urlscan.io logo urlscan.io
SecurityTrails logo

optifine.net Open in urlscan Pro
2606:4700:20::ac43:4969  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
Effective URL: https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
Submission: On November 10 via manual from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 36 HTTP transactions. The main IP is 2606:4700:20::ac43:4969, located in United States and belongs to CLOUDFLARENET, US. The main domain is optifine.net. The Cisco Umbrella rank of the primary domain is 133368.
TLS certificate: Issued by WE1 on November 7th 2024. Valid for: 3 months.
This is the only time optifine.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 151.101.195.42 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 151.101.193.194 54113 (FASTLY)
1 54.230.228.100 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 108.138.36.31 16509 (AMAZON-02)
1 1 18.239.83.22 16509 (AMAZON-02)
12 2600:9000:20a... 16509 (AMAZON-02)
2 18.193.40.240 16509 (AMAZON-02)
36 12
8    2606:4700:20::ac43:4969 (United States)

ASN13335 (CLOUDFLARENET, US)
optifine.net
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    151.101.195.42 (San Francisco, United States)

ASN54113 (FASTLY, US)
hb.vntsm.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:10::ac43:2483 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
1    151.101.193.194 (San Francisco, United States)

ASN54113 (FASTLY, US)
hb-vntsm-com.global.ssl.fastly.net
1    54.230.228.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-100.muc50.r.cloudfront.net
ats.rlcdn.com
1    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    108.138.36.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-31.muc50.r.cloudfront.net
geo.privacymanager.io
1    18.239.83.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-22.ams58.r.cloudfront.net
cmp.quantcast.com
12    2600:9000:20a0:2000:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.inmobi.com
2    18.193.40.240 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-40-240.eu-central-1.compute.amazonaws.com
api.cmp.inmobi.com
Apex Domain
Subdomains		 Transfer
14 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 5253
api.cmp.inmobi.com — Cisco Umbrella Rank: 19347
364 KB
8 optifine.net
optifine.net — Cisco Umbrella Rank: 133368
58 KB
4 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 30111
388 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
175 KB
1 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 8821
589 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1904
635 B
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 904
1 KB
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 5989
36 KB
1 fastly.net
hb-vntsm-com.global.ssl.fastly.net — Cisco Umbrella Rank: 36157
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 37710
646 B
36 11
Domain Requested by
12 cmp.inmobi.com cmp.quantcast.com
cmp.inmobi.com
8 optifine.net optifine.net
4 hb.vntsm.com optifine.net
hb.vntsm.com
2 api.cmp.inmobi.com cmp.inmobi.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com optifine.net
www.googletagmanager.com
1 cmp.quantcast.com 1 redirects
1 geo.privacymanager.io ats.rlcdn.com
1 ad-delivery.net hb.vntsm.com
1 ats.rlcdn.com hb.vntsm.com
1 hb-vntsm-com.global.ssl.fastly.net hb.vntsm.com
1 hb.vntsm.io hb.vntsm.com
1 region1.google-analytics.com www.googletagmanager.com
36 13

This site contains links to these domains. Also see Links.

Domain
discord.gg
twitter.com
reddit.com
Subject Issuer Validity Valid
optifine.net
WE1		 2024-11-07 -
2025-02-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.vntsm.com
R11		 2024-09-10 -
2024-12-09		 3 months crt.sh
hb.vntsm.io
WE1		 2024-11-02 -
2025-01-31		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-09-11 -
2025-10-13		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
ad-delivery.net
WE1		 2024-11-10 -
2025-02-08		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M03		 2024-06-26 -
2025-07-24		 a year crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2024-07-31 -
2025-07-31		 a year crt.sh

This page contains 2 frames:

Primary Page: https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
Frame ID: 14D37F784952370FE88050F9DA23E479
Requests: 35 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: 667EFEB0833A1FE7CFF9EEE336B2295B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OptiFine Download

Page URL History Show full URLs

  1. http://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar HTTP 307
    https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

36
Requests

97 %
HTTPS

54 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

1046 kB
Transfer

4537 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar HTTP 307
    https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?tag_version=V2?timestamp=1731271392060 HTTP 301
  • https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?tag_version=V2

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request adloadx
optifine.net/
Redirect Chain
  • http://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
  • https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
211b2a3a2e93a545e76317304c0f4fa803e8ea08d372a07e0ef1f59fc6223845
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8e08df8f9ecf65d1-FRA
content-encoding
br
content-security-policy
frame-ancestors 'none'
content-type
text/html;charset=ISO-8859-1
date
Sun, 10 Nov 2024 20:43:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qYEk2ePlZCXPpQ%2FgLNZqBYWWuiBa3k87bri2n3j3eL7cnS3qD8N5gfseQD3astThLUUjX0rLai2M4tJIASbkR6Veul3LnUeQ%2F1Iv8x0y2xJC9Bm89yT6%2BmpGQ4DUFaZrXE00IpZpAaJEqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=29082&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4010&recv_bytes=2415&delivery_rate=133358&cwnd=107&unsent_bytes=0&cid=40e3840d7f0c70e5&ts=455&x=0"
x-clacks-overhead
GNU Terry Pratchett
x-frame-options
DENY

Redirect headers

Location
https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
Non-Authoritative-Reason
HttpsUpgrades
js
www.googletagmanager.com/gtag/ 		222 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-30620569-1
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60a956a729d6aa514734d0f861fe36cdcf2acc467404dc891d4671a49cae0a75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 10 Nov 2024 20:43:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 20:43:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 10 Nov 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81053
x-xss-protection
0
server
Google Tag Manager
ad-manager.min.js
hb.vntsm.com/v3/live/ 		145 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.42 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eaee429e9fe9265058ce08bb1f76f6caa148aeebf6cb86afd8d2c82907feb404
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding
gzip
etag
"42953f5c9355e16daf7026b8516bceed"
age
1852
access-control-allow-methods
GET, OPTIONS
x-cache
HIT, HIT
date
Sun, 10 Nov 2024 20:43:11 GMT
last-modified
Thu, 07 Nov 2024 12:39:43 GMT
vary
Accept-Encoding
x-served-by
cache-dub4327-DUB, cache-fra-etou8220124-FRA
content-type
application/javascript
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits
15, 1
strict-transport-security
max-age=300
x-amz-id-2
cxRNgNRTFov+kUs+CsL24NsoAL7pfDlryzBptqzMEgqx455BafdGZRmxXwl6MSTri9XxRd8N5/c=
x-timer
S1731271391.324921,VS0,VE1
x-ip
82.199.134.170
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
41506
geo-sub
BW
x-geo
DE
venatus-cdn-hb-rule-version
1.1
x-amz-server-side-encryption
AES256
download.png
optifine.net/images/ 		186 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optifine.net/images/download.png
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c269ef798121bcfdc6b3f349ca507495ebee1fa2701d8593272f93ed0a6faa3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xNV0RsiilsbAf9S1saAhijafTw018NxYYKpFYfrxBK6M%2FbRfSe%2BuvP3OZHzxFh1B8KdTSvd2l2DPrWVaUd9tSmUoMF7cIpZeGx3in1yVdSKvu5BhC5YPeWXPq2OkU8ixPmejSyDPxMMgOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e08df933a5e65d1-FRA
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=29036&sent=27&recv=27&lost=0&retrans=0&sent_bytes=8490&recv_bytes=3201&delivery_rate=178810&cwnd=109&unsent_bytes=0&cid=40e3840d7f0c70e5&ts=762&x=0"
content-length
186
date
Sun, 10 Nov 2024 20:43:11 GMT
content-type
image/png
last-modified
Mon, 26 Mar 2018 15:23:34 GMT
server
cloudflare
discord.png
optifine.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optifine.net/images/discord.png
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b229312152c6a8b006b7e14617c2a38e719098d87b3926f99ba79ca440126d36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XqcZYS7tNaSKTxXuRKQKS80Dowvjp79ofbGfHM6Ee3rAlkMK3KGDeeLUE2kM9M3z94rNtH9mqS4GwrdYTzHkgKPMcBxOz401a92jfjETQgwtqXlou%2BICGbCyBFm%2Fw%2BFX1kGa5KdevnaWqw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e08df933a5f65d1-FRA
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=29037&sent=29&recv=28&lost=0&retrans=0&sent_bytes=9190&recv_bytes=3201&delivery_rate=178810&cwnd=109&unsent_bytes=0&cid=40e3840d7f0c70e5&ts=1041&x=0"
content-length
1719
date
Sun, 10 Nov 2024 20:43:11 GMT
content-type
image/png
last-modified
Fri, 02 Oct 2020 22:32:35 GMT
server
cloudflare
twitter.png
optifine.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optifine.net/images/twitter.png
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9be2d31a62b39f418c0dcb7fe973a06dba10defabbff6d198afac4c42d04d12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmEFWtDpSyc53dEkMOvF98PFvK1L%2F3n6O3fJaBktG42w%2B%2F6c1Mogh7hZzmTzyCshuPixYADMBunzV3yuplVLjTIWy9AWimCwvvb8xq8VuyZbVTirDJUbVeg6sxyvyB8JF0GJ1V2%2BYvzFJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e08df933a6065d1-FRA
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=29037&sent=37&recv=28&lost=0&retrans=0&sent_bytes=13918&recv_bytes=3201&delivery_rate=178810&cwnd=109&unsent_bytes=0&cid=40e3840d7f0c70e5&ts=1050&x=0"
content-length
1821
date
Sun, 10 Nov 2024 20:43:11 GMT
content-type
image/png
last-modified
Thu, 01 Oct 2020 20:15:27 GMT
server
cloudflare
reddit.png
optifine.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optifine.net/images/reddit.png
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb52ea8c0d1700c44168f29805821ec609baf2609b1eaadc797097c756dc30c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DaoTBHEzYMms6SR8CWdDmpVLWdely7N5iDoh44ntULGsTaglCFXj22vkQ%2BHgBTVuAdLxXdsFi6H8LurtQOvv255vf5w2ivlIrUbs8vJmusERRfZ76eTRFiF1%2FLNqAHsWNRnYT5yB1%2BJKqw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e08df933a6265d1-FRA
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=29037&sent=33&recv=28&lost=0&retrans=0&sent_bytes=11436&recv_bytes=3201&delivery_rate=178810&cwnd=109&unsent_bytes=0&cid=40e3840d7f0c70e5&ts=1042&x=0"
content-length
1956
date
Sun, 10 Nov 2024 20:43:11 GMT
content-type
image/png
last-modified
Fri, 02 Oct 2020 22:32:00 GMT
server
cloudflare
snow64b.gif
optifine.net/images/ 		521 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optifine.net/images/snow64b.gif
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfaa692d4e153ea72598e7b1c57a942db17aaf263ddcb8aa6733d4ac55ae6843

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KgOr9jY4htkCziYTV8KDR6IcyT0WfsjGQbqMnh0Zu%2FbvKHdoOnuaV1NO70rJy46vmr1iF0yBO7h1mzAOnSSxf4cAdiXJyZJnv2M3CkKF5OtFymD%2BfHTEYPNKECVJZtc3xz63Zz1Qeaauqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e08df933a6365d1-FRA
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=29037&sent=41&recv=28&lost=0&retrans=0&sent_bytes=16268&recv_bytes=3201&delivery_rate=178810&cwnd=109&unsent_bytes=0&cid=40e3840d7f0c70e5&ts=1053&x=0"
content-length
521
date
Sun, 10 Nov 2024 20:43:11 GMT
content-type
image/gif
last-modified
Fri, 25 Sep 2020 11:04:19 GMT
server
cloudflare
Oswald-Medium.woff
optifine.net/template/fonts/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://optifine.net/template/fonts/Oswald-Medium.woff
Requested by
Host: optifine.net
URL: https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a743e31efaf45c0b7bb6b2a0f19c635b020f2c0e9fbf2ac89dad73b00c20ca71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://optifine.net
Referer
https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9aKF6IO8AZsOBkIdtpHd%2FYyB3XpJ0ryqVitPjqOsksNVTgRpW%2F7%2BxBKDgFb1U04u3pUFD3UJn17qwVIXgEWtfuL8%2FP6x0ZhwFo3T7JMuCDUoQyHDLjwpesYsMRM7kI83JmeLZUAfy8BsyA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e08df936a8565d1-FRA
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=29037&sent=44&recv=28&lost=0&retrans=0&sent_bytes=17352&recv_bytes=3201&delivery_rate=178810&cwnd=109&unsent_bytes=0&cid=40e3840d7f0c70e5&ts=1065&x=0"
content-length
45404
date
Sun, 10 Nov 2024 20:43:11 GMT
content-type
font/woff
last-modified
Fri, 25 Sep 2020 11:04:19 GMT
server
cloudflare
610139896ba87f455d73fa3e.enc
hb.vntsm.com/v2/live/ 		58 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/610139896ba87f455d73fa3e.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.42 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0df0024f68f7e6c06c50d49242a0f50f5c4304b0db29fdfbe00cb85476af6138
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding
gzip
etag
"4838a181c00cf2a12cb456ae925475b4"
age
6327
access-control-allow-methods
GET, OPTIONS
x-cache
HIT, HIT
date
Sun, 10 Nov 2024 20:43:11 GMT
last-modified
Mon, 16 Sep 2024 13:41:10 GMT
vary
Accept-Encoding
x-served-by
cache-dub4330-DUB, cache-fra-etou8220108-FRA
content-type
text/plain
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits
1912, 1
strict-transport-security
max-age=300
x-amz-id-2
0iWGwkyv1bv2sNiHOLJ6F9KczttzA6iC62jxVFzvkwQ6OBdP2caJ4Prhqp8KHIZsuRxoP+CfzmmcnIVic4IIew==
x-timer
S1731271391.477295,VS0,VE1
x-ip
82.199.134.170
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
7370
geo-sub
BW
x-geo
DE
venatus-cdn-hb-rule-version
1.1
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		271 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6SC3VZFSS2&l=dataLayer&cx=c&gtm=457e4b70za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30620569-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f9637b2f8cb6573994ed142938cd45c9ef7403836fad2d0cd031e104622ebb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 10 Nov 2024 20:43:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 20:43:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97463
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30620569-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

content-encoding
gzip
age
4382
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sun, 10 Nov 2024 21:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 19:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6SC3VZFSS2&gtm=45je4b70v9130800390za200&_p=1731271391219&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=538299006.1731271391&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1731271391&sct=1&seg=0&dl=https%3A%2F%2Foptifine.net%2Fadloadx%3Ff%3Dpreview_OptiFine_1.21.3_HD_U_J2_pre4.jar&dt=OptiFine%20Download&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=946
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6SC3VZFSS2&l=dataLayer&cx=c&gtm=457e4b70za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://optifine.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 20:43:11 GMT
content-type
text/plain
server
Golfe2
content.html
hb.vntsm.io/ 		32 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

access-control-expose-headers
*
cf-cache-status
HIT
etag
"2f58b9ff601fd509249a9e7628a21c33"
age
757
geo
DE
access-control-allow-methods
GET
date
Sun, 10 Nov 2024 20:43:11 GMT
content-type
text/html
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
x-amz-id-2
vQptrlHQQxuPBcwGy+oaBPJrvMxTNT2erAa2TvALqytfAHER710AfvBcyn9Q/buCmT+l6WyzUsE=
cache-control
max-age=14400
x-amz-request-id
NVZZHJF876GX0TJE
cf-ray
8e08df959dacdbbd-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
32
server
cloudflare
g.txt
hb-vntsm-com.global.ssl.fastly.net/v4/srv/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-vntsm-com.global.ssl.fastly.net/v4/srv/g.txt
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

Access-Control-Expose-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Age
5479
Access-Control-Allow-Methods
GET, OPTIONS
X-Cache
HIT, HIT
Date
Sun, 10 Nov 2024 20:43:11 GMT
Last-Modified
Tue, 02 Apr 2024 15:20:36 GMT
Vary
Accept-Encoding
X-Served-By
cache-dub4364-DUB, cache-fra-etou8220135-FRA
Content-Type
text/plain
x-amz-id-2
Ned1AFsUY9KkP71MNYibMZrgL0qrjx9lroy99WoU99JIDKiEZeGH3BcGazljxfb2N4I/8sXoULc=
X-Cache-Hits
24, 562
Strict-Transport-Security
max-age=300
Access-Control-Allow-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
X-Timer
S1731271392.592715,VS0,VE0
X-IP
82.199.134.170
Connection
keep-alive
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
0
Geo-Sub
BW
X-Geo
DE
Venatus-CDN-HB-Rule-Version
1.1
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/j/ 		1 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1324636305&t=pageview&_s=1&dl=https%3A%2F%2Foptifine.net%2Fadloadx%3Ff%3Dpreview_OptiFine_1.21.3_HD_U_J2_pre4.jar&ul=de-ch&de=windows-1252&dt=OptiFine%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=564311186&gjid=972426413&cid=538299006.1731271391&tid=UA-30620569-1&_gid=673259764.1731271392&_r=1&gtm=457e4b70za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&jsscut=1&npa=1&z=369777247
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://optifine.net/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 20:43:11 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://optifine.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
ad-manager-bundle.min.js
hb.vntsm.com/ab/live/fatum/ 		1 MB
339 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.42 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9aab5fda6450fda38aa4ee7bab039cc2574edb1ee5879177927d7d7494e4f306
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
content-encoding
gzip
etag
"5a97004c7c8d7e6c033d4e6845514291"
age
1749
access-control-allow-methods
GET, OPTIONS
x-cache
HIT, HIT
date
Sun, 10 Nov 2024 20:43:11 GMT
last-modified
Thu, 07 Nov 2024 11:34:47 GMT
vary
Accept-Encoding
x-served-by
cache-dub4321-DUB, cache-fra-etou8220124-FRA
content-type
application/javascript
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-cache-hits
3, 1
strict-transport-security
max-age=300
x-amz-id-2
Y4e9zGeda9za9J6pPIBxzG3FsS7zjHNMnjffcn1PnSqDm3bEnhMDUjnyuc0VfuAd7E1ADuwaKFdIAnzTBghf6dP+L3zKu1ONtp8uuzYxp30=
x-timer
S1731271392.633755,VS0,VE2
x-ip
82.199.134.170
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
346704
geo-sub
BW
x-geo
DE
venatus-cdn-hb-rule-version
1.1
x-amz-server-side-encryption
AES256
ats.js
ats.rlcdn.com/ 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-100.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce1dc10c9c530c798796c8ff71fdf3a461dec406d0f3470dc575c63c1ae3a11c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

vary
accept-encoding
content-encoding
br
etag
W/"b248cc9d0fdeb36bdeb7efabad1132ee"
x-amz-version-id
3aZ5d2fLjOQ6QFd_Uz.oPTkcCqeZ7CeF
age
68480
via
1.1 37efbeb485d6113a0b2df63b2f651402.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
XTYn-Z_BxD_r2NlzNNfsR_eIn4RGp4oSPvFqL0ml9hV4d_xzkzdyig==
date
Sun, 10 Nov 2024 01:41:52 GMT
content-type
text/javascript
last-modified
Thu, 26 Sep 2024 12:57:19 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P5
x-amz-server-side-encryption
AES256
px.gif
ad-delivery.net/ 		43 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
2347791
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpRz8%2BmcP94YBpcJB42tIavX%2F0SaQZfDpFGbHrzK4gZ9RE3J2afPH6JEOTNrJofwVNodqTtcq84ec5mcj2qFOlWIe4yKFZzqFSYkeaenTvXMDomQz%2BARbAbn%2FHVXct0Gz7yQd458GAntSYmZew%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Mon, 11 Nov 2024 20:43:11 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=28635&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3971&recv_bytes=2232&delivery_rate=135650&cwnd=162&unsent_bytes=0&cid=bc1c850ecaa60111&ts=46&x=0"
x-goog-stored-content-length
43
date
Sun, 10 Nov 2024 20:43:11 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0FIUe_KMwRiyIxInaIbb_zqwDAT537via137HloGK3192QTgRWyfcQuylaA4I_zH6EpMOrKFJ6eQ
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e08df973d68dc68-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
/
geo.privacymanager.io/ 		30 B
635 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-31.muc50.r.cloudfront.net
Software
/
Resource Hash
54bab40cb71f7fa9629d52e8963e510c1a727ff97ca16583ff4a127fa96df61e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

x-amz-apigw-id
BARK9H_0DoEEUSw=
age
73473
x-amzn-trace-id
Root=1-672ffbdf-576a377e7bfa4c351cd16bf0;Parent=2e01fc1bfcc083e8;Sampled=0;Lineage=1:06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid
9c18583f-b298-47da-bb91-5963c2de65db
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront), 1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
30
x-amz-cf-id
GIFJe_ZjgN3B7PRThYzt3Gu-a7ROD9FC8iIhV7gUbt5NZLQUrcseSA==
date
Sun, 10 Nov 2024 00:18:39 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P3, MUC50-P2
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
cookieTest.html
hb.vntsm.com/ab/live/3pcookie/ Frame 667E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.42 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://optifine.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
age
1757
content-encoding
gzip
content-length
420
content-type
text/html
date
Sun, 10 Nov 2024 20:43:12 GMT
etag
"d80b9831e6e7896aa97e84d70f49e545"
geo-sub
BW
last-modified
Sun, 10 Sep 2023 14:04:21 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
venatus-cdn-hb-rule-version
1.1
via
1.1 varnish, 1.1 varnish
x-amz-id-2
3O6ks1NcQlsbBDyoJhmn/KGYVNAz5tfHzAH9qdWh9Gm/+tPXJ2LBzIG0dFCfX/3dRz21GZUn+i4=
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-cache-hits
4, 1
x-geo
DE
x-ip
82.199.134.170
x-served-by
cache-dub4341-DUB, cache-fra-etou8220076-FRA
x-timer
S1731271392.161745,VS0,VE2
choice.js
cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/optifine.net/
Redirect Chain
  • https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?tag_version=V2?timestamp=1731271392060
  • https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?tag_version=V2
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?tag_version=V2
Protocol
H2
Server
2600:9000:20a0:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc5947f26f242d5e72b072d2df16ea04893424f96165ccb2580ac1264cd305cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
cache-control
max-age=900
content-encoding
br
etag
W/"c631cb8e767a23bdae157113d212f4be"
age
8
cross-origin-resource-policy
cross-origin
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
m42Tplf9aJwO-M4RVokIGwMYTgHwYD16AhdQYdBKP6ZANVSymlUYXA==
date
Sun, 10 Nov 2024 20:43:12 GMT
content-type
application/javascript
last-modified
Thu, 22 Aug 2024 07:36:55 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256

Redirect headers

etag
"3e5294f17f06c0b8800000494b370494"
age
48
x-cache
Hit from cloudfront
x-amz-cf-id
QGovFP9BvoASszntI2tKFf2OcoAfjg_P03HloOzYp06KKm5rNPtjAg==
date
Sun, 10 Nov 2024 20:42:24 GMT
last-modified
Wed, 15 Nov 2023 19:44:23 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
cache-control
max-age=3600
location
https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?tag_version=V2
cross-origin-resource-policy
cross-origin
via
1.1 c42cd753c9927a74eed5ac8cd899bf30.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
0
x-amz-cf-pop
AMS58-P5
server
AmazonS3
x-amz-website-redirect-location
https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?tag_version=V2
x-amz-server-side-encryption
AES256
cmp2.js
cmp.inmobi.com/tcfv2/ 		491 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=optifine.net
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?tag_version=V2?timestamp=1731271392060
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ff922e95cfb420154f665f475a4437fe649b4f5e24ac3177ca38207da6c0fa8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
W/"069b2898b9fbdefca1e95b86665ff9ed"
age
842
access-control-allow-methods
GET
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-qc-ineu
True
x-cache
Hit from cloudfront
x-amz-cf-id
o-lARYOdCCS0aJmRtyYVMyLES0h8XMEZ2UYK6poAvEF4e53sX96iHg==
date
Sun, 10 Nov 2024 20:29:11 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:14:56 GMT
cache-control
max-age=3600
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
AMS58-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
geoip
cmp.inmobi.com/ 		39 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=optifine.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://optifine.net/

Response headers

access-control-expose-headers
*
via
1.1 2be97027a80b483d863e32bd7fe334e2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
FunctionGeneratedResponse from cloudfront
content-length
39
x-amz-cf-id
kXPSD9Ag8JP3LXtUwJO5_TbLo4tJxHt3zHPYWJPUjC4Wdikpl4VYvw==
date
Sun, 10 Nov 2024 20:43:12 GMT
content-type
application/json
x-amz-cf-pop
AMS58-P2
server
CloudFront
of16r.png
optifine.net/images/ 		320 B
797 B 		Other
General
Check archive.org
Download Go to
Full URL
https://optifine.net/images/of16r.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915ed134630e3c2fb2c1bbd53be4e6d789722f3fe9b3125805bfe7e6ab86089d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/adloadx?f=preview_OptiFine_1.21.3_HD_U_J2_pre4.jar

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=khTKS3y8ke%2F9SjWSyku7eBnmQfaYtsa%2BmtO3tBW5ha%2BF8LpVsCL5kC60CExMFaWNxaPEYk%2F59zeFkaPA617ehTORlDnxavT0OIp4Ye1vhdd9cnBdPyxceEAIDjL8RfIMCgYb3Y5kmqH%2FVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e08df9b9b4565d1-FRA
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=120494&sent=93&recv=61&lost=0&retrans=1&sent_bytes=63868&recv_bytes=3396&delivery_rate=927505&cwnd=109&unsent_bytes=0&cid=40e3840d7f0c70e5&ts=2106&x=0"
content-length
320
date
Sun, 10 Nov 2024 20:43:12 GMT
content-type
image/png
last-modified
Fri, 25 Sep 2020 14:22:52 GMT
server
cloudflare
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v3/ 		607 KB
67 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=optifine.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39e8daed58dc5228196591c1c5687619aa2745a1c0b3805bd96ea3f08473e96e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"7ff8fe0d671401c044cb6163ef00b1ce"
age
74630
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
U6WvDW_byJ8FzdqnPmb51lK4aBnGhGVvCCUoIfBPt9eixU5HJf7OTg==
date
Sat, 09 Nov 2024 23:59:23 GMT
content-type
application/json
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Thu, 07 Nov 2024 23:59:16 GMT
cache-control
max-age=86400
access-control-allow-credentials
true
via
1.1 2be97027a80b483d863e32bd7fe334e2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
AMS58-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
cmp-list.json
cmp.inmobi.com/GVL-v2/ 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=optifine.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
69f1af22af8e44222a678a83372b852d1b93810614c08c5105a4c2fe5f549fa3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://optifine.net/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"b81347ef446ccff2cae50ed49b7871ac"
age
63749
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
ql0623Gr2b0rLWzDN218l3B4hPFBooPNx8SreFlbYsw3b4mJC-I0FA==
date
Sun, 10 Nov 2024 03:00:44 GMT
content-type
application/json
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Sun, 10 Nov 2024 03:00:42 GMT
cache-control
max-age=172800
access-control-allow-credentials
true
via
1.1 2be97027a80b483d863e32bd7fe334e2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
AMS58-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
cmp2ui-de.js
cmp.inmobi.com/tcfv2/56/ 		491 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/56/cmp2ui-de.js
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=optifine.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39a76d351541ec8eed142054de4f412022841ef0ee27d3a7b02cc4fe9ef64d4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
W/"29bdaf5e2f6df202cc2e1c05ae2fcaf4"
age
63957
access-control-allow-methods
GET
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Hit from cloudfront
x-amz-cf-id
8Ys8iXayPDW0tZlOgLfHQ8tCvsRusM28XNwzir5l4D3ErSCOrt0K0w==
date
Sun, 10 Nov 2024 03:29:35 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 05:14:40 GMT
cache-control
max-age=172800
cross-origin-resource-policy
cross-origin
via
1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
AMS58-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
purposes-national-en.json
cmp.inmobi.com/us-mspa/v1/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/us-mspa/v1/purposes-national-en.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=optifine.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e879eb5127bfbcada0bf0daef26a48cf681dd8fc96e03042f189d0b07bcd8f78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://optifine.net/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"1ef88c3d5b4b75c52c64d09ed72ed244"
age
845
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
SWKw1zBMkQx33a8QTsBuHWTis8PL36YbbIzI5MPOMXkhj_rUPPkyng==
date
Sun, 10 Nov 2024 20:29:07 GMT
content-type
application/json
vary
Accept-Encoding
last-modified
Wed, 29 May 2024 09:03:51 GMT
cache-control
max-age=900
access-control-allow-credentials
true
via
1.1 2be97027a80b483d863e32bd7fe334e2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
AMS58-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v3/ 		607 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=optifine.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39e8daed58dc5228196591c1c5687619aa2745a1c0b3805bd96ea3f08473e96e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"7ff8fe0d671401c044cb6163ef00b1ce"
age
74630
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
U6WvDW_byJ8FzdqnPmb51lK4aBnGhGVvCCUoIfBPt9eixU5HJf7OTg==
date
Sat, 09 Nov 2024 23:59:23 GMT
content-type
application/json
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Thu, 07 Nov 2024 23:59:16 GMT
cache-control
max-age=86400
access-control-allow-credentials
true
via
1.1 2be97027a80b483d863e32bd7fe334e2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
AMS58-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
google-atp-list.json
cmp.inmobi.com/tcfv2/ 		140 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=optifine.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de8a74a0dc1628de13229ad1c6b91f017bea67e449e62294a31a4e830c7bf5b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://optifine.net/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"435863264ebe1e7a868128113388e07b"
age
63766
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
3yLQvtWWLNBUZLMBOkxE4vNtNhfvnDucqOvpNUgq6h60OnsFwzNyPw==
date
Sun, 10 Nov 2024 03:00:27 GMT
content-type
application/json
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Sun, 10 Nov 2024 03:00:24 GMT
cache-control
max-age=172800
access-control-allow-credentials
true
via
1.1 2be97027a80b483d863e32bd7fe334e2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
AMS58-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
purposes-de.json
cmp.inmobi.com/google-basic-consent/v1/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/google-basic-consent/v1/purposes-de.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=optifine.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e23d262e5cf27255ac3db7a38e140c435a9b07d83000755af94c6f2af467961c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://optifine.net/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"b65947338013c7a29b67f20c15fde8d9"
age
82
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
kkna7sfkIAK22bBIFlM1qt4kyeMEUPaKmoMRivRG4IYcBsU_4Opgtw==
date
Sun, 10 Nov 2024 20:41:56 GMT
content-type
application/json
vary
Accept-Encoding
last-modified
Tue, 05 Mar 2024 04:33:22 GMT
cache-control
max-age=900
access-control-allow-credentials
true
via
1.1 2be97027a80b483d863e32bd7fe334e2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
AMS58-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
purposes-de.json
cmp.inmobi.com/GVL-v3/ 		48 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v3/purposes-de.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=optifine.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3395828d7f91f5a098df7bac2e3d5fc6500f47fcedc568a0d691de0dbb6bb144

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://optifine.net/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
W/"fc9d60e1154f9f95387d5faeb8402ee1"
age
68362
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
cLsCk93fZqQv7muddtwiH6mvGu3cutUlvD4YuH8BOvURID1Ed7-Q-A==
date
Sun, 10 Nov 2024 01:56:01 GMT
content-type
application/json
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Thu, 07 Nov 2024 23:59:20 GMT
cache-control
max-age=86400
via
1.1 2be97027a80b483d863e32bd7fe334e2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
AMS58-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
/
api.cmp.inmobi.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22Hwnr8j7tWA3Nu%22%2C%22domain%22%3A%22optifine.net%22%2C%22publisher%22%3A%22optifine.net%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.56%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22GvlkO%2F3jtoSih65YrVMtWQ%22%2C%22gvlVersion%22%3A3%2C%22siteUuid%22%3A%22543192c7-83c4-4480-aa03-e8667e8d9f6c%22%2C%22themeUuid%22%3A%22f793cf7d-5150-4973-9ec9-ff858faeb84e%22%2C%22browserName%22%3A%22Chrome%22%2C%22deviceType%22%3A%22pc%22%2C%22cmpPlatform%22%3A%22Linux%22%2C%22pageFormat%22%3A%22HTTP%22%2C%22country%22%3A%22deu%22%2C%22region%22%3A%22%22%2C%22city%22%3A%22%22%2C%22clientTimestamp%22%3A1731271392887%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-kfp2fvunkfjc6tzjcc3b%22%7D
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/56/cmp2ui-de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.40.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-40-240.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://optifine.net/

Response headers

access-control-allow-origin
*
content-length
2
date
Sun, 10 Nov 2024 20:43:13 GMT
content-type
text/plain; charset=utf-8
/
api.cmp.inmobi.com/ 		2 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22Hwnr8j7tWA3Nu%22%2C%22domain%22%3A%22optifine.net%22%2C%22publisher%22%3A%22optifine.net%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.56%22%2C%22displayType%22%3A%22gbc%3Amandatory%22%2C%22configurationHashCode%22%3A%22GvlkO%2F3jtoSih65YrVMtWQ%22%2C%22siteUuid%22%3A%22543192c7-83c4-4480-aa03-e8667e8d9f6c%22%2C%22themeUuid%22%3A%22f793cf7d-5150-4973-9ec9-ff858faeb84e%22%2C%22browserName%22%3A%22Chrome%22%2C%22deviceType%22%3A%22pc%22%2C%22cmpPlatform%22%3A%22Linux%22%2C%22pageFormat%22%3A%22HTTP%22%2C%22country%22%3A%22deu%22%2C%22region%22%3A%22%22%2C%22city%22%3A%22%22%2C%22clientTimestamp%22%3A1731271392888%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GBC-4zfjg4jihpj55endp56p%22%7D
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/56/cmp2ui-de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.40.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-40-240.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://optifine.net/

Response headers

access-control-allow-origin
*
content-length
2
date
Sun, 10 Nov 2024 20:43:13 GMT
content-type
text/plain; charset=utf-8
geoip
cmp.inmobi.com/ 		39 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/56/cmp2ui-de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:2000:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://optifine.net/

Response headers

access-control-expose-headers
*
via
1.1 2be97027a80b483d863e32bd7fe334e2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
FunctionGeneratedResponse from cloudfront
content-length
39
x-amz-cf-id
V0gptQUURS1HoUwGEGLVy1HzwCgdEUD5A79nTMP-yJLc3Ctj_17o0Q==
date
Sun, 10 Nov 2024 20:43:12 GMT
content-type
application/json
x-amz-cf-pop
AMS58-P2
server
CloudFront

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| getCookie function| setCookie function| onDownload function| gtag object| dataLayer object| webpackChunkad_manager number| __VM_PRELOADER_COUNT object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData object| __VM_FSGEO_RESPONSE string| __VM_HBC object| __VM_BAIT_RESPONSE object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| __VM object| regeneratorRuntime object| ADAGIO string| nobidVersion object| nobid object| mnet function| clearImmediate function| setImmediate object| ats function| __tcfapi function| __tcfapiui function| __gpp function| __uspapi function| __gbcapi

7 Cookies

Domain/Path Name / Value
optifine.net/ Name: JSESSIONID
Value: 7F7F9E3D62060A4130E4442B38BF2755
.optifine.net/ Name: _ga_6SC3VZFSS2
Value: GS1.1.1731271391.1.0.1731271391.0.0.0
.optifine.net/ Name: _ga
Value: GA1.2.538299006.1731271391
.optifine.net/ Name: _gid
Value: GA1.2.673259764.1731271392
.optifine.net/ Name: _gat_gtag_UA_30620569_1
Value: 1
optifine.net/ Name: _lr_geo_location
Value: CH
.optifine.net/ Name: usprivacy
Value: 1---

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
api.cmp.inmobi.com
ats.rlcdn.com
cmp.inmobi.com
cmp.quantcast.com
geo.privacymanager.io
hb-vntsm-com.global.ssl.fastly.net
hb.vntsm.com
hb.vntsm.io
optifine.net
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
108.138.36.31
151.101.193.194
151.101.195.42
18.193.40.240
18.239.83.22
2001:4860:4802:34::36
2600:9000:20a0:2000:1b:cadc:ef40:93a1
2606:4700:10::ac43:2483
2606:4700:20::681a:346
2606:4700:20::ac43:4969
2a00:1450:4001:80e::200e
2a00:1450:4001:830::2008
54.230.228.100
0df0024f68f7e6c06c50d49242a0f50f5c4304b0db29fdfbe00cb85476af6138
0f9637b2f8cb6573994ed142938cd45c9ef7403836fad2d0cd031e104622ebb3
211b2a3a2e93a545e76317304c0f4fa803e8ea08d372a07e0ef1f59fc6223845
3395828d7f91f5a098df7bac2e3d5fc6500f47fcedc568a0d691de0dbb6bb144
39a76d351541ec8eed142054de4f412022841ef0ee27d3a7b02cc4fe9ef64d4a
39e8daed58dc5228196591c1c5687619aa2745a1c0b3805bd96ea3f08473e96e
54bab40cb71f7fa9629d52e8963e510c1a727ff97ca16583ff4a127fa96df61e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
60a956a729d6aa514734d0f861fe36cdcf2acc467404dc891d4671a49cae0a75
69f1af22af8e44222a678a83372b852d1b93810614c08c5105a4c2fe5f549fa3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ff922e95cfb420154f665f475a4437fe649b4f5e24ac3177ca38207da6c0fa8
915ed134630e3c2fb2c1bbd53be4e6d789722f3fe9b3125805bfe7e6ab86089d
9aab5fda6450fda38aa4ee7bab039cc2574edb1ee5879177927d7d7494e4f306
a743e31efaf45c0b7bb6b2a0f19c635b020f2c0e9fbf2ac89dad73b00c20ca71
a9be2d31a62b39f418c0dcb7fe973a06dba10defabbff6d198afac4c42d04d12
b229312152c6a8b006b7e14617c2a38e719098d87b3926f99ba79ca440126d36
bfaa692d4e153ea72598e7b1c57a942db17aaf263ddcb8aa6733d4ac55ae6843
c269ef798121bcfdc6b3f349ca507495ebee1fa2701d8593272f93ed0a6faa3b
c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f
cbb52ea8c0d1700c44168f29805821ec609baf2609b1eaadc797097c756dc30c
cc5947f26f242d5e72b072d2df16ea04893424f96165ccb2580ac1264cd305cf
ce1dc10c9c530c798796c8ff71fdf3a461dec406d0f3470dc575c63c1ae3a11c
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8a74a0dc1628de13229ad1c6b91f017bea67e449e62294a31a4e830c7bf5b4
e23d262e5cf27255ac3db7a38e140c435a9b07d83000755af94c6f2af467961c
e879eb5127bfbcada0bf0daef26a48cf681dd8fc96e03042f189d0b07bcd8f78
eaee429e9fe9265058ce08bb1f76f6caa148aeebf6cb86afd8d2c82907feb404