urlscan.io logo urlscan.io
SecurityTrails logo

optifine.net Open in urlscan Pro
2606:4700:20::681a:95a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
Effective URL: https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
Submission: On July 16 via manual from SA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 13 domains to perform 27 HTTP transactions. The main IP is 2606:4700:20::681a:95a, located in United States and belongs to CLOUDFLARENET, US. The main domain is optifine.net. The Cisco Umbrella rank of the primary domain is 53872.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 16th 2023. Valid for: a year.
This is the only time optifine.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:20::681a:85a (United States)

ASN13335 (CLOUDFLARENET, US)
optifine.net
7    2606:4700:20::681a:95a (United States)

ASN13335 (CLOUDFLARENET, US)
optifine.net
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
hb.vntsm.com
1    2606:4700:10::6816:2e8e (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
1    143.204.98.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-16.fra50.r.cloudfront.net
ats.rlcdn.com
1    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    13.32.99.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-89.fra60.r.cloudfront.net
geo.privacymanager.io
4    2600:9000:2240:1000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2600:9000:225e:3600:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
1    2600:9000:223c:e800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    18.158.64.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-64-152.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
1    2600:9000:2057:ec00:0:1651:6140:21 (None, )

ASN- ()
d1oykxszdrgjgl.cloudfront.net
2    34.95.69.49 (None, )

ASN- ()
i.clean.gg
1    52.19.175.72 (None, )

ASN- ()
track.venatusmedia.com
Apex Domain
Subdomains		 Transfer
8 optifine.net
optifine.net — Cisco Umbrella Rank: 53872
57 KB
6 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3316
test.cmp.quantcast.com — Cisco Umbrella Rank: 10194
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12088
157 KB
2 clean.gg
i.clean.gg
104 B
2 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 37604
302 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 483
17 KB
1 venatusmedia.com
track.venatusmedia.com
162 B
1 cloudfront.net
d1oykxszdrgjgl.cloudfront.net
44 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1172
1 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1250
9 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2056
607 B
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1168
944 B
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2652
78 KB
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 42150
646 B
27 13
Domain Requested by
8 optifine.net 1 redirects optifine.net
4 cmp.quantcast.com hb.vntsm.com
cmp.quantcast.com
2 i.clean.gg d1oykxszdrgjgl.cloudfront.net
2 hb.vntsm.com optifine.net
hb.vntsm.com
2 ssl.google-analytics.com optifine.net
1 track.venatusmedia.com hb.vntsm.com
1 d1oykxszdrgjgl.cloudfront.net hb.vntsm.com
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 rules.quantcount.com secure.quantserve.com
1 test.cmp.quantcast.com cmp.quantcast.com
1 secure.quantserve.com cmp.quantcast.com
1 geo.privacymanager.io ats.rlcdn.com
1 ad-delivery.net hb.vntsm.com
1 ats.rlcdn.com hb.vntsm.com
1 hb.vntsm.io hb.vntsm.com
27 15

This site contains links to these domains. Also see Links.

Domain
discord.gg
twitter.com
reddit.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-16 -
2024-04-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-10 -
2024-04-08		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
cmp.quantcast.com
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
quantserve.com
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2023-05-24 -
2023-08-22		 3 months crt.sh
*.venatusmedia.com
Amazon RSA 2048 M02		 2023-01-24 -
2024-02-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
Frame ID: D0DD4F423C9F2A5AEEE36448EEC47FF6
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OptiFine Download

Page URL History Show full URLs

  1. http://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377 HTTP 302
    https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

27
Requests

100 %
HTTPS

69 %
IPv6

13
Domains

15
Subdomains

15
IPs

2
Countries

667 kB
Transfer

2338 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377 HTTP 302
    https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request adloadx
optifine.net/
Redirect Chain
  • http://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
  • https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b97a08b5f1a1f228b6eb5d5ed37be53b09e4aa186afbbcce2b8f550b199ff5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7e793200fb90bbce-FRA
content-encoding
br
content-security-policy
frame-ancestors 'none'
content-type
text/html;charset=ISO-8859-1
date
Sun, 16 Jul 2023 09:25:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyvaz7dEomrGE1aX682Qg5WssPBUJ9msKlTB0iLqI%2F9fB2a9UZ5mkPeb%2F%2FKeQq9S5m9VfoKCT8wnuAzJuD%2B%2FVZMO71LNG2RcaOxiVNgd%2BW41YZv1adYOJrpTAsH1rBSYAz5vvYCct99veg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-clacks-overhead
GNU Terry Pratchett
x-frame-options
DENY

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7e7931feefa503b8-FRA
Connection
keep-alive
Content-Length
0
Content-Security-Policy
frame-ancestors 'none'
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 16 Jul 2023 09:24:59 GMT
Location
https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35HSEHCk4p2R1DOCoaVDhoyZyAY%2BgMRvXlWCvoM8waZkBALasb3lkq9PwSAtiF6%2BzsjYoJ6yNeeihKMmlaAjDAwD0Ux0pd%2FOs%2Bm4oCceFpP0zEXSDc0KI25vdzAb2SDtXTsHOcRuOB0msQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
X-Clacks-Overhead
GNU Terry Pratchett
X-Frame-Options
DENY
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Jul 2023 08:13:50 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4270
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sun, 16 Jul 2023 10:13:50 GMT
ad-manager.min.js
hb.vntsm.com/v3/live/ 		989 KB
293 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
36be29baa0779cf89f5958cf8fcb559647a50a948a734dcd0692fb27070206da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 09:25:00 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-server-side-encryption
AES256
cdn-cachedat
07/13/2023 14:17:14
cdn-pullzone
131999
last-modified
Wed, 12 Jul 2023 10:47:51 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"b3267d5ba4ffcb9e8f21d7785d9aa4cf"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
66b0f986731febf7f56b7a585f151c10
cdn-requestcountrycode
DE
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
download.png
optifine.net/images/ 		186 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optifine.net/images/download.png
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c269ef798121bcfdc6b3f349ca507495ebee1fa2701d8593272f93ed0a6faa3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 09:25:00 GMT
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
DYNAMIC
last-modified
Mon, 26 Mar 2018 15:23:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlShHCFYZQPDGUiXcbJhf818p6bbyyCFn7cv0Sw26FnOcYPyPY2D8cDr79vQBk4IwoiUx%2BO2AO9m%2FHgNfxJYg2uMCq%2Bdg%2Bviv6bVpDMX%2B44nbHyJtzJysSQoNR8LWHDzS%2FL0Y7EdARC58g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
7e793204f906bbce-FRA
content-length
186
discord.png
optifine.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optifine.net/images/discord.png
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b229312152c6a8b006b7e14617c2a38e719098d87b3926f99ba79ca440126d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 09:25:00 GMT
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
DYNAMIC
last-modified
Fri, 02 Oct 2020 22:32:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSK%2FKX%2B382MuCOM%2B9fKai7aWWJ8s32o2%2Fl30St3%2B7AWD1mSVg4olXj6XORXCOlXsmSN0qPbLfix1vXYVpHSb7GnKfTpdne1pUasusnbc61WN5ZLcX4C8mNgdK7AoG3VyS54R3zkNprN0Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
7e793204f909bbce-FRA
content-length
1719
twitter.png
optifine.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optifine.net/images/twitter.png
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9be2d31a62b39f418c0dcb7fe973a06dba10defabbff6d198afac4c42d04d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 09:25:00 GMT
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
DYNAMIC
last-modified
Thu, 01 Oct 2020 20:15:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4E8e5Bb0jOkmMlGV%2Bq9D09NsDGLInKU8Dg2jf2n53HF76%2FMc7fo1DFSTdwQA4TMnydfvzb28vaKi0PagPJr1EDeW9FaSk23woTwvF6BlMSo%2FZnV63o5pqdt4YfH%2BFBAopDk9ysqnlQmLtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
7e793204f90bbbce-FRA
content-length
1821
reddit.png
optifine.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optifine.net/images/reddit.png
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb52ea8c0d1700c44168f29805821ec609baf2609b1eaadc797097c756dc30c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 09:25:00 GMT
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
DYNAMIC
last-modified
Fri, 02 Oct 2020 22:32:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MgVlQaOuiz8urSVuglX%2F9%2FfWxa3CL3hx4oBeTrfv0qOLnGQzlLL4qjH92IGyVLUMQLmjig63mdLN1Sn10%2FnqBUk%2BeC4U5Wf6SuGm8rEpLdLod5yaNySZKKhvbILb6nWwwkLN1IHNY3nAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
7e793204f90fbbce-FRA
content-length
1956
snow64b.gif
optifine.net/images/ 		521 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optifine.net/images/snow64b.gif
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfaa692d4e153ea72598e7b1c57a942db17aaf263ddcb8aa6733d4ac55ae6843

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 09:25:00 GMT
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
DYNAMIC
last-modified
Fri, 25 Sep 2020 11:04:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbKqcKu0LZLZYCgwjtBfaSeyEAG4dAnfh6waw3OBLfmA2THP8jiJ6j8HglyyjRfGRRayf3tApzXhKd8Nh6h3joBLix3DKy8QbTMQhlne4ARf2%2FOXKsf%2FAvOqQ34Iaz5w4QG65BaHjrF4Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
accept-ranges
bytes
cf-ray
7e793204f910bbce-FRA
content-length
521
Oswald-Medium.woff
optifine.net/template/fonts/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://optifine.net/template/fonts/Oswald-Medium.woff
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a743e31efaf45c0b7bb6b2a0f19c635b020f2c0e9fbf2ac89dad73b00c20ca71

Request headers

Referer
https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
Origin
https://optifine.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 09:25:00 GMT
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
DYNAMIC
last-modified
Fri, 25 Sep 2020 11:04:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnLalZEKxXryxu1%2BGeSn4eQgdfsKbW2AAHvip0y%2FxBgdwntqAYzDIa%2FjVBF4T8U5iZuxRDEr2%2FqEdijhHfVGxcB9LSJkkaYQA3kw8thcDTZMuUMsWFR4SKbPob2to7FuIQZtT%2BixSl%2BSow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
accept-ranges
bytes
cf-ray
7e793204f912bbce-FRA
content-length
45404
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1340653660&utmhn=optifine.net&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OptiFine%20Download&utmhid=1201203430&utmr=-&utmp=%2Fadloadx%3Ff%3Dpreview_OptiFine_1.20.1_HD_U_I6_pre1.jar%26x%3D9377&utmht=1689499500382&utmac=UA-30620569-1&utmcc=__utma%3D215784521.1509276339.1689499500.1689499500.1689499500.1%3B%2B__utmz%3D215784521.1689499500.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=642978413&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.20.1_HD_U_I6_pre1.jar&x=9377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 09:25:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
content.html
hb.vntsm.io/ 		32 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 09:25:01 GMT
cf-cache-status
HIT
x-amz-request-id
54Y4T35M37A2ATS0
age
1463
content-length
32
x-amz-id-2
vxz6kILNwDvIFJM/7E5r5JO41smaGZk/9gknwpXLqdv+HuX1+zYStGj2P+XxZVhdf6zbNm1/COM=
geo
DE
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e7932095ae3373f-FRA
610139896ba87f455d73fa3e.enc
hb.vntsm.com/v2/live/ 		58 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/610139896ba87f455d73fa3e.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
e4c2c77a987dbb149d37071b1ef6fbeb530601d6c161dfebf33ef5627e2f1b08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 09:25:01 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-server-side-encryption
AES256
cdn-cachedat
07/13/2023 14:17:31
cdn-pullzone
131999
last-modified
Thu, 13 Apr 2023 12:01:04 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"ab5b86ebaeebefbe3d647c7c9aa0b756"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials
true
x-bl
0
cache-control
public, max-age=86400
cdn-requestid
2c690936090a7da827eb241306bbb62e
cdn-requestcountrycode
DE
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
ats.js
ats.rlcdn.com/ 		236 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-16.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcfad9088b921bbf9103e383ca49581e239fbffd85dbc73d4b8dab0d2185cd4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding
gzip
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date
Sun, 16 Jul 2023 08:36:06 GMT
last-modified
Thu, 08 Jun 2023 08:56:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
2935
x-amz-server-side-encryption
AES256
etag
W/"a23e5e8674928ef24c6825d63b8d2927"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
RTQ49xG_0fAPt2vBHRiytGF6BONXYTwc23l34EVeTrFJA7dpYODtkg==
px.gif
ad-delivery.net/ 		43 B
944 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 09:25:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1634071
x-guploader-uploadid
ADPycds5_DJPPZ1U6i5XFqy86hMM4a2jFN8WjnfkczIRthglu00c_6UuMWSVcDiHGGdof_RTN1fmLv7jGHMzmNMNjCmLFBLZuIC6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMth1yGK8qLWVSMEK5Tp%2FK2cFLHg0ML202RlEUCcn42YewO1fON0H5RuGwFRvhNfzVA9betm54%2FciDen4R6bfTaZLz9y%2F1Bn0PaJF3Tuyl9A2H2qg2rPQZbr4F7LPjX9Z%2BdvDJz9Ub09VnEgmw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7e79320acb848fef-FRA
expires
Tue, 27 Jun 2023 12:11:30 GMT
/
geo.privacymanager.io/ 		28 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-89.fra60.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 01:25:01 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront), 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
28800
x-amzn-requestid
0af85cc0-f197-403c-9bbf-31ded176cbf3
x-amzn-trace-id
Root=1-64b346ed-25e48bcd293370ad67a5ba23;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
IIgFFGW5joEF48g=
content-length
28
x-amz-cf-id
W9RsTgbYS24v5NyrK_uHQGNmuZLtlgGfVmeRg49Rrtw9EdnuL7xmsg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
choice.js
cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/optifine.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?tag_version=V2?timestamp=1689499501501
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:1000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e20eb9799a0dcdfcbc36a03cd1404a5dd97d871f0c380debb90889e91d1f6cca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 09:24:21 GMT
content-encoding
br
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 21:07:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
42
x-amz-server-side-encryption
AES256
etag
W/"1aa8ea6fc666a13028429267a8214ff6"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
0kqJ4sXLAE1ylQoW1n13x7tlNYbBR9T8rcCPOKo2nvuyiGHzKIZZJw==
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?tag_version=V2?timestamp=1689499501501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 09:25:01 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 23 Jul 2023 09:25:01 GMT
cmp2.js
cmp.quantcast.com/tcfv2/ 		178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=optifine.net
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?tag_version=V2?timestamp=1689499501501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:1000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb644f290f0fb1ea074d5a52e431e49cf9fa4adc1b345e7719d0d27a3fe78c9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 09:09:45 GMT
content-encoding
br
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
917
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Fri, 19 May 2023 14:04:40 GMT
server
AmazonS3
etag
W/"f95487cc7143663d91de3ec4a26c4beb"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
mc5PApbh6PkhntSBBnGETa22VgSLYccgk4wBVWzLcgDvmLISG7LoqA==
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=optifine.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3600:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
591effbd3500c19e856eed429dccb39e7a42b77b214cf8eaabb657821406604e

Request headers

Accept
application/json, text/plain, */*
Referer
https://optifine.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 03:00:41 GMT
x-amz-version-id
IG36Y9nZkMAq0uDyI6_EbCtqVaht4e_n
content-encoding
br
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
23061
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 13 Jul 2023 19:52:29 GMT
server
AmazonS3
etag
W/"ad9ea659adb4323526e3614837d845a7"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
NRi3pDXWckRd-KzyDi7-hRv2AvnDmds89eJ9Z8IGQH5dZ4JD2aNTsQ==
rules-p-Hwnr8j7tWA3Nu.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 08:48:54 GMT
content-encoding
gzip
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2168
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 23:45:13 GMT
server
AmazonS3
etag
W/"25e2d4f54b5bb37c6c82b554454ef41a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
kjfPaKS13-vBoX-eSrpE2xpRPiywqXnONT-IyfdhZpGukG9nuR2UTw==
cmp2ui-en.js
cmp.quantcast.com/tcfv2/47/ 		248 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=optifine.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:1000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 05:31:56 GMT
content-encoding
br
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
13986
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Fri, 19 May 2023 14:04:10 GMT
server
AmazonS3
etag
W/"556bc7ca21432cc0628ff6f67a5e09bc"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
IS0UP-yBfUy61409snyxrypckBHN0qBKmemZBFfAUFL2ligck4qadA==
vendor-list-trimmed-v1-tmp.json
cmp.quantcast.com/GVL-v2/ 		353 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1-tmp.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=optifine.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:1000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0f3143f3ecea93e92391e08de3461a779d9c5094241779ccf1b57665a081133

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 03:00:41 GMT
content-encoding
gzip
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
23061
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Fri, 19 May 2023 13:17:10 GMT
server
AmazonS3
etag
W/"3bbcdaed7cdab54742c76eb6b3acaff4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
O8i74Y1f5a1zKQnFN3yRiKTLijVTSAZjKZtVIuIoLMr_xp7xcBQhxw==
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22Hwnr8j7tWA3Nu%22%2C%22domain%22%3A%22optifine.net%22%2C%22publisher%22%3A%22optifine.net%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.47%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22L8fZ8OfrfEZeSEf7aK%2FpCQ%22%2C%22clientTimestamp%22%3A1689499501779%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-t69yol4evebycja5w5j%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.64.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-64-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://optifine.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 16 Jul 2023 09:25:01 GMT
content-length
2
content-type
text/plain; charset=utf-8
script.js
d1oykxszdrgjgl.cloudfront.net/ 		125 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ec00:0:1651:6140:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed2738232770888ababf622dac6379a94870cfc9278fe477453e63ebc27f72ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://optifine.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
ty2ZOyJRIv3mGoZEXFoK_bayARUNDiM7
content-encoding
gzip
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
date
Sun, 16 Jul 2023 09:22:57 GMT
last-modified
Fri, 14 Jul 2023 18:47:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
146
x-amz-server-side-encryption
AES256
etag
W/"f3de18674caf0be24e8b826632707823"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
1mfcaYkgvwZST7lHfNpnEG6lgdzditC65DUPwDLp_AwMaBfWxCkucw==
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 -, , ASN (),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://optifine.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 16 Jul 2023 09:25:06 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 -, , ASN (),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://optifine.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 16 Jul 2023 09:25:05 GMT
server
nginx/1.21.6
via
1.1 google
track_enc
track.venatusmedia.com/dual/ 		16 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.175.72 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://optifine.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://optifine.net
date
Sun, 16 Jul 2023 09:25:06 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| getCookie function| setCookie function| onDownload object| _gaq object| _gat object| gaGlobal object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO string| nobidVersion object| nobid object| mnet object| __VM function| setImmediate function| clearImmediate object| regeneratorRuntime object| ats function| __tcfapi object| _qevents function| __tcfapiui function| __uspapi function| quantserve function| __qc object| ezt object| _qoptions

7 Cookies

Domain/Path Name / Value
optifine.net/ Name: JSESSIONID
Value: 3F55E9DC6A31332F5EC9D0ED3FEA580A
.optifine.net/ Name: __utma
Value: 215784521.1509276339.1689499500.1689499500.1689499500.1
.optifine.net/ Name: __utmc
Value: 215784521
.optifine.net/ Name: __utmz
Value: 215784521.1689499500.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.optifine.net/ Name: __utmt
Value: 1
.optifine.net/ Name: __utmb
Value: 215784521.1.10.1689499500
optifine.net/ Name: _lr_geo_location
Value: DE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ats.rlcdn.com
audit-tcfv2.cmp.quantcast.com
cmp.quantcast.com
d1oykxszdrgjgl.cloudfront.net
geo.privacymanager.io
hb.vntsm.com
hb.vntsm.io
i.clean.gg
optifine.net
rules.quantcount.com
secure.quantserve.com
ssl.google-analytics.com
test.cmp.quantcast.com
track.venatusmedia.com
13.32.99.89
143.204.98.16
18.158.64.152
2400:52e0:1e00::1080:1
2600:9000:2057:ec00:0:1651:6140:21
2600:9000:223c:e800:6:44e3:f8c0:93a1
2600:9000:2240:1000:9:46dc:4700:93a1
2600:9000:225e:3600:3:a4cd:8380:93a1
2606:4700:10::6816:2e8e
2606:4700:20::681a:85a
2606:4700:20::681a:95a
2606:4700:20::ac43:4513
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:82b::2008
34.95.69.49
52.19.175.72
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
21b97a08b5f1a1f228b6eb5d5ed37be53b09e4aa186afbbcce2b8f550b199ff5
36be29baa0779cf89f5958cf8fcb559647a50a948a734dcd0692fb27070206da
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
591effbd3500c19e856eed429dccb39e7a42b77b214cf8eaabb657821406604e
6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a743e31efaf45c0b7bb6b2a0f19c635b020f2c0e9fbf2ac89dad73b00c20ca71
a9be2d31a62b39f418c0dcb7fe973a06dba10defabbff6d198afac4c42d04d12
b229312152c6a8b006b7e14617c2a38e719098d87b3926f99ba79ca440126d36
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408
bcfad9088b921bbf9103e383ca49581e239fbffd85dbc73d4b8dab0d2185cd4d
bfaa692d4e153ea72598e7b1c57a942db17aaf263ddcb8aa6733d4ac55ae6843
c269ef798121bcfdc6b3f349ca507495ebee1fa2701d8593272f93ed0a6faa3b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbb52ea8c0d1700c44168f29805821ec609baf2609b1eaadc797097c756dc30c
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f3143f3ecea93e92391e08de3461a779d9c5094241779ccf1b57665a081133
e20eb9799a0dcdfcbc36a03cd1404a5dd97d871f0c380debb90889e91d1f6cca
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c2c77a987dbb149d37071b1ef6fbeb530601d6c161dfebf33ef5627e2f1b08
eb644f290f0fb1ea074d5a52e431e49cf9fa4adc1b345e7719d0d27a3fe78c9a
ed2738232770888ababf622dac6379a94870cfc9278fe477453e63ebc27f72ea