When setting up (that's immediately when user enables it in settings) Opera VPN sends few API requests to https://api.surfeasy.com to obtain credentials and proxy IPs, see below, also see The Oprah Proxy.
The browser then talks to a proxy
de0.opera-proxy.net (when VPN location is set to Germany), it's IP address can only be resolved from within Opera when VPN is on, it's
188.8.131.52 (or similar, see below). It's an HTTP/S proxy which requires auth.
When loading a page with Opera VPN enabled, the browser sends a lot of requests to
Proxy-Authorization request header.
Proxy-Authorization header decoded:
device_password come from the
POST /v2/register_device API call, please note that this decoded header is from another Opera installation and thus contains different
device_password than what is shown below)
These creds can be used with the
de0.opera-proxy.net even when connecting from a different machine, it's just an HTTP proxy anyway.
When you use the proxy on a different machine (with no Opera installed), you'll get the same IP as when using Opera's VPN, of course.
This Opera "VPN" is just a preconfigured HTTP/S proxy protecting just the traffic between Opera and the proxy, nothing else. It's not a VPN.
They even call it Secure proxy (besides calling it VPN, sure) in Opera settings.
The API calls are:
I have automated the API calls and have built The Oprah Proxy, a simple Python script which will fetch the credentials for you. It will also list available locations and proxies.
Hey @NeoGenet1c! Sorry, missed your comment. My wild guess is that
api.surfeasy.commight be blocked so that people can't bypass corporate/uni content filters by using Opera's browser "VPN". Blocking
api.surfeasy.comwill prevent setting up the connection the proxy server, so the "VPN" is unusable.