7RE5LFFS6WTMBZHN4EIRHWFBD3JKVH5MCHZZGCHBKTYIH3JYOAXJJJLP4PWGRPR3U64WACF4U43S5PUHAEP6UD7C4EFYWYFLXMQAD6UN3W3WGOXXC63HFC4V7LWISJBNEOTX6JHL7Q76H5AWKLC63W2O2KZA3LZWEJQNR3KRSFADOGSSP4PXGQR7BAJBVTOVJNJKZSO65SPBBAOXG6AP7ZMO5FFERMMSL5LN6HXK5GZ4KGUUJTHOI7FJB2TX6CWZSJF73NV7ZO7ITONYFYIA44I5Q2EBA2TBRNILGTXP6UQ6Z2GGZCHZQ6PIUTESWZGAJ5KB7SASDBERIIU36WESGXHPCSLIFVMCYD2P37YDDW6KMVCIU6WA4IGARVEDLRTJ6PGQFWCL56HC5K4XF276AYFRXW6VYVAQ3IMKFAGGQ2JAVMD5XC5AM3X6FDZLUFXQU255REDJESKQ5FG4HQHHFEKEOTHJ4XR5IIWXHMIJF7C6764AFUEER7UJPOGTYTGNFA527TBSCOBMODPMXQILADS2Z73UTZDZ5CH4SYPHZHLBAKCD3ZGE4DI23KUYLDGL356MNETNSDYVK7KQH2EYNNOHPEW2LQN2TX6QMCVZCZKG4UAKYK2OOOAOFNAS6GRQTCRD46LDFCQHTOSZF63DNWRBVQIHAXIZ4TUJ3PIN242G5ZX5EWDJGWBY7XHTKY5RMEEF7E7CISTYGBGHT4MRLAO4Z2RQ6MRUWL3EZMCCH6X4QCXZ3NITH7CEMYLKCT3HCV7VKYJGOYZHR63PRFMBSJ3KQXBQYHFYQIJ522P5PZ56BG4IQSNYXMD2KZITQQZ5OMOU2HXAVP623XPMFDVPY2VLSKTPVM5RYFZQ55RDQLSFI4SMNWMXBVGWCKFJJEHPYYUYPUP2IBDEG4KWRESKWQHWUDFZLWE2EQ67S3QH2CWB56QDU73EOE4KKPPTFYA2RVRENPRNCSGKWMAJD3EAQSXVCPHITYZZ4V5P7QBMVNFK3DEZE26BXHHGSFYR2NKF5R2ILADE4CKUT36ADBLQYTBYUWGKV4NEHZGI2YZALTRJWGSIPMLJQJTXFPEFDNNQW7SD6BO4GR5SJRNKCWQQHXTYEQQP7JCABQ3WSJZ2ZBRF6KJ35DETCUVY2XS3VKUV2RSABTQE7WNEY5SR44VRLM7YENBQGEJC7DSCBZGOPASBGDDZRB5I5OEX2MGKKCDBA2OEKJHSOLTXEMQ2XRFHOBLYMCL6LDYOJ5MDNC2GQGW7LMBDQF4HNLMFAOYTORKEON6T4ABJT2FKCQ4XSE62D6BRSCSYXEULJT76KMQQ6MFVTIQPKRARSX4ESE5HZO3WIQO4YCSSCTPQWUWPUKT7T54TLA52FW32K73KQW3LBSX5RZ7SBTGTTJULCVK3ASDB33LD3NBSJC6TL4IHH63V2BPZYGZWEJDM6EMFPV5Q25DYVNRSYJNVCQLBHL6R72ONUTKBQ2TXWMM32OVUCHGJCU7G2JKUOCUIM3X3LM5GE3E7KQTLAFBNYSNLIQME3QJFNWSXG6TGQDCJV5DHMOCAF63FNV744ZMNXNVUUH6WHJZOSIKBGZRJSUCCVL6HEVQ43VS7KTCWK5UTPC3AEQONLBVPZ6NPX2MTG5QU4H2SVNNCJB4C3HDPGAF6X5IJ4FZ3UUK5KAHTG7FEZWE35HJDAIQXS242TX7DHK34N75LY6T2QOGYBBHHW4YGX6DJKWVPPGIILLR42FWTN2KKMIKCV77XBEBM42NP7HYJC7473AYKUNDNYS6QLG3KPJ4IIRVA2UR5I6ZEJ5V77DBQCVNDX7IGYNAL566I56FYXARO6BP6KOJIXWMKFKCUHJYLCWCYHSYY6N72YT44ONJYVDYEKP54JABT5KCS6NS6672QY5L7Z5EL6NLSVFBVLZTNHZRAB4MAAAIUYIE35IH645S66VXA3AXXZJ4AMESMDGIPYSOBWBNFKXJIUNOLW6X6TT7GEZVKHNRZIJ5X3EZPSLH4CY52PF6WIWRMGQT27OZ2V5A4WRYY4HCEXGVW73EE4NPDSZZO3ITDZV2NJXGZ7AF7GHOEKGRM3IUMXPI46ERZYRWRPJXTZMSA2Q5DHRRXNTOUAW2SSKP6GHZUBIM5U3H32K4E2O7CIRNXI7YXZVLGXAAPQD3JF6LLFPR2KQREXF3AATPHAHEWN7NV2OQYGZLKNU6MBIH3OLWIVOMQCVBQREISJR26K7AWIMC6LTHAYQ4HRHIHDZ3KLUVD7YQSJUQMQ5ICLYZCHTZQAROBEBKV37BOMQGT2M3O6J342VAFLNE6KTIVW74ONMGR7F3J342YZ7FHHRPW2J7X76OLPOXSSPDZWEAR55EHWWIU3K7T4D5O5T5D5V736O323KXAURCP4IZFCHQ%3D%3D%3D%3D HTTP 302
    https://bf.lmdfmd.com/api/v1/backfill?feedid=popzone29490&subid=site_24514_29490_1&uuid=ebe614e8-7536-4987-9a65-e5dbb4d20fdd&ep=R7GQODCZTPWYMJBTVTU2ISWVAK7BNBP2BJA34BRZ336BYFZQ27SHWG7IGMWEW54JTDZNR2JTMPRWLGWLIOB6T6O2CLW7YHYFVJRIKCIWDGYEORI4MH4XMKMLTAYYOFRZ22DU6HVLVFXH5KFYQT6SQCHSK6KZPJB4HQ46AU2LQUCJTN6YVCDUWKKKD7QJI4L4QQUHQMU535FIB33UH7RKRPZTXY6MC7ZLVOKIUYZ34ZVVB7OUYP5W5V4CGMPU5E2A3IYKBGISQPTX7UMWU3WF5IER7DLG6362ESL2TI4ZHHALH25NSUE3NKUWYBXSRROPHUYHSD6NES6CRLQSG3AX26LNG5HWB2SCKGMAIBQUAA3LARK7MRMZSCHEEMFTRHQXAQKSP5TTX73B7TW2YENH3E5IFIJBH2QM7CEF74JM2WUOTEO56OQ3T4DTTUOFYWB7NU2MUSNEBYNIZZEKKAA2OLJNAE2AAXBTRICPOZGKTWGST5XV5XJD76K5KENQVXM5B4WA6KUTVWE3COQYXQE2VW4NKAHGXD2GIYORAQF6NMTACDYK3AR7TRVNCXZTKTWIKUAFTUTB72HUEGAPD63726X72HDCLA4IXQLJNVXBAV6H4UXN5WUQEE4JNT73FUGB22DBZZYMRZZG6P4OPATCCV6LGEVYBSNSXHSZ6HXFAPJR4PWLYV4ZJKG3WO25DPOL3AHL3EZZJOG6MVOWA2VQL7X2TETLE4NHNLB2KIPHVKZ3VBVYNITS3EFT6J6SXKIL2CG4VADXDZ3GGMHV2FBV6FP6SN5YQOVP47G2CBANNEOW7SGCR3FHAA6MOP7E72FIRIA7XFZYECCJPGJSTR5IOTD2Y7RE5LFFS6WTMBZHN4EIRHWFBD3JKVH5MCHZZGCHBKTYIH3JYOAXJJJLP4PWGRPR3U64WACF4U43S5PUHAEP6UD7C4EFYWYFLXMQAD6UN3W3WGOXXC63HFC4V7LWISJBNEOTX6JHL7Q76H5AWKLC63W2O2KZA3LZWEJQNR3KRSFADOGSSP4PXGQR7BAJBVTOVJNJKZSO65SPBBAOXG6AP7ZMO5FFERMMSL5LN6HXK5GZ4KGUUJTHOI7FJB2TX6CWZSJF73NV7ZO7ITONYFYIA44I5Q2EBA2TBRNILGTXP6UQ6Z2GGZCHZQ6PIUTESWZGAJ5KB7SASDBERIIU36WESGXHPCSLIFVMCYD2P37YDDW6KMVCIU6WA4IGARVEDLRTJ6PGQFWCL56HC5K4XF276AYFRXW6VYVAQ3IMKFAGGQ2JAVMD5XC5AM3X6FDZLUFXQU255REDJESKQ5FG4HQHHFEKEOTHJ4XR5IIWXHMIJF7C6764AFUEER7UJPOGTYTGNFA527TBSCOBMODPMXQILADS2Z73UTZDZ5CH4SYPHZHLBAKCD3ZGE4DI23KUYLDGL356MNETNSDYVK7KQH2EYNNOHPEW2LQN2TX6QMCVZCZKG4UAKYK2OOOAOFNAS6GRQTCRD46LDFCQHTOSZF63DNWRBVQIHAXIZ4TUJ3PIN242G5ZX5EWDJGWBY7XHTKY5RMEEF7E7CISTYGBGHT4MRLAO4Z2RQ6MRUWL3EZMCCH6X4QCXZ3NITH7CEMYLKCT3HCV7VKYJGOYZHR63PRFMBSJ3KQXBQYHFYQIJ522P5PZ56BG4IQSNYXMD2KZITQQZ5OMOU2HXAVP623XPMFDVPY2VLSKTPVM5RYFZQ55RDQLSFI4SMNWMXBVGWCKFJJEHPYYUYPUP2IBDEG4KWRESKWQHWUDFZLWE2EQ67S3QH2CWB56QDU73EOE4KKPPTFYA2RVRENPRNCSGKWMAJD3EAQSXVCPHITYZZ4V5P7QBMVNFK3DEZE26BXHHGSFYR2NKF5R2ILADE4CKUT36ADBLQYTBYUWGKV4NEHZGI2YZALTRJWGSIPMLJQJTXFPEFDNNQW7SD6BO4GR5SJRNKCWQQHXTYEQQP7JCABQ3WSJZ2ZBRF6KJ35DETCUVY2XS3VKUV2RSABTQE7WNEY5SR44VRLM7YENBQGEJC7DSCBZGOPASBGDDZRB5I5OEX2MGKKCDBA2OEKJHSOLTXEMQ2XRFHOBLYMCL6LDYOJ5MDNC2GQGW7LMBDQF4HNLMFAOYTORKEON6T4ABJT2FKCQ4XSE62D6BRSCSYXEULJT76KMQQ6MFVTIQPKRARSX4ESE5HZO3WIQO4YCSSCTPQWUWPUKT7T54TLA52FW32K73KQW3LBSX5RZ7SBTGTTJULCVK3ASDB33LD3NBSJC6TL4IHH63V2BPZYGZWEJDM6EMFPV5Q25DYVNRSYJNVCQLBHL6R72ONUTKBQ2TXWMM32OVUCHGJCU7G2JKUOCUIM3X3LM5GE3E7KQTLAFBNYSNLIQME3QJFNWSXG6TGQDCJV5DHMOCAF63FNV744ZMNXNVUUH6WHJZOSIKBGZRJSUCCVL6HEVQ43VS7KTCWK5UTPC3AEQONLBVPZ6NPX2MTG5QU4H2SVNNCJB4C3HDPGAF6X5IJ4FZ3UUK5KAHTG7FEZWE35HJDAIQXS242TX7DHK34N75LY6T2QOGYBBHHW4YGX6DJKWVPPGIILLR42FWTN2KKMIKCV77XBEBM42NP7HYJC7473AYKUNDNYS6QLG3KPJ4IIRVA2UR5I6ZEJ5V77DBQCVNDX7IGYNAL566I56FYXARO6BP6KOJIXWMKFKCUHJYLCWCYHSYY6N72YT44ONJYVDYEKP54JABT5KCS6NS6672QY5L7Z5EL6NLSVFBVLZTNHZRAB4MAAAIUYIE35IH645S66VXA3AXXZJ4AMESMDGIPYSOBWBNFKXJIUNOLW6X6TT7GEZVKHNRZIJ5X3EZPSLH4CY52PF6WIWRMGQT27OZ2V5A4WRYY4HCEXGVW73EE4NPDSZZO3ITDZV2NJXGZ7AF7GHOEKGRM3IUMXPI46ERZYRWRPJXTZMSA2Q5DHRRXNTOUAW2SSKP6GHZUBIM5U3H32K4E2O7CIRNXI7YXZVLGXAAPQD3JF6LLFPR2KQREXF3AATPHAHEWN7NV2OQYGZLKNU6MBIH3OLWIVOMQCVBQREISJR26K7AWIMC6LTHAYQ4HRHIHDZ3KLUVD7YQSJUQMQ5ICLYZCHTZQAROBEBKV37BOMQGT2M3O6J342VAFLNE6KTIVW74ONMGR7F3J342YZ7FHHRPW2J7X76OLPOXSSPDZWEAR55EHWWIU3K7T4D5O5T5D5V736O323KXAURCP4IZFCHQ%3D%3D%3D%3D HTTP 302
    https://akumahapa.technologi.site/ Page URL
  4. https://matigan.technologi.site/?Referer=ok.ru Page URL
  5. https://www.highrevenuenetwork.com/yqppizzg?key=8e6e1ce7c72bae25252eaae2bbd27685 Page URL
  6. https://www.highrevenuenetwork.com/api/users?token=L3lxcHBpenpnP2tleT04ZTZlMWNlN2M3MmJhZTI1MjUyZWFhZTJiYmQyNzY4NSZwc3Q9MTcyMDIzMTIyMCZyZWZlcj1odHRwcyUzQSUyRiUyRm1hdGlnYW4udGVjaG5vbG9naS5zaXRlJTJGJnJtdGM9dCZzaHU9ZjQ1ZjFhMWM2YmVjYmQ2NzkyOGVlYjk3MDYxNTQyYjgyMzAyMzc5MTIyMWIxNTEyMWEyOTk3MmU1YWRjMmExZjA1ZGU1MjI2MTgzMGEzMjY1OWUxYzE3N2NiMzk4N2FlNjAyYTUzNWM2Y2ZiMTIwZTU2OTEzODE1ODRlNTA5ZWNjYTI1MmZmYWM2ZjZlN2M0Yzc0ZDA1ZTZjODc2NzFiZDZiYzVkNzY1N2MxMWM3ZjQzYTlmOWMyODRmY2JjNg&uuid=&pii=&in=false HTTP 302
    https://www.bobgames-prolister.com/0d561d3b-0ed9-4618-80ff-f19e1a335f24?placement=23366732&campaign=1055464&Landing_ID=5374719&ntk=63&subid_short=3d8a8b7c6f9166a7ffa0962a61b4d748 HTTP 307
    https://www.bobgames-prolister.com/0d561d3b-0ed9-4618-80ff-f19e1a335f24/2?placement=23366732&campaign=1055464&Landing_ID=5374719&ntk=63&subid_short=3d8a8b7c6f9166a7ffa0962a61b4d748 HTTP 302
    https://www.savinist.com/6PZLZJ7/KM15N5P/?uid=4887&source_id=c8681725-3bf8-4820-b7a2-6aa5d9502b94&sub1=0d561d3b-0ed9-4618-80ff-f19e1a335f24&sub2=wcoafmpclauh41h23tk8tapm&sub3=33ac3f47-4a50-4a1b-9e96-244ad36a526e HTTP 302
    https://www.opera.com/get/opera-gx?utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2 Page URL
  7. https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://7llkww.viadigitalconsulting.com/ HTTP 302
  • https://wimberleylibrary.org/dup-installer/karo-pride/
Request Chain 1
  • https://wwp.psmad.com/redirect-zone/76133339 HTTP 307
  • https://wwp.psmad.com/redirect-zone/76133339
Request Chain 2
  • https://wwp.psmad.com/zone/76133339?frame=0&ancestorOrigins=0&originalReferrer=https%3A%2F%2Fwimberleylibrary.org%2F&v=RYe9XXq6spN34B%2B3tZKLkIxt%2FYuyI76hihKwcefQV0b968kV4ZOrzHv%2BZ2cn4HTO8IpzzHP%2BsvK25MEd3xByLwBkL8vppJ%2B%2BWWfpAW8KePiJsOlI5n8TzOQ9hekCkUj6RV8ATP0L4mKBTsJaFeg7RGGZ3yncw3dD%2BGvtqb7mNVSn4Ieej7ydEITEStXlWvdF9CmsugAR9AQ6pjHRM7w3Ys603%2FXRDtc1imcyGqjVHi9nlExqrQnWBuQtJK08zsLsqRf%2F7m8rxbjvwH3eUfnP6gI7TsUkFUqcJ6VypfIFul1NwmoPqVD88zy8mHicTaAn6YaJi6EcvsOhEAMidhw86A%3D%3D&st=1720231155910&uuid=0b8f15ed-ae11-4c56-81d8-afd8dda89510 HTTP 302
  • https://mgcrspub.froepse.com/?feedid=popzone29490&subid=site_24514_29490_1&uuid=ebe614e8-7536-4987-9a65-e5dbb4d20fdd&ep=R7GQODCZTPWYMJBTVTU2ISWVAK7BNBP2BJA34BRZ336BYFZQ27SHWG7IGMWEW54JTDZNR2JTMPRWLGWLIOB6T6O2CLW7YHYFVJRIKCIWDGYEORI4MH4XMKMLTAYYOFRZ22DU6HVLVFXH5KFYQT6SQCHSK6KZPJB4HQ46AU2LQUCJTN6YVCDUWKKKD7QJI4L4QQUHQMU535FIB33UH7RKRPZTXY6MC7ZLVOKIUYZ34ZVVB7OUYP5W5V4CGMPU5E2A3IYKBGISQPTX7UMWU3WF5IER7DLG6362ESL2TI4ZHHALH25NSUE3NKUWYBXSRROPHUYHSD6NES6CRLQSG3AX26LNG5HWB2SCKGMAIBQUAA3LARK7MRMZSCHEEMFTRHQXAQKSP5TTX73B7TW2YENH3E5IFIJBH2QM7CEF74JM2WUOTEO56OQ3T4DTTUOFYWB7NU2MUSNEBYNIZZEKKAA2OLJNAE2AAXBTRICPOZGKTWGST5XV5XJD76K5KENQVXM5B4WA6KUTVWE3COQYXQE2VW4NKAHGXD2GIYORAQF6NMTACDYK3AR7TRVNCXZTKTWIKUAFTUTB72HUEGAPD63726X72HDCLA4IXQLJNVXBAV6H4UXN5WUQEE4JNT73FUGB22DBZZYMRZZG6P4OPATCCV6LGEVYBSNSXHSZ6HXFAPJR4PWLYV4ZJKG3WO25DPOL3AHL3EZZJOG6MVOWA2VQL7X2TETLE4NHNLB2KIPHVKZ3VBVYNITS3EFT6J6SXKIL2CG4VADXDZ3GGMHV2FBV6FP6SN5YQOVP47G2CBANNEOW7SGCR3FHAA6MOP7E72FIRIA7XFZYECCJPGJSTR5IOTD2Y7RE5LFFS6WTMBZHN4EIRHWFBD3JKVH5MCHZZGCHBKTYIH3JYOAXJJJLP4PWGRPR3U64WACF4U43S5PUHAEP6UD7C4EFYWYFLXMQAD6UN3W3WGOXXC63HFC4V7LWISJBNEOTX6JHL7Q76H5AWKLC63W2O2KZA3LZWEJQNR3KRSFADOGSSP4PXGQR7BAJBVTOVJNJKZSO65SPBBAOXG6AP7ZMO5FFERMMSL5LN6HXK5GZ4KGUUJTHOI7FJB2TX6CWZSJF73NV7ZO7ITONYFYIA44I5Q2EBA2TBRNILGTXP6UQ6Z2GGZCHZQ6PIUTESWZGAJ5KB7SASDBERIIU36WESGXHPCSLIFVMCYD2P37YDDW6KMVCIU6WA4IGARVEDLRTJ6PGQFWCL56HC5K4XF276AYFRXW6VYVAQ3IMKFAGGQ2JAVMD5XC5AM3X6FDZLUFXQU255REDJESKQ5FG4HQHHFEKEOTHJ4XR5IIWXHMIJF7C6764AFUEER7UJPOGTYTGNFA527TBSCOBMODPMXQILADS2Z73UTZDZ5CH4SYPHZHLBAKCD3ZGE4DI23KUYLDGL356MNETNSDYVK7KQH2EYNNOHPEW2LQN2TX6QMCVZCZKG4UAKYK2OOOAOFNAS6GRQTCRD46LDFCQHTOSZF63DNWRBVQIHAXIZ4TUJ3PIN242G5ZX5EWDJGWBY7XHTKY5RMEEF7E7CISTYGBGHT4MRLAO4Z2RQ6MRUWL3EZMCCH6X4QCXZ3NITH7CEMYLKCT3HCV7VKYJGOYZHR63PRFMBSJ3KQXBQYHFYQIJ522P5PZ56BG4IQSNYXMD2KZITQQZ5OMOU2HXAVP623XPMFDVPY2VLSKTPVM5RYFZQ55RDQLSFI4SMNWMXBVGWCKFJJEHPYYUYPUP2IBDEG4KWRESKWQHWUDFZLWE2EQ67S3QH2CWB56QDU73EOE4KKPPTFYA2RVRENPRNCSGKWMAJD3EAQSXVCPHITYZZ4V5P7QBMVNFK3DEZE26BXHHGSFYR2NKF5R2ILADE4CKUT36ADBLQYTBYUWGKV4NEHZGI2YZALTRJWGSIPMLJQJTXFPEFDNNQW7SD6BO4GR5SJRNKCWQQHXTYEQQP7JCABQ3WSJZ2ZBRF6KJ35DETCUVY2XS3VKUV2RSABTQE7WNEY5SR44VRLM7YENBQGEJC7DSCBZGOPASBGDDZRB5I5OEX2MGKKCDBA2OEKJHSOLTXEMQ2XRFHOBLYMCL6LDYOJ5MDNC2GQGW7LMBDQF4HNLMFAOYTORKEON6T4ABJT2FKCQ4XSE62D6BRSCSYXEULJT76KMQQ6MFVTIQPKRARSX4ESE5HZO3WIQO4YCSSCTPQWUWPUKT7T54TLA52FW32K73KQW3LBSX5RZ7SBTGTTJULCVK3ASDB33LD3NBSJC6TL4IHH63V2BPZYGZWEJDM6EMFPV5Q25DYVNRSYJNVCQLBHL6R72ONUTKBQ2TXWMM32OVUCHGJCU7G2JKUOCUIM3X3LM5GE3E7KQTLAFBNYSNLIQME3QJFNWSXG6TGQDCJV5DHMOCAF63FNV744ZMNXNVUUH6WHJZOSIKBGZRJSUCCVL6HEVQ43VS7KTCWK5UTPC3AEQONLBVPZ6NPX2MTG5QU4H2SVNNCJB4C3HDPGAF6X5IJ4FZ3UUK5KAHTG7FEZWE35HJDAIQXS242TX7DHK34N75LY6T2QOGYBBHHW4YGX6DJKWVPPGIILLR42FWTN2KKMIKCV77XBEBM42NP7HYJC7473AYKUNDNYS6QLG3KPJ4IIRVA2UR5I6ZEJ5V77DBQCVNDX7IGYNAL566I56FYXARO6BP6KOJIXWMKFKCUHJYLCWCYHSYY6N72YT44ONJYVDYEKP54JABT5KCS6NS6672QY5L7Z5EL6NLSVFBVLZTNHZRAB4MAAAIUYIE35IH645S66VXA3AXXZJ4AMESMDGIPYSOBWBNFKXJIUNOLW6X6TT7GEZVKHNRZIJ5X3EZPSLH4CY52PF6WIWRMGQT27OZ2V5A4WRYY4HCEXGVW73EE4NPDSZZO3ITDZV2NJXGZ7AF7GHOEKGRM3IUMXPI46ERZYRWRPJXTZMSA2Q5DHRRXNTOUAW2SSKP6GHZUBIM5U3H32K4E2O7CIRNXI7YXZVLGXAAPQD3JF6LLFPR2KQREXF3AATPHAHEWN7NV2OQYGZLKNU6MBIH3OLWIVOMQCVBQREISJR26K7AWIMC6LTHAYQ4HRHIHDZ3KLUVD7YQSJUQMQ5ICLYZCHTZQAROBEBKV37BOMQGT2M3O6J342VAFLNE6KTIVW74ONMGR7F3J342YZ7FHHRPW2J7X76OLPOXSSPDZWEAR55EHWWIU3K7T4D5O5T5D5V736O323KXAURCP4IZFCHQ%3D%3D%3D%3D HTTP 302
  • https://bf.lmdfmd.com/api/v1/backfill?feedid=popzone29490&subid=site_24514_29490_1&uuid=ebe614e8-7536-4987-9a65-e5dbb4d20fdd&ep=R7GQODCZTPWYMJBTVTU2ISWVAK7BNBP2BJA34BRZ336BYFZQ27SHWG7IGMWEW54JTDZNR2JTMPRWLGWLIOB6T6O2CLW7YHYFVJRIKCIWDGYEORI4MH4XMKMLTAYYOFRZ22DU6HVLVFXH5KFYQT6SQCHSK6KZPJB4HQ46AU2LQUCJTN6YVCDUWKKKD7QJI4L4QQUHQMU535FIB33UH7RKRPZTXY6MC7ZLVOKIUYZ34ZVVB7OUYP5W5V4CGMPU5E2A3IYKBGISQPTX7UMWU3WF5IER7DLG6362ESL2TI4ZHHALH25NSUE3NKUWYBXSRROPHUYHSD6NES6CRLQSG3AX26LNG5HWB2SCKGMAIBQUAA3LARK7MRMZSCHEEMFTRHQXAQKSP5TTX73B7TW2YENH3E5IFIJBH2QM7CEF74JM2WUOTEO56OQ3T4DTTUOFYWB7NU2MUSNEBYNIZZEKKAA2OLJNAE2AAXBTRICPOZGKTWGST5XV5XJD76K5KENQVXM5B4WA6KUTVWE3COQYXQE2VW4NKAHGXD2GIYORAQF6NMTACDYK3AR7TRVNCXZTKTWIKUAFTUTB72HUEGAPD63726X72HDCLA4IXQLJNVXBAV6H4UXN5WUQEE4JNT73FUGB22DBZZYMRZZG6P4OPATCCV6LGEVYBSNSXHSZ6HXFAPJR4PWLYV4ZJKG3WO25DPOL3AHL3EZZJOG6MVOWA2VQL7X2TETLE4NHNLB2KIPHVKZ3VBVYNITS3EFT6J6SXKIL2CG4VADXDZ3GGMHV2FBV6FP6SN5YQOVP47G2CBANNEOW7SGCR3FHAA6MOP7E72FIRIA7XFZYECCJPGJSTR5IOTD2Y7RE5LFFS6WTMBZHN4EIRHWFBD3JKVH5MCHZZGCHBKTYIH3JYOAXJJJLP4PWGRPR3U64WACF4U43S5PUHAEP6UD7C4EFYWYFLXMQAD6UN3W3WGOXXC63HFC4V7LWISJBNEOTX6JHL7Q76H5AWKLC63W2O2KZA3LZWEJQNR3KRSFADOGSSP4PXGQR7BAJBVTOVJNJKZSO65SPBBAOXG6AP7ZMO5FFERMMSL5LN6HXK5GZ4KGUUJTHOI7FJB2TX6CWZSJF73NV7ZO7ITONYFYIA44I5Q2EBA2TBRNILGTXP6UQ6Z2GGZCHZQ6PIUTESWZGAJ5KB7SASDBERIIU36WESGXHPCSLIFVMCYD2P37YDDW6KMVCIU6WA4IGARVEDLRTJ6PGQFWCL56HC5K4XF276AYFRXW6VYVAQ3IMKFAGGQ2JAVMD5XC5AM3X6FDZLUFXQU255REDJESKQ5FG4HQHHFEKEOTHJ4XR5IIWXHMIJF7C6764AFUEER7UJPOGTYTGNFA527TBSCOBMODPMXQILADS2Z73UTZDZ5CH4SYPHZHLBAKCD3ZGE4DI23KUYLDGL356MNETNSDYVK7KQH2EYNNOHPEW2LQN2TX6QMCVZCZKG4UAKYK2OOOAOFNAS6GRQTCRD46LDFCQHTOSZF63DNWRBVQIHAXIZ4TUJ3PIN242G5ZX5EWDJGWBY7XHTKY5RMEEF7E7CISTYGBGHT4MRLAO4Z2RQ6MRUWL3EZMCCH6X4QCXZ3NITH7CEMYLKCT3HCV7VKYJGOYZHR63PRFMBSJ3KQXBQYHFYQIJ522P5PZ56BG4IQSNYXMD2KZITQQZ5OMOU2HXAVP623XPMFDVPY2VLSKTPVM5RYFZQ55RDQLSFI4SMNWMXBVGWCKFJJEHPYYUYPUP2IBDEG4KWRESKWQHWUDFZLWE2EQ67S3QH2CWB56QDU73EOE4KKPPTFYA2RVRENPRNCSGKWMAJD3EAQSXVCPHITYZZ4V5P7QBMVNFK3DEZE26BXHHGSFYR2NKF5R2ILADE4CKUT36ADBLQYTBYUWGKV4NEHZGI2YZALTRJWGSIPMLJQJTXFPEFDNNQW7SD6BO4GR5SJRNKCWQQHXTYEQQP7JCABQ3WSJZ2ZBRF6KJ35DETCUVY2XS3VKUV2RSABTQE7WNEY5SR44VRLM7YENBQGEJC7DSCBZGOPASBGDDZRB5I5OEX2MGKKCDBA2OEKJHSOLTXEMQ2XRFHOBLYMCL6LDYOJ5MDNC2GQGW7LMBDQF4HNLMFAOYTORKEON6T4ABJT2FKCQ4XSE62D6BRSCSYXEULJT76KMQQ6MFVTIQPKRARSX4ESE5HZO3WIQO4YCSSCTPQWUWPUKT7T54TLA52FW32K73KQW3LBSX5RZ7SBTGTTJULCVK3ASDB33LD3NBSJC6TL4IHH63V2BPZYGZWEJDM6EMFPV5Q25DYVNRSYJNVCQLBHL6R72ONUTKBQ2TXWMM32OVUCHGJCU7G2JKUOCUIM3X3LM5GE3E7KQTLAFBNYSNLIQME3QJFNWSXG6TGQDCJV5DHMOCAF63FNV744ZMNXNVUUH6WHJZOSIKBGZRJSUCCVL6HEVQ43VS7KTCWK5UTPC3AEQONLBVPZ6NPX2MTG5QU4H2SVNNCJB4C3HDPGAF6X5IJ4FZ3UUK5KAHTG7FEZWE35HJDAIQXS242TX7DHK34N75LY6T2QOGYBBHHW4YGX6DJKWVPPGIILLR42FWTN2KKMIKCV77XBEBM42NP7HYJC7473AYKUNDNYS6QLG3KPJ4IIRVA2UR5I6ZEJ5V77DBQCVNDX7IGYNAL566I56FYXARO6BP6KOJIXWMKFKCUHJYLCWCYHSYY6N72YT44ONJYVDYEKP54JABT5KCS6NS6672QY5L7Z5EL6NLSVFBVLZTNHZRAB4MAAAIUYIE35IH645S66VXA3AXXZJ4AMESMDGIPYSOBWBNFKXJIUNOLW6X6TT7GEZVKHNRZIJ5X3EZPSLH4CY52PF6WIWRMGQT27OZ2V5A4WRYY4HCEXGVW73EE4NPDSZZO3ITDZV2NJXGZ7AF7GHOEKGRM3IUMXPI46ERZYRWRPJXTZMSA2Q5DHRRXNTOUAW2SSKP6GHZUBIM5U3H32K4E2O7CIRNXI7YXZVLGXAAPQD3JF6LLFPR2KQREXF3AATPHAHEWN7NV2OQYGZLKNU6MBIH3OLWIVOMQCVBQREISJR26K7AWIMC6LTHAYQ4HRHIHDZ3KLUVD7YQSJUQMQ5ICLYZCHTZQAROBEBKV37BOMQGT2M3O6J342VAFLNE6KTIVW74ONMGR7F3J342YZ7FHHRPW2J7X76OLPOXSSPDZWEAR55EHWWIU3K7T4D5O5T5D5V736O323KXAURCP4IZFCHQ%3D%3D%3D%3D HTTP 302
  • https://akumahapa.technologi.site/
Request Chain 7
  • https://www.highrevenuenetwork.com/api/users?token=L3lxcHBpenpnP2tleT04ZTZlMWNlN2M3MmJhZTI1MjUyZWFhZTJiYmQyNzY4NSZwc3Q9MTcyMDIzMTIyMCZyZWZlcj1odHRwcyUzQSUyRiUyRm1hdGlnYW4udGVjaG5vbG9naS5zaXRlJTJGJnJtdGM9dCZzaHU9ZjQ1ZjFhMWM2YmVjYmQ2NzkyOGVlYjk3MDYxNTQyYjgyMzAyMzc5MTIyMWIxNTEyMWEyOTk3MmU1YWRjMmExZjA1ZGU1MjI2MTgzMGEzMjY1OWUxYzE3N2NiMzk4N2FlNjAyYTUzNWM2Y2ZiMTIwZTU2OTEzODE1ODRlNTA5ZWNjYTI1MmZmYWM2ZjZlN2M0Yzc0ZDA1ZTZjODc2NzFiZDZiYzVkNzY1N2MxMWM3ZjQzYTlmOWMyODRmY2JjNg&uuid=&pii=&in=false HTTP 302
  • https://www.bobgames-prolister.com/0d561d3b-0ed9-4618-80ff-f19e1a335f24?placement=23366732&campaign=1055464&Landing_ID=5374719&ntk=63&subid_short=3d8a8b7c6f9166a7ffa0962a61b4d748 HTTP 307
  • https://www.bobgames-prolister.com/0d561d3b-0ed9-4618-80ff-f19e1a335f24/2?placement=23366732&campaign=1055464&Landing_ID=5374719&ntk=63&subid_short=3d8a8b7c6f9166a7ffa0962a61b4d748 HTTP 302
  • https://www.savinist.com/6PZLZJ7/KM15N5P/?uid=4887&source_id=c8681725-3bf8-4820-b7a2-6aa5d9502b94&sub1=0d561d3b-0ed9-4618-80ff-f19e1a335f24&sub2=wcoafmpclauh41h23tk8tapm&sub3=33ac3f47-4a50-4a1b-9e96-244ad36a526e HTTP 302
  • https://www.opera.com/get/opera-gx?utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Request Chain 36
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=2036704786.1720231169&url=https%3A%2F%2Fwww.opera.com%2Fcomputer%2Fthanks&dma=0&npa=0&gtm=45He4730n81PRBZ42Fv811573329za200&auid=1981220841.1720231169 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=2036704786.1720231169&url=https%3A%2F%2Fwww.opera.com%2Fcomputer%2Fthanks&dma=0&npa=0&gtm=45He4730n81PRBZ42Fv811573329za200&auid=1981220841.1720231169
Request Chain 47
  • https://analytics.google.com/g/collect?v=2&tid=G-T18E1GTPQG&gtm=45je4730v878149888za200zb811573329&_p=1720231163486&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=2031219964.1720231169&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAg&_s=2&sid=1720231169&sct=1&seg=0&dl=https%3A%2F%2Fwww.opera.com%2Fcomputer%2Fthanks%3Fni%3Deapgx%26os%3Dwindows%26utm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2&dr=https%3A%2F%2Fwww.opera.com%2Fget%2Fopera-gx%3Futm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2&dt=Thanks%20for%20downloading%20Opera&en=ads_conversion_Sign_up_1&_c=1&_et=4&tfd=5904&_z=fetch HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=2031219964.1720231169&dbk=15688533276491732242&dma=0&en=ads_conversion_Sign_up_1&gcs=G111&gtm=45je4730v878149888za200zb811573329&npa=0&tid=G-T18E1GTPQG&dl=https%3A%2F%2Fwww.opera.com%3F
Request Chain 48
  • https://analytics.google.com/g/collect?v=2&tid=G-T18E1GTPQG&gtm=45je4730v878149888z8811573329za200zb811573329&_p=1720231163486&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=2031219964.1720231169&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1720231169&sct=1&seg=0&dl=https%3A%2F%2Fwww.opera.com%2Fcomputer%2Fthanks%3Fni%3Deapgx%26os%3Dwindows%26utm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2&dr=https%3A%2F%2Fwww.opera.com%2Fget%2Fopera-gx%3Futm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2&dt=Thanks%20for%20downloading%20Opera&en=download_opera_gx&_c=1&ep.download_os=windows&ep.download_type=installer&ep.download_ni=opera_gx&_et=2&tfd=5907&_z=fetch HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=2031219964.1720231169&dbk=16418811031707845702&dma=0&en=download_opera_gx&gcs=G111&gtm=45je4730v878149888z8811573329za200zb811573329&npa=0&tid=G-T18E1GTPQG&dl=https%3A%2F%2Fwww.opera.com%3F

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
wimberleylibrary.org/dup-installer/karo-pride/
Redirect Chain
  • https://7llkww.viadigitalconsulting.com/
  • https://wimberleylibrary.org/dup-installer/karo-pride/
521 B
538 B 		Document
General
Check archive.org
Download Go to
Full URL
https://wimberleylibrary.org/dup-installer/karo-pride/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.36 Manchester, United Kingdom, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/NY03 / PHP/7.4.33
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=3600,stale-while-revalidate=21600
content-encoding
br
content-length
237
content-type
text/html; charset=UTF-8
date
Sat, 06 Jul 2024 01:59:14 GMT
server
WPX CLOUD/NY03
vary
Accept-Encoding,Origin
wpx
1
x-cache-status
HIT
x-edge-location
WPX CLOUD/NY03
x-powered-by
PHP/7.4.33
x-quic
h3
x-turbo-charged-by
LiteSpeed

Redirect headers

Connection
Keep-Alive
Content-Length
238
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 06 Jul 2024 01:59:14 GMT
Keep-Alive
timeout=5, max=100
Location
https://wimberleylibrary.org/dup-installer/karo-pride/
Server
Apache
76133339
wwp.psmad.com/redirect-zone/
Redirect Chain
  • https://wwp.psmad.com/redirect-zone/76133339
  • https://wwp.psmad.com/redirect-zone/76133339
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wwp.psmad.com/redirect-zone/76133339
Requested by
Host: wimberleylibrary.org
URL: https://wimberleylibrary.org/dup-installer/karo-pride/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:abc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4a67260e68bd60f25a5a8d2d6dc13375050ca4f5ac039ada8177ac2c24132d9

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://wimberleylibrary.org/dup-installer/karo-pride/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89ebfe941c1536ce-YYZ
content-encoding
br
content-type
text/html
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
date
Sat, 06 Jul 2024 01:59:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GO4Um0R5WuZgZYPkEUmX5StnjSI8vHxgXipqJ%2FG7TC3hLeJDzXT7qkEWqfSDoL5iLmF2rr2ELFIJXRhg17IOO84sN13Zq3y%2FERdu5sYG9BC05Xae5nBiH6Sbj07A%2Fr7Wgb7mlbtDRLLhYTfZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile

Redirect headers

Location
https://wwp.psmad.com/redirect-zone/76133339
/
akumahapa.technologi.site/
Redirect Chain
  • https://wwp.psmad.com/zone/76133339?frame=0&ancestorOrigins=0&originalReferrer=https%3A%2F%2Fwimberleylibrary.org%2F&v=RYe9XXq6spN34B%2B3tZKLkIxt%2FYuyI76hihKwcefQV0b968kV4ZOrzHv%2BZ2cn4HTO8IpzzHP%...
  • https://mgcrspub.froepse.com/?feedid=popzone29490&subid=site_24514_29490_1&uuid=ebe614e8-7536-4987-9a65-e5dbb4d20fdd&ep=R7GQODCZTPWYMJBTVTU2ISWVAK7BNBP2BJA34BRZ336BYFZQ27SHWG7IGMWEW54JTDZNR2JTMPRWL...
  • https://bf.lmdfmd.com/api/v1/backfill?feedid=popzone29490&subid=site_24514_29490_1&uuid=ebe614e8-7536-4987-9a65-e5dbb4d20fdd&ep=R7GQODCZTPWYMJBTVTU2ISWVAK7BNBP2BJA34BRZ336BYFZQ27SHWG7IGMWEW54JTDZNR...
  • https://akumahapa.technologi.site/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://akumahapa.technologi.site/
Requested by
Host: wwp.psmad.com
URL: https://wwp.psmad.com/redirect-zone/76133339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:1471:0:1c05:4462:2 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.1.27
Resource Hash
e26a98c1fba61367007a28bb1b26299fc15cff238f723f28e4de6d46928435f6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://wwp.psmad.com/redirect-zone/76133339
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
894
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 06 Jul 2024 01:59:18 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.1.27

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89ebfe9f1cf3542b-YYZ
content-language
en-CA
content-length
0
date
Sat, 06 Jul 2024 01:59:17 GMT
location
https://akumahapa.technologi.site/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SlwB5F9yL0q5UeVG1ieQDsp94Oan5%2BBjbPomiPuEdS6kpLp58Tu%2BJkhkwvYrRfXfwzSrduq1PigmjtV%2BeTHU3AK847Ogz0by0UjMMPacL7dKXxgVq8wab2G86%2B%2BDqp6fImj8c7DO%2F3cluv0s"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
matigan.technologi.site/ 		535 B
679 B 		Document
General
Check archive.org
Download Go to
Full URL
https://matigan.technologi.site/?Referer=ok.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:1471:0:1c05:4462:2 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.1.27
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
362
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 06 Jul 2024 01:59:19 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.1.27
yqppizzg
www.highrevenuenetwork.com/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.highrevenuenetwork.com/yqppizzg?key=8e6e1ce7c72bae25252eaae2bbd27685
Requested by
Host: matigan.technologi.site
URL: https://matigan.technologi.site/?Referer=ok.ru
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
5eb1bc30d2435d201182532e65427d5d44cf56e2a39f7913e88429ecfb4f221a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://matigan.technologi.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache max-age=0, private, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 06 Jul 2024 01:59:20 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma
no-cache
Server
nginx/1.19.5
Strict-Transport-Security
max-age=0; includeSubdomains
Transfer-Encoding
chunked
X-Request-ID
b72d4584e23c74e34858f7540204f44c
stats
proftrafficcounter.com/ 		0
0
favicon.ico
www.highrevenuenetwork.com/ 		0
382 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.highrevenuenetwork.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.highrevenuenetwork.com/api/users?token=L3lxcHBpenpnP2tleT1hOTY5Y2E1YzlhZDI2MTE3NjJmMTFiNzlhNTI2ZTJkMiZzdWJtZXRyaWM9MjMzNjY3MzI
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sat, 06 Jul 2024 01:59:20 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Content-Type
image/x-icon
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
e73256ed6c3c22e5260a2172d29a423b
Expires
Thu, 01 Jan 1970 00:00:01 GMT
opera-gx
www.opera.com/get/
Redirect Chain
  • https://www.highrevenuenetwork.com/api/users?token=L3lxcHBpenpnP2tleT04ZTZlMWNlN2M3MmJhZTI1MjUyZWFhZTJiYmQyNzY4NSZwc3Q9MTcyMDIzMTIyMCZyZWZlcj1odHRwcyUzQSUyRiUyRm1hdGlnYW4udGVjaG5vbG9naS5zaXRlJTJGJn...
  • https://www.bobgames-prolister.com/0d561d3b-0ed9-4618-80ff-f19e1a335f24?placement=23366732&campaign=1055464&Landing_ID=5374719&ntk=63&subid_short=3d8a8b7c6f9166a7ffa0962a61b4d748
  • https://www.bobgames-prolister.com/0d561d3b-0ed9-4618-80ff-f19e1a335f24/2?placement=23366732&campaign=1055464&Landing_ID=5374719&ntk=63&subid_short=3d8a8b7c6f9166a7ffa0962a61b4d748
  • https://www.savinist.com/6PZLZJ7/KM15N5P/?uid=4887&source_id=c8681725-3bf8-4820-b7a2-6aa5d9502b94&sub1=0d561d3b-0ed9-4618-80ff-f19e1a335f24&sub2=wcoafmpclauh41h23tk8tapm&sub3=33ac3f47-4a50-4a1b-9e9...
  • https://www.opera.com/get/opera-gx?utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&e...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.opera.com/get/opera-gx?utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.19.105.170 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-105-170.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
a0465a14d6ad2cbde7e34b24daa2ab13a9c8d911695ab5cfdfa9cb1cfb5dc171
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.opera.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.highrevenuenetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"

Response headers

accept-ranges
bytes
cache-control
max-age=3600
content-encoding
gzip
content-language
en
content-security-policy
frame-ancestors 'self' https://*.opera.com; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Sat, 06 Jul 2024 01:59:22 GMT
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89ebfeb8b81c36da-YYZ
content-type
text/html; charset=utf-8
date
Sat, 06 Jul 2024 01:59:21 GMT
location
https://www.opera.com/get/opera-gx?utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rnW0D%2BJXigeH10vSzqlw9c01iB90gi7jPzOXxO4EneepzEovrRT5wIehmv5IeFKsgvHCn1CvKrUQcZQ94X2jpynjbbAOxJRxIWaQSua7R4GUm8%2FEM3TK1a9mQO7muUEzg%2BS1lJG9bxCWsODkipK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
via
1.1 google, 1.1 varnish
x-cache
MISS
x-cache-hits
0
x-eflow-request-id
e5aaaeab-80e4-4ceb-a0ac-15fbfede0dc2
x-served-by
cache-yyz4546-YYZ
x-timer
S1720231162.728596,VS0,VE47
getProduct.fe2b5a8e044a.css
cdn-production-opera-website.operacdn.com/staticfiles/ 		130 B
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/getProduct.fe2b5a8e044a.css
Requested by
Host: www.opera.com
URL: https://www.opera.com/get/opera-gx?utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
215da1534542208d2fee7dac3f5d5381276f383976001448ade1a0b02123c14c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:14 GMT
server
AmazonS3
x-amz-request-id
9F8FSJ9SJC8NTHT6
etag
"fe2b5a8e044a0d38567cc7f41e6a9acd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
122
x-amz-id-2
BwRPVhlYMGl9rpFw+9tj9ZmiQHgKZ55ph9WLKqnAOmcoMHkwp692bBaWaF62/mQfxMUIl6EVvjIeQFZHdgG379HOUZ90a8bEpFYk64s25TE=
expires
Sun, 06 Jul 2025 01:59:23 GMT
getProduct.a0106427da26.js
cdn-production-opera-website.operacdn.com/staticfiles/ 		66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/getProduct.a0106427da26.js
Requested by
Host: www.opera.com
URL: https://www.opera.com/get/opera-gx?utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae6d522241282c727bd602b5d9efc7074db95563beea788afd91de6a24f7cda9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:14 GMT
server
AmazonS3
x-amz-request-id
9F8623DJ9F5P2HE2
etag
"a0106427da263d5755169347a09d941e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21865
x-amz-id-2
AOl4YKztwmV+mh0CpDTvjKlvbcrUSluhxCN/Hk79Ree082l6wID+CHVfiyHAa6xTDI8mNjMPSGN7BvDYpJS2x5TxWdNOaOE9VPk8IJV+91A=
expires
Sun, 06 Jul 2025 01:59:23 GMT
Primary Request thanks
www.opera.com/computer/ 		25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Requested by
Host: cdn-production-opera-website.operacdn.com
URL: https://cdn-production-opera-website.operacdn.com/staticfiles/getProduct.a0106427da26.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.19.105.170 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-105-170.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
1bcf95404cc20dc1c86ef5f49a8b74e7b7b67cf48fb0d06acbb764a4812818c9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.opera.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.opera.com/get/opera-gx?utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=3600
content-encoding
gzip
content-language
en
content-security-policy
frame-ancestors 'self' https://*.opera.com; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Sat, 06 Jul 2024 01:59:23 GMT
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
main.dbd8ad56f264.js
cdn-production-opera-website.operacdn.com/staticfiles/ 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/main.dbd8ad56f264.js
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
705100661861dfdba4ac8066a07a1f178ed86314b932a46a4fb48565e3d38b9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:17 GMT
server
AmazonS3
x-amz-request-id
9F81PXRB5SEEKGRP
etag
"dbd8ad56f2649c9595621384ce7a93d0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30371
x-amz-id-2
pNs+DC7ND9Cg4N4fpFc8dyJXEhBQtnQVc3ndkEan/IdSleZksSRcS5PFChDyJzlnHZ3N1w9d7Sku9YKJ0lLLwjeokk8VQLLLgN5jYYxmdp8=
expires
Sun, 06 Jul 2025 01:59:23 GMT
latinext.d7788e6fd132.css
cdn-production-opera-website.operacdn.com/staticfiles/ 		1 KB
800 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/latinext.d7788e6fd132.css
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca53823ac238a6a92ec056df43f9bf4e5426e820dde1c2f04c6803f42d2149e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:17 GMT
server
AmazonS3
x-amz-request-id
P24QBD00E9WQRGBF
etag
"d7788e6fd132349d9ad2deeaaaf4c340"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
434
x-amz-id-2
QBoKaqhE1xmMPfx8duCpt5yuQJWXmDwhHGYog1iU6UiyZXeoffQytJkmcctGW/hiN6Jz5qLWp+XpGWBnlTSldQ==
expires
Sun, 06 Jul 2025 01:59:23 GMT
main.7b6b2ec3e139.css
cdn-production-opera-website.operacdn.com/staticfiles/ 		115 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/main.7b6b2ec3e139.css
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c35046ccce3984a1e17b8a6dc77847163fe65325157ca5142ab63c76e8066561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:17 GMT
server
AmazonS3
x-amz-request-id
9F8CX1FEWY3K93Q4
etag
"7b6b2ec3e139e4a9d368535b4fc84d5f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21151
x-amz-id-2
wXB+pccnTfMUAhx5xzCUqZllUuQRvfG5O0trBW+Qjg0Nz++M/rucICntxL5wQi7Aa6iAv7wCiFE=
expires
Sun, 06 Jul 2025 01:59:23 GMT
main-320.4eb0e0b405f4.css
cdn-production-opera-website.operacdn.com/staticfiles/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/main-320.4eb0e0b405f4.css
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c54a3fb0a2238d85631dfba205ff66c34f458178589def4bad73172a730534d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:17 GMT
server
AmazonS3
x-amz-request-id
9F87GTJYX9J42Z6M
etag
"4eb0e0b405f45dbf452f8f373a684f5e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
833
x-amz-id-2
2Gx9Y7p1XR3V/3dEyQiQDR79yDuJGcVO7gn3WhPYogo9XakPpf1B/v1R7LiDiEcyWd0KL3/IUY8=
expires
Sun, 06 Jul 2025 01:59:23 GMT
main-640.4be21cd892d3.css
cdn-production-opera-website.operacdn.com/staticfiles/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/main-640.4be21cd892d3.css
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0fe5988910feb0e3cd6b26a5b1e9dae2a9d86bb78a053b6f350f52a035f66bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:17 GMT
server
AmazonS3
x-amz-request-id
9F86WW6EP4S97J6P
etag
"4be21cd892d374cc0cf16202448b4a1a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1142
x-amz-id-2
+vrsrPDRnkLCdNB3oAQTIU89q4L5tIVI0mFHi/Z+HLTklokCTHEpMANZ5lRSv9dZEB5/NXOPSHU=
expires
Sun, 06 Jul 2025 01:59:23 GMT
main-768.f1325b41042c.css
cdn-production-opera-website.operacdn.com/staticfiles/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/main-768.f1325b41042c.css
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48dbb13add297a2c524e8e8da01ff24338e313e2d0f0c852ac6205cae40a7466
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:17 GMT
server
AmazonS3
x-amz-request-id
9F84NFK91BB1AZCV
etag
"f1325b41042c46f9fbfeb09e1c02dec3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3080
x-amz-id-2
ChdT11j35oZEHJLy31knlrop4tnMisXa6eoFDS0GJ/fOvCieD+ve8cC88ImM3a0B1/k1I8GbSUtPksDaS3ObTpHvitvCKE/VvbkNdk8lCN4=
expires
Sun, 06 Jul 2025 01:59:23 GMT
main-1024.b8d91d39f05c.css
cdn-production-opera-website.operacdn.com/staticfiles/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/main-1024.b8d91d39f05c.css
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e9a3f20eacb3e664d9e3a9c02a4ea1050db9add095d77a4de43adc39cf10238
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:17 GMT
server
AmazonS3
x-amz-request-id
9F82KBT3WYVDWNJC
etag
"b8d91d39f05ccbc2e884794940b14bd2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1969
x-amz-id-2
rMz93cpkZq0k2LlVVAZNcsUScxV7A+k4Mbmmi1XP5UdtIKA9tXnbMMFAkAV1i6gAcN7B3BUrAJH9rFR7vc4a1Q==
expires
Sun, 06 Jul 2025 01:59:23 GMT
main-1224.2a7c29b370c2.css
cdn-production-opera-website.operacdn.com/staticfiles/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/main-1224.2a7c29b370c2.css
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
752e90a9f4501c9e68435a6399bb8428543bd9e75de78f66e8797ff12442f307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:17 GMT
server
AmazonS3
x-amz-request-id
9F85VFZYXM3ENRWE
etag
"2a7c29b370c27f5dad3ee25ecac6e10b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1515
x-amz-id-2
Dv41De0EjNZCqm/0V0QdhrpebAksewmBYIbaHdD27anDUOZblNRZXEmwGTCp7iQmqlmjxwP5JDQ=
expires
Sun, 06 Jul 2025 01:59:23 GMT
thanksGx.353bd4dea1c1.css
cdn-production-opera-website.operacdn.com/staticfiles/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/thanksGx.353bd4dea1c1.css
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c6aa7e0419eddea8b0cac0b448f38d831c5446f3b215a5ede50e5beb563edf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:18 GMT
server
AmazonS3
x-amz-request-id
9F86HD03D2097WB6
etag
"353bd4dea1c115d824215b6ebaf5318f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2951
x-amz-id-2
x9+Zvno8rbDy8at4EvbCCqqJIESBYy0OeS/XOCa3MNjY5dgINyZff9cRLVMmwu+uy7VRSiBXkCoCt4CwJKxDaQ==
expires
Sun, 06 Jul 2025 01:59:23 GMT
css
fonts.googleapis.com/ 		3 KB
959 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Chakra+Petch:400,700&subset=latin-ext
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ab5311793de2751ab116b9a01061b380d20f99ec54644243ecd7d7f1893165a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 01:02:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jul 2024 01:59:23 GMT
logo-flat.724a32ec0873.svg
cdn-production-opera-website.operacdn.com/staticfiles/assets/images/logo/ 		988 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/logo/logo-flat.724a32ec0873.svg
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6eaa284a39dd77ae2634f072e69f40168fb839e3570d48cb87aab8ddb5880a0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-amz-request-id
9F86M4GPF1073PTG
x-amz-server-side-encryption
AES256
content-length
988
x-amz-id-2
P375kJ1T9h24Zlc2Vc4VtpfQzB1a76lz8OTUdBsewVfM2BVsvtYG8FUMBQ4jxoAg63IitgNExiw=
last-modified
Thu, 04 Jul 2024 14:49:41 GMT
server
AmazonS3
etag
"724a32ec0873aff49dd74e2005f707f7"
access-control-max-age
0
access-control-allow-methods
GET,HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
expires
Sun, 06 Jul 2025 01:59:23 GMT
arrow.e029bdbfcc05.svg
cdn-production-opera-website.operacdn.com/staticfiles/assets/images/main/thanks/thanks-gx/ 		973 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/main/thanks/thanks-gx/arrow.e029bdbfcc05.svg
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbbfcefc1bd3e462d206d34883e39a6095b86d07e25b2f4613c243c15dee4417
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-amz-request-id
52M76J34C3WD2KMP
x-amz-server-side-encryption
AES256
content-length
973
x-amz-id-2
ro+N254JilCo3D36VyHC8JRobaGqyvZ6RmlQCIbBk4s1B3Ny/z47njPwTE7Tl/+oo6a8Lfp1+R4=
last-modified
Thu, 04 Jul 2024 14:49:51 GMT
server
AmazonS3
etag
"e029bdbfcc05a5750e30714f8de81a58"
access-control-max-age
0
access-control-allow-methods
GET,HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
expires
Sun, 06 Jul 2025 01:59:23 GMT
red-dot-award.cc67fb25bc5b.svg
cdn-production-opera-website.operacdn.com/staticfiles/assets/gx/images/eats-less-ram/icons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/assets/gx/images/eats-less-ram/icons/red-dot-award.cc67fb25bc5b.svg
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30a6efd44888f4e9573cfcfbbf3383768de9cfea954cbcd7414986bc36effd84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-amz-request-id
9F85DECJTVKBBRX4
x-amz-server-side-encryption
AES256
content-length
7238
x-amz-id-2
X+25ctP0lbbOdcZ4pEqFg+rNf4QLERrvsrx/h11WFNBAT8bjicYO7+JrrKQQh3cWtqMyBdoTSSU=
last-modified
Thu, 04 Jul 2024 14:49:03 GMT
server
AmazonS3
etag
"cc67fb25bc5be0756b50a392df2ff545"
access-control-max-age
0
access-control-allow-methods
GET,HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
expires
Sun, 06 Jul 2025 01:59:23 GMT
if-award.1158b9c665eb.svg
cdn-production-opera-website.operacdn.com/staticfiles/assets/gx/images/eats-less-ram/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/assets/gx/images/eats-less-ram/icons/if-award.1158b9c665eb.svg
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7d8d3b068cfa7e75e03b53ba3912b76d8184916b5a2582fb754279ff4bb1d7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-amz-request-id
9F8EY5YGPFGE0A6K
x-amz-server-side-encryption
AES256
content-length
1705
x-amz-id-2
PzTY0Rm8iaL76zVbpSwJr02NzJUs8/5x+PmYna/cGrol6dcgZdOHeMzlDvasyv2bEnv5L4h/l97LB0DHq4agLA==
last-modified
Thu, 04 Jul 2024 14:49:03 GMT
server
AmazonS3
etag
"1158b9c665eb80c7b1e6ebe3497ffa6c"
access-control-max-age
0
access-control-allow-methods
GET,HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
expires
Sun, 06 Jul 2025 01:59:23 GMT
opera-gx__logo.1a1b72923e27.svg
cdn-production-opera-website.operacdn.com/staticfiles/assets/images/logo/gx/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/logo/gx/opera-gx__logo.1a1b72923e27.svg
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
59dfa7037f60190704684270913b034906a70c0023045aadee7ce95c36408bb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-amz-request-id
8GS7GAQ3VTT95DB6
x-amz-server-side-encryption
AES256
content-length
5479
x-amz-id-2
c/oYpogYFPLlY7z5eWTEf8QFqeufScB9d5JqUayy7JwzLN6yN5/xAF+fQR2qGJadGjuJcT9S9P8=
last-modified
Thu, 04 Jul 2024 14:49:41 GMT
server
AmazonS3
etag
"1a1b72923e277e801076b1b54249476a"
access-control-max-age
0
access-control-allow-methods
GET,HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
expires
Sun, 06 Jul 2025 01:59:23 GMT
thanks.3ef20a26c2ea.js
cdn-production-opera-website.operacdn.com/staticfiles/ 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/thanks.3ef20a26c2ea.js
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
030e1124b8d5aa1bf35528dc567b95c7701a0e1cd8c3a0e5e2e0e673dcd44da4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:18 GMT
server
AmazonS3
x-amz-request-id
9F8E54CW9A8WSW49
etag
"3ef20a26c2ea5af71c1944cc2bc02b92"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
38940
x-amz-id-2
Veh/yLMn8zm8pzohHq9soyjK6fFQNJ0M7voBh3DzxdPaU1xszKGtDFbRwfbo+XQW6mF2cD6dfKo=
expires
Sun, 06 Jul 2025 01:59:23 GMT
gtm.js
www.googletagmanager.com/ 		433 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PRBZ42F
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::61 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d11cb483a69ef95cef1cf9413ef72d94a3005751335b00b7a21e75b4ba2ed727
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129245
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 01:59:24 GMT
gtm.js
www.googletagmanager.com/ 		270 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N7XDW7Z
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::61 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b54e5899f36c7a2bec764bed6c70fd46e97aadc28b8a389b41c2a662bc8e5485
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97797
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 01:59:24 GMT
main-1824.bf12fe81cad8.css
cdn-production-opera-website.operacdn.com/staticfiles/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/main-1824.bf12fe81cad8.css
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87957b43b7025eca4dfe15c900d54f3801357ee82f07d42d80130a8f93ef9410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:17 GMT
server
AmazonS3
x-amz-request-id
9F8DXPKZVZZW88G0
etag
"bf12fe81cad887a86613c055613e2a1e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
964
x-amz-id-2
FcuqyqwY6R/dMBNpQn1awafE1BKk+xEhus1Zpr4rXj4eTYEU6xoCrQXVNh+xLTs1hB6vQtZzOJM=
expires
Sun, 06 Jul 2025 01:59:23 GMT
main-1924.129eb93c2514.css
cdn-production-opera-website.operacdn.com/staticfiles/ 		1 KB
679 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/main-1924.129eb93c2514.css
Requested by
Host: www.opera.com
URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47bb7674c592e1a4267da0aeab67a12e5f81f6a89eddd7f18f6d505cdcb930ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:17 GMT
server
AmazonS3
x-amz-request-id
9F8BE4Z79B7E1485
etag
"129eb93c2514b26a8af1c0f146de3945"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
323
x-amz-id-2
jI/ctS5Lhc8ApF19YWTwSte1B+W2SdfJG0cn5X3fTLFAFGI54vdFtBRC2lLoZN/4h8KpfR4hpYE=
expires
Sun, 06 Jul 2025 01:59:23 GMT
windows
net.geo.opera.com/opera_gx/stable/ Frame C492 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://net.geo.opera.com/opera_gx/stable/windows?edition=std-2&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&edition=std-2&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_id=601de203db0b4f519f67a19d8df18df9&http_referrer=https%3A%2F%2Fwww.opera.com%2Fget%2Fopera-gx%3Futm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2&utm_site=opera_com&utm_lastpage=opera.com%2Fget%2Fopera-gx&utm_id=601de203db0b4f519f67a19d8df18df9&dl_token=33378980
Requested by
Host: cdn-production-opera-website.operacdn.com
URL: https://cdn-production-opera-website.operacdn.com/staticfiles/thanks.3ef20a26c2ea.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:4c28:3000:622:107:167:110:216 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.opera.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Disposition
attachment; filename=OperaGXSetup.exe
Content-Encoding
gzip
Content-Type
application/octet-stream
Date
Sat, 06 Jul 2024 01:59:25 GMT
ETag
W/"395e335dd5c84f3e722ad84c2798dbbd"
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
ef175f1d72f8d9ef77b7.2be3bce9c511.jpg
cdn-production-opera-website.operacdn.com/staticfiles/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/ef175f1d72f8d9ef77b7.2be3bce9c511.jpg
Requested by
Host: cdn-production-opera-website.operacdn.com
URL: https://cdn-production-opera-website.operacdn.com/staticfiles/thanksGx.353bd4dea1c1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
480a036190df4738a8223d607a6d16bd4783251f49550f6d09e0dd3532aacb03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn-production-opera-website.operacdn.com/staticfiles/thanksGx.353bd4dea1c1.css
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:13 GMT
server
AmazonS3
x-amz-request-id
8GSE2G45KF6DVKYR
etag
"2be3bce9c511bfc0f34dcd057ba088d3"
x-amz-server-side-encryption
AES256
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
41626
x-amz-id-2
9c0qO1/o2vOREDqrpwmJJOkgKHceknjU3Q2YaKv+XJlxg+XJcE6qurUxpGBd+sCU79iu/yh7Dm/xdqr3GQ6hC/8ChNtRSjaENtDjWXvDU7A=
expires
Sun, 06 Jul 2025 01:59:24 GMT
cIflMapbsEk7TDLdtEz1BwkeJI91R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v11/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/chakrapetch/v11/cIflMapbsEk7TDLdtEz1BwkeJI91R5_F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Chakra+Petch:400,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
04324f621defc72007c4e635cfd12903161b5f8aa1067ad5f619314fc153be56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.opera.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 07:38:05 GMT
x-content-type-options
nosniff
age
66079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9896
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:55:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Jul 2025 07:38:05 GMT
cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2
fonts.gstatic.com/s/chakrapetch/v11/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/chakrapetch/v11/cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Chakra+Petch:400,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9a83115d983bb1324c79a41db6d60d85583835c268939115a41025b4d388f3fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.opera.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 10:25:01 GMT
x-content-type-options
nosniff
age
56063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9748
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:51:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Jul 2025 10:25:01 GMT
d3ab939b8eee7ee59cfc.24fbfe23810f.png
cdn-production-opera-website.operacdn.com/staticfiles/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/d3ab939b8eee7ee59cfc.24fbfe23810f.png
Requested by
Host: cdn-production-opera-website.operacdn.com
URL: https://cdn-production-opera-website.operacdn.com/staticfiles/thanksGx.353bd4dea1c1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a2e5726baaa7e333544f0fe212ea17037d1167fb0cbd45c601e4d409a074240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn-production-opera-website.operacdn.com/staticfiles/thanksGx.353bd4dea1c1.css
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
last-modified
Thu, 04 Jul 2024 14:51:11 GMT
server
AmazonS3
x-amz-request-id
P3CAFXQ4W4RXKFAE
etag
"24fbfe23810fcadc267a29ddccf2b481"
x-amz-server-side-encryption
AES256
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20863
x-amz-id-2
Yaga3vCRr24q/6n90KUlwvyJhDQoprIbbrFFjR+9c+WZaO08DXhJPOIGTXaUKnLayv20g5X8aAfRKP1EGAGpfcfwgmAyJc/JZ4MIHvdGGOo=
expires
Sun, 06 Jul 2025 01:59:24 GMT
48c5af6590b4d6163794.d236894b9633.svg
cdn-production-opera-website.operacdn.com/staticfiles/ 		883 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-production-opera-website.operacdn.com/staticfiles/48c5af6590b4d6163794.d236894b9633.svg
Requested by
Host: cdn-production-opera-website.operacdn.com
URL: https://cdn-production-opera-website.operacdn.com/staticfiles/thanksGx.353bd4dea1c1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:584::2d54 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
787404bcf1b19547382926487b94118e045aa1d5840e92bb5c40c7e4f865e484
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn-production-opera-website.operacdn.com/staticfiles/thanksGx.353bd4dea1c1.css
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:24 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-amz-request-id
P3CB66JSC2HRVHFK
x-amz-server-side-encryption
AES256
content-length
883
x-amz-id-2
QS+v537aQ0zcqkOhawWkeuuKZLT7hoZhpJ6oDe4PpCtgD2z57B+mQvCFvdn7WDcehzXbnXdFKnE=
last-modified
Thu, 04 Jul 2024 14:48:19 GMT
server
AmazonS3
etag
"d236894b9633b3300e581437bb288894"
access-control-max-age
0
access-control-allow-methods
GET,HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
expires
Sun, 06 Jul 2025 01:59:24 GMT
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=2036704786.1720231169&url=https%3A%2F%2Fwww.opera.com%2Fcomputer%2Fthanks&dma=0&npa=0&gtm=45He4730n81PRBZ42Fv811573329za2...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=2036704786.1720231169&url=https%3A%2F%2Fwww.opera.com%2Fcomputer%2Fthanks&dma=0&npa=0&gtm=45He4730n81PRBZ42F...
0
0
js
www.googletagmanager.com/gtag/ 		310 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T18E1GTPQG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRBZ42F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::61 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1aae1bab63700c356ef0c0b76226fbbab9b178d278cb933f31c42b12d7ff06a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105615
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 01:59:29 GMT
analytics.js
www.google-analytics.com/ 		44 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRBZ42F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Jul 2024 01:05:28 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3241
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 06 Jul 2024 03:05:28 GMT
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRBZ42F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 -, , ASN (),
Reverse DNS
Software
snooserv /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:29 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
hotjar-445451.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-445451.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRBZ42F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.183.69 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 06 Jul 2024 01:58:35 GMT
via
1.1 e1f917b36e487366392dda44fb2783ee.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-P4
age
54
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/278e25ed0bccc79ba698d9cb677ed405
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
pG0w4_2eNS_a0A-Ey3dN-qQ6WLeNC3Q47kBARsqaSgnWUl28Iuo5oQ==
destination
www.googletagmanager.com/gtag/ 		205 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-11199305&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRBZ42F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::61 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6919e52ab0e50d3866d9e55b631c510b642861b463f51ae73542d297748a1473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76231
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 01:59:29 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		0
0
destination
www.googletagmanager.com/gtag/ 		237 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10985921166&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7XDW7Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::61 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82e96c538576b690a3ae5536ae9acf23495d65b6f05bbd96852bd988875f31c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:59:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86760
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 01:59:29 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-T18E1GTPQG&gtm=45je4730v878149888z8811573329za200zb811573329&_p=1720231163486&_gaz=1&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=2031219964.1720231169&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=Ag&_s=1&sid=1720231169&sct=1&seg=0&dl=https%3A%2F%2Fwww.opera.com%2Fcomputer%2Fthanks%3Fni%3Deapgx%26os%3Dwindows%26utm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2&dr=https%3A%2F%2Fwww.opera.com%2Fget%2Fopera-gx%3Futm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2&dt=Thanks%20for%20downloading%20Opera&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5899&_z=fetch
Requested by
Host: cdn-production-opera-website.operacdn.com
URL: https://cdn-production-opera-website.operacdn.com/staticfiles/thanks.3ef20a26c2ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.opera.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 01:59:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.opera.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
0
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-T18E1GTPQG&gtm=45je4730v878149888za200zb811573329&_p=1720231163486&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=2031219964.1720231169&ul=en-ca&...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=2031219964.1720231169&dbk=15688533276491732242&dma=0&en=ads_conversion_Sign_up_1&gcs=G111&gtm=45je4730v878149888za200zb...
0
0
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-T18E1GTPQG&gtm=45je4730v878149888z8811573329za200zb811573329&_p=1720231163486&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=2031219964.172023116...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=2031219964.1720231169&dbk=16418811031707845702&dma=0&en=download_opera_gx&gcs=G111&gtm=45je4730v878149888z8811573329za2...
0
0
collect
analytics.google.com/g/ 		0
0
ga-audiences
www.google.ca/ads/ 		0
0
activityi;src=11199305;type=con;cat=opera0;ord=3720848942309;npa=0;auiddc=1981220841.1720231169;ps=1;pcor=515859994;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoog...
11199305.fls.doubleclick.net/ Frame B71E 		0
0
activity;register_conversion=1;src=11199305;type=con;cat=opera0;ord=3720848942309;npa=0;auiddc=1981220841.1720231169;ps=1;pcor=515859994;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B...
ad.doubleclick.net/ 		0
0
/
www.googleadservices.com/pagead/conversion/10985921166/ 		0
0
config
pixel-config.reddit.com/pixels/t2_378pcjv6/ 		0
0
t2_378pcjv6_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		0
0
rp.gif
alb.reddit.com/ 		0
0
modules.e4b2dc39f985f11fb1e4.js
script.hotjar.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
proftrafficcounter.com
URL
https://proftrafficcounter.com/stats
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=2036704786.1720231169&url=https%3A%2F%2Fwww.opera.com%2Fcomputer%2Fthanks&dma=0&npa=0&gtm=45He4730n81PRBZ42Fv811573329za200&auid=1981220841.1720231169
Domain
snap.licdn.com
URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/fbevents.js
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T18E1GTPQG&cid=2031219964.1720231169&gtm=45je4730v878149888z8811573329za200zb811573329&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=2031219964.1720231169&dbk=15688533276491732242&dma=0&en=ads_conversion_Sign_up_1&gcs=G111&gtm=45je4730v878149888za200zb811573329&npa=0&tid=G-T18E1GTPQG&dl=https%3A%2F%2Fwww.opera.com%3F
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=2031219964.1720231169&dbk=16418811031707845702&dma=0&en=download_opera_gx&gcs=G111&gtm=45je4730v878149888z8811573329za200zb811573329&npa=0&tid=G-T18E1GTPQG&dl=https%3A%2F%2Fwww.opera.com%3F
Domain
analytics.google.com
URL
https://analytics.google.com/g/collect?v=2&tid=G-T18E1GTPQG&gtm=45je4730v878149888z8811573329za200zb811573329&_p=1720231163486&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=2031219964.1720231169&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=4&sid=1720231169&sct=1&seg=0&dl=https%3A%2F%2Fwww.opera.com%2Fcomputer%2Fthanks%3Fni%3Deapgx%26os%3Dwindows%26utm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2&dr=https%3A%2F%2Fwww.opera.com%2Fget%2Fopera-gx%3Futm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2&dt=Thanks%20for%20downloading%20Opera&en=download_opera_gx&_c=1&ep.download_os=windows&ep.download_type=installer&ep.download_ni=opera_gx&_et=1&tfd=5910&_z=fetch
Domain
www.google.ca
URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T18E1GTPQG&cid=2031219964.1720231169&gtm=45je4730v878149888z8811573329za200zb811573329&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0&z=1882150537
Domain
11199305.fls.doubleclick.net
URL
https://11199305.fls.doubleclick.net/activityi;src=11199305;type=con;cat=opera0;ord=3720848942309;npa=0;auiddc=1981220841.1720231169;ps=1;pcor=515859994;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8811573329za201zb811573329;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.opera.com%2Fcomputer%2Fthanks%3Fni%3Deapgx%26os%3Dwindows%26utm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2?
Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/activity;register_conversion=1;src=11199305;type=con;cat=opera0;ord=3720848942309;npa=0;auiddc=1981220841.1720231169;ps=1;pcor=515859994;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8811573329za201zb811573329;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.opera.com%2Fcomputer%2Fthanks%3Fni%3Deapgx%26os%3Dwindows%26utm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2?
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/conversion/10985921166/?random=1720231169412&cv=11&fst=1720231169412&bg=ffffff&guid=ON&async=1&gtm=45be4730v895556936z8864530922za201zb864530922&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.opera.com%2Fcomputer%2Fthanks%3Fni%3Deapgx%26os%3Dwindows%26utm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2&ref=https%3A%2F%2Fwww.opera.com%2Fget%2Fopera-gx%3Futm_content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_CA_HVR_WEB_3546%26utm_id%3D601de203db0b4f519f67a19d8df18df9%26edition%3Dstd-2&label=X3Z6CNCYkoAYEI61v_Yo&hn=www.googleadservices.com&frm=0&tiba=Thanks%20for%20downloading%20Opera&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1981220841.1720231169&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&rfmt=3&fmt=4
Domain
pixel-config.reddit.com
URL
https://pixel-config.reddit.com/pixels/t2_378pcjv6/config
Domain
www.redditstatic.com
URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_378pcjv6_telemetry
Domain
alb.reddit.com
URL
https://alb.reddit.com/rp.gif?ts=1720231169977&id=t2_378pcjv6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=0b51b185-7177-44b8-aa15-97b6ea086477&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Domain
script.hotjar.com
URL
https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| gtag object| dataLayer object| webpackChunk object| operaLogger

13 Cookies

Domain/Path Name / Value
www.highrevenuenetwork.com/ Name: u_pl
Value: 23366732
www.highrevenuenetwork.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzM2NjczMiwiayI6IjhlNmUxY2U3YzcyYmFlMjUyNTJlYWFlMmJiZDI3Njg1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozODkzMjI2LCJwaWQiOjE4OTI5NzMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6MjgsInB0Ijo0LCJwayI6InlxcHBpenpnIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI0Nzg0MTQ0MCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzMzQ2OCwiYm4iOiJDaHJvbWUiLCJidiI6IjEyNiIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjM5LCJjIjoiQ0EiLCJuIjoiQ2FuYWRhIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmVsbCBDYW5hZGEifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21hdGlnYW4udGVjaG5vbG9naS5zaXRlLyIsImFyIjpbXX19.BBp7qHrvMELWqLUJ5zW5AHJbXdZK4GrgoXomQkfE7gw
www.highrevenuenetwork.com/ Name: cjs
Value: t
www.highrevenuenetwork.com/ Name: iprc375a85c36d16e1ce1ba3ca917ce8e776
Value: 5374719
www.highrevenuenetwork.com/ Name: pdhtkv
Value: true
www.highrevenuenetwork.com/ Name: uncs
Value: 1
www.highrevenuenetwork.com/ Name: pdhtkv28
Value: true
www.highrevenuenetwork.com/ Name: uncs28
Value: 1
.www.bobgames-prolister.com/ Name: 0d561d3b-0ed9-4618-80ff-f19e1a335f24-v4
Value: eGaHdidac14wOrjXw5ms9-YvzhbYjIi819gmAxe-CNU
.www.bobgames-prolister.com/ Name: cc-v4
Value: QXZQLlleeJjFC1d8rrUhnhCnxHKXNyLN6j9nBqmZqOneorWqsmnlofEkSTsDLydW6WolVrGKci%2FycgWP4nhzJwe4X%2Fl%2B4XShcgNBlLtugFTLx6cUEGcJGTbtIz4nh1MlaWnz4OpElAv8ppQYMcGA4Q%3D%3D
www.savinist.com/ Name: uniqueClick_KM15N5P
Value: e7f7e77c-46bd-49df-beb0-f079f4b79426:1720231161
www.savinist.com/ Name: transaction_id
Value: 601de203db0b4f519f67a19d8df18df9
.opera.com/ Name: opref
Value: source%3DPWNgames%26medium%3Dpa%26campaign%3DPWN_CA_HVR_WEB_3546%26edition%3Dstd-2%26content%3D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%26id%3D601de203db0b4f519f67a19d8df18df9%26referrer%3Dhttps%253A%252F%252Fwww.opera.com%252Fget%252Fopera-gx%253Futm_content%253D3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24%2526utm_source%253DPWNgames%2526utm_medium%253Dpa%2526utm_campaign%253DPWN_CA_HVR_WEB_3546%2526utm_id%253D601de203db0b4f519f67a19d8df18df9%2526edition%253Dstd-2%26site%3Dopera_com%26sub%3D

2 Console Messages

Source Level URL
Text
intervention info URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2(Line 433)
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/chakrapetch/v11/cIflMapbsEk7TDLdtEz1BwkeJI91R5_F.woff2
intervention info URL: https://www.opera.com/computer/thanks?ni=eapgx&os=windows&utm_content=3546_0d561d3b-0ed9-4618-80ff-f19e1a335f24&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_CA_HVR_WEB_3546&utm_id=601de203db0b4f519f67a19d8df18df9&edition=std-2(Line 433)
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/chakrapetch/v11/cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11199305.fls.doubleclick.net
7llkww.viadigitalconsulting.com
ad.doubleclick.net
akumahapa.technologi.site
alb.reddit.com
analytics.google.com
bf.lmdfmd.com
cdn-production-opera-website.operacdn.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
matigan.technologi.site
mgcrspub.froepse.com
net.geo.opera.com
pixel-config.reddit.com
proftrafficcounter.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
wimberleylibrary.org
wwp.psmad.com
www.bobgames-prolister.com
www.google-analytics.com
www.google.ca
www.googleadservices.com
www.googletagmanager.com
www.highrevenuenetwork.com
www.opera.com
www.redditstatic.com
www.savinist.com
11199305.fls.doubleclick.net
ad.doubleclick.net
alb.reddit.com
analytics.google.com
connect.facebook.net
googleads.g.doubleclick.net
pixel-config.reddit.com
proftrafficcounter.com
script.hotjar.com
snap.licdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.ca
www.googleadservices.com
www.redditstatic.com
164.90.192.218
167.114.27.228
18.239.183.69
192.243.59.12
194.1.147.36
2001:4860:4802:38::181
2001:4c28:3000:622:107:167:110:216
2600:1408:ec00:584::2d54
2606:4700:3033::ac43:abc3
2606:4700:3034::ac43:c8e6
2606:4700:3037::ac43:d299
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1d::8a
2607:f8b0:400d:c02::61
2607:f8b0:400d:c0c::5e
2a02:4780:a:1471:0:1c05:4462:2
2a04:4e42:400::396
3.19.105.170
3.216.219.191
030e1124b8d5aa1bf35528dc567b95c7701a0e1cd8c3a0e5e2e0e673dcd44da4
04324f621defc72007c4e635cfd12903161b5f8aa1067ad5f619314fc153be56
1bcf95404cc20dc1c86ef5f49a8b74e7b7b67cf48fb0d06acbb764a4812818c9
215da1534542208d2fee7dac3f5d5381276f383976001448ade1a0b02123c14c
2a2e5726baaa7e333544f0fe212ea17037d1167fb0cbd45c601e4d409a074240
30a6efd44888f4e9573cfcfbbf3383768de9cfea954cbcd7414986bc36effd84
47bb7674c592e1a4267da0aeab67a12e5f81f6a89eddd7f18f6d505cdcb930ef
480a036190df4738a8223d607a6d16bd4783251f49550f6d09e0dd3532aacb03
48dbb13add297a2c524e8e8da01ff24338e313e2d0f0c852ac6205cae40a7466
4e9a3f20eacb3e664d9e3a9c02a4ea1050db9add095d77a4de43adc39cf10238
59dfa7037f60190704684270913b034906a70c0023045aadee7ce95c36408bb0
5eb1bc30d2435d201182532e65427d5d44cf56e2a39f7913e88429ecfb4f221a
6919e52ab0e50d3866d9e55b631c510b642861b463f51ae73542d297748a1473
6eaa284a39dd77ae2634f072e69f40168fb839e3570d48cb87aab8ddb5880a0e
705100661861dfdba4ac8066a07a1f178ed86314b932a46a4fb48565e3d38b9f
752e90a9f4501c9e68435a6399bb8428543bd9e75de78f66e8797ff12442f307
787404bcf1b19547382926487b94118e045aa1d5840e92bb5c40c7e4f865e484
7ab5311793de2751ab116b9a01061b380d20f99ec54644243ecd7d7f1893165a
82e96c538576b690a3ae5536ae9acf23495d65b6f05bbd96852bd988875f31c8
87957b43b7025eca4dfe15c900d54f3801357ee82f07d42d80130a8f93ef9410
9a83115d983bb1324c79a41db6d60d85583835c268939115a41025b4d388f3fa
9c6aa7e0419eddea8b0cac0b448f38d831c5446f3b215a5ede50e5beb563edf7
a0465a14d6ad2cbde7e34b24daa2ab13a9c8d911695ab5cfdfa9cb1cfb5dc171
ae6d522241282c727bd602b5d9efc7074db95563beea788afd91de6a24f7cda9
b54e5899f36c7a2bec764bed6c70fd46e97aadc28b8a389b41c2a662bc8e5485
c35046ccce3984a1e17b8a6dc77847163fe65325157ca5142ab63c76e8066561
c4a67260e68bd60f25a5a8d2d6dc13375050ca4f5ac039ada8177ac2c24132d9
c54a3fb0a2238d85631dfba205ff66c34f458178589def4bad73172a730534d4
c7d8d3b068cfa7e75e03b53ba3912b76d8184916b5a2582fb754279ff4bb1d7b
ca53823ac238a6a92ec056df43f9bf4e5426e820dde1c2f04c6803f42d2149e6
d11cb483a69ef95cef1cf9413ef72d94a3005751335b00b7a21e75b4ba2ed727
dbbfcefc1bd3e462d206d34883e39a6095b86d07e25b2f4613c243c15dee4417
e0fe5988910feb0e3cd6b26a5b1e9dae2a9d86bb78a053b6f350f52a035f66bc
e26a98c1fba61367007a28bb1b26299fc15cff238f723f28e4de6d46928435f6
f1aae1bab63700c356ef0c0b76226fbbab9b178d278cb933f31c42b12d7ff06a