optifine.net Open in urlscan Pro
2606:4700:20::681a:95a  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request adloadx Show response optifine.net/	14 KB 4 KB	671ms 528ms	Document text/html	2606:4700:20::681a:95a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:95a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64e663c9fbbab52aaa4444d70e3393a8f249a4ce4f5135f0aa10a88e322a78e8 Security Headers Name Value Content-Security-Policy frame-ancestors 'none' X-Frame-Options DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 71fcc03a9afd83b4-MXP content-encoding br content-security-policy frame-ancestors 'none' content-type text/html;charset=ISO-8859-1 date Thu, 23 Jun 2022 11:05:50 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnjuxQlleEGITlFJ7TEiB6Bp2E2oHsoyl4QH6fq%2FZozqBpdu3eiUynj%2B2s6nYchRdrj7vXnqYLYt%2Fw%2F4aocfHi42aQnWnXi142O177ghwoeyMN7Gy70Jfg%2BQS763bPiAymTeh7ptSfO6RA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-clacks-overhead GNU Terry Pratchett x-frame-options DENY
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	131ms 41ms	Script text/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 4989 date Thu, 23 Jun 2022 09:42:42 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17168 expires Thu, 23 Jun 2022 11:42:42 GMT
GET H2	200	ad-manager.min.js Show response hb.vntsm.com/v3/live/	989 KB 296 KB	199ms 54ms	Script application/javascript	185.152.64.17 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://hb.vntsm.com/v3/live/ad-manager.min.js Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-185-152-64-17.datapacket.com Software BunnyCDN-CZ1-887 / Resource Hash fe2ce774e818aee48429f9d89d7b7f1de34b09f3f1c8b80917672794d7a83ef4 Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 23 Jun 2022 11:05:51 GMT content-encoding br cdn-edgestorageid 887 access-control-allow-origin * cdn-cachedat 06/21/2022 13:36:48 cdn-pullzone 131999 cdn-requestpullsuccess True server BunnyCDN-CZ1-887 access-control-allow-headers cdn-requestcountrycode,Content-Type,x-bl,ref_url last-modified Tue, 21 Jun 2022 13:36:37 GMT cdn-proxyver 1.02 cdn-requestpullcode 200 etag W/"03c8703bc550734def6596bf32edebc1" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/javascript cdn-cache HIT x-bl 0 cache-control public, max-age=86400 cdn-uid 5d6cd18c-1b61-4922-947b-91a6b9ea7b00 cdn-requestid b89fba31f34d81b3a87eaf2c5eb0d3cd cdn-requestcountrycode GB cdn-status 200 access-control-expose-headers x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
GET H2	200	download.png optifine.net/images/	186 B 496 B	534ms 532ms	Image image/png	2606:4700:20::681a:95a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://optifine.net/images/download.png Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:95a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c269ef798121bcfdc6b3f349ca507495ebee1fa2701d8593272f93ed0a6faa3b Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 23 Jun 2022 11:05:51 GMT x-clacks-overhead GNU Terry Pratchett cf-cache-status DYNAMIC last-modified Mon, 26 Mar 2018 15:23:34 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SRORgm0%2BgWMLyBWlYIAxl8U1JyCtLcpsGB33PVBdM02IrpmsQznBhOFLG39%2BPI6e7YSBvkudHcyxL%2FTHJrM43l%2BC9OQykQkwMoBhrBqnjSOzHgbJCQTakoKHVWlJWU0E11R%2Bl3eRP9zig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 71fcc03edd2483b4-MXP content-length 186
GET H2	200	discord.png optifine.net/images/	2 KB 2 KB	522ms 520ms	Image image/png	2606:4700:20::681a:95a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://optifine.net/images/discord.png Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:95a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b229312152c6a8b006b7e14617c2a38e719098d87b3926f99ba79ca440126d36 Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 23 Jun 2022 11:05:51 GMT x-clacks-overhead GNU Terry Pratchett cf-cache-status DYNAMIC last-modified Fri, 02 Oct 2020 22:32:35 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZMdOQJZl3Lnn9H%2F7SZYSrnLXJa%2FuDFSyw%2FOa9WWubvRK5oby47EFQ4QxV6ADzDz1S%2BaDupOhpa6gE9NS6598dlj2lJ3KbZzxiWUMGxTI%2Fj%2Bd3qbpn%2BA7h2EQpYOGlO4lAxp1geieoOGnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 71fcc03edd2883b4-MXP content-length 1719
GET H2	200	twitter.png optifine.net/images/	2 KB 2 KB	531ms 530ms	Image image/png	2606:4700:20::681a:95a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://optifine.net/images/twitter.png Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:95a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9be2d31a62b39f418c0dcb7fe973a06dba10defabbff6d198afac4c42d04d12 Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 23 Jun 2022 11:05:51 GMT x-clacks-overhead GNU Terry Pratchett cf-cache-status DYNAMIC last-modified Thu, 01 Oct 2020 20:15:27 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjlpw%2ByNC%2F%2FSgcS2N4Vgrak4uRCvdolRqM%2BsqTHDJkbfdbpFL7NPeAb1HNxA0JWz%2BJRDrp7xHlsVgKtxBY1FClKJuQQsYMn%2Bsda8N2MfqM8BWEk6zsU80W2RXObeUBZYwURwVmHAAetP5w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 71fcc03edd2983b4-MXP content-length 1821
GET H2	200	reddit.png optifine.net/images/	2 KB 2 KB	526ms 524ms	Image image/png	2606:4700:20::681a:95a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://optifine.net/images/reddit.png Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:95a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbb52ea8c0d1700c44168f29805821ec609baf2609b1eaadc797097c756dc30c Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 23 Jun 2022 11:05:51 GMT x-clacks-overhead GNU Terry Pratchett cf-cache-status DYNAMIC last-modified Fri, 02 Oct 2020 22:32:00 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pD%2FLp%2ByN2IPBhxos%2FZOud4zUAkLKdZdlFjSY%2BO0DtLgs2OseDxwMhkzb0Suh0u6z5mc6Yo2mkxyGv61mdw6jMAt7E7dZcYfZYrE7jQ73%2BWjzZwfPe1Kg10VcdpWfglI78yxd3SSbanN%2FLQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 71fcc03edd2a83b4-MXP content-length 1956
GET H2	200	snow64b.gif optifine.net/images/	521 B 864 B	219ms 219ms	Image image/gif	2606:4700:20::681a:95a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://optifine.net/images/snow64b.gif Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:95a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bfaa692d4e153ea72598e7b1c57a942db17aaf263ddcb8aa6733d4ac55ae6843 Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 23 Jun 2022 11:05:51 GMT x-clacks-overhead GNU Terry Pratchett cf-cache-status DYNAMIC last-modified Fri, 25 Sep 2020 11:04:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5Z5VOC0NA9pxIvP0bbNuAjGjj%2BxhfdlP3oxwM8Q%2B0JIiUOlmmgfgeoBuhnhckQVLGrqsgAuIbW%2B3l6W%2Bo9yc71FStwjUpb46ICKcjNa2l%2FP7bW3wtvZORKK06GVpMCQYKJmpKpxHTOEbQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif accept-ranges bytes cf-ray 71fcc03edd2b83b4-MXP content-length 521
GET H2	200	Oswald-Medium.woff optifine.net/template/fonts/	44 KB 45 KB	525ms 525ms	Font font/woff	2606:4700:20::681a:95a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optifine.net/template/fonts/Oswald-Medium.woff Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:95a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a743e31efaf45c0b7bb6b2a0f19c635b020f2c0e9fbf2ac89dad73b00c20ca71 Request headers Referer https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 Origin https://optifine.net accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 23 Jun 2022 11:05:51 GMT x-clacks-overhead GNU Terry Pratchett cf-cache-status DYNAMIC last-modified Fri, 25 Sep 2020 11:04:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6kzU7H3ELkiCzXil1tkyQprOhwG6Y%2F8Y4L6gpcLyGARQ07nKq9YgeeSn9r45bjjFVZhqOMI5XqdEgTjprEfA3gvj7mGe9DJc0RINTn8ePvPFNkVrG5FCluPoKohPvJu%2Bth%2FNejm1BG%2BjA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff accept-ranges bytes cf-ray 71fcc03edd2d83b4-MXP content-length 45404
GET H2	200	__utm.gif ssl.google-analytics.com/r/	35 B 197 B	48ms 48ms	Image image/gif	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2109246666&utmhn=optifine.net&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OptiFine%20Download&utmhid=8418443&utmr=-&utmp=%2Fadloadx%3Ff%3DOptiFine_1.19_beta_HD_U_H3.jar%26x%3D3556&utmht=1655982351295&utmac=UA-30620569-1&utmcc=__utma%3D215784521.67806154.1655982351.1655982351.1655982351.1%3B%2B__utmz%3D215784521.1655982351.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=412024866&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Thu, 23 Jun 2022 11:05:51 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	610139896ba87f455d73fa3e.enc hb.vntsm.com/v2/live/	0 0	145ms 46ms	Preflight application/octet-stream	185.152.64.17 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://hb.vntsm.com/v2/live/610139896ba87f455d73fa3e.enc Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-185-152-64-17.datapacket.com Software BunnyCDN-CZ1-887 / Resource Hash Request headers Accept */* Access-Control-Request-Headers ref_url Access-Control-Request-Method GET Origin https://optifine.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-headers cdn-requestcountrycode,Content-Type,x-bl,ref_url access-control-allow-methods GET, OPTIONS access-control-allow-origin * access-control-expose-headers x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl cache-control public, max-age=86400 cdn-cache HIT cdn-pullzone 131999 cdn-requestcountrycode GB cdn-requestid ecd08478ba148820133a9850dfa7f74d cdn-uid 5d6cd18c-1b61-4922-947b-91a6b9ea7b00 content-type application/octet-stream date Thu, 23 Jun 2022 11:05:51 GMT server BunnyCDN-CZ1-887 x-bl 0
GET H2	200	content.html Show response hb.vntsm.io/	32 B 743 B	183ms 62ms	Fetch text/html	2606:4700:10::6816:2e8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.vntsm.io/content.html Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:2e8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8 Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 23 Jun 2022 11:05:51 GMT cf-cache-status HIT age 548 cf-ray 71fcc04258a101fc-ZRH content-length 32 x-amz-id-2 9maWF7N4gV9yE/0Yj1WMw/CxvGPVuA8kcRVJy+tPBXTaDfkdxPFSv2T+xUD5WuaA/p4SdDHLtEU= last-modified Thu, 14 Oct 2021 10:47:47 GMT server cloudflare etag "2f58b9ff601fd509249a9e7628a21c33" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET x-amz-request-id 6G58XV73CA1HG4G8 access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin, origin, Origin cache-control max-age=14400 accept-ranges bytes content-type text/html
GET H2	200	610139896ba87f455d73fa3e.enc Show response hb.vntsm.com/v2/live/	60 KB 9 KB	105ms 104ms	XHR text/plain	185.152.64.17 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://hb.vntsm.com/v2/live/610139896ba87f455d73fa3e.enc Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-185-152-64-17.datapacket.com Software BunnyCDN-CZ1-887 / Resource Hash 18c0fd809becdf4841ed0e96597f2e759341a5ff96ac6b5672bb4d0296d7d46d Request headers Referer https://optifine.net/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 ref_url aHR0cHM6Ly9vcHRpZmluZS5uZXQvYWRsb2FkeD9mPU9wdGlGaW5lXzEuMTlfYmV0YV9IRF9VX0gzLmphciZ4PTM1NTY= Response headers date Thu, 23 Jun 2022 11:05:51 GMT content-encoding br cdn-edgestorageid 887 access-control-allow-origin * access-control-expose-headers x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl cdn-cachedat 06/21/2022 13:39:55 cdn-pullzone 131999 server BunnyCDN-CZ1-887 access-control-allow-headers cdn-requestcountrycode,Content-Type,x-bl,ref_url last-modified Thu, 05 May 2022 15:19:46 GMT cdn-proxyver 1.02 cdn-requestpullcode 200 etag W/"02674e971c9165c228e5d74cfb478cf7" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/plain cdn-cache HIT x-bl 0 cache-control public, max-age=86400 cdn-uid 5d6cd18c-1b61-4922-947b-91a6b9ea7b00 cdn-requestid 0e6198e0edb1f7980e232c7dc18b2df4 access-control-allow-credentials true cdn-requestcountrycode GB cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ats.js Show response ats.rlcdn.com/	109 KB 37 KB	135ms 41ms	Script application/x-javascript	99.86.4.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ats.rlcdn.com/ats.js Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.19_beta_HD_U_H3.jar&x=3556 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-86.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash dbefb78522576960ebb2c108a83add503be4cf187a770bc073b91c7ffffe8f13 Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-amz-version-id qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl content-encoding gzip etag W/"148e21f812b555a13b2a9c6b616141f4" age 24480 x-amz-server-side-encryption AES256 x-amz-meta-codebuild-buildarn arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce x-cache Hit from cloudfront x-amz-meta-codebuild-content-md5 58acf9e97c03c481f490be71338f7f57 last-modified Tue, 17 May 2022 11:35:33 GMT server AmazonS3 date Thu, 23 Jun 2022 04:19:34 GMT vary Accept-Encoding x-amz-meta-codebuild-content-sha256 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc via 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront) cache-control must-revalidate,public,max-age=86400 x-amz-cf-pop FRA6-C1 content-type application/x-javascript x-amz-cf-id 8Rj431IkM_bOd6x2r5BdvLabBY0mVd_YvOAf6X3_dgHGwwccTEphsQ==
GET H/1.1	200 OK	prebid ib.adnxs.com/ut/v3/	57 B 0	144ms 54ms	Fetch application/json	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Pragma no-cache Date Thu, 23 Jun 2022 11:05:51 GMT X-Proxy-Origin 217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 7e8d060d-fd30-4126-9ea8-7000ee0c9c69 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://optifine.net Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 57 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	static.min.js Show response cdn.exelator.com/build/	21 KB 8 KB	159ms 57ms	Script application/javascript	65.9.66.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.exelator.com/build/static.min.js Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-41.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 78d8aa00a4effdea0749f3b5a48a3e5967e73c4ce6454d2abd09bc8e3823abbc Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-amz-version-id zJnj9IdW5bQWUqea2aMpKS.72qNKKrMo content-encoding gzip last-modified Mon, 11 Oct 2021 06:40:58 GMT server AmazonS3 age 26466 etag W/"ca34304b059a43ff8e7d8cd71f2c58c0" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront) date Thu, 23 Jun 2022 03:44:49 GMT x-amz-cf-pop FRA56-C1 x-amz-request-id 88JHF369QE5P2PH4 x-amz-cf-id QlpnJvWSCn9Tldn54fb4bQXuPfBDwx7Q_pcu8nBhqrBKebo-9NiR_w== x-amz-id-2 vIVhOBMN3QrunD8VX2nny7rBrRv1kSr0O8xyx1jAUndZMg8OpNHagICgwVs3y0td0eRMNBSzDPA=
GET H2	200	choice.js Show response quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/optifine.net/	5 KB 2 KB	141ms 43ms	Script application/javascript	2600:9000:206f:de00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?timestamp=1655982351972 Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:de00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c95c889d6c87e1641a06e013333645c5bd411d499dfc1c824c91784891adc896 Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Thu, 23 Jun 2022 11:05:52 GMT content-encoding br last-modified Thu, 22 Jul 2021 09:16:28 GMT server AmazonS3 age 25 etag W/"8d5542bf85010c588ebc9afd0746d602" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront) cache-control max-age=900 cross-origin-resource-policy cross-origin x-amz-cf-pop FRA56-C1 x-amz-cf-id MT2prQJqnCv_KplYr1KxO1uLc1iyeIh0GJPxkICb5l5moG38t9Lv2g==
GET H2	200	/ Show response geo.privacymanager.io/	31 B 595 B	135ms 40ms	Fetch application/json	65.9.66.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://geo.privacymanager.io/ Requested by Host: ats.rlcdn.com URL: https://ats.rlcdn.com/ats.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-28.fra56.r.cloudfront.net Software / Resource Hash 8a78cef0b7848d146a9983a7ec0e37c321eef8a01d5847caa7483e5ecb86be04 Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 22 Jun 2022 23:44:13 GMT via 1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront), 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront) age 40899 x-amzn-requestid 4cbacf42-a243-46e0-a7f1-3b884393a3e9 access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT content-type application/json access-control-allow-origin * x-amzn-trace-id Root=1-62b3a94d-615ce24165efd71c5af7a44a;Sampled=0 x-cache Hit from cloudfront x-amz-cf-pop FRA56-P3, FRA56-C1 x-amz-apigw-id UJdkMHHLDoEF6Rg= content-length 31 x-amz-cf-id PUI17H7o3u2aLbqYqnG_DNFoWd03X-rY-Uf86IZU9VX5uxMVIF1Y9A== access-control-allow-headers Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
GET H2	200	quant.js Show response secure.quantserve.com/	24 KB 10 KB	138ms 41ms	Script application/javascript	2620:116:800d:21:c5a4:625:6563:a5bb AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?timestamp=1655982351972 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468 Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 23 Jun 2022 11:05:52 GMT content-encoding gzip etag "u2JtyZzqnTXwzBUswy2r+w==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Thu, 30 Jun 2022 11:05:52 GMT
GET H2	200	cmp2.js Show response quantcast.mgr.consensu.org/tcfv2/	177 KB 44 KB	48ms 47ms	Script text/javascript	2600:9000:206f:de00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=optifine.net Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?timestamp=1655982351972 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:de00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 42310df4073c8488550d8fbc0d7dba17d0319051ce5338ae6ecb4eac290202a4 Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 23 Jun 2022 11:05:30 GMT content-encoding br age 23 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 access-control-allow-origin * last-modified Wed, 22 Jun 2022 19:56:20 GMT server AmazonS3 etag W/"46ca30e9a03da80448753564a63ea512" vary Accept-Encoding access-control-allow-methods GET content-type text/javascript;charset=UTF-8 via 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-meta-qc-ineu True x-amz-cf-pop FRA56-C1 x-amz-cf-id SuiMbP7y3_4_QkrhnDKHNj6XeaCzwVYQgiFQdg4V4otfopw5aSvU6w==
GET H2	200	cmp-list.json Show response test.cmp.quantcast.com/GVL-v2/	9 KB 3 KB	136ms 40ms	XHR application/json	2600:9000:2057:e00:3:a4cd:8380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.cmp.quantcast.com/GVL-v2/cmp-list.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=optifine.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:e00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bc77d672b1c657ca11ff665ff7f4f4265618bc78dc6da334e2457654afe32fd6 Request headers Accept application/json, text/plain, */* Referer https://optifine.net/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 23 Jun 2022 03:00:36 GMT content-encoding gzip age 29117 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 access-control-allow-origin * last-modified Sat, 18 Jun 2022 19:52:29 GMT server AmazonS3 etag W/"754b1e001f99326f9b342fa2d6e55b5d" vary Accept-Encoding access-control-allow-methods GET x-amz-version-id AYwkM.IW.38hT0sA3d1Ppda2bZVmYyuQ via 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront) cache-control max-age=172800 x-amz-cf-pop FRA6-C1 content-type application/json x-amz-cf-id 8eiBVK_rdO2VOBui6k3LLeiyKHG7LXN4KonCiDycjY3ak5aZ8t58Ng==
GET H2	200	rules-p-Hwnr8j7tWA3Nu.js Show response rules.quantcount.com/	2 KB 1 KB	151ms 41ms	Script application/javascript	2600:9000:206f:c200:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:c200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a2da7db0e81c039410b3c60331de45f8f7d17940410120c0584e7dd2bd18ca28 Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 23 Jun 2022 10:25:51 GMT content-encoding gzip age 2401 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin access-control-allow-origin * last-modified Wed, 11 May 2022 12:50:15 GMT server AmazonS3 etag W/"9c4a2da8940867a521cf893bd7517ed2" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript via 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop FRA56-C1 x-amz-cf-id qiIvZkRS_Cap3fcNHqMrgo-3aIfImyu2rcc7qMCHN9kZgmsiSXkreg==
GET H2	200	cmp2ui-en.js Show response cmp.quantcast.com/tcfv2/42/	230 KB 56 KB	56ms 45ms	Script text/javascript	2600:9000:206f:de00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=optifine.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:de00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 22 Jun 2022 19:57:14 GMT content-encoding br age 54519 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 cross-origin-resource-policy cross-origin access-control-allow-origin * last-modified Wed, 22 Jun 2022 19:56:05 GMT server AmazonS3 etag W/"24932b3e61742029985961c24d35dbb7" vary Accept-Encoding access-control-allow-methods GET content-type text/javascript;charset=UTF-8 via 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront) cache-control max-age=172800 x-amz-cf-pop FRA56-C1 x-amz-cf-id Rf7HsU-saBNeKKCqMzemAOEei8lXCw05z11vRbWKchB4AmlqVzsjcw==
GET H2	200	vendor-list-trimmed-v1.json Show response cmp.quantcast.com/GVL-v2/	302 KB 36 KB	138ms 46ms	XHR application/json	2600:9000:206f:c200:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=optifine.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:c200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dbc297f41c194b510e855bdd68e24aecd4fa0e638c08b4198302839a5d96d6c9 Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 23 Jun 2022 03:00:40 GMT content-encoding br vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method age 29112 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-allow-origin * last-modified Thu, 23 Jun 2022 03:00:33 GMT server AmazonS3 etag W/"5081b6011adbb34cb48a116cbb862b39" access-control-max-age 3000 access-control-allow-methods GET content-type application/json via 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront) cache-control max-age=172800 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 x-amz-cf-id 0xTlo6qUg8Yy9A2VlzTyYzA59uMqGUwZfOnZisxq4X_KVnwwHcOp9w==
GET H2	200	/ Show response audit-tcfv2.cmp.quantcast.com/	2 B 101 B	130ms 40ms	XHR text/plain	3.67.149.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22Hwnr8j7tWA3Nu%22%2C%22domain%22%3A%22optifine.net%22%2C%22publisher%22%3A%22optifine.net%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22dqlG97RYDGf0EGJnSTbJVg%22%2C%22clientTimestamp%22%3A1655982352439%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-j3v62i45j55q5ax7mbqe%22%7D Requested by Host: cmp.quantcast.com URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.67.149.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-67-149-72.eu-central-1.compute.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer https://optifine.net/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-origin * date Thu, 23 Jun 2022 11:05:52 GMT content-length 2 content-type text/plain; charset=utf-8
GET H2	200	script.js Show response d1oykxszdrgjgl.cloudfront.net/	117 KB 41 KB	189ms 46ms	Script application/javascript	2600:9000:2057:1600:0:1651:6140:21
General Check archive.org Show headers Download Go to Full URL https://d1oykxszdrgjgl.cloudfront.net/script.js Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:1600:0:1651:6140:21 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash 84778d5797c84ea38f27cdef84078dd61a9bda5c9296e9485e646db571c75e33 Request headers accept-language en-GB,en;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 23 Jun 2022 11:01:47 GMT content-encoding gzip last-modified Thu, 23 Jun 2022 00:41:22 GMT server AmazonS3 age 250 etag W/"d8c3fa5a5a9770c5212148a42c95db1a" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront) cache-control max-age=600,public,must-revalidate x-amz-cf-pop FRA6-C1 x-amz-cf-id M5dlBz2SLC43mkM1fEtA_kZq3EZMg9TA-YAgGCgL7AvlkdV0frGv2Q==
POST		1a i.clean.gg/	0 0
OPTIONS H2	204	1a i.clean.gg/	0 0	190ms 123ms	Preflight text/plain	34.95.69.49
General Check archive.org Show headers Download Go to Full URL https://i.clean.gg/1a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.69.49 -, , ASN (), Reverse DNS Software nginx/1.21.6 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://optifine.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1728000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/plain; charset=utf-8 date Thu, 23 Jun 2022 11:05:56 GMT server nginx/1.21.6 via 1.1 google

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

i.clean.gg

URL

https://i.clean.gg/1a

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| getCookie function| setCookie function| onDownload object| _gaq object| _gat object| gaGlobal object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO object| __VM object| atsScript object| xl8_config function| __tcfapi object| ats object| _qevents function| nmc function| sendToNielsen object| regeneratorRuntime function| __tcfapiui function| __uspapi function| quantserve function| __qc object| ezt object| _qoptions function| qtrack

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			optifine.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 6AAB7E981B4BBCC177994DC9A6150B6F
			.optifine.net/	1970-01-20 21:30:54	Name: __utma Value: 215784521.67806154.1655982351.1655982351.1655982351.1
			.optifine.net/	1969-12-31 23:59:59	Name: __utmc Value: 215784521
			.optifine.net/	1970-01-20 08:22:30	Name: __utmz Value: 215784521.1655982351.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
			.optifine.net/	1970-01-20 03:59:42	Name: __utmt Value: 1
			.optifine.net/	1970-01-20 03:59:44	Name: __utmb Value: 215784521.1.10.1655982351
			optifine.net/	1970-01-20 04:01:08	Name: _lr_geo_location Value: GB

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ats.rlcdn.com
audit-tcfv2.cmp.quantcast.com
cdn.exelator.com
cmp.quantcast.com
d1oykxszdrgjgl.cloudfront.net
geo.privacymanager.io
hb.vntsm.com
hb.vntsm.io
i.clean.gg
ib.adnxs.com
optifine.net
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
ssl.google-analytics.com
test.cmp.quantcast.com
i.clean.gg
185.152.64.17
2600:9000:2057:1600:0:1651:6140:21
2600:9000:2057:e00:3:a4cd:8380:93a1
2600:9000:206f:c200:6:44e3:f8c0:93a1
2600:9000:206f:c200:9:46dc:4700:93a1
2600:9000:206f:de00:9:46dc:4700:93a1
2606:4700:10::6816:2e8e
2606:4700:20::681a:95a
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:811::2008
3.67.149.72
34.95.69.49
37.252.172.37
65.9.66.28
65.9.66.41
99.86.4.86
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18c0fd809becdf4841ed0e96597f2e759341a5ff96ac6b5672bb4d0296d7d46d
42310df4073c8488550d8fbc0d7dba17d0319051ce5338ae6ecb4eac290202a4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c
64e663c9fbbab52aaa4444d70e3393a8f249a4ce4f5135f0aa10a88e322a78e8
78d8aa00a4effdea0749f3b5a48a3e5967e73c4ce6454d2abd09bc8e3823abbc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84778d5797c84ea38f27cdef84078dd61a9bda5c9296e9485e646db571c75e33
8a78cef0b7848d146a9983a7ec0e37c321eef8a01d5847caa7483e5ecb86be04
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
a2da7db0e81c039410b3c60331de45f8f7d17940410120c0584e7dd2bd18ca28
a743e31efaf45c0b7bb6b2a0f19c635b020f2c0e9fbf2ac89dad73b00c20ca71
a9be2d31a62b39f418c0dcb7fe973a06dba10defabbff6d198afac4c42d04d12
b229312152c6a8b006b7e14617c2a38e719098d87b3926f99ba79ca440126d36
bc77d672b1c657ca11ff665ff7f4f4265618bc78dc6da334e2457654afe32fd6
bfaa692d4e153ea72598e7b1c57a942db17aaf263ddcb8aa6733d4ac55ae6843
c269ef798121bcfdc6b3f349ca507495ebee1fa2701d8593272f93ed0a6faa3b
c95c889d6c87e1641a06e013333645c5bd411d499dfc1c824c91784891adc896
cbb52ea8c0d1700c44168f29805821ec609baf2609b1eaadc797097c756dc30c
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
dbc297f41c194b510e855bdd68e24aecd4fa0e638c08b4198302839a5d96d6c9
dbefb78522576960ebb2c108a83add503be4cf187a770bc073b91c7ffffe8f13
fe2ce774e818aee48429f9d89d7b7f1de34b09f3f1c8b80917672794d7a83ef4