optifine.net Open in urlscan Pro
2606:4700:20::ac43:4969  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request adloadx Show response optifine.net/	14 KB 4 KB	194ms 167ms	Document text/html	2606:4700:20::ac43:4969 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a983a7fc1bf76fbc5c1ccd4ed89648a54fb069779a7f17f8663bfa0af561354f Security Headers Name Value Content-Security-Policy frame-ancestors 'none' X-Frame-Options DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 716858a68d75914d-FRA content-encoding br content-security-policy frame-ancestors 'none' content-type text/html;charset=ISO-8859-1 date Sun, 05 Jun 2022 10:50:15 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKBScyd2Nhi7Z5XQF8OEjJU5qET%2BeZeTvr4%2F9KJTZaLyfXyrZO1MMdXiTaeO1Yx6%2BBENQO5obFnQ3wNEIEwVFVWMC3fAqTqJHCHN%2Fw6YK%2FWwWUxND6A2SSZaB9vzMYwqyNvrKWQjy93T4Q%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-clacks-overhead GNU Terry Pratchett x-frame-options DENY
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	66ms 14ms	Script text/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 7161 date Sun, 05 Jun 2022 08:50:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17168 expires Sun, 05 Jun 2022 10:50:54 GMT
GET H/1.1	200 OK	ad-manager.min.js Show response hb.vntsm.com/v3/live/	985 KB 285 KB	56ms 14ms	Script application/javascript	151.139.128.11 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hb.vntsm.com/v3/live/ad-manager.min.js Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software / Resource Hash 3e7ee614f0ae8784d1088c9e58001264000dac2ba484258ca17deec1fd5ab779 Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sun, 05 Jun 2022 10:50:15 GMT Content-Encoding gzip Venatus-CDN-HB-Rule-Version 1.1 X-IP 178.162.209.132 Content-Length 291575 Last-Modified Thu, 26 May 2022 15:11:54 GMT Cache-Control max-age=354 ETag "28d692373d0c2982259855d86fff3d89" X-HW 1654426215.cds275.fr8.hn,1654426215.cds131.fr8.c Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Geo, Content-Type,x-bl,x-geo-subdivision Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers X-Geo,Content-Type,x-bl,x-geo-subdivision X-Geo DE
GET H2	200	download.png optifine.net/images/	186 B 492 B	438ms 437ms	Image image/png	2606:4700:20::ac43:4969 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://optifine.net/images/download.png Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c269ef798121bcfdc6b3f349ca507495ebee1fa2701d8593272f93ed0a6faa3b Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 10:50:16 GMT x-clacks-overhead GNU Terry Pratchett cf-cache-status DYNAMIC last-modified Mon, 26 Mar 2018 15:23:34 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFm3fm5%2FP%2BXCSH46XBKy2pfVOJc4KNPJC0hMsweJ8ixSh9Ntogh5%2FN0u5WYCgdWqJo8jjqdxf4AqoT2qciVAZ%2BdQl1UDh0349o3xy0XOgKpH7Ismjq43qJ9SOp9YdLX07PLrn28oWkPDQg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 716858a87975914d-FRA content-length 186
GET H2	200	discord.png optifine.net/images/	2 KB 2 KB	432ms 432ms	Image image/png	2606:4700:20::ac43:4969 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://optifine.net/images/discord.png Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b229312152c6a8b006b7e14617c2a38e719098d87b3926f99ba79ca440126d36 Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 10:50:16 GMT x-clacks-overhead GNU Terry Pratchett cf-cache-status DYNAMIC last-modified Fri, 02 Oct 2020 22:32:35 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aqOxeKywOEEQs3faWTQtXryrdCTocbmqYIefMJjsrEEHUyyULobR6%2Fyhg46nD8BLl59c52qnwh9dA9Il7qlZo60sfYd7jrxgb8Nkq7Lq1VqU%2BRADtn0bjQd66ZAHkqqifaMjzF4GmJIFQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 716858a87977914d-FRA content-length 1719
GET H2	200	twitter.png optifine.net/images/	2 KB 2 KB	451ms 450ms	Image image/png	2606:4700:20::ac43:4969 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://optifine.net/images/twitter.png Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9be2d31a62b39f418c0dcb7fe973a06dba10defabbff6d198afac4c42d04d12 Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 10:50:16 GMT x-clacks-overhead GNU Terry Pratchett cf-cache-status DYNAMIC last-modified Thu, 01 Oct 2020 20:15:27 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3X1VvNs5Ww%2BGWW815VXd6OPRibuih5RI5mgkRkM2BWnBMzO8WVLlngV5FqHAaKClBfyjUWdkqA6U%2B3j5O2E369rzbFTDqy336YgUorpC3bI82cC5SEq%2BQ7UmbUT5J7k7A4xa3yIuh4CPVA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 716858a87978914d-FRA content-length 1821
GET H2	200	reddit.png optifine.net/images/	2 KB 2 KB	156ms 155ms	Image image/png	2606:4700:20::ac43:4969 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://optifine.net/images/reddit.png Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbb52ea8c0d1700c44168f29805821ec609baf2609b1eaadc797097c756dc30c Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 10:50:15 GMT x-clacks-overhead GNU Terry Pratchett cf-cache-status DYNAMIC last-modified Fri, 02 Oct 2020 22:32:00 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMyL9Ilo%2BO9p65uezocd8HQgBM8YHfZWvWQOU64oeAKPTPAbD2wtdCUAnrL6UuLPJtu8qsm0xeicCoyuGd%2BjK6w9MrLbyUHeuyrCzWGnLWI2AxELLbKIyapN%2BRkk0gG4GRQbVkLHNsVJyA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 716858a87979914d-FRA content-length 1956
GET H2	200	snow64b.gif optifine.net/images/	521 B 813 B	450ms 450ms	Image image/gif	2606:4700:20::ac43:4969 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://optifine.net/images/snow64b.gif Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bfaa692d4e153ea72598e7b1c57a942db17aaf263ddcb8aa6733d4ac55ae6843 Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 10:50:16 GMT x-clacks-overhead GNU Terry Pratchett cf-cache-status DYNAMIC last-modified Fri, 25 Sep 2020 11:04:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhRD5OABSgaepnJ6hBLTBdPIg9YrkahTuqtaUzaxcERjzywLkkPDewLhnsQNO2wQBvbh%2F5WVxX1juBzZp%2F0clqdBmeIAzYXYKRByUyUxRuVxRLv4VGf1DWbPdHHBrUpt8L%2BvzEJzkmH51Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif accept-ranges bytes cf-ray 716858a8797a914d-FRA content-length 521
GET H2	200	Oswald-Medium.woff optifine.net/template/fonts/	44 KB 45 KB	157ms 157ms	Font font/woff	2606:4700:20::ac43:4969 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optifine.net/template/fonts/Oswald-Medium.woff Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4969 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a743e31efaf45c0b7bb6b2a0f19c635b020f2c0e9fbf2ac89dad73b00c20ca71 Request headers Referer https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar Origin https://optifine.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 10:50:15 GMT x-clacks-overhead GNU Terry Pratchett cf-cache-status DYNAMIC last-modified Fri, 25 Sep 2020 11:04:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGsX6sefO49ghoHFumisLUlb5T5rSINK3iA111GC44yM0agozkXvGmnn3zwJckHo7ji4Ar6en3xZC8s8aIiHL6Ii6KjC9nSsUOphy6OX3ZvwS9uB1KNdwABeoNDfCUhS8%2BXdwEMzh1v2cA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff accept-ranges bytes cf-ray 716858a8797c914d-FRA content-length 45404
GET H2	200	__utm.gif ssl.google-analytics.com/r/	35 B 197 B	21ms 21ms	Image image/gif	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=776195612&utmhn=optifine.net&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OptiFine%20Download&utmhid=133386998&utmr=-&utmp=%2Fadloadx%3Ff%3DOptiFine_1.16.4_HD_U_G5.jar&utmht=1654426215835&utmac=UA-30620569-1&utmcc=__utma%3D215784521.1906125581.1654426216.1654426216.1654426216.1%3B%2B__utmz%3D215784521.1654426216.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=608862133&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Sun, 05 Jun 2022 10:50:15 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H/1.1	200 OK	610139896ba87f455d73fa3e.enc hb.vntsm.com/v2/live/	0 0	71ms 52ms	Preflight application/octet-stream	151.139.128.11 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hb.vntsm.com/v2/live/610139896ba87f455d73fa3e.enc Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers ref_url Access-Control-Request-Method GET Origin https://optifine.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers ref_url, X-Geo,Content-Type,x-bl,x-geo-subdivision Access-Control-Allow-Methods GET, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers ref_url, X-Geo, Content-Type,x-bl,x-geo-subdivision Connection keep-alive Content-Length 0 Content-Type application/octet-stream Date Sun, 05 Jun 2022 10:50:15 GMT Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method X-HW 1654426215.cds146.fr8.hn,1654426215.cds146.fr8.hc,1654426215.cds292.fr8.sc,1654426215.cds292.fr8.p,1654426215.cds146.fr8.sl venatus-cdn-hb-rule-version 1.1 x-bl 0 x-geo DE x-ip 178.162.209.132
GET H2	200	content.html Show response hb.vntsm.io/	32 B 741 B	76ms 27ms	Fetch text/html	2606:4700:10::ac43:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.vntsm.io/content.html Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8 Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 10:50:15 GMT cf-cache-status HIT age 5025 cf-ray 716858a9ac2f9028-FRA content-length 32 x-amz-id-2 BDUpzsJnerJTyXoGnYvQ+tD8406k6CPaSACQfV/4fZC0RlYCqiYfubXMpH+hTbiRoU08OOVezgU= last-modified Thu, 14 Oct 2021 10:47:47 GMT server cloudflare etag "2f58b9ff601fd509249a9e7628a21c33" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET x-amz-request-id 490T3777ZPMHAA9M access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin, origin, Origin cache-control max-age=14400 accept-ranges bytes content-type text/html
GET H/1.1	200 OK	610139896ba87f455d73fa3e.enc Show response hb.vntsm.com/v2/live/	60 KB 10 KB	24ms 23ms	XHR text/plain	151.139.128.11 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hb.vntsm.com/v2/live/610139896ba87f455d73fa3e.enc Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software / Resource Hash 18c0fd809becdf4841ed0e96597f2e759341a5ff96ac6b5672bb4d0296d7d46d Request headers Referer https://optifine.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 ref_url aHR0cHM6Ly9vcHRpZmluZS5uZXQvYWRsb2FkeD9mPU9wdGlGaW5lXzEuMTYuNF9IRF9VX0c1Lmphcg== Response headers Date Sun, 05 Jun 2022 10:50:15 GMT Content-Encoding gzip venatus-cdn-hb-rule-version 1.1 Transfer-Encoding chunked x-ip 178.162.209.132 Connection keep-alive Last-Modified Thu, 05 May 2022 15:19:46 GMT ETag "02674e971c9165c228e5d74cfb478cf7" Access-Control-Allow-Methods GET, OPTIONS X-HW 1654426215.cds146.fr8.hn,1654426215.cds146.fr8.hn,1654426215.cds279.fr8.c,1654426215.cds146.fr8.sl Content-Type text/plain Access-Control-Allow-Origin * x-bl 0 Cache-Control max-age=600 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers X-Geo,Content-Type,x-bl,x-geo-subdivision x-geo DE Access-Control-Expose-Headers ref_url, X-Geo, Content-Type,x-bl,x-geo-subdivision
GET H2	200	ats.js Show response ats.rlcdn.com/	109 KB 37 KB	50ms 15ms	Script application/x-javascript	13.224.198.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ats.rlcdn.com/ats.js Requested by Host: optifine.net URL: https://optifine.net/adloadx?f=OptiFine_1.16.4_HD_U_G5.jar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.198.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-198-65.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash dbefb78522576960ebb2c108a83add503be4cf187a770bc073b91c7ffffe8f13 Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-amz-version-id qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl content-encoding gzip etag W/"148e21f812b555a13b2a9c6b616141f4" age 34876 x-amz-server-side-encryption AES256 x-amz-meta-codebuild-buildarn arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce x-cache Hit from cloudfront x-amz-meta-codebuild-content-md5 58acf9e97c03c481f490be71338f7f57 last-modified Tue, 17 May 2022 11:35:33 GMT server AmazonS3 date Sun, 05 Jun 2022 01:51:53 GMT vary Accept-Encoding x-amz-meta-codebuild-content-sha256 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc via 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront) cache-control must-revalidate,public,max-age=86400 x-amz-cf-pop FRA2-C1 content-type application/x-javascript x-amz-cf-id sTyC0HTkJKxm5qCHlxULhg7ps92XXaYOzM4Ri6wCRVk2TMEENa3PyQ==
GET H/1.1	200 OK	prebid ib.adnxs.com/ut/v3/	57 B 0	88ms 41ms	Fetch application/json	185.33.220.145 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.21.3 / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Pragma no-cache Date Sun, 05 Jun 2022 10:50:16 GMT X-Proxy-Origin 178.162.209.132; 178.162.209.132; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com AN-X-Request-Uuid 98aaf829-1bb0-42ec-a35f-5f72b855b907 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://optifine.net Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 57 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response geo.privacymanager.io/	30 B 594 B	41ms 8ms	Fetch application/json	13.225.77.75 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://geo.privacymanager.io/ Requested by Host: ats.rlcdn.com URL: https://ats.rlcdn.com/ats.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.77.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-77-75.fra2.r.cloudfront.net Software / Resource Hash a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461 Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 01:04:45 GMT via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront), 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront) age 35131 x-amzn-requestid d4b3b7ad-44fa-4544-8b93-687c9867bbd3 access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT content-type application/json access-control-allow-origin * x-amzn-trace-id Root=1-629c012c-3df6829f0f6e83d74bc22d28;Sampled=0 x-cache Hit from cloudfront x-amz-cf-pop FRA2-C1, FRA2-C2 x-amz-apigw-id TOUfDEE5DoEFSyA= content-length 30 x-amz-cf-id nkkTs0bIVCpthSQ1Dmqyy8l7yY7c0G94GVuLj-iwD3vLUR6jZzJ6Dg== access-control-allow-headers Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
GET H2	200	choice.js Show response quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/optifine.net/	5 KB 2 KB	80ms 13ms	Script application/javascript	2600:9000:21f3:c800:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?timestamp=1654426216124 Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:c800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c95c889d6c87e1641a06e013333645c5bd411d499dfc1c824c91784891adc896 Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Sun, 05 Jun 2022 10:50:16 GMT content-encoding br last-modified Thu, 22 Jul 2021 09:16:28 GMT server AmazonS3 age 22 etag W/"8d5542bf85010c588ebc9afd0746d602" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront) cache-control max-age=900 cross-origin-resource-policy cross-origin x-amz-cf-pop FRA2-C2 x-amz-cf-id MG4eS12WPK30rkcMlgRvJ8aEJ3zHYRAUhs1pK29z9w63K_yjqGAi5Q==
GET H2	200	quant.js Show response secure.quantserve.com/	24 KB 10 KB	63ms 10ms	Script application/javascript	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?timestamp=1654426216124 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468 Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 10:50:16 GMT content-encoding gzip etag "u2JtyZzqnTXwzBUswy2r+w==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Sun, 12 Jun 2022 10:50:16 GMT
GET H2	200	cmp2.js Show response quantcast.mgr.consensu.org/tcfv2/	177 KB 47 KB	9ms 9ms	Script text/javascript	2600:9000:21f3:c800:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=optifine.net Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/optifine.net/choice.js?timestamp=1654426216124 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:c800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 28ca39f2ce8df2f544e8a665b97e6e9327185850a8373a99b9a06d12c5becce2 Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 10:49:55 GMT content-encoding gzip age 31 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 access-control-allow-origin * last-modified Tue, 24 May 2022 17:38:43 GMT server AmazonS3 etag W/"d1cd21eabed7b3f0b671004cf14ae9c1" vary Accept-Encoding access-control-allow-methods GET content-type text/javascript;charset=UTF-8 via 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-meta-qc-ineu True x-amz-cf-pop FRA2-C2 x-amz-cf-id B8LgMLfBn_iDgKKLdIJ6o8aA6JSeLU0H3PpgMKJ2eTk4kIAOVBiq4A==
GET H2	200	cmp-list.json Show response test.quantcast.mgr.consensu.org/GVL-v2/	9 KB 3 KB	36ms 8ms	XHR application/json	2600:9000:21f3:7a00:3:a4cd:8380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=optifine.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:7a00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 18a3ce2da8cab0fec04771097c8644f37afa6c14c0247a5f99932847a02b15b0 Request headers Accept application/json, text/plain, */* Referer https://optifine.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 03:00:37 GMT content-encoding gzip age 28180 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 access-control-allow-origin * last-modified Fri, 03 Jun 2022 19:52:29 GMT server AmazonS3 etag W/"3e2b8eacd73209ee02c8a777656c291f" vary Accept-Encoding access-control-allow-methods GET x-amz-version-id 81vl0vzR_mLNZjguIB5PbdOC8XszyVYc via 1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront) cache-control max-age=172800 x-amz-cf-pop FRA2-C2 content-type application/json x-amz-cf-id XGRqmyfifj57U3ndSShQRZPXaHN9_pIXQ-1vxZtg5-IORdBUXE43Kw==
GET H2	200	rules-p-Hwnr8j7tWA3Nu.js Show response rules.quantcount.com/	2 KB 1 KB	38ms 9ms	Script application/javascript	2600:9000:20eb:6a00:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:6a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a2da7db0e81c039410b3c60331de45f8f7d17940410120c0584e7dd2bd18ca28 Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 10:32:13 GMT content-encoding gzip age 1084 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin access-control-allow-origin * last-modified Wed, 11 May 2022 12:50:15 GMT server AmazonS3 etag W/"9c4a2da8940867a521cf893bd7517ed2" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript via 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop FRA2-C1 x-amz-cf-id TEzM-6CBa61NxXwXYLrQLyywAltHfwhNjgQJ-XhMb6iGLt4ukjoj4g==
GET H2	200	cmp2ui-en.js Show response quantcast.mgr.consensu.org/tcfv2/41/	229 KB 56 KB	9ms 9ms	Script text/javascript	2600:9000:21f3:c800:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/41/cmp2ui-en.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=optifine.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:c800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7694dd13e2fb81ec4254703d8d32a4e3ea22f0639a3a2a532216014c59716e8a Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 04 Jun 2022 02:30:25 GMT content-encoding br age 116391 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 cross-origin-resource-policy cross-origin access-control-allow-origin * last-modified Tue, 24 May 2022 17:38:16 GMT server AmazonS3 etag W/"3f5a266152898bbbe8a9a8099806846c" vary Accept-Encoding access-control-allow-methods GET content-type text/javascript;charset=UTF-8 via 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront) cache-control max-age=172800 x-amz-cf-pop FRA2-C2 x-amz-cf-id XRaOxVwJi7LxF0i5W89SBOFh4z-ykMEEJ-RQmQgh0Wws2FEoG9UDNA==
GET H2	200	vendor-list-trimmed-v1.json Show response quantcast.mgr.consensu.org/GVL-v2/	301 KB 35 KB	27ms 9ms	XHR application/json	2600:9000:21f3:c800:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=optifine.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:c800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 91f7a205a41346ff18c73616432834160bcfc3084f330a2b64a801266bac81eb Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 03:00:36 GMT content-encoding br age 28181 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 access-control-allow-origin * last-modified Sun, 05 Jun 2022 03:00:33 GMT server AmazonS3 etag W/"e302b436709731a4dd1d9d0f0ddc429d" vary Accept-Encoding access-control-allow-methods GET content-type application/json via 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront) cache-control max-age=172800 x-amz-cf-pop FRA2-C2 x-amz-cf-id Qyy5v5rgZ0EDK7cwI7rq3f_7GcoNlBBaU2N0SOaV2CVDeeee6yvwKQ==
GET H2	200	/ Show response audit-tcfv2.quantcast.mgr.consensu.org/	2 B 101 B	42ms 7ms	XHR text/plain	18.195.72.208 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22Hwnr8j7tWA3Nu%22%2C%22domain%22%3A%22optifine.net%22%2C%22publisher%22%3A%22optifine.net%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.41%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22dqlG97RYDGf0EGJnSTbJVg%22%2C%22clientTimestamp%22%3A1654426216313%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-69b44oozhulyamfpvqjl%22%7D Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/41/cmp2ui-en.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.72.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-72-208.eu-central-1.compute.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer https://optifine.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers access-control-allow-origin * date Sun, 05 Jun 2022 10:50:16 GMT content-length 2 content-type text/plain; charset=utf-8
GET H2	200	script.js Show response d1oykxszdrgjgl.cloudfront.net/	116 KB 40 KB	39ms 8ms	Script application/javascript	2600:9000:21f3::1651:6140:21
General Check archive.org Show headers Download Go to Full URL https://d1oykxszdrgjgl.cloudfront.net/script.js Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3::1651:6140:21 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash cf0b7e048553bcc8dfad6d5f71e4535c55446db4a1e825371f4ce1709c9ee348 Request headers accept-language de-DE,de;q=0.9 Referer https://optifine.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 05 Jun 2022 10:47:05 GMT content-encoding gzip last-modified Fri, 03 Jun 2022 13:37:39 GMT server AmazonS3 age 195 etag W/"7386d3ce2f0cbe69fdca90472b64da2f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront) cache-control max-age=600,public,must-revalidate x-amz-cf-pop FRA2-C2 x-amz-cf-id THxNg6uKLC355mbM2X-HvGG5zrM0sOGZ1HWAIDoeI4jUVcj1MyOxWw==
OPTIONS		1a i.clean.gg/	0 0
POST		1a i.clean.gg/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

i.clean.gg

URL

https://i.clean.gg/1a

Domain

i.clean.gg

URL

https://i.clean.gg/1a

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| getCookie function| setCookie function| onDownload object| _gaq object| _gat object| gaGlobal object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO object| __VM object| atsScript object| ats function| __tcfapi object| _qevents object| regeneratorRuntime function| __tcfapiui function| __uspapi function| quantserve function| __qc object| ezt object| _qoptions function| qtrack

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			optifine.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: C1F817B2B06E8F4490FA0CB2142A99BE
			.optifine.net/	1970-01-20 21:04:58	Name: __utma Value: 215784521.1906125581.1654426216.1654426216.1654426216.1
			.optifine.net/	1969-12-31 23:59:59	Name: __utmc Value: 215784521
			.optifine.net/	1970-01-20 07:56:34	Name: __utmz Value: 215784521.1654426216.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
			.optifine.net/	1970-01-20 03:33:46	Name: __utmt Value: 1
			.optifine.net/	1970-01-20 03:33:48	Name: __utmb Value: 215784521.1.10.1654426216
			optifine.net/	1970-01-20 03:35:12	Name: _lr_geo_location Value: DE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ats.rlcdn.com
audit-tcfv2.quantcast.mgr.consensu.org
d1oykxszdrgjgl.cloudfront.net
geo.privacymanager.io
hb.vntsm.com
hb.vntsm.io
i.clean.gg
ib.adnxs.com
optifine.net
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
ssl.google-analytics.com
test.quantcast.mgr.consensu.org
i.clean.gg
13.224.198.65
13.225.77.75
151.139.128.11
18.195.72.208
185.33.220.145
2600:9000:20eb:6a00:6:44e3:f8c0:93a1
2600:9000:21f3:7a00:3:a4cd:8380:93a1
2600:9000:21f3::1651:6140:21
2600:9000:21f3:c800:9:46dc:4700:93a1
2606:4700:10::ac43:2483
2606:4700:20::ac43:4969
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:82b::2008
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18a3ce2da8cab0fec04771097c8644f37afa6c14c0247a5f99932847a02b15b0
18c0fd809becdf4841ed0e96597f2e759341a5ff96ac6b5672bb4d0296d7d46d
28ca39f2ce8df2f544e8a665b97e6e9327185850a8373a99b9a06d12c5becce2
3e7ee614f0ae8784d1088c9e58001264000dac2ba484258ca17deec1fd5ab779
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
7694dd13e2fb81ec4254703d8d32a4e3ea22f0639a3a2a532216014c59716e8a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
91f7a205a41346ff18c73616432834160bcfc3084f330a2b64a801266bac81eb
a2da7db0e81c039410b3c60331de45f8f7d17940410120c0584e7dd2bd18ca28
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
a743e31efaf45c0b7bb6b2a0f19c635b020f2c0e9fbf2ac89dad73b00c20ca71
a983a7fc1bf76fbc5c1ccd4ed89648a54fb069779a7f17f8663bfa0af561354f
a9be2d31a62b39f418c0dcb7fe973a06dba10defabbff6d198afac4c42d04d12
b229312152c6a8b006b7e14617c2a38e719098d87b3926f99ba79ca440126d36
bfaa692d4e153ea72598e7b1c57a942db17aaf263ddcb8aa6733d4ac55ae6843
c269ef798121bcfdc6b3f349ca507495ebee1fa2701d8593272f93ed0a6faa3b
c95c889d6c87e1641a06e013333645c5bd411d499dfc1c824c91784891adc896
cbb52ea8c0d1700c44168f29805821ec609baf2609b1eaadc797097c756dc30c
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf0b7e048553bcc8dfad6d5f71e4535c55446db4a1e825371f4ce1709c9ee348
dbefb78522576960ebb2c108a83add503be4cf187a770bc073b91c7ffffe8f13