www.guru3d.com Open in urlscan Pro
144.91.87.188  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 103

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 119

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM61_tbj99iUq3MeM5TZ1o&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM61_tbj99iUq3MeM5TZ1o&google_cver=1&C=1

Request Chain 120

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhiiLJ9gJpeJUZdnY22-GwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM61_tbj99iUq3MeM5TZ1o&google_cver=1

Request Chain 121

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEBuuKLVoACX3E38uGFML7Rs&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBuuKLVoACX3E38uGFML7Rs%26google_cver%3D1

Request Chain 122

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE5ODI0MjczMzQwMDM2ODQ4Mg%3D%3D

Request Chain 143

• https://fw.adsafeprotected.com/rfw/st/912962/59461380/4.js?ias_dspID=3&ias_campId=26029340&ias_pubId=pub-6229826550763491&ias_chanId=1&ias_placementId=15845895118&bidurl=https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html&ias_dealId=&adContainerId=brand_safety_K6IYYvT8OZaQjuwPisKVYA&cbFunctionName=goog_wrapCb_K6IYYvT8OZaQjuwPisKVYA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.guru3d.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:81d686bf-e870-dfb9-5e20-051d290d5324,c:5dV1Oi,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-894b99788-586nx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:grpm1,nbld:0,mtim:3,fm:sYrxEAb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.912962-59461380%7C1a1%7C1a21%7C1a3,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:16,oid:d90516af-961d-11ec-a695-7a9fef341185,v:19.8.289,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/4.js

Request Chain 172

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request rtss_rivatuner_statistics_server_download.html Show response www.guru3d.com/files_details/	57 KB 17 KB	137ms 87ms	Document text/html	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40 PleskLin Resource Hash 60f198fd303ce27b724a8cffaa73331f1c0be4e49d9fdea3c2d9e0c676a17887 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Fri, 25 Feb 2022 09:32:24 GMT Server Apache X-Powered-By PHP/5.6.40 PleskLin Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Content-Encoding gzip Vary Accept-Encoding Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	jquery.js Show response www.guru3d.com/core_javaload/	92 KB 33 KB	55ms 23ms	Script text/html	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/core_javaload/jquery.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:24 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	index.php www.guru3d.com/	31 KB 6 KB	52ms 20ms	Stylesheet text/css	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/index.php?ct=core&action=css&id=2 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 7a84683ee8a423fa78ecf2b2c4c4fcf0c93bde3586c7b687c801991a41effab4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:24 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	WnFYg.png www.guru3d.com/gurustuff/	3 KB 3 KB	47ms 18ms	Image image/png	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/gurustuff/WnFYg.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash 828d20c8ec459667b12c0d698b9450f2a2d6127394d1dc8ada898362412d21d5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:25 GMT Last-Modified Sat, 26 Oct 2019 09:33:09 GMT Server Apache X-Powered-By PleskLin ETag "be0-595ccf460bcdc" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 3040
GET H/1.1	200 OK	hoverintent.js Show response www.guru3d.com/core_javaload/	3 KB 1 KB	55ms 19ms	Script text/html	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/core_javaload/hoverintent.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 719875309a034313c742edfa43b78177ba49971a941b961ca9dd360eab569c8e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:24 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	superfish.js Show response www.guru3d.com/core_javaload/	4 KB 2 KB	50ms 20ms	Script text/html	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/core_javaload/superfish.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 3e9fb74061133f9dc6c809fb777bdcdc8e02b6812ad5bf39aad5f6c69f1b96dd Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:24 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	animatedcollapse.js Show response www.guru3d.com/core_javaload/	11 KB 4 KB	50ms 19ms	Script text/html	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/core_javaload/animatedcollapse.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash cf8014b54a505e4cb24907b253d9a89888ddc5c1e57fb7b973a87f2b2fd50e37 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:24 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	kstar.gif www.guru3d.com/images/	888 B 1 KB	57ms 26ms	Image image/gif	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/images/kstar.gif Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash 385fa695850ccaf7910690c9170f01b3b57a9ec2f401592f49b63d480b1d84c2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:25 GMT Last-Modified Sat, 26 Oct 2019 09:29:42 GMT Server Apache X-Powered-By PleskLin ETag "378-595cce8101eb2" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 888
GET H/1.1	200 OK	225 www.guru3d.com/files_teaserimage/	17 KB 17 KB	59ms 28ms	Image text/html	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/files_teaserimage/225 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 2e387ea940da1b59933421290c1112a89a40b7c0da2342ac4c46e4c5eef7f3f2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:25 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Connection close Content-Length 16849
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	81 KB 27 KB	38ms 17ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c300ad3e58af8a9548ff87ab24649290c1114a6cf3b1f9c203a15aab890f58d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:24 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27431 x-xss-protection 0 server sffe etag "1142 / 109 of 1000 / last-modified: 1645743960" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 25 Feb 2022 09:32:24 GMT
GET H/1.1	200 OK	lightbox.js Show response www.guru3d.com/core_javaload/	10 KB 3 KB	56ms 24ms	Script text/html	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/core_javaload/lightbox.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash c92a10fe1436e3cb16e8433eba72384ac1e90922cdb10efdb1adae0cca230e90 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:24 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	index.php www.guru3d.com/	17 KB 17 KB	67ms 32ms	Image image/png	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/index.php?ct=files&action=thumb&id=303 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 2e387ea940da1b59933421290c1112a89a40b7c0da2342ac4c46e4c5eef7f3f2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:25 GMT Content-Disposition attachment; filename="thumbnail_rtss-v7-guru3d.png" Connection close X-Powered-By PHP/5.6.40, PleskLin Content-Length 17167 Server Apache Content-Type image/png
GET H2	200	all.js Show response connect.facebook.net/en_US/	3 KB 3 KB	25ms 7ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 1caf7172dd747459d3dbef1e8fcc8fe552cd272c98f306b309a57123fd7db1a5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 xJahUYswdC3eK7OzD5NrVw== document-policy force-load-at-top content-security-policy-report-only default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin expires Fri, 25 Feb 2022 09:38:12 GMT alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 1685 x-fb-rlafr 0 x-fb-debug 9sK/1H84P4pGSbBbRI7TctrGOExW/s37xUIM5PS4u9LC1kz/vgR8jiaFWP1fMbXS/CuZBVWNcBHu+esAQ/TaCw== x-fb-trip-id 917726464 x-fb-content-md5 e8347febcbd34f5c4940a8d3b26475af cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Fri, 25 Feb 2022 09:32:25 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "e3bf6d030f32359e4b175348d22d515c" timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H/1.1	200 OK	index.php www.guru3d.com/	3 KB 3 KB	59ms 24ms	Image image/png	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/index.php?ct=core&action=tasks Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:25 GMT Content-Disposition attachment; filename="index.png" Connection close X-Powered-By PHP/5.6.40, PleskLin Content-Length 2808 Server Apache Content-Type image/png
GET H/1.1	200 OK	index.php www.guru3d.com/	31 KB 6 KB	167ms 19ms	Stylesheet text/css	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/index.php?ct=core&action=css&id=2&ie=6 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 8be66a7482b742f3c31ba67cc325f1fd8e8b4218ae1e6525d08d3635316b1f69 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:25 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Transfer-Encoding chunked Connection close
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	34ms 11ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 5253 date Fri, 25 Feb 2022 08:04:52 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 25 Feb 2022 10:04:52 GMT
GET H2	200	pubads_impl_2022022201.js Show response securepubads.g.doubleclick.net/gpt/	364 KB 123 KB	27ms 6ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 2b533fe5c53324b1ed9a449bbd2d899930396f3b03b05b4c06ee83dd98879074 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.guru3d.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Fri, 25 Feb 2022 08:14:10 GMT content-encoding gzip x-content-type-options nosniff age 4694 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 125154 x-xss-protection 0 last-modified Tue, 22 Feb 2022 09:34:34 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 25 Feb 2023 08:14:10 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	89 B 718 B	35ms 16ms	XHR application/json	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.guru3d.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 4b183602e5d7bc72d77d75fd54c09a1ca56afe56880ca7724dc1657327245f4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 25 Feb 2022 09:32:24 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 82 x-xss-protection 0 expires Fri, 25 Feb 2022 09:32:24 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	48ms 23ms	Script application/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.guru3d.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 25 Feb 2022 09:32:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	46ms 22ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.guru3d.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 25 Feb 2022 09:32:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	1 KB 563 B	679ms 679ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=991384105034222&correlator=4466777915858780&output=ldjh&impl=fifs&eid=31065270%2C31065293%2C44756431&vrg=2022022201&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=21536815%2Cwrapper&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=1x1%2C1x1&ists=1&cookie_enabled=1&bc=31&abxe=1&dt=1645781545036&lmt=1645781545&dlt=1645781544772&idt=232&frm=20&biw=1600&bih=1200&oid=2&adxs=0%2C-9&adys=30%2C-9&ucis=1%7C2&adks=1612380904%2C3918806337&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&vis=1&scr_x=0&scr_y=0&psz=1600x61%7C0x-1&msz=1x-1%7C0x-1&ga_vid=823588843.1645781545&ga_sid=1645781545&ga_hid=711855254&ga_fc=false&fws=4%2C2&ohw=1600%2C0&btvi=0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash a3d0886b7b8b3aa38ad555000ec1dee153150a2c4b92e5af62f7f52848fd3925 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 367 x-xss-protection 0 google-lineitem-id -2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.guru3d.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EA36	6 KB 4 KB	95ms 42ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Fri, 25 Feb 2022 09:32:25 GMT expires Sat, 25 Feb 2023 09:32:25 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	d3yoh.jpg www.guru3d.com/gurustuff/	33 KB 33 KB	27ms 20ms	Image image/jpeg	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/gurustuff/d3yoh.jpg Requested by Host: www.guru3d.com URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash 43cca61ef3583b0cc352dd8b3b76fc670bbb528bf2a2d269d1c91313fb53e9a9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/index.php?ct=core&action=css&id=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:25 GMT Last-Modified Sat, 26 Oct 2019 09:33:03 GMT Server Apache X-Powered-By PleskLin ETag "84d0-595ccf400da3a" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 34000
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	19 KB 10 KB	669ms 669ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=991384105034222&correlator=4466777915858780&output=ldjh&impl=fifs&eid=31065270%2C31065293%2C44756431&vrg=2022022201&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=21536815%2Ctop_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&dt=1645781545047&lmt=1645781545&dlt=1645781544772&idt=232&frm=20&biw=1600&bih=1200&oid=2&adxs=699&adys=41&ucis=3&adks=1733603311&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&vis=1&scr_x=0&scr_y=0&psz=1274x110&msz=728x-1&ga_vid=823588843.1645781545&ga_sid=1645781545&ga_hid=711855254&ga_fc=false&fws=4&ohw=1274&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 6964c08390b31cbb6532360c0d867ae72699ab3d1fea226c96cca73eeaddf699 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9333 x-xss-protection 0 google-lineitem-id 5874681281 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138377421898 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.guru3d.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	Ovdce.png www.guru3d.com/gurustuff/	3 KB 3 KB	63ms 32ms	Image image/png	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/gurustuff/Ovdce.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash 040cca331d65b92bd45651da329569579ad081ec68afdc8d0180c05aad170324 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/index.php?ct=core&action=css&id=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:25 GMT Last-Modified Sat, 26 Oct 2019 09:33:08 GMT Server Apache X-Powered-By PleskLin ETag "b6d-595ccf44b6fc9" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 2925
GET H/1.1	200 OK	6gh4U.png www.guru3d.com/gurustuff/	3 KB 3 KB	84ms 24ms	Image image/png	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/gurustuff/6gh4U.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash b8dfcaa28c54fa0398fa53a50f078313a1f33345eee98cd6dd4a08b547a915e2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/index.php?ct=core&action=css&id=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:25 GMT Last-Modified Sat, 26 Oct 2019 09:33:01 GMT Server Apache X-Powered-By PleskLin ETag "b2b-595ccf3ef36a5" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 2859
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	50 KB 12 KB	2017ms 2016ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=991384105034222&correlator=4466777915858780&output=ldjh&impl=fifs&eid=31065270%2C31065293%2C44756431&vrg=2022022201&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=21536815%2C300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&dt=1645781545060&lmt=1645781545&dlt=1645781544772&idt=232&frm=20&biw=1600&bih=1200&oid=2&adxs=1127&adys=188&ucis=4&adks=1379754963&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&vis=1&scr_x=0&scr_y=0&psz=295x250&msz=300x-1&ga_vid=823588843.1645781545&ga_sid=1645781545&ga_hid=711855254&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash b83a2a91bcb4e022f784fcb7553f88ce4e3d5ef530b73a63e0d01fc0e131a8a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:27 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11591 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.guru3d.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	C2upk.png www.guru3d.com/gurustuff/	3 KB 3 KB	79ms 23ms	Image image/png	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/gurustuff/C2upk.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash f2696ba428936d516c3dd50c2e9726d8c82cbd48e4938a6f04e965185e1ee562 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/index.php?ct=core&action=css&id=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:25 GMT Last-Modified Sat, 26 Oct 2019 09:33:02 GMT Server Apache X-Powered-By PleskLin ETag "b52-595ccf3fc947c" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 2898
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	19 KB 9 KB	2429ms 2428ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=991384105034222&correlator=4466777915858780&output=ldjh&impl=fifs&eid=31065270%2C31065293%2C44756431&vrg=2022022201&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=21536815%2C300x600_navbar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cookie_enabled=1&bc=31&abxe=1&dt=1645781545066&lmt=1645781545&dlt=1645781544772&idt=232&frm=20&biw=1600&bih=1200&oid=2&adxs=1127&adys=1010&ucis=5&adks=2692230078&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&vis=1&scr_x=0&scr_y=0&psz=295x600&msz=300x-1&ga_vid=823588843.1645781545&ga_sid=1645781545&ga_hid=711855254&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash ae9b26e6d5ca269a6183bdc40cb57641bce7a7b2e563d8ca796654385b9169ea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:27 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8773 x-xss-protection 0 google-lineitem-id 129863055 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 48542942415 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.guru3d.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	likebox.php Show response www.facebook.com/plugins/ Frame 43F5	15 KB 9 KB	71ms 54ms	Document text/html	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 333f59254ad0360a374ddf2ff9fc29ebfab8f06513e089d32afc78f872ae198a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ Response headers vary Accept-Encoding content-encoding br x-fb-rlafr 0 document-policy force-load-at-top cross-origin-opener-policy unsafe-none pragma no-cache cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options nosniff x-xss-protection 0 content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload content-type text/html; charset="utf-8" x-fb-debug EUUOR5Ftzt7qZv3JdR/+eU+kJaQYZxYaeHWFyCu2BHI1w5gmqp+l1SzK75A8PlJvBxi0Td7oaOc9PMDqe0HWgQ== date Fri, 25 Feb 2022 09:32:25 GMT priority u=3,i alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	15 KB 8 KB	2798ms 2798ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=991384105034222&correlator=4466777915858780&output=ldjh&impl=fifs&eid=31065270%2C31065293%2C44756431&vrg=2022022201&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=21536815%2C300x250_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&dt=1645781545073&lmt=1645781545&dlt=1645781544772&idt=232&frm=20&biw=1600&bih=1200&oid=2&adxs=1127&adys=2194&ucis=6&adks=3057682820&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&vis=1&scr_x=0&scr_y=0&psz=315x10&msz=295x0&ga_vid=823588843.1645781545&ga_sid=1645781545&ga_hid=711855254&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash ee022a5301a4b83a9a13b4edc0cff52391d11e8b5090ead495abf8524ecca829 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:27 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8012 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.guru3d.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cse.js Show response cse.google.com/	10 KB 4 KB	154ms 64ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash f7753c6698d16949fb22849ec70597e30be4f66219bbfcc1ae3cef690479f707 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers bfcache-opt-in unload date Fri, 25 Feb 2022 09:32:25 GMT content-encoding br accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3511 x-xss-protection 0 server gws expires Fri, 25 Feb 2022 09:32:25 GMT
GET H/1.1	200 OK	comment2.png www.guru3d.com/gurustuff/comments/	459 B 715 B	84ms 18ms	Image image/png	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/gurustuff/comments/comment2.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash 1f1ca8a1b3681d03a2f919d1175e672f1fa42514afcb35318fe565a2ea602c50 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/index.php?ct=core&action=css&id=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:25 GMT Last-Modified Sat, 26 Oct 2019 09:33:12 GMT Server Apache X-Powered-By PleskLin ETag "1cb-595ccf48897e2" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 459
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	48 KB 11 KB	6638ms 6637ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=991384105034222&correlator=4466777915858780&output=ldjh&impl=fifs&eid=31065270%2C31065293%2C44756431&vrg=2022022201&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=21536815%2C336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&cookie_enabled=1&bc=31&abxe=1&dt=1645781545084&lmt=1645781545&dlt=1645781544772&idt=232&frm=20&biw=1600&bih=1200&oid=2&adxs=193&adys=324&ucis=7&adks=1686487856&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&vis=1&scr_x=0&scr_y=0&psz=894x19&msz=894x0&ga_vid=823588843.1645781545&ga_sid=1645781545&ga_hid=711855254&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 7bc90a95008a0f49035c31a8bdc1de20530b1be912b97229aa8b6d98bc86f034 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:31 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11514 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.guru3d.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	oqiHTjyKmt0 Show response www.youtube.com/embed/ Frame 1429	59 KB 26 KB	116ms 58ms	Document text/html	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/oqiHTjyKmt0 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dd6f05c30eda1ed8d0ad1bceaa6e4b856419c19cc4ffe02883be32c91b429091 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ Response headers content-type text/html; charset=utf-8 x-content-type-options nosniff cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Fri, 25 Feb 2022 09:32:25 GMT strict-transport-security max-age=31536000 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version report-to {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]} permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94" p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." content-encoding br server ESF x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	48ms 18ms	XHR text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=711855254&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&ul=en-us&de=UTF-8&dt=Guru3D%20RTSS%20Rivatuner%20Statistics%20Server%20Download%207.3.3%20build%2026004&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1016389251&gjid=1070589236&cid=823588843.1645781545&tid=UA-1106208-1&_gid=432487844.1645781545&_r=1&_slc=1&z=466843084 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.guru3d.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.guru3d.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	all.js Show response connect.facebook.net/en_US/	296 KB 83 KB	34ms 9ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js?hash=f396fc09dedccfec6f54d394c316c24f Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 577b99234083d9181b7af2b01dc4d2fd6eb4e9a3b54932a284f52d754cab1480 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.guru3d.com/ Origin https://www.guru3d.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 yWlt0KaF5tCn7cOgMKbEXg== document-policy force-load-at-top cross-origin-resource-policy cross-origin expires Sat, 25 Feb 2023 08:17:32 GMT alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 85136 x-fb-rlafr 0 x-fb-debug gxEBWbfOXY+hBBf/8U7jMQRTSRrCVWkBnBJeMUSDIT2AkyemLIVYWz3kEwIe4G96G/Yhpi2VvtiPSK3GGcjnpQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 d05ed0fd0007ec1e9002f6996849f13a cross-origin-opener-policy same-origin-allow-popups date Fri, 25 Feb 2022 09:32:25 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "8adea6aa4e1dc69d821c3983455df601" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H/1.1	200 OK	download_button_small.jpg www.guru3d.com/gurustuff/	1 KB 2 KB	49ms 15ms	Image image/jpeg	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/gurustuff/download_button_small.jpg Requested by Host: www.guru3d.com URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash d08d4cd6485a4083d52e4f2d59bb02c941321e235fb50177daf4ade5f8c1e3f7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/index.php?ct=core&action=css&id=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 25 Feb 2022 09:32:25 GMT Last-Modified Sat, 26 Oct 2019 09:33:03 GMT Server Apache X-Powered-By PleskLin ETag "52b-595ccf402be98" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 1323
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	46ms 17ms	Script application/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.guru3d.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 25 Feb 2022 09:32:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	44ms 17ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.guru3d.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 25 Feb 2022 09:32:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	19 KB 9 KB	3327ms 3327ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=991384105034222&correlator=4466777915858780&output=ldjh&impl=fifs&eid=31065270%2C31065293%2C44756431&vrg=2022022201&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=21536815%2C728x90_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&dt=1645781545127&lmt=1645781545&dlt=1645781544772&idt=232&frm=20&biw=1600&bih=1200&oid=2&adxs=163&adys=6191&ucis=8&adks=1111642073&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&vis=1&scr_x=0&scr_y=0&psz=944x0&msz=944x0&ga_vid=823588843.1645781545&ga_sid=1645781545&ga_hid=711855254&ga_fc=true&fws=4&ohw=944&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 3909ca6edd14bcf89f121bfcbbf62869cf79103a79e21bc474f8a68ea955a0ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:28 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8767 x-xss-protection 0 google-lineitem-id 129863415 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 48543002775 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.guru3d.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	choice.js Show response quantcast.mgr.consensu.org/choice/xNQQ4Ja1ehbNf/www.guru3d.com/	5 KB 2 KB	46ms 10ms	Script application/javascript	2600:9000:2156:7a00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/choice/xNQQ4Ja1ehbNf/www.guru3d.com/choice.js?timestamp=1645781545129 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:7a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 69439656dea473a2b061c934e843071a2d10a889fc74484b0cc5521767d2b1de Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Fri, 25 Feb 2022 09:32:25 GMT content-encoding br last-modified Wed, 10 Feb 2021 23:03:35 GMT server AmazonS3 age 7 etag W/"2dffc2b03414afb57d77b6bd1cdb70c0" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront) cache-control max-age=900 cross-origin-resource-policy cross-origin x-amz-cf-pop FRA50-C1 x-amz-cf-id rMFcHC9uRgvuWj_oyU-ugewIYAIQ4DroZtlcb6EYjvmj6vO0Kwgq0A==
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 439 B	61ms 20ms	XHR text/plain	2a00:1450:400c:c0b::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1106208-1&cid=823588843.1645781545&jid=1016389251&gjid=1070589236&_gid=432487844.1645781545&_u=IAhAAEAAAAAAAC~&z=521204792 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.guru3d.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 25 Feb 2022 09:32:25 GMT content-type text/plain access-control-allow-origin https://www.guru3d.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	o5Y_XD3xsUd.css static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/ Frame 43F5	24 KB 6 KB	22ms 7ms	Stylesheet text/css	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/o5Y_XD3xsUd.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9c04d359406606b0ec6bd118b79da4a56c8ca192894b311fe5af50c711a2342a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT content-encoding br x-content-type-options nosniff content-md5 kArM2jvOthmVwUWpkRj1OA== document-policy force-load-at-top content-security-policy-report-only default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 5510 x-fb-rlafr 0 x-fb-debug TpGL+2+HjcxOIQHVgx4nTyyr3r8cmrQG4TSk1UU8akqgiMShiikRVaZv3xoJqykXdo64wg6SG30f/ppiRxTsrQ== x-fb-trip-id 2050670934 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type text/css; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * expires Fri, 24 Feb 2023 17:25:25 GMT
GET H2	200	quant.js Show response secure.quantserve.com/	24 KB 10 KB	52ms 8ms	Script application/javascript	2620:116:800d:21:5a23:9c4e:e774:96c1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/choice/xNQQ4Ja1ehbNf/www.guru3d.com/choice.js?timestamp=1645781545129 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT content-encoding gzip etag "yoD6mq4JTyPdtDBolW+GUg==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes expires Fri, 04 Mar 2022 09:32:25 GMT
GET H2	200	cmp2.js Show response quantcast.mgr.consensu.org/tcfv2/	178 KB 47 KB	8ms 8ms	Script text/javascript	2600:9000:2156:7a00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.guru3d.com Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/choice/xNQQ4Ja1ehbNf/www.guru3d.com/choice.js?timestamp=1645781545129 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:7a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:31:31 GMT content-encoding gzip age 59 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 access-control-allow-origin * last-modified Thu, 03 Feb 2022 15:12:49 GMT server AmazonS3 etag W/"654a79dfaa26ade386414ddc75ea4b75" vary Accept-Encoding access-control-allow-methods GET content-type text/javascript;charset=UTF-8 via 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-meta-qc-ineu True x-amz-cf-pop FRA50-C1 x-amz-cf-id rArTxD5sVTlWkiZQhtZCm0bKw-Z3-QKH80YG60g7I7yrkhtssSLIQQ==
GET H2	200	cmp-list.json Show response test.quantcast.mgr.consensu.org/GVL-v2/	9 KB 3 KB	81ms 26ms	XHR application/json	2600:9000:2260:7a00:3:a4cd:8380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.guru3d.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2260:7a00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 21588ff06c8d62213aeb662895a415609340053243492e0c8255388e969eca0e Request headers Accept application/json, text/plain, */* Referer https://www.guru3d.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 03:00:37 GMT content-encoding br age 23509 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 access-control-allow-origin * last-modified Fri, 18 Feb 2022 19:52:29 GMT server AmazonS3 etag W/"68deec44da0ca2810e7c67d67eec39ee" vary Accept-Encoding access-control-allow-methods GET x-amz-version-id 6Hh9ZDukV2IFPYmvxSd.QbCotU.Q.Hfx via 1.1 25cea41ad7d46d4db1c5c43579cc21ee.cloudfront.net (CloudFront) cache-control max-age=172800 x-amz-cf-pop TXL50-P3 content-type application/json x-amz-cf-id URYPl5ddgftmNwQJg-gMMwMRiCYtNlhGr42PcImzdTxIV0WWyi73aw==
GET H3	200	www-player.css www.youtube.com/s/player/450209b9/ Frame 1429	337 KB 46 KB	24ms 8ms	Stylesheet text/css	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/450209b9/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0777f3e0b8c0e29c02a500177bbe474c4cfa34f6427eece68a06f275d3a0f446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/oqiHTjyKmt0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 16:00:16 GMT content-encoding br x-content-type-options nosniff age 63129 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47098 x-xss-protection 0 last-modified Thu, 24 Feb 2022 01:18:10 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 24 Feb 2023 16:00:16 GMT
GET H3	200	www-embed-player.js Show response www.youtube.com/s/player/450209b9/www-embed-player.vflset/ Frame 1429	276 KB 84 KB	30ms 15ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 794a3ac206f04961903d93cc7e73eff6c4bd0f82ea958c1d439018a54e743441 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/oqiHTjyKmt0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 16:00:16 GMT content-encoding br x-content-type-options nosniff age 63129 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 86481 x-xss-protection 0 last-modified Thu, 24 Feb 2022 01:18:10 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 24 Feb 2023 16:00:16 GMT
GET H3	200	base.js Show response www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/ Frame 1429	2 MB 539 KB	32ms 18ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 504a4d6cc789f4dcf195e41badf63ac193a15508e2fa6bb74be4a42d019091a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/oqiHTjyKmt0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 16:00:16 GMT content-encoding br x-content-type-options nosniff age 63129 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 551539 x-xss-protection 0 last-modified Thu, 24 Feb 2022 01:18:10 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 24 Feb 2023 16:00:16 GMT
GET H3	200	fetch-polyfill.js Show response www.youtube.com/s/player/450209b9/fetch-polyfill.vflset/ Frame 1429	10 KB 3 KB	32ms 17ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/450209b9/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/oqiHTjyKmt0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 16:00:16 GMT content-encoding br x-content-type-options nosniff age 63129 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3338 x-xss-protection 0 last-modified Thu, 24 Feb 2022 01:18:10 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 24 Feb 2023 16:00:16 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 1429	15 KB 16 KB	36ms 9ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 22 Feb 2022 11:18:05 GMT x-content-type-options nosniff age 252860 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 22 Feb 2023 11:18:05 GMT
GET H2	200	cse_element__en.js Show response www.google.com/cse/static/element/45f4e5efab1258be/	302 KB 100 KB	49ms 23ms	Script text/javascript	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/cse/static/element/45f4e5efab1258be/cse_element__en.js?usqp=CAI%3D Requested by Host: cse.google.com URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e9e6d43114b4187eb4c0f6550554d9b422eaad45083e345d1fa7b82dd6afcd24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 22:19:20 GMT content-encoding gzip x-content-type-options nosniff age 40385 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 102347 x-xss-protection 0 last-modified Thu, 17 Feb 2022 21:05:08 GMT server sffe vary Accept-Encoding report-to {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="prose-team" expires Fri, 24 Feb 2023 22:19:20 GMT
GET H2	200	default+en.css www.google.com/cse/static/element/45f4e5efab1258be/	41 KB 9 KB	39ms 13ms	Stylesheet text/css	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/cse/static/element/45f4e5efab1258be/default+en.css Requested by Host: cse.google.com URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 19:44:23 GMT content-encoding gzip x-content-type-options nosniff age 568082 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9086 x-xss-protection 0 last-modified Thu, 17 Feb 2022 21:05:08 GMT server sffe vary Accept-Encoding report-to {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="prose-team" expires Sat, 18 Feb 2023 19:44:23 GMT
GET H2	200	minimalist.css www.google.com/cse/static/style/look/v4/	5 KB 2 KB	38ms 12ms	Stylesheet text/css	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/cse/static/style/look/v4/minimalist.css Requested by Host: cse.google.com URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5867ad740bc719bf1309b5f65537b7ba69f2cba5e9a193679859542d1bc7f95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:25:08 GMT content-encoding gzip x-content-type-options nosniff age 437 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1452 x-xss-protection 0 last-modified Mon, 25 May 2020 08:30:00 GMT server sffe vary Accept-Encoding report-to {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-type text/css cache-control public, max-age=3000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="prose-team" expires Fri, 25 Feb 2022 10:15:08 GMT
GET H2	200	rules-p-xNQQ4Ja1ehbNf.js Show response rules.quantcount.com/	2 B 346 B	50ms 14ms	Script application/javascript	2600:9000:2490:3e00:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-xNQQ4Ja1ehbNf.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:3e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 08:38:29 GMT via 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront) server AmazonS3 age 3235 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 cross-origin-resource-policy cross-origin x-cache Hit from cloudfront x-amz-cf-pop FRA56-P6 content-length 2 x-amz-cf-id kf-mRhT3bJOWzxBCj8bgGw6wXNYIEhdouCiVaaOw0SWRLQa9CBbSWA==
GET H2	200	cmp2ui-en.js Show response quantcast.mgr.consensu.org/tcfv2/39/	227 KB 55 KB	9ms 8ms	Script text/javascript	2600:9000:2156:7a00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.guru3d.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:7a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a6bdf620e64f6f9481b0b273e6365a133ce173c2feb8839cfb99542f0f7f518e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 15:59:49 GMT content-encoding br age 63157 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 cross-origin-resource-policy cross-origin access-control-allow-origin * last-modified Thu, 03 Feb 2022 15:12:35 GMT server AmazonS3 etag W/"58b24098a17406b31f4f22592394578b" vary Accept-Encoding access-control-allow-methods GET content-type text/javascript;charset=UTF-8 via 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront) cache-control max-age=172800 x-amz-cf-pop FRA50-C1 x-amz-cf-id Kh5g7AbBK7FDwFlS6uktdI6NqHrQOiGJD-O8wInMYAW1fBl0wkykxg==
GET H2	200	vendor-list-trimmed-v1.json Show response quantcast.mgr.consensu.org/GVL-v2/	283 KB 33 KB	31ms 9ms	XHR application/json	2600:9000:2156:7a00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.guru3d.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:7a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5a536c560589fc364daacce993cb96a9d60a30508a2fe008080f92c10a6decb0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 03:00:36 GMT content-encoding br vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method age 23510 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-allow-origin * last-modified Fri, 25 Feb 2022 03:00:32 GMT server AmazonS3 etag W/"a5d02ec8d0d1e0cc15146d64cc1f2526" access-control-max-age 3000 access-control-allow-methods GET content-type application/json via 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront) cache-control max-age=172800 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 x-amz-cf-id 4O47QOt6IGMmYEK612kcl3pbuFhmddmcnwMEIsaJobfE1PJgOecPEw==
GET H2	200	google-atp-list.json Show response quantcast.mgr.consensu.org/tcfv2/	153 KB 36 KB	36ms 15ms	XHR application/json	2600:9000:2156:7a00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.guru3d.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:7a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 95045347f438c2512764824b7bd997e68b8c18b06ef5c234962eba3b3024f6e8 Request headers Accept application/json, text/plain, */* Referer https://www.guru3d.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 03:00:29 GMT content-encoding br vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method age 23517 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-allow-origin * last-modified Fri, 25 Feb 2022 03:00:27 GMT server AmazonS3 etag W/"e095029eba3dbb82040530a0e49b05ed" access-control-max-age 3000 access-control-allow-methods GET content-type application/json via 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront) cache-control max-age=172800 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 x-amz-cf-id A-iLpEKIMNLp8-xQjy9ANIPhlJYKMp62-O1frf_vhIahNXloim1gYA==
GET H3	200	async-ads.js Show response cse.google.com/adsense/search/	136 KB 50 KB	34ms 15ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cse.google.com/adsense/search/async-ads.js Requested by Host: www.google.com URL: https://www.google.com/cse/static/element/45f4e5efab1258be/cse_element__en.js?usqp=CAI%3D Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5060e7b9fc39f1ecc1234b1a5388bb1db92ed501cbe226eeebc1c1778e03329b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="ads-afs-ui" etag "3962841703980118686" vary Accept-Encoding report-to {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 accept-ranges bytes expires Fri, 25 Feb 2022 09:32:25 GMT
GET H3	200	clear.png www.google.com/cse/static/css/v2/	1018 B 1 KB	22ms 6ms	Image image/png	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/cse/static/css/v2/clear.png Requested by Host: www.google.com URL: https://www.google.com/cse/static/element/45f4e5efab1258be/default+en.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/cse/static/element/45f4e5efab1258be/default+en.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 23 Feb 2022 05:46:24 GMT x-content-type-options nosniff age 186361 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1018 x-xss-protection 0 last-modified Mon, 25 May 2020 08:30:00 GMT server sffe report-to {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="prose-team" expires Thu, 23 Feb 2023 05:46:24 GMT
GET H2	204	generate_204 www.googleapis.com/	0 178 B	35ms 5ms	Image text/plain	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googleapis.com/generate_204 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	branding.png www.google.com/cse/static/images/1x/en/	1 KB 1 KB	18ms 7ms	Image image/png	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/cse/static/images/1x/en/branding.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Sat, 19 Feb 2022 12:42:20 GMT x-content-type-options nosniff age 507005 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1372 x-xss-protection 0 last-modified Mon, 25 May 2020 08:30:00 GMT server sffe report-to {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="prose-team" expires Sun, 19 Feb 2023 12:42:20 GMT
GET H2	204	generate_204 clients1.google.com/	0 178 B	56ms 6ms	Image text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://clients1.google.com/generate_204 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H2	200	/ Show response audit-tcfv2.quantcast.mgr.consensu.org/	2 B 101 B	28ms 6ms	XHR text/plain	52.28.32.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22xNQQ4Ja1ehbNf%22%2C%22domain%22%3A%22www.guru3d.com%22%2C%22publisher%22%3A%22Guru3D.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.39%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%226iu1UkRO0KJoKaK2Q9zOIw%22%2C%22clientTimestamp%22%3A1645781545381%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-i2hps6okiulnui948wje%22%7D Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.28.32.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-32-18.eu-central-1.compute.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer https://www.guru3d.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers access-control-allow-origin * date Fri, 25 Feb 2022 09:32:25 GMT content-length 2 content-type text/plain; charset=utf-8
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 1429 Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 146 B	30ms 16ms	XHR application/json	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H3 Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 23800634836ccce920e880a1009dda6f2dcdd9dba16781b41ec5a83abba70489 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 25 Feb 2022 09:32:25 GMT x-content-type-options nosniff access-control-allow-origin https://www.youtube.com p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 1429	29 B 588 B	28ms 6ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:18:50 GMT x-content-type-options nosniff age 815 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 25 Feb 2022 09:33:50 GMT
GET H3	200	remote.js Show response www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/ Frame 1429	119 KB 37 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 40d933ee8974c700bc2f951870c4ec8b613be371def35992bc2460e5d8fa3e08 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/oqiHTjyKmt0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 16:00:25 GMT content-encoding br x-content-type-options nosniff age 63120 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37809 x-xss-protection 0 last-modified Thu, 24 Feb 2022 01:18:10 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 24 Feb 2023 16:00:25 GMT
GET H3	200	-Yju3oCh4LshVL4BAp2ilUyJcRW3wvGXE1JH5K9b7fk.js Show response www.google.com/js/th/ Frame 1429	35 KB 13 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/-Yju3oCh4LshVL4BAp2ilUyJcRW3wvGXE1JH5K9b7fk.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f988eede80a1e0bb2154be01029da2954c897115b7c2f197135247e4af5bedf9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 23 Feb 2022 13:50:51 GMT content-encoding br x-content-type-options nosniff age 157294 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13608 x-xss-protection 0 last-modified Mon, 14 Feb 2022 11:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 23 Feb 2023 13:50:51 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/ Frame 1429	26 KB 8 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bd7af74616008b91eee3a6545f45f3b961dcec295ed7ddc4dea31a007b850d79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/oqiHTjyKmt0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 16:00:17 GMT content-encoding br x-content-type-options nosniff age 63128 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7806 x-xss-protection 0 last-modified Thu, 24 Feb 2022 01:18:10 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 24 Feb 2023 16:00:17 GMT
GET DATA	200 OK	truncated / Frame 1429	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/png
GET H2	200	AKedOLT4i7kv5cPRhAFZ3a3-vxn3ToyApeO1QTxH-g=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ytc/ Frame 1429	1 KB 1 KB	30ms 6ms	Image image/jpeg	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/ytc/AKedOLT4i7kv5cPRhAFZ3a3-vxn3ToyApeO1QTxH-g=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 868e8d3b8499ae3d1f5f79c41939f1b823adfda97c29ac9e41bc061751225a50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 07:59:23 GMT x-content-type-options nosniff server fife age 5582 vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1137 x-xss-protection 0 expires Sat, 26 Feb 2022 07:59:23 GMT
GET H2	200	maxresdefault.webp i.ytimg.com/vi_webp/oqiHTjyKmt0/ Frame 1429	56 KB 57 KB	31ms 8ms	Image image/webp	2a00:1450:4001:803::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/oqiHTjyKmt0/maxresdefault.webp Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ea520e1a8543d8b285dc5032e9c7fabc62e4920c90e871dccb2ad4f74354cd5e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 08:56:08 GMT x-content-type-options nosniff age 2177 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57828 x-xss-protection 0 server sffe etag "1590449304" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 25 Feb 2022 10:56:08 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 1429	4 KB 3 KB	36ms 15ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/450209b9/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 25 Feb 2022 09:32:25 GMT
GET H3	204	generate_204 www.youtube.com/ Frame 1429	0 9 B	6ms 6ms	Image text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?-5FbzA Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/oqiHTjyKmt0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/98/ Frame 1429	52 KB 15 KB	21ms 6ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/98/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 10:56:26 GMT content-encoding gzip x-content-type-options nosniff age 81359 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15480 x-xss-protection 0 last-modified Mon, 29 Nov 2021 16:03:53 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Fri, 25 Feb 2022 10:56:26 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	12 KB 10 KB	42ms 21ms	XHR application/json	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022022201&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 48349c1aaef19fa5d6c20b79bf6501e12d39ed914cda216874e2577ad1e74b35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 25 Feb 2022 09:32:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9698 x-xss-protection 0
GET H3	200	like.php Show response www.facebook.com/plugins/ Frame 375D	19 KB 8 KB	62ms 51ms	Document text/html	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32b8efa62f3f64%26domain%3Dwww.guru3d.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.guru3d.com%252Ff36a679801e2088%26relation%3Dparent.parent&container_width=0&font=&href=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&locale=en_US&sdk=joey&send=true&show_faces=false&width=450 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js?hash=f396fc09dedccfec6f54d394c316c24f Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 060f76bec11503f083db8416e1d504c05983d468da859ce44d6cb167da6a12c1 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ Response headers vary Accept-Encoding content-encoding br x-fb-rlafr 0 document-policy force-load-at-top cross-origin-opener-policy unsafe-none pragma no-cache cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options nosniff x-xss-protection 0 content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload content-type text/html; charset="utf-8" x-fb-debug pKV8E6D/cjmxH6MV2mARGX7PKyNoVWkrkLLjyHcvaowrgk+a5w1ZFV/UMKkDRCf4sY9DdvEqkMf0ZZmu/AP41w== date Fri, 25 Feb 2022 09:32:25 GMT alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	89ms 66ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 25 Feb 2022 09:32:25 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame B5B6	0 0	43ms 42ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugeZvaXH-5JyZV9xjB8ULpUNXlaFzJqXHUWdByBo6S-R1w8vqf0tBsHtdSrbHICWz1guN0JRm3tM8W97MxrGD9dyjKKvll-KGOo4orAz316bCH18owQ9EDrkEU0B5gpO5fBSghyBGcM6wi3_A3vqapEy0Kb3fOEEis-gFpjMWa9V7QUVTWm4bZm70zdAjOJd8qhx1SRZyiWfOhkLzKlI-4bpavRxAWZH-ldQ9b9S8W1SczdGA4Zb2po76g8GkrKGF0aWzpO4peh0LIPLO3n6fRrnz9-V1dLoe4s9oviEQsPMqgtGPC&sai=AMfl-YTHpJT7B44c33onxe5jIgU26lm_AVHYaMA0wMzI5XjQEYQnyWGxbdCHuGse4W7f9J2gpNqueJqPLkq4lHJv0nxfcpiBofA2rPo2KAPS6fzOwPtG54YfMkkPYc7Q9F8&sig=Cg0ArKJSzJNNb2GPWLMJEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 25 Feb 2022 09:32:25 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 25 Feb 2022 09:32:25 GMT
GET H2	200	app.js Show response servedbyadbutler.com/ Frame B5B6	55 KB 11 KB	38ms 6ms	Script application/javascript	78.159.97.6 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://servedbyadbutler.com/app.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 78.159.97.6 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash cd3699476d188453684876ad11b8813508e578f49a02f4639fed3b3ce8a74a58 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT content-encoding gzip last-modified Tue, 07 Dec 2021 18:29:00 GMT server nginx etag W/"61afa7ec-da59" vary Accept-Encoding content-type application/javascript cache-control max-age=1800 expires Fri, 25 Feb 2022 10:02:25 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B5B6	124 KB 38 KB	45ms 29ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38829 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1645619776399499" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 25 Feb 2022 09:32:25 GMT
GET H3	200	4ycBIhGCQ25.css static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame 375D	25 KB 6 KB	7ms 7ms	Stylesheet text/css	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/4ycBIhGCQ25.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32b8efa62f3f64%26domain%3Dwww.guru3d.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.guru3d.com%252Ff36a679801e2088%26relation%3Dparent.parent&container_width=0&font=&href=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&locale=en_US&sdk=joey&send=true&show_faces=false&width=450 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6b1d24b86b4afa64aa7fc7eeefd47d9dbffae83cb1829259152a60567515e118 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT content-encoding br x-content-type-options nosniff content-md5 Twf4OYUgEuIqx5GMKHQWwQ== document-policy force-load-at-top content-security-policy-report-only default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 5880 x-fb-rlafr 0 x-fb-debug XciNTRY9jpWD5MOJ3wOruQlEH2BrA9xcM0NIfpaPTvNbRRnz3DJhcoMp8p+/DMxPtwUQH3U1agahbPSxCxrwag== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type text/css; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Fri, 24 Feb 2023 15:23:03 GMT
GET H2	200	;ID=167608;size=728x90;setID=203375;type=async;domid=placement_203375_0;place=0;pid=3150589;sw=1600;sh=1200;spr=1;rnd=3150589;click=CLICK_MACRO_PLACEHOLDER Show response servedbyadbutler.com/adserve/ Frame B5B6	145 B 400 B	37ms 37ms	Script text/html	78.159.97.6 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://servedbyadbutler.com/adserve/;ID=167608;size=728x90;setID=203375;type=async;domid=placement_203375_0;place=0;pid=3150589;sw=1600;sh=1200;spr=1;rnd=3150589;click=CLICK_MACRO_PLACEHOLDER Requested by Host: servedbyadbutler.com URL: https://servedbyadbutler.com/app.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 78.159.97.6 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash 1153adeea01d822ea58e2453caae112a8dd46c6d908ad0b30f85141aa88a6699 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:25 GMT content-encoding gzip server nginx vary Accept-Encoding p3p CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE" access-control-allow-origin * cache-control post-check=0, pre-check=0 access-control-allow-credentials true content-type text/html;charset=UTF-8 expires Mon, 26 Jul 1997 05:00:00 GMT
GET DATA	200 OK	truncated / Frame B5B6	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ca9f5045725e5f45d8246049d7777367cd87da1a0407d7a79013d41379b8b29b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/png
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame E544	13 KB 5 KB	23ms 7ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Fri, 25 Feb 2022 09:22:35 GMT expires Sat, 25 Feb 2023 09:22:35 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 590 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame B409	783 B 534 B	16ms 16ms	Document text/html	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 6b39c6a2fe3683c44041ed9982dfa22f93bd7a893e184e9af9b3fac288266634 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-o0pH8xaDl8T26SU0dOfeQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Fri, 25 Feb 2022 09:32:25 GMT date Fri, 25 Feb 2022 09:32:25 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-o0pH8xaDl8T26SU0dOfeQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame B5B6	0 0	75ms 59ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvd4JWhx4Mi8_00rH49Rb5PgD428colcyQhXDCwWBDYP6AgxzSMhdthas7MarFKwdbaEjumVfCvUva_KiI7FdCJkvvWKW58vERVJQBBeY1JQwWicU9hm4g8zntZ2GSdS2OmKwn6rfh3l4rEUDuZIz60HIdMWpcG5qJMyqYHCgFcyW66UvEqzg4SXPjxTAyEeCKBG2iLvubsYJRKyybHMM_OvXn_83pIkORQlDh4Pj3Xb0vnrInmKMD5U2gFMPMM7FnXtAgMaQm-hUKdlD4-zWaYVD2wza3jt66vEJpj3dcUgzp7mS_90ig&sai=AMfl-YQB4iQApIBM95ftcryQ3V4ZKjn1Avxd08YlAA9zlHToN5MXMpLLuGh5oAp-KxVJ1Oz8iv5aoOBbNHIoLixRpUIpVLAw29QdJTcrKfpt-evpzBMum-l0D1lTDI2o5As&sig=Cg0ArKJSzI8jiCO41Oz4EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 25 Feb 2022 09:32:25 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 25 Feb 2022 09:32:25 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame B409	0 0	74ms 58ms	Image text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022022201&jk=991384105034222&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers
GET H3	200	U5D2RVqZ1PRjVXB30NjW_eGY8d3xtAEXQJvJ3b52R2Q.js Show response pagead2.googlesyndication.com/bg/ Frame E544	36 KB 14 KB	34ms 20ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/U5D2RVqZ1PRjVXB30NjW_eGY8d3xtAEXQJvJ3b52R2Q.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5390f6455a99d4f463557077d0d8d6fde198f1ddf1b40117409bc9ddbe764764 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:08:56 GMT content-encoding br x-content-type-options nosniff age 1409 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13821 x-xss-protection 0 last-modified Wed, 23 Feb 2022 16:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 25 Feb 2023 09:08:56 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame E544	0 9 B	6ms 6ms	Image text/plain	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?P-wSUw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:25 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	43ms 42ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022022201&jk=991384105034222&bg=!u7iluPzNAAas2QJZrNk7ACkAdvg8WoFpnlyPZVX_ISstqb1a3k1lAY1Wtc1yhzrE3dweTvWqbeGtEAIAAABbUgAAAANoAQeZArdiirFovXv_HBpm_v7PkeonQ0i8hRksWEb_aNC2QBcK9Dy4a5sFz_ZJVeE847uFMmq5scqK-QDltFk1X8_GR4PUwF7s-b67_MlLyVqKJG1oxqaqekrY0bCr_9fUVTWPTeseXFss7Gkdyu6uR1LphtcNs-447sWaqe1NNn8CEzLT-m5KZXENSRzJlrP6Pwi5GMeHKVNbeqIRdN5UjHUkRnYWvmvP8safOUYvcrvOFGZy12UZLKe4CL8O_zdZ9Hdis1CrODahO58nrLVi7VswrRinoH9VftWcMwRNM9WY4aKDkNjG9pErR63njz6dd7VqLj88HtH3KtKrazMveGD3Pl1_eeoMsdLvH6-abn1cdeX5wo7bRnGnaIFwwM7EBaZfdFV4DFRup9HdtnIr4IPSbw5uAoihlWeh8A2xtAbYjfTlJxTwISeOKk1z6nHR9reXo26Wd8VprJKRzJx6upfkXiCp6ZQoac9l8S9ufVhf7z27eyAL6Cq7o8Rgbop_eRm2YYOe2Vb2SL3fa7Mqerx-5jX2wQJGMQegqN6tNcCDEgSJUq6f6SOWuxLh5xotbdJUBjckhfGa2RjWjhR52mnIKru0eCQI3OsaefKPMK_zUJ03Kc3-vzZDeGsN4YPbKVv1gmshBceQodAzO6pLzlWxOc6HJKhIBN854uzRdtcsnROqOVb1zlSo8K5YcSqjspC0mzFQqYGM087JtKS8y3nEHtF3hSiR0-LGyzK-rciQSEHIYpLfKekB69XUX21i4TZu4_ppciMrKuqFRLCAVE7i8-YPNvfTj5YfUiZeVtbgqhOeaIbyfCeSUXLycUez9baSK7M8skGp3I-V97hoSt_XL0PC8eztHItnuVV5fw5OHvLboPUj0Ch2r634K9xKRjKM0piPCrA3vqRJr0SpxfC1Y5lnsbCNZc9Xew Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B5B6	42 B 64 B	55ms 40ms	Fetch image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSIrD_WG33P2L_W1O0pKGmfaxsUGU_6OEOdXgUR5IcXKOTy7Oy62gx9WM5EJlIXHg9XiTMh_E3LEOW9fAIqxSTZVj8bkxcCfMZQXfdsJW3-eYV-plg&sig=Cg0ArKJSzNZL70i8F4RTEAE&id=lidar2&mcvt=1000&p=41,699,131,1427&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220223&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1733603311&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645781545727&rpt=102&isd=0&lsd=0&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/032202142035000/ Frame F1AC	220 KB 60 KB	71ms 16ms	Script text/javascript	2a00:1450:400e:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032202142035000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89b542a306fd479c837bb7608bda059dcb4c0ea9b15a375844cbf4456fd722cb Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 206477 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61669 x-xss-protection 0 server sffe date Wed, 23 Feb 2022 00:11:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "73c6361ffdd039ea" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 23 Feb 2023 00:11:10 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/032202142035000/v0/ Frame F1AC	16 KB 7 KB	69ms 14ms	Script text/javascript	2a00:1450:400e:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032202142035000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 206477 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5733 x-xss-protection 0 server sffe date Wed, 23 Feb 2022 00:11:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "42a91727bcc93df1" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 23 Feb 2023 00:11:10 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/032202142035000/v0/ Frame F1AC	96 KB 29 KB	93ms 38ms	Script text/javascript	2a00:1450:400e:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032202142035000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 206477 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29577 x-xss-protection 0 server sffe date Wed, 23 Feb 2022 00:11:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "42f1ed997a28c2a2" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 23 Feb 2023 00:11:10 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/032202142035000/v0/ Frame F1AC	5 KB 2 KB	70ms 15ms	Script text/javascript	2a00:1450:400e:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032202142035000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 206477 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1873 x-xss-protection 0 server sffe date Wed, 23 Feb 2022 00:11:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "8e63b195883091b5" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 23 Feb 2023 00:11:10 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/032202142035000/v0/ Frame F1AC	42 KB 13 KB	98ms 44ms	Script text/javascript	2a00:1450:400e:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032202142035000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 206477 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13633 x-xss-protection 0 server sffe date Wed, 23 Feb 2022 00:11:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "d3c67c66f710e82a" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 23 Feb 2023 00:11:10 GMT
GET H2	200	css fonts.googleapis.com/ Frame F1AC	8 KB 1 KB	39ms 18ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 25 Feb 2022 08:27:10 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 25 Feb 2022 09:32:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 25 Feb 2022 09:32:27 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame F1AC	2 KB 2 KB	7ms 7ms	Image image/png	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 18:59:48 GMT x-content-type-options nosniff server cafe age 52359 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 14819457070020093239 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2502 x-xss-protection 0 expires Fri, 25 Feb 2022 18:59:48 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame F1AC	295 B 319 B	6ms 6ms	Image image/png	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 05:43:34 GMT x-content-type-options nosniff server cafe age 13733 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 426692510519060060 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Sat, 26 Feb 2022 05:43:34 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame F1AC	0 0	83ms 83ms	Image text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C9ealKaIYYsDQK-HJ3gPuxoWACOSV44dmz7jqv9oNz9eivcABEAEgndqDAmCVgqCCsAegAYuUkIEDyAEB4AIAqAMByAMKqgSoAk_Qf-jvwLGHXOQAm0RiKbkW5cq25d_SR5u_dFeH9wopCe8OKmLsGKYSSjQMu-S9zbHw5oGugBJTxvEhiBoAs_kt4KpKT7zLtRVt5dBYBhKEgW5xFGap9JfHGXMLHBfbXEaFDAt_2ONZsuWViQShneyB_oe42J4GR-HKJzYDd7Q2k9IdHMwArtbZNJ5eucKcns2lZM6DjwyuE-ZH8OasaEWC1SE2GnOa9z5pSl-gQ6vfoAFruMyzNCdeZfOhjAdSw9hlge10H_1mAS2SxeF9xvr4usMnBOePRyfIw7e2FFa-m01oiM9ct59ihcnbRAvkIED1k2HUPpF1oaALOH42J07PJ1S8D4L9m5fe-BOhlHzHH982Gjtl58lmJfSobwohUXtmiLLaCD7cwASnxvybzgPgBAGSBQQIBBgBkgUECAUYBIAH3evvfqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENSIQ9IICQiI4YAQEAEYHYAKAcgLAdgTDIgUBNAVAZgWAYAXAbIXHgocCAASFHB1Yi02MjI5ODI2NTUwNzYzNDkxGM_fEw&sigh=SOjDuMa9nDk&uach_m=[UACH] Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame F1AC	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5141915ccff648e242223386cfb4167fd857cca65fe10f8428ec4ca33a16fc20 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/png
GET H3	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v41/ Frame F1AC	28 KB 28 KB	22ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.guru3d.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 00:52:22 GMT x-content-type-options nosniff age 31205 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28196 x-xss-protection 0 last-modified Tue, 18 Jan 2022 17:53:50 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 25 Feb 2023 00:52:22 GMT
GET H3	200	si googleads.g.doubleclick.net/pagead/drt/ Frame F1AC Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	54ms 54ms	Image text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Redirect headers date Fri, 25 Feb 2022 09:32:27 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame BAA2	0 0	42ms 42ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3VhN83sTxrGTqnCPAMVwRqHFWS82Bi1Xy9Sjdz8RsyAGXrLC1vZwGv8ps_Y_b8pNHvI5dX_OFZ-A3mar_6WxGBPcwRYFneoIrSWlV3OeRRTUdCD42n7nyOdSVFMFbVC0j-lsW7C922xMcPZ7UWFyAp6Pmx41fNv5qIIhb1pGL7VOX4NF4C7dKiONcIrOzRyJI4Tc5B7ROsifsZYfyCIZvLGOzOjMNChzbX0I28BTYMof_-GLqi2fS1jQ0m5E4YaVSlWTH2JyxA04Yra4RGtdKFw3aWCNqhRgS-ceuxVjc2s9uSUDfVOchEtIBknFghzyDvO5gih8E&sai=AMfl-YRoB5TKTgEwl6ZT8QfT6PSAeL2kmNBLEfS0lTSnBXeJIl6Kam6P-Y46RWzvOA2ymvEV9sFpreXsDhbUVOJtZskRvLHYSNvBkXQAi5PvadEMQxJdgBGx2jcGpEHl_Qs&sig=Cg0ArKJSzPsaMLZ4Ctb7EAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 25 Feb 2022 09:32:27 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame BAA2	81 KB 27 KB	18ms 18ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash c300ad3e58af8a9548ff87ab24649290c1114a6cf3b1f9c203a15aab890f58d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:27 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27431 x-xss-protection 0 server sffe etag "1142 / 229 of 1000 / last-modified: 1645743960" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 25 Feb 2022 09:32:27 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame BAA2	124 KB 38 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:27 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38829 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1645619776399499" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 25 Feb 2022 09:32:27 GMT
GET H3	200	pubads_impl_2022022201.js Show response securepubads.g.doubleclick.net/gpt/ Frame BAA2	364 KB 122 KB	7ms 7ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 2b533fe5c53324b1ed9a449bbd2d899930396f3b03b05b4c06ee83dd98879074 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 08:14:10 GMT content-encoding gzip x-content-type-options nosniff age 4697 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 125154 x-xss-protection 0 last-modified Tue, 22 Feb 2022 09:34:34 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 25 Feb 2023 08:14:10 GMT
GET DATA	200 OK	truncated / Frame BAA2	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dc1ad899453a0eddd03fe62f39b6ccdb4829aeea1aa391fb1b656edc33b792e4 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame BAA2	0 0	42ms 42ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKinRxy6he0iinKZE3frXkWh1U-MHZ3YMQgZgslLyTywecz4yj_sxPiEU0giKocaupMLdXSuN_a5RAXMt2wiGeYEdsypxRjNMJ9ldZZuQNBpN3bUVSLdWtDoN5dhGDtoYAD79YyDkgicP6mZE4osa5aF3oKMIvVH5o0mXmwdjvuz-D_nLDc4ROVl2nTNgD6QCWQL5YNlC71tFCvP6fN33pZwkeqkdnrKIVGt5KwCnTikyFCe6Dqb1wI9iWWG7PCcVTXbY97S7oEjUGdf8syCJHKC_fQtpNz2UdQqr6KNGHKPQk85ham3-sH4GW&sai=AMfl-YTJCuBBtSr_TVHXbmePe9XRHt9SuOitYAXMWWnXjBAMWLzn-tZjs5UbazmJ_SMpYwH7w5e9CZj08i1XkadGeNvUyu2lsdkfMPseDRK2ZdPAZdBH7ul8CXY0wR-quPM&sig=Cg0ArKJSzO4Koh3yMBwrEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 25 Feb 2022 09:32:27 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 25 Feb 2022 09:32:27 GMT
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 1429	28 B 54 B	23ms 22ms	XHR application/json	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/450209b9/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/oqiHTjyKmt0 X-YouTube-Client-Version 1.20220223.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgtMd205RXliRTRJVSipxOKQBg%3D%3D X-YouTube-Ad-Signals dt=1645781545291&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C725%2C410&vis=1&wgl=true&ca_type=image Response headers date Fri, 25 Feb 2022 09:32:27 GMT content-encoding br x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0 expires Fri, 25 Feb 2022 09:32:27 GMT
GET H3	200	container.html Show response c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8DC1	6 KB 3 KB	35ms 13ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 x-content-type-options nosniff server sffe x-xss-protection 0 date Fri, 25 Feb 2022 09:32:25 GMT expires Sat, 25 Feb 2023 09:32:25 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT content-type text/html age 2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 711E	624 B 299 B	24ms 23ms	Document text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnaKFvgEwAQ&v=APEucNUWy7irO-GafZz8XKp4Sq9pl-xK7hEhefhMRtXLN0_vkWdeWaDxtJZyDDinXocupWCc-rLIG3MRJq0CBSJqzFag-hVOK3Gw9KlgmMJmor3dgwxxXQzgrFKXMyyOtoupBd9aeg2Xa0rFiCWlp3IdD8kQ4LceNpTxeS4MuADYi7xfvQ2v-yo Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 25 Feb 2022 09:32:27 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 25 Feb 2022 09:32:27 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 8DC1	86 KB 34 KB	52ms 52ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DD094tB7hjWt3T-gPITKItCgsqeSg7YzDuiweMCgo89nwE0zgHjijDG_B0aFLVrMFsHFoxOSKdZmI3pGiUv09eBysbbX6bSvSK3dFQjp7mznhjNimPH7nfaTFrE13zExhLWJITMhHMn1DuLNN5lMSJwvW4sA&dbm_d=AKAmf-CrUeWFP0F7i-42jFl7pTNKjVGDaETrtoegwxM_y2Sqvaj0SfYebRHatGgHkpfaag0jfEPpE0jGfS6HEUoIsB3T98EIkaY08xie4MLDJHhxtbQv_4C3d2O5HkZOyQq5hTZmCfFGlHNdt_kQTQA5X3zcwNOMlQWmV3Q_aiOiXnLRuPzcGg9pZrEizFqSfDj5kOX3kuDekGLYZ6YN6DUAyx5huYOzjjlbE697s3ufDR0Rpr48qO0yaW3PShV6wYY-XZ_f13ZUYO5VL4AmYVEVwzKAeNwZB63_umpBzpV2MQHym5TdciQWOokSnMG5EQLhNC_UEmQSsFr8DSWirtrf6BA2OZDMgbfJBRyZNO0y0xOWQF9s2YaeTEfGiNdaTQqWeZa2kFr-XlwfxbmlQAN4ChiUVgNOU6FFBIWyBqKVysy_y9klPkhan4UdxZnDJ_mq9h9gkPA8R9PbT9c-hvdTEIZbT0GndzpRjjccPnpj8PISvkLtKx-UylGO1Ym5Lb-RZDJNyqlVeu5SGGktTufV1Pe2mDL80e6NXwPps1Ag2LlX7mYWCVMd45VeTd04GCZxLQvi8lcJm0M1QkvpdRshlzDjWqi_wMJDKu_EaYPW2l7BS7KBvFNGk4aIR0Ma0Z5i_SsVP-ue7kYPCJ3zDqQQfjLdFSiO0kLsOEpATOsufCZwoiLzsN25hThC2U6vXhNakEQNGg1wVpunwGgU9ndNm6D1et__XwhWyU52Vt-u14RrWBKYjFaxfBmFU1iydCDipjDLXtcaf1nYwfIHRl0y44Hccy-Esz3xMVutfx-WobFN6QllfjxdRR6Rdvt6s21vWIleaFV-bUA0gZ1Uf2nOyWbjlkgioluUvvRgO2Ozsyo7YYWXpWsdVM_lKXp7f1nYovdhBZgzEU0vWIJ8ztHSJO-3oIsZLpQmPUtLNwuwVAdCewEKPxOlqK0mGxQvYq_E5O__xqlBaHeOLpdJNqlMLEiPpSbb67ndofKDcOv8azkosCD1vu7CM4V890AkdwVQ90UKoC_8xSeelOzlxPiC3IxiIrx83OUUp_ve3-RD-rsG_xvud1byC5S7Uh9bwzVi25H45o5Nh0cITh2IRyMg4Bns3vdq0RcKiU1p-AkINmRT_KTBtgzCtgFlj9wMwpdYAhFeF9XqG3jvLgrDLDIFbr5fnkEekfcXFOV0rQPOjEZOxmjd7kAyMWwdtBtxGeqSKVZmuy2j0CXRnu_mjKIM9NR8px1jfsB6KJIBt9OZvnVcHHTO_xQZtQ2PyDhSynWcKAyoReZZMKpTpaKoJ2UbG9PzrcI7MEh8E4E3YXMf3xo7kh_A4i2qlgc3wQuVH0eYI5GOEuPDnw05z5qbrOWV-1PQzAmLaFq318xt5xFuzNxe45GpTqcGj6N6RAe-lD2g8zHaGY3y3Q28nPepcljTCaGDalSffCevtJQkX_O0AFtHIniETVIP5XbpqA7QncWoFPIPXl4of2SgG9h17fvIbyijUDAi4nPj0xdQmlIa5R8yRuoAMXqN0xcn67wMrEPHyr83TYiIFrsDQoIWdtC-16U6prQ3rA5khGtnNGBVbHVqXSlKCCee2tesONWGwBKhltDY6rlrBM587M0zHCj1Jc73MhzkjUCZ6EhRRZlmrvvo6Nlonqyx8GVKS00Txg5SIrMYlXhhV2N2mtp_N9W22REKnY0RF8b8ldGhJO-qjwCbbCcy6Tdk2VPeGCqpW5VnvT0mBvdg3qosTcpkTZT0PpVp7vgkRFZn87b7VVXCcWAXReOWAidtpHWgTru-YMHay7o-lVbMlVJ8Ry_tiwWL8_mGggxkirZSormYeBTmFUFXXGCt9BwMJLf2Zzzs8_t8xi_uWqVe0xUPmm4Nx70gnV7axhI_DWHDvOjSalkucwhPUC7DubuS_wYtXFJRqRdJUModtHlN9-DSU0jGicHJi5H7-6J7YhkUq_ZeS0xSum4B-m6mJGr00hnkSVKtFiVxEkSr0qV5cQ3uuvpdv8BhV7hzwJ2oq9VjLsLJNyQRwWMcnTMWe6hrZZv77bzX4E3wb0qTTM5-ym4OsFENn_eiMUWHIL9ZUWjHYbnGpTiaR0RH_Aku714T59lN6XiWFNAr7tEijpwNtLC3iHR-Lu9su29eYTQYXb_SSk5Nalrt3-w0m-0mImdTNWAZNiQDs94QVgCREjyj9Rry5wG8MDkOrpKwgpoSUGC-r2FLzaDnHEV53FjY6HKhugx-qfDNvb2vFOa4WYRjHBW-6Vj_ymTZj-cDL8I9wuhEMESu3SkDSHN58iYdcq91j7vSRHqFTVLnZOIWtm_HtKC856cIru6pqxML8218RnO9eM0pFCVQwKM6Sf6HBuKyFuUkMPAH3z1Wx8VBvp5iXvz9P5WMGpYFt8_UiT3TWO-Cw8xuH8SanRCmt0gvXwSue-rGm27pH-fLgKOPlv4ocPqhGbTt4qlg01jSlMNHfptxUQKcLneK8IRbjZJPT-JdFzqlSZ1HCLZSlE-7-hVUwac4Vz_xmj9jTtE3fYsNvmxKv95MIX4xkA-J5bN6YD6GHW9h7KYsPv8oFuOFEUBqsb1EiF-ADKCcSw_H4WiqW8bBITTs4DlTSHluxsjTwKC-H99Ickf9_xJqjLhWg6Tvrnqiw376t-83lMiuCiyvsa-MLSeLo0n3QIevl7w0UwaDbD-cyfqxm9kTaDxeL9d4AYBxJGRgUB4rrNsigObgCAGP5j2BMCdjYXJTFJCbD3reIvaXZ3rKRKwnE5SjbSh3WGeMlHSxBWrUKz353gCq5sfytUEjtRZjXdQK12Z4EU8aGkHPkW9SuHNHvXk9537TfPv77E8iG_bumAuW38wmjQVBfvJ09IzfC1ohv0HaKaFQJMRfbRjVis3pz1_7TdDN4ZpesLbY5BO8fiFexR-JUob3XEE3sE569Xid1Q6uoHQhYPtoVNWSzmZMHLSTY3jSNQvxqEwFaVuKoltljcWAmkGim3YezOEIdprrJ9kRVTXhmWz-UnROPI8kPLtramjBVZxCkXtyJd2GxVmnfyCQXheU-CkByk9UVmgq3KgoYwomhlI4r1KaG2a-9EQzdTos2wjqjn4Qj2x_iypx8ksbp3CUbf_gGZa5SfkqqIsTPzMevZp6Z-Q3nNyKZW0bsHgdVWONBxy8O5CdF98OQCCZye_FZXpICnZHbiKy4FIso4r9Jqp8jIhEG9fskvUDW5TuTeGPj-ly2V3hd1i7jVv0ulYAcHD2cQduBaGr6NMscW-o14MINiAwlWnORy3BCaeA&cid=CAASFeRoT3Mbtx3RM82w7_rYByLQqsQEGQ&rfl=1%2Chttps%253A%252F%252Fwww.guru3d.com%252F%240 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 13c7bdc53dbb56223562b4c76aca581ec1491e98081a7a731b2bbf329fb03626 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:27 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34603 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8DC1	42 B 63 B	39ms 39ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A7JOQprZwY4ks6zLfKc-Vy5BO9Wwg0IqsGt5LO7CgTTCtMCrTUH5j09LfPCrwTm3tanDQOKKAASkCohIEr1VnPMs948EJGgxN_nb63JZAjTBW1xrA Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 8DC1	2 KB 1 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:28:40 GMT content-encoding gzip x-content-type-options nosniff age 227 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1233 x-xss-protection 0 server cafe etag 16517525077337815633 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Mar 2022 09:28:40 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8DC1	124 KB 38 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:27 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38829 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1645619776399499" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 25 Feb 2022 09:32:27 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 8DC1	15 KB 6 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:30:55 GMT content-encoding gzip x-content-type-options nosniff age 92 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6434 x-xss-protection 0 server cafe etag 16791967082338318403 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Mar 2022 09:30:55 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 8DC1	0 0	20ms 20ms	Image text/html	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRSxHDZ-CKmx-rbzurDlEUOFvfhP94DOjYepE8jAgEBnNqyJanVWIfps_glO9QZBmDdkupL1hc4k7dQSgXdGlfm5-MQg Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 711E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM61_tbj99iUq3MeM5TZ1o&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM61_tbj99iUq3MeM5TZ1o&google_cver=1&C=1	43 B 1014 B	16ms 16ms	Image image/gif	2.21.141.232 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM61_tbj99iUq3MeM5TZ1o&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnaKFvgEwAQ&v=APEucNUWy7irO-GafZz8XKp4Sq9pl-xK7hEhefhMRtXLN0_vkWdeWaDxtJZyDDinXocupWCc-rLIG3MRJq0CBSJqzFag-hVOK3Gw9KlgmMJmor3dgwxxXQzgrFKXMyyOtoupBd9aeg2Xa0rFiCWlp3IdD8kQ4LceNpTxeS4MuADYi7xfvQ2v-yo Protocol HTTP/1.1 Server 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-21-141-232.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Fri, 25 Feb 2022 09:32:28 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 25 Feb 2022 09:32:28 GMT Redirect headers Pragma no-cache Date Fri, 25 Feb 2022 09:32:28 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM61_tbj99iUq3MeM5TZ1o&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Fri, 25 Feb 2022 09:32:28 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 711E Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhiiLJ9gJpeJUZdnY22-GwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM61_tbj99iUq3MeM5TZ1o&google_cver=1	43 B 894 B	14ms 13ms	Image image/gif	2.21.141.232 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM61_tbj99iUq3MeM5TZ1o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnaKFvgEwAQ&v=APEucNUWy7irO-GafZz8XKp4Sq9pl-xK7hEhefhMRtXLN0_vkWdeWaDxtJZyDDinXocupWCc-rLIG3MRJq0CBSJqzFag-hVOK3Gw9KlgmMJmor3dgwxxXQzgrFKXMyyOtoupBd9aeg2Xa0rFiCWlp3IdD8kQ4LceNpTxeS4MuADYi7xfvQ2v-yo Protocol HTTP/1.1 Server 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-21-141-232.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Fri, 25 Feb 2022 09:32:28 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 25 Feb 2022 09:32:28 GMT Redirect headers pragma no-cache date Fri, 25 Feb 2022 09:32:28 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM61_tbj99iUq3MeM5TZ1o&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 711E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEBuuKLVoACX3E38uGFML7Rs&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBuuKLVoACX3E38uGFML7Rs%26google_cver%3D1	43 B 1 KB	15ms 15ms	Image image/gif	185.33.221.87 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBuuKLVoACX3E38uGFML7Rs%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnaKFvgEwAQ&v=APEucNUWy7irO-GafZz8XKp4Sq9pl-xK7hEhefhMRtXLN0_vkWdeWaDxtJZyDDinXocupWCc-rLIG3MRJq0CBSJqzFag-hVOK3Gw9KlgmMJmor3dgwxxXQzgrFKXMyyOtoupBd9aeg2Xa0rFiCWlp3IdD8kQ4LceNpTxeS4MuADYi7xfvQ2v-yo Protocol HTTP/1.1 Server 185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Fri, 25 Feb 2022 09:32:28 GMT X-Proxy-Origin 217.64.151.67; 217.64.151.67; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 3143a77a-1ec3-41bf-b73e-527cd3b48348 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Fri, 25 Feb 2022 09:32:28 GMT X-Proxy-Origin 217.64.151.67; 217.64.151.67; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid df5effcf-7b0c-4fe8-8785-2983536eaaf1 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBuuKLVoACX3E38uGFML7Rs%26google_cver%3D1 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 711E Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE5ODI0MjczMzQwMDM2ODQ4Mg%3D%3D	170 B 188 B	23ms 23ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE5ODI0MjczMzQwMDM2ODQ4Mg%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnaKFvgEwAQ&v=APEucNUWy7irO-GafZz8XKp4Sq9pl-xK7hEhefhMRtXLN0_vkWdeWaDxtJZyDDinXocupWCc-rLIG3MRJq0CBSJqzFag-hVOK3Gw9KlgmMJmor3dgwxxXQzgrFKXMyyOtoupBd9aeg2Xa0rFiCWlp3IdD8kQ4LceNpTxeS4MuADYi7xfvQ2v-yo Protocol H3 Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:28 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 25 Feb 2022 09:32:28 GMT X-Proxy-Origin 217.64.151.67; 217.64.151.67; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid fdbe8c06-0258-4b16-9e06-a07a699a863a Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE5ODI0MjczMzQwMDM2ODQ4Mg%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/912962/59461380/ Frame 8DC1	232 KB 70 KB	107ms 32ms	Script application/javascript	52.18.5.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/912962/59461380/skeleton.js?ias_dspID=3&ias_campId=26029340&ias_pubId=pub-6229826550763491&ias_chanId=1&ias_placementId=15845895118&bidurl=https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html&ias_dealId= Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.5.92 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-5-92.eu-west-1.compute.amazonaws.com Software / Resource Hash 929518c50b1c9240fc22002d0320ac56920f202ce117f10df2acf50259ee5e85 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:28 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	express_html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame 8DC1	106 KB 38 KB	29ms 7ms	Script text/javascript	2a00:1450:4001:828::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ Origin https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 14:21:34 GMT content-encoding gzip x-content-type-options nosniff age 69054 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37892 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:52 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 25 Feb 2022 14:21:34 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/ Frame 8DC1	8 KB 3 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DD094tB7hjWt3T-gPITKItCgsqeSg7YzDuiweMCgo89nwE0zgHjijDG_B0aFLVrMFsHFoxOSKdZmI3pGiUv09eBysbbX6bSvSK3dFQjp7mznhjNimPH7nfaTFrE13zExhLWJITMhHMn1DuLNN5lMSJwvW4sA&dbm_d=AKAmf-CrUeWFP0F7i-42jFl7pTNKjVGDaETrtoegwxM_y2Sqvaj0SfYebRHatGgHkpfaag0jfEPpE0jGfS6HEUoIsB3T98EIkaY08xie4MLDJHhxtbQv_4C3d2O5HkZOyQq5hTZmCfFGlHNdt_kQTQA5X3zcwNOMlQWmV3Q_aiOiXnLRuPzcGg9pZrEizFqSfDj5kOX3kuDekGLYZ6YN6DUAyx5huYOzjjlbE697s3ufDR0Rpr48qO0yaW3PShV6wYY-XZ_f13ZUYO5VL4AmYVEVwzKAeNwZB63_umpBzpV2MQHym5TdciQWOokSnMG5EQLhNC_UEmQSsFr8DSWirtrf6BA2OZDMgbfJBRyZNO0y0xOWQF9s2YaeTEfGiNdaTQqWeZa2kFr-XlwfxbmlQAN4ChiUVgNOU6FFBIWyBqKVysy_y9klPkhan4UdxZnDJ_mq9h9gkPA8R9PbT9c-hvdTEIZbT0GndzpRjjccPnpj8PISvkLtKx-UylGO1Ym5Lb-RZDJNyqlVeu5SGGktTufV1Pe2mDL80e6NXwPps1Ag2LlX7mYWCVMd45VeTd04GCZxLQvi8lcJm0M1QkvpdRshlzDjWqi_wMJDKu_EaYPW2l7BS7KBvFNGk4aIR0Ma0Z5i_SsVP-ue7kYPCJ3zDqQQfjLdFSiO0kLsOEpATOsufCZwoiLzsN25hThC2U6vXhNakEQNGg1wVpunwGgU9ndNm6D1et__XwhWyU52Vt-u14RrWBKYjFaxfBmFU1iydCDipjDLXtcaf1nYwfIHRl0y44Hccy-Esz3xMVutfx-WobFN6QllfjxdRR6Rdvt6s21vWIleaFV-bUA0gZ1Uf2nOyWbjlkgioluUvvRgO2Ozsyo7YYWXpWsdVM_lKXp7f1nYovdhBZgzEU0vWIJ8ztHSJO-3oIsZLpQmPUtLNwuwVAdCewEKPxOlqK0mGxQvYq_E5O__xqlBaHeOLpdJNqlMLEiPpSbb67ndofKDcOv8azkosCD1vu7CM4V890AkdwVQ90UKoC_8xSeelOzlxPiC3IxiIrx83OUUp_ve3-RD-rsG_xvud1byC5S7Uh9bwzVi25H45o5Nh0cITh2IRyMg4Bns3vdq0RcKiU1p-AkINmRT_KTBtgzCtgFlj9wMwpdYAhFeF9XqG3jvLgrDLDIFbr5fnkEekfcXFOV0rQPOjEZOxmjd7kAyMWwdtBtxGeqSKVZmuy2j0CXRnu_mjKIM9NR8px1jfsB6KJIBt9OZvnVcHHTO_xQZtQ2PyDhSynWcKAyoReZZMKpTpaKoJ2UbG9PzrcI7MEh8E4E3YXMf3xo7kh_A4i2qlgc3wQuVH0eYI5GOEuPDnw05z5qbrOWV-1PQzAmLaFq318xt5xFuzNxe45GpTqcGj6N6RAe-lD2g8zHaGY3y3Q28nPepcljTCaGDalSffCevtJQkX_O0AFtHIniETVIP5XbpqA7QncWoFPIPXl4of2SgG9h17fvIbyijUDAi4nPj0xdQmlIa5R8yRuoAMXqN0xcn67wMrEPHyr83TYiIFrsDQoIWdtC-16U6prQ3rA5khGtnNGBVbHVqXSlKCCee2tesONWGwBKhltDY6rlrBM587M0zHCj1Jc73MhzkjUCZ6EhRRZlmrvvo6Nlonqyx8GVKS00Txg5SIrMYlXhhV2N2mtp_N9W22REKnY0RF8b8ldGhJO-qjwCbbCcy6Tdk2VPeGCqpW5VnvT0mBvdg3qosTcpkTZT0PpVp7vgkRFZn87b7VVXCcWAXReOWAidtpHWgTru-YMHay7o-lVbMlVJ8Ry_tiwWL8_mGggxkirZSormYeBTmFUFXXGCt9BwMJLf2Zzzs8_t8xi_uWqVe0xUPmm4Nx70gnV7axhI_DWHDvOjSalkucwhPUC7DubuS_wYtXFJRqRdJUModtHlN9-DSU0jGicHJi5H7-6J7YhkUq_ZeS0xSum4B-m6mJGr00hnkSVKtFiVxEkSr0qV5cQ3uuvpdv8BhV7hzwJ2oq9VjLsLJNyQRwWMcnTMWe6hrZZv77bzX4E3wb0qTTM5-ym4OsFENn_eiMUWHIL9ZUWjHYbnGpTiaR0RH_Aku714T59lN6XiWFNAr7tEijpwNtLC3iHR-Lu9su29eYTQYXb_SSk5Nalrt3-w0m-0mImdTNWAZNiQDs94QVgCREjyj9Rry5wG8MDkOrpKwgpoSUGC-r2FLzaDnHEV53FjY6HKhugx-qfDNvb2vFOa4WYRjHBW-6Vj_ymTZj-cDL8I9wuhEMESu3SkDSHN58iYdcq91j7vSRHqFTVLnZOIWtm_HtKC856cIru6pqxML8218RnO9eM0pFCVQwKM6Sf6HBuKyFuUkMPAH3z1Wx8VBvp5iXvz9P5WMGpYFt8_UiT3TWO-Cw8xuH8SanRCmt0gvXwSue-rGm27pH-fLgKOPlv4ocPqhGbTt4qlg01jSlMNHfptxUQKcLneK8IRbjZJPT-JdFzqlSZ1HCLZSlE-7-hVUwac4Vz_xmj9jTtE3fYsNvmxKv95MIX4xkA-J5bN6YD6GHW9h7KYsPv8oFuOFEUBqsb1EiF-ADKCcSw_H4WiqW8bBITTs4DlTSHluxsjTwKC-H99Ickf9_xJqjLhWg6Tvrnqiw376t-83lMiuCiyvsa-MLSeLo0n3QIevl7w0UwaDbD-cyfqxm9kTaDxeL9d4AYBxJGRgUB4rrNsigObgCAGP5j2BMCdjYXJTFJCbD3reIvaXZ3rKRKwnE5SjbSh3WGeMlHSxBWrUKz353gCq5sfytUEjtRZjXdQK12Z4EU8aGkHPkW9SuHNHvXk9537TfPv77E8iG_bumAuW38wmjQVBfvJ09IzfC1ohv0HaKaFQJMRfbRjVis3pz1_7TdDN4ZpesLbY5BO8fiFexR-JUob3XEE3sE569Xid1Q6uoHQhYPtoVNWSzmZMHLSTY3jSNQvxqEwFaVuKoltljcWAmkGim3YezOEIdprrJ9kRVTXhmWz-UnROPI8kPLtramjBVZxCkXtyJd2GxVmnfyCQXheU-CkByk9UVmgq3KgoYwomhlI4r1KaG2a-9EQzdTos2wjqjn4Qj2x_iypx8ksbp3CUbf_gGZa5SfkqqIsTPzMevZp6Z-Q3nNyKZW0bsHgdVWONBxy8O5CdF98OQCCZye_FZXpICnZHbiKy4FIso4r9Jqp8jIhEG9fskvUDW5TuTeGPj-ly2V3hd1i7jVv0ulYAcHD2cQduBaGr6NMscW-o14MINiAwlWnORy3BCaeA&cid=CAASFeRoT3Mbtx3RM82w7_rYByLQqsQEGQ&rfl=1%2Chttps%253A%252F%252Fwww.guru3d.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:00 GMT content-encoding gzip x-content-type-options nosniff age 28 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3159 x-xss-protection 0 server cafe etag 1394524276809619753 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Mar 2022 09:32:00 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame 8DC1	25 KB 9 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DD094tB7hjWt3T-gPITKItCgsqeSg7YzDuiweMCgo89nwE0zgHjijDG_B0aFLVrMFsHFoxOSKdZmI3pGiUv09eBysbbX6bSvSK3dFQjp7mznhjNimPH7nfaTFrE13zExhLWJITMhHMn1DuLNN5lMSJwvW4sA&dbm_d=AKAmf-CrUeWFP0F7i-42jFl7pTNKjVGDaETrtoegwxM_y2Sqvaj0SfYebRHatGgHkpfaag0jfEPpE0jGfS6HEUoIsB3T98EIkaY08xie4MLDJHhxtbQv_4C3d2O5HkZOyQq5hTZmCfFGlHNdt_kQTQA5X3zcwNOMlQWmV3Q_aiOiXnLRuPzcGg9pZrEizFqSfDj5kOX3kuDekGLYZ6YN6DUAyx5huYOzjjlbE697s3ufDR0Rpr48qO0yaW3PShV6wYY-XZ_f13ZUYO5VL4AmYVEVwzKAeNwZB63_umpBzpV2MQHym5TdciQWOokSnMG5EQLhNC_UEmQSsFr8DSWirtrf6BA2OZDMgbfJBRyZNO0y0xOWQF9s2YaeTEfGiNdaTQqWeZa2kFr-XlwfxbmlQAN4ChiUVgNOU6FFBIWyBqKVysy_y9klPkhan4UdxZnDJ_mq9h9gkPA8R9PbT9c-hvdTEIZbT0GndzpRjjccPnpj8PISvkLtKx-UylGO1Ym5Lb-RZDJNyqlVeu5SGGktTufV1Pe2mDL80e6NXwPps1Ag2LlX7mYWCVMd45VeTd04GCZxLQvi8lcJm0M1QkvpdRshlzDjWqi_wMJDKu_EaYPW2l7BS7KBvFNGk4aIR0Ma0Z5i_SsVP-ue7kYPCJ3zDqQQfjLdFSiO0kLsOEpATOsufCZwoiLzsN25hThC2U6vXhNakEQNGg1wVpunwGgU9ndNm6D1et__XwhWyU52Vt-u14RrWBKYjFaxfBmFU1iydCDipjDLXtcaf1nYwfIHRl0y44Hccy-Esz3xMVutfx-WobFN6QllfjxdRR6Rdvt6s21vWIleaFV-bUA0gZ1Uf2nOyWbjlkgioluUvvRgO2Ozsyo7YYWXpWsdVM_lKXp7f1nYovdhBZgzEU0vWIJ8ztHSJO-3oIsZLpQmPUtLNwuwVAdCewEKPxOlqK0mGxQvYq_E5O__xqlBaHeOLpdJNqlMLEiPpSbb67ndofKDcOv8azkosCD1vu7CM4V890AkdwVQ90UKoC_8xSeelOzlxPiC3IxiIrx83OUUp_ve3-RD-rsG_xvud1byC5S7Uh9bwzVi25H45o5Nh0cITh2IRyMg4Bns3vdq0RcKiU1p-AkINmRT_KTBtgzCtgFlj9wMwpdYAhFeF9XqG3jvLgrDLDIFbr5fnkEekfcXFOV0rQPOjEZOxmjd7kAyMWwdtBtxGeqSKVZmuy2j0CXRnu_mjKIM9NR8px1jfsB6KJIBt9OZvnVcHHTO_xQZtQ2PyDhSynWcKAyoReZZMKpTpaKoJ2UbG9PzrcI7MEh8E4E3YXMf3xo7kh_A4i2qlgc3wQuVH0eYI5GOEuPDnw05z5qbrOWV-1PQzAmLaFq318xt5xFuzNxe45GpTqcGj6N6RAe-lD2g8zHaGY3y3Q28nPepcljTCaGDalSffCevtJQkX_O0AFtHIniETVIP5XbpqA7QncWoFPIPXl4of2SgG9h17fvIbyijUDAi4nPj0xdQmlIa5R8yRuoAMXqN0xcn67wMrEPHyr83TYiIFrsDQoIWdtC-16U6prQ3rA5khGtnNGBVbHVqXSlKCCee2tesONWGwBKhltDY6rlrBM587M0zHCj1Jc73MhzkjUCZ6EhRRZlmrvvo6Nlonqyx8GVKS00Txg5SIrMYlXhhV2N2mtp_N9W22REKnY0RF8b8ldGhJO-qjwCbbCcy6Tdk2VPeGCqpW5VnvT0mBvdg3qosTcpkTZT0PpVp7vgkRFZn87b7VVXCcWAXReOWAidtpHWgTru-YMHay7o-lVbMlVJ8Ry_tiwWL8_mGggxkirZSormYeBTmFUFXXGCt9BwMJLf2Zzzs8_t8xi_uWqVe0xUPmm4Nx70gnV7axhI_DWHDvOjSalkucwhPUC7DubuS_wYtXFJRqRdJUModtHlN9-DSU0jGicHJi5H7-6J7YhkUq_ZeS0xSum4B-m6mJGr00hnkSVKtFiVxEkSr0qV5cQ3uuvpdv8BhV7hzwJ2oq9VjLsLJNyQRwWMcnTMWe6hrZZv77bzX4E3wb0qTTM5-ym4OsFENn_eiMUWHIL9ZUWjHYbnGpTiaR0RH_Aku714T59lN6XiWFNAr7tEijpwNtLC3iHR-Lu9su29eYTQYXb_SSk5Nalrt3-w0m-0mImdTNWAZNiQDs94QVgCREjyj9Rry5wG8MDkOrpKwgpoSUGC-r2FLzaDnHEV53FjY6HKhugx-qfDNvb2vFOa4WYRjHBW-6Vj_ymTZj-cDL8I9wuhEMESu3SkDSHN58iYdcq91j7vSRHqFTVLnZOIWtm_HtKC856cIru6pqxML8218RnO9eM0pFCVQwKM6Sf6HBuKyFuUkMPAH3z1Wx8VBvp5iXvz9P5WMGpYFt8_UiT3TWO-Cw8xuH8SanRCmt0gvXwSue-rGm27pH-fLgKOPlv4ocPqhGbTt4qlg01jSlMNHfptxUQKcLneK8IRbjZJPT-JdFzqlSZ1HCLZSlE-7-hVUwac4Vz_xmj9jTtE3fYsNvmxKv95MIX4xkA-J5bN6YD6GHW9h7KYsPv8oFuOFEUBqsb1EiF-ADKCcSw_H4WiqW8bBITTs4DlTSHluxsjTwKC-H99Ickf9_xJqjLhWg6Tvrnqiw376t-83lMiuCiyvsa-MLSeLo0n3QIevl7w0UwaDbD-cyfqxm9kTaDxeL9d4AYBxJGRgUB4rrNsigObgCAGP5j2BMCdjYXJTFJCbD3reIvaXZ3rKRKwnE5SjbSh3WGeMlHSxBWrUKz353gCq5sfytUEjtRZjXdQK12Z4EU8aGkHPkW9SuHNHvXk9537TfPv77E8iG_bumAuW38wmjQVBfvJ09IzfC1ohv0HaKaFQJMRfbRjVis3pz1_7TdDN4ZpesLbY5BO8fiFexR-JUob3XEE3sE569Xid1Q6uoHQhYPtoVNWSzmZMHLSTY3jSNQvxqEwFaVuKoltljcWAmkGim3YezOEIdprrJ9kRVTXhmWz-UnROPI8kPLtramjBVZxCkXtyJd2GxVmnfyCQXheU-CkByk9UVmgq3KgoYwomhlI4r1KaG2a-9EQzdTos2wjqjn4Qj2x_iypx8ksbp3CUbf_gGZa5SfkqqIsTPzMevZp6Z-Q3nNyKZW0bsHgdVWONBxy8O5CdF98OQCCZye_FZXpICnZHbiKy4FIso4r9Jqp8jIhEG9fskvUDW5TuTeGPj-ly2V3hd1i7jVv0ulYAcHD2cQduBaGr6NMscW-o14MINiAwlWnORy3BCaeA&cid=CAASFeRoT3Mbtx3RM82w7_rYByLQqsQEGQ&rfl=1%2Chttps%253A%252F%252Fwww.guru3d.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:31:27 GMT content-encoding gzip x-content-type-options nosniff age 61 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9647 x-xss-protection 0 server cafe etag 6462939580093197770 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Mar 2022 09:31:27 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 8DC1	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 16:13:41 GMT content-encoding gzip x-content-type-options nosniff age 62327 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 24 Feb 2023 16:13:41 GMT
GET DATA	200 OK	truncated / Frame 8DC1	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f941bd97693a482a41185fc68cbe26f3c8f263f865281e520b17d748122a34e7 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 0B17	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 x-content-type-options nosniff server sffe x-xss-protection 0 date Tue, 22 Feb 2022 08:13:54 GMT expires Wed, 22 Feb 2023 08:13:54 GMT cache-control public, max-age=31536000 last-modified Tue, 03 Mar 2020 20:15:00 GMT content-type text/html age 263914 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/13730119597208835797/ Frame C877	136 KB 22 KB	23ms 8ms	Document text/html	2a00:1450:4001:828::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/13730119597208835797/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b003e8de5793232ac8aea83c9bcf7bcb8328f69e00803dcc18a450e1fd4d7b29 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 content-length 22273 date Wed, 23 Feb 2022 12:06:20 GMT expires Thu, 23 Feb 2023 12:06:20 GMT cache-control public, max-age=31536000 age 163568 last-modified Wed, 01 Dec 2021 07:58:53 GMT content-type text/html alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 8DC1	0 571 B	115ms 87ms	Ping image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHSM_RXVz7ar-VRgp09NaGMB0Kp7iyYxrckBxIccFPVkeqLQ4iEJYRjJX6uGzVM_0oe-bgdjmn9eMdsuNVsg7EiE6LG1lJ2j2bA-MvO-wKSLh6aJvPNxTksmScjKXedAfHanaBhtbJiqImurdAzKxY3v1HiXrweu0tNpc6AP_iDwaP9okjwMNw5UcTLHMA2FOz-2jLZDpg6kXhbyA4UanPOn4EEsp-iQlu6URiyi_HwdD5pM_SRihI7G00vVHIXmfWueH2YnGTNGSimB04Kf0Ec6d-xtNuXy7j1iaKDoGC7Q2ztzZIOHSQ4yBpEH3fwaaV1yId_EAr74gOevtKvhqWcgVF5aeVvEP9rF6_C9NyWyibB1TbqbRLtVQ_uYLw98kzzy7cDJiZeaBevKGhdKA28p-3R0CFUvtz2i9vpJkH7x4hldv7Nrt4sZOJ-9zTDntxuL0jbQeIQrYBmoHLk0sctya9lfwUVSBhrI_P5pQMcLfgp3Tyx3U4-HSFuiCAdhmA6hRNcolbwXlAm8O3fPt4cJwaC4Fx9UeI-sk80Hybbr1BFeY4vdjgufH07OZzqvkkyoWUiYgbUko6DN6f-SSIW3_jgRClN2gQ8cUEcCyKSgRqeoBFAIZoSI_ILR0oEAhCFNXeEshzeH-d5SaETfbQOkDFizEBUjuD2tvFbhwxW84pzVtdLdGe7E6xNiGDCPYOadvRwwrhD0Uq9JDKbK6UE3T45gUFF_bQvMvm_QAStTN_HCGA4dgQpLKxqxFaUegR-Uoz_4qfX-vKOPzLOARUHlQe-u768whXne7-6mWi5gfr44R6YU2-_frr49NIZlMKAepiNqIn6EKQBKahPBiA5nYM1RzbKJ7ThjEMGmkrbSTWjDV6kUFIDU5NvszmHSaORPzAuRLlfKPlExqovSojQJwJedPICj3JlBzPjjyKH---kk9aNzh442Jb9YJZ3IIYnuHtvbinvi9xJ1hxImyc5gbcCcve1JqepNYckEQytn_MXXo0qkbtvIPCwKTsRfjccLmKF1b9KJoRxzSwctYIPhQFwnD3WE8njzwCdyPcHkg71SHXjzG5m1tZZE3nIU_Ujm-GHo_9hsh-AKsJLaIwf0HHans3XKxW-EjBF7XToA4fsHxcblTJzo98AWe_2AXTVBc1m_VfV0CXv0BwZuLNzPegK-5PSsFf-VoTgP-h&sai=AMfl-YT_o4qAIFR7LWq5XpdsFUJCYs-BR6VqviFgMu1XMfg0Hd6-db_f6pUwQPIXTKQNom0FxsnafREAUomcBq5ek4DJdUaALOESpHiZYNb3yE8qFY8lnM-bQvDd0kgc4X9vTLdJnA4KJLyR1-uMvO-7lZK1Jl_WJso7KGSecLA&sig=Cg0ArKJSzHnBFA20LyYuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=45&cbvp=1&cstd=43&cisv=r20220223.19669&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl= Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 25 Feb 2022 09:32:28 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	U5D2RVqZ1PRjVXB30NjW_eGY8d3xtAEXQJvJ3b52R2Q.js Show response pagead2.googlesyndication.com/bg/ Frame 0B17	36 KB 14 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/U5D2RVqZ1PRjVXB30NjW_eGY8d3xtAEXQJvJ3b52R2Q.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5390f6455a99d4f463557077d0d8d6fde198f1ddf1b40117409bc9ddbe764764 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:08:56 GMT content-encoding br x-content-type-options nosniff age 1412 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13821 x-xss-protection 0 last-modified Wed, 23 Feb 2022 16:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 25 Feb 2023 09:08:56 GMT
GET H3	200	DcmEnabler_01_247.js Show response s0.2mdn.net/879366/ Frame C877	29 KB 10 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:828::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13730119597208835797/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/13730119597208835797/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 06:12:45 GMT content-encoding gzip x-content-type-options nosniff age 11983 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10136 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 26 Feb 2022 06:12:45 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 8DC1	0 60 B	43ms 43ms	Ping image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHSM_RXVz7ar-VRgp09NaGMB0Kp7iyYxrckBxIccFPVkeqLQ4iEJYRjJX6uGzVM_0oe-bgdjmn9eMdsuNVsg7EiE6LG1lJ2j2bA-MvO-wKSLh6aJvPNxTksmScjKXedAfHanaBhtbJiqImurdAzKxY3v1HiXrweu0tNpc6AP_iDwaP9okjwMNw5UcTLHMA2FOz-2jLZDpg6kXhbyA4UanPOn4EEsp-iQlu6URiyi_HwdD5pM_SRihI7G00vVHIXmfWueH2YnGTNGSimB04Kf0Ec6d-xtNuXy7j1iaKDoGC7Q2ztzZIOHSQ4yBpEH3fwaaV1yId_EAr74gOevtKvhqWcgVF5aeVvEP9rF6_C9NyWyibB1TbqbRLtVQ_uYLw98kzzy7cDJiZeaBevKGhdKA28p-3R0CFUvtz2i9vpJkH7x4hldv7Nrt4sZOJ-9zTDntxuL0jbQeIQrYBmoHLk0sctya9lfwUVSBhrI_P5pQMcLfgp3Tyx3U4-HSFuiCAdhmA6hRNcolbwXlAm8O3fPt4cJwaC4Fx9UeI-sk80Hybbr1BFeY4vdjgufH07OZzqvkkyoWUiYgbUko6DN6f-SSIW3_jgRClN2gQ8cUEcCyKSgRqeoBFAIZoSI_ILR0oEAhCFNXeEshzeH-d5SaETfbQOkDFizEBUjuD2tvFbhwxW84pzVtdLdGe7E6xNiGDCPYOadvRwwrhD0Uq9JDKbK6UE3T45gUFF_bQvMvm_QAStTN_HCGA4dgQpLKxqxFaUegR-Uoz_4qfX-vKOPzLOARUHlQe-u768whXne7-6mWi5gfr44R6YU2-_frr49NIZlMKAepiNqIn6EKQBKahPBiA5nYM1RzbKJ7ThjEMGmkrbSTWjDV6kUFIDU5NvszmHSaORPzAuRLlfKPlExqovSojQJwJedPICj3JlBzPjjyKH---kk9aNzh442Jb9YJZ3IIYnuHtvbinvi9xJ1hxImyc5gbcCcve1JqepNYckEQytn_MXXo0qkbtvIPCwKTsRfjccLmKF1b9KJoRxzSwctYIPhQFwnD3WE8njzwCdyPcHkg71SHXjzG5m1tZZE3nIU_Ujm-GHo_9hsh-AKsJLaIwf0HHans3XKxW-EjBF7XToA4fsHxcblTJzo98AWe_2AXTVBc1m_VfV0CXv0BwZuLNzPegK-5PSsFf-VoTgP-h&sai=AMfl-YT_o4qAIFR7LWq5XpdsFUJCYs-BR6VqviFgMu1XMfg0Hd6-db_f6pUwQPIXTKQNom0FxsnafREAUomcBq5ek4DJdUaALOESpHiZYNb3yE8qFY8lnM-bQvDd0kgc4X9vTLdJnA4KJLyR1-uMvO-7lZK1Jl_WJso7KGSecLA&sig=Cg0ArKJSzHnBFA20LyYuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=121&vt=11&dtpt=76&dett=3&cstd=43&cisv=r20220223.19669&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl= Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 25 Feb 2022 09:32:28 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	tui_logo_live_happy.svg s0.2mdn.net/creatives/assets/4364511/ Frame C877	6 KB 2 KB	10ms 9ms	Image image/svg+xml	2a00:1450:4001:828::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/13730119597208835797/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:23:55 GMT content-encoding gzip x-content-type-options nosniff age 513 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2072 x-xss-protection 0 last-modified Mon, 08 Nov 2021 07:44:21 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 25 Feb 2022 09:38:55 GMT
GET H3	200	cta_jetzt_buchen.svg s0.2mdn.net/creatives/assets/4364511/ Frame C877	2 KB 1 KB	10ms 9ms	Image image/svg+xml	2a00:1450:4001:828::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4364511/cta_jetzt_buchen.svg Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/13730119597208835797/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:24:11 GMT content-encoding gzip x-content-type-options nosniff age 497 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 998 x-xss-protection 0 last-modified Mon, 08 Nov 2021 10:03:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 25 Feb 2022 09:39:11 GMT
GET H3	200	txt_flex.svg s0.2mdn.net/creatives/assets/4372121/ Frame C877	2 KB 1 KB	10ms 9ms	Image image/svg+xml	2a00:1450:4001:828::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4372121/txt_flex.svg Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e3293ad8919d2d0564a38afe9b8a6cf876c94b041fabaeb1cfd38dd73806132b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/13730119597208835797/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:25:11 GMT content-encoding gzip x-content-type-options nosniff age 437 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1140 x-xss-protection 0 last-modified Tue, 30 Nov 2021 11:47:13 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 25 Feb 2022 09:40:11 GMT
GET H3	200	icon_plus.svg s0.2mdn.net/creatives/assets/4372121/ Frame C877	677 B 385 B	11ms 10ms	Image image/svg+xml	2a00:1450:4001:828::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4372121/icon_plus.svg Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0c585d566dc826dd3d02e5054bab18f7d72db6e6610f11f22a9d96c5661454dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/13730119597208835797/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:24:45 GMT content-encoding gzip x-content-type-options nosniff age 463 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 357 x-xss-protection 0 last-modified Tue, 30 Nov 2021 11:45:11 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 25 Feb 2022 09:39:45 GMT
GET H3	200	txt_300x250_head.svg s0.2mdn.net/creatives/assets/4372121/ Frame C877	8 KB 3 KB	11ms 10ms	Image image/svg+xml	2a00:1450:4001:828::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4372121/txt_300x250_head.svg Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 216403a8e25717fdb6e890b60c6b56989dd0f219ace3d85d381f7b6a3a8b2ab8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/13730119597208835797/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:25:12 GMT content-encoding gzip x-content-type-options nosniff age 436 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3082 x-xss-protection 0 last-modified Tue, 30 Nov 2021 12:06:13 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 25 Feb 2022 09:40:12 GMT
GET H3	200	300x250_radiant_ret.svg s0.2mdn.net/creatives/assets/4302518/ Frame C877	4 KB 1 KB	10ms 9ms	Image image/svg+xml	2a00:1450:4001:828::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4302518/300x250_radiant_ret.svg Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b4eb7dc14fea146b8351d309e8996440d08e02b9c58e3c1e94efa4d845a31d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/13730119597208835797/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:23:41 GMT content-encoding gzip x-content-type-options nosniff age 527 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1016 x-xss-protection 0 last-modified Mon, 04 Oct 2021 15:55:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 25 Feb 2022 09:38:41 GMT
GET H3	200	300x250_gradiant_ret.svg s0.2mdn.net/creatives/assets/4372121/ Frame C877	740 B 412 B	11ms 10ms	Image image/svg+xml	2a00:1450:4001:828::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4372121/300x250_gradiant_ret.svg Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b41dfb3634c0905e1abdc656c7e375b20975fcae3283a61eb91b02b5021f47ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/13730119597208835797/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:27:26 GMT content-encoding gzip x-content-type-options nosniff age 302 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 384 x-xss-protection 0 last-modified Tue, 30 Nov 2021 11:36:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 25 Feb 2022 09:42:26 GMT
GET H3	200	300x250_kv.jpg s0.2mdn.net/creatives/assets/4372121/ Frame C877	17 KB 17 KB	11ms 10ms	Image image/jpeg	2a00:1450:4001:828::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4372121/300x250_kv.jpg Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7aaa66663eb5c08abc6b05d2846a7704e7d152107b7ceedeb64f67aee664b1b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/13730119597208835797/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:23:31 GMT x-content-type-options nosniff age 537 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16922 x-xss-protection 0 last-modified Tue, 30 Nov 2021 11:31:44 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 25 Feb 2022 09:38:31 GMT
GET H2	200	4.js Show response static.adsafeprotected.com/ Frame 8DC1 Redirect Chain https://fw.adsafeprotected.com/rfw/st/912962/59461380/4.js?ias_dspID=3&ias_campId=26029340&ias_pubId=pub-6229826550763491&ias_chanId=1&ias_placementId=15845895118&bidurl=https://www.guru3d.com/file... https://static.adsafeprotected.com/4.js	1 KB 1 KB	38ms 10ms	Script application/javascript	2600:9000:236e:ac00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/4.js Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Server 2600:9000:236e:ac00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-amz-version-id p4D58djWyqdpee_b5TyWT62p_gIxYTQF content-encoding gzip etag W/"96e16e7453ae2e6952bc6d2a20ea29f7" age 232827 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status PENDING last-modified Tue, 15 Feb 2022 16:51:56 GMT server AmazonS3 date Tue, 22 Feb 2022 16:52:03 GMT vary Accept-Encoding content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront) cache-control max-age=604800 x-amz-cf-pop FRA60-P1 x-amz-cf-id -fiaj6aiheIr_jGXMvC6V4a1dMprePDQCEsPhKP_SqTvTQtTUXw4Lg== Redirect headers pragma no-cache date Fri, 25 Feb 2022 09:32:28 GMT x-server-name app15.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/4.js cache-control no-cache content-length 0 server nginx
GET H2	200	sca.17.5.12.js Show response static.adsafeprotected.com/ Frame 0F3E	80 KB 21 KB	55ms 8ms	Script application/javascript	2600:9000:236e:ac00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.12.js Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:ac00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 24 Nov 2021 10:01:19 GMT content-encoding gzip age 8033470 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Thu, 19 Aug 2021 16:31:24 GMT server AmazonS3 etag W/"9304f57298c3834ff107ea7ccb547996" vary Accept-Encoding x-amz-version-id 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja via 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop FRA60-P1 content-type application/javascript x-amz-cf-id 11Yp3E6O-vIP3q8VTB7eSv5i2blRhy8u0Am6jUqM0--7QMqzF98N4Q==
GET H2	200	dt dt.adsafeprotected.com/ Frame 8DC1	43 B 215 B	308ms 99ms	Image image/gif	52.71.187.127 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=81d686bf-e870-dfb9-5e20-051d290d5324&tv=%7Bc:5dV1OV,pingTime:-3,time:54,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:15%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:54,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYrxEAb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.912962-59461380%7C1a1%7C1a21%7C1a3,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&br=c Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.187.127 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-187-127.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:28 GMT x-server-name dt07.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	200	dt dt.adsafeprotected.com/ Frame 8DC1	43 B 215 B	306ms 99ms	Image image/gif	52.71.187.127 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=81d686bf-e870-dfb9-5e20-051d290d5324&tv=%7Bc:5dV1OW,pingTime:-6,time:55,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYrxEAb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.912962-59461380%7C1a1%7C1a21%7C1a3,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:www.guru3d.com*&br=c Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.187.127 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-187-127.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:28 GMT x-server-name dt08.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	200	dt dt.adsafeprotected.com/ Frame 8DC1	43 B 216 B	295ms 98ms	Image image/gif	52.71.187.127 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=81d686bf-e870-dfb9-5e20-051d290d5324&tv=%7Bc:5dV1P8,pingTime:-2,time:67,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:287,beZ:288,mfA:289,cmA:291,inA:291,inZ:294,prA:294,prZ:298,si:302,poA:303,poZ:328,cmZ:328,mfZ:328,loA:342,loZ:344,ltA:353,ltZ:353%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:15%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:67,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYrxEAb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.912962-59461380%7C1a1%7C1a21%7C1a3,idMap:1a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:50,readyFired:true%7D&br=c Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.187.127 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-187-127.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:28 GMT x-server-name dt09.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0B17	0 20 B	43ms 42ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpAzzK6IYYvT8OZaQjuwPisKVYAAAAAA4AeAEAg&bg=!sbKlsvbNAAas2QJZrNk7ACkAdvg8WnQP5PGV_Vhre1OgENUia8ROxOBA4vN4pFcf32dw1xZglT6BrwIAAACPUgAAAAdoAQeZAyb4kjj2aBxN7kTZRBId1RwssWDA-BfsMM66TMocSHwPxIpE03S3T2EkT8LenlPqy4v9IigMlK5nk340aanTVM4_2XjfruFabw6QPY0z_J0JxqNMvvUPM7e8Mz6bGJ3fGWyYx1XFqulXnsEXxErH42eHaAY-3QKcCMU5lZoDTYh0VpLQnOAO5qTeCH5tJe1T9d3PaCPVysqMyab2BmfBgZYA1VqzEGeb5zLcU0QFau60Zbz6--Bi62My2C_57U2SuZeNrwDTAmnNiY2-Pe0j0v0ctd62dApY8KytsfGK9t9_j_HXs9ixfE7nUCQo5Xk8ZLf3U4XzQW5Pgg6-4lT9e-uLHMeVBVr0aJjrPnPXG7uzez-c94bmb_sA9IByXifs_JFH_oUtslfkE07PBjCrUGULRsSmtSgOWiH1JwpSWVlfxegYEQMYidZOUY_gL4odFkM-MbkCZ6ZRfy1YzhGL-87-_gQIzMr2Wk5yX6_0hDywlnQ7vtU37ChgpAHngwt6bAVEZvSYHcRxTWON5p4NaOheTbZs0AeAabWijjNdrLXhNG4SZ4DKGJSFGQINqrgisOhRi0pS2utqyNrVRBAJ8ckSWeQOVWIjlw3gtWdA_VaXDQzAJmJ7eodNfaacCa4Nyfjl3zIQ73Wi4gOURCKEJpAjk2ojwtS4ByUXTTqnrBJRsYzLuPFYueLPRjn8VwWFodCtCQysulpituvxtXEr4TP6-Mz1Ur9yKybKZJtj-MEFV1T_LsCRiUmbhGbNartBL1aNw8SK4Z6zXtxCBxvJ6cPyVlH0bXDeOHsC9JLdq-pu9BUW475aEJO_rDgtH6qWwb_slo_0l6PKd93L9JJeD02ITLxbQdzgyBNCUAanySu7Cj0q1FYjVrA_V1mjkDYBeTzvSbyG5MSz-OkowKSW99WlthXHB3emze6SgcJtbJz5Lu4CZbhnJJ3SLNG-xJQaVO2CAa6GPci8zumS2XCpKnG_UmCA12JZsLIzzyASgrlgMDt_AVgDZz6celIfKYxpq5dvx21o5AZtDZAiZD_lLTu28T5kC4GnH0jOERSrFWaiqypa92vSng Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame F1AC	0 0	43ms 42ms	Image text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CjSvAKaIYYsDQK-HJ3gPuxoWACOSV44dmz7jqv9oNz9eivcABEAEgndqDAmCVgqCCsAegAYuUkIEDyAEB4AIAqAMBqgSoAk_Qf-jvwLGHXOQAm0RiKbkW5cq25d_SR5u_dFeH9wopCe8OKmLsGKYSSjQMu-S9zbHw5oGugBJTxvEhiBoAs_kt4KpKT7zLtRVt5dBYBhKEgW5xFGap9JfHGXMLHBfbXEaFDAt_2ONZsuWViQShneyB_oe42J4GR-HKJzYDd7Q2k9IdHMwArtbZNJ5eucKcns2lZM6DjwyuE-ZH8OasaEWC1SE2GnOa9z5pSl-gQ6vfoAFruMyzNCdeZfOhjAdSw9hlge10H_1mAS2SxeF9xvr4usMnBOePRyfIw7e2FFa-m01oiM9ct59ihcnbRAvkIED1k2HUPpF1oaALOH42J07PJ1S8D4L9m5fe-BOhlHzHH982Gjtl58lmJfSobwohUXtmiLLaCD7cwASnxvybzgPgBAGSBQQIBBgBkgUECAUYBIAH3evvfqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENSIQ9IICQiI4YAQEAEYHYAKAcgLAdgTDIgUBNAVAZgWAYAXAbIXHgocCAASFHB1Yi02MjI5ODI2NTUwNzYzNDkxGM_fEw&sigh=ofr4i_ltRWg&vt=1&uach_m=[] Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame F1AC	42 B 64 B	49ms 49ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujtcoODajfXYoF4EaAb0c3RvoneqPkCc8WKUs6TnZSq77FZ7Fsdbo9Tg6jch70e-lbFc7POgBB-PxndfLnOkDw3f6J7evUbdG05-EaSI7U8NZkwaSWOqwoudi-iw4ewqYGT9ZJW372Iyxb&sai=AMfl-YQisn39QE_mEj5iLVsT8usZzwQrJ0Oowd8tXrlHCbaTuiimNqDvn8x0Y6huNtmmTN4vOVqYnQVLh8qDb-E7q2BbWOR58ZsHbbOjTeSVIcJ2UtOxZQ1_pIeCuqjq2gQ&sig=Cg0ArKJSzJ5k6OPGQGA7EAE&id=ampim&o=1127,188&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=158&tls=1158&g=100&h=100&tt=1158&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1379754963 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 8DC1	43 B 215 B	262ms 100ms	Image image/gif	52.71.187.127 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=81d686bf-e870-dfb9-5e20-051d290d5324&tv=%7Bc:5dV1PF,time:100,type:e,env:%7Bgcd2:%7Bappl:1,cnst:0%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:100,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B95~0%5D,as:%5B95~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYrxEAb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.912962-59461380%7C1a1%7C1a21%7C1a3,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&br=c Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.187.127 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-187-127.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:28 GMT x-server-name dt10.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 17E2	0 0	46ms 45ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGItP-HBgIn0JcqN0WWUzYC0ptFAjrvGsrDkWnNVdzl9QQyRm2L6yAfu0FUblAiXe5Fn77SyKzh66ykkbCZqxewLI-_oNNFbz-_kl3SspsV_XnFw6avMKyRX9ivNhx10kx4Lq5XTPY3qoaF4VPMcft-lVpalcgdxpYhDBeev2ehbdyt4hiUEEZyXBFxHtwE5NRqtENkmXPtv_LTRREHs04ZPe521x84T21YMEGnL4B3aYKrcuXJhLeV0x4_b_DJLje0i_STndo9tsiE8zQ7dRRSCgtDbq5NDVT0uMDLoWtXls7SoiAECZP4M87zMKZee7LKRNJVw&sai=AMfl-YQXmGRohPAVHARNukhswKexWuAU8e_EjTkeFYTXnN5WMnkLUOkSMV7jPdfY7D14xU7CK-CofGlW6LRbWj34UVJP-1r-XgSsW9AHxk6Pkbn_XDoOr63FUsjtuzaQuNze&sig=Cg0ArKJSzPPvdvTe9n1HEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 25 Feb 2022 09:32:28 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 17E2	81 KB 27 KB	28ms 27ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 7780f12f4cb961d4fae52902669f746ed08b635c759b7e0f3eeb9a0c6b3ea998 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:28 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27420 x-xss-protection 0 server sffe etag "1142 / 821 of 1000 / last-modified: 1645743901" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 25 Feb 2022 09:32:28 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 17E2	124 KB 38 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:32:28 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38829 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1645619776399499" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 25 Feb 2022 09:32:28 GMT
GET H3	200	pubads_impl_2022021701.js Show response securepubads.g.doubleclick.net/gpt/ Frame 17E2	363 KB 122 KB	8ms 8ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:08:54 GMT content-encoding gzip x-content-type-options nosniff age 1414 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 124510 x-xss-protection 0 last-modified Thu, 17 Feb 2022 09:34:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 25 Feb 2023 09:08:54 GMT
GET DATA	200 OK	truncated / Frame 17E2	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a55c4e1b80d1bf88f1cebd772bc9d196ae82b428cc0b88078af9da9ace2e0b23 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/png
GET H2	200	dt dt.adsafeprotected.com/ Frame 8DC1	43 B 215 B	99ms 98ms	Image image/gif	52.71.187.127 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=81d686bf-e870-dfb9-5e20-051d290d5324&tv=%7Bc:5dV1Ua,pingTime:-10,time:379,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1645781548550%7C%7C796bb60bab636014a69fa32a480d238c%7C%7C920bd99aa4265c459f442b819dba176b%7C%7Cc50b48437de183786988b9cd3ee4c240%7C%7C5bd5387c710c8c21f127717cc4349669%7C%7C4c2f0d0f7211f1fd09f9207c9f745b38%7C%7C6e297200451587b859e28dcc362359fa%7C%7Cc221e980d6c77671815f1c457032ce0f%7C%7C1629390669%7D Requested by Host: c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com URL: https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.187.127 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-187-127.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:28 GMT x-server-name dt07.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 17E2	0 0	44ms 44ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvX0uCjuccRjxwwZ7zPTvVejIibmT30z91G9vDurqabbbQbpOPO4tzUzElydjBUO5nVjBzuuL-C8bLWYsnvh6QFAnMXn7il7-3dfyiJxCYCxZrrDqb_OHvud7ttMjYVWS2RiQyhuY2kxJpBcd_gLCUO1Cn9hWpIy1KmcELruV4UO9LW7dlroPvyyHTzyFc40h2A279f3pUGYWfeXSj4vBRwjM2oc1uVxzTM5pL0VpGZviIDgPUkTF18X05blYx3H_ehTdhvqC1xnWRUN5GO0zKY6C7wrMhaDolnUv3YAS2_xWBOufpTtNd_lQ&sai=AMfl-YRIGqKkRtaoCW4ZsgaYLcTi_PLfpO-7gUaW9xC7FL9T59QtU6kJVBa8DoiAhok9c8DAByBgaif7Jx_3NQZXVCYFeLx2kEgH8dQA48xOxQclJzWUzWt7kvYdvutc1kja&sig=Cg0ArKJSzCayJqucZPgXEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 25 Feb 2022 09:32:28 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 25 Feb 2022 09:32:28 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 8DC1	43 B 215 B	97ms 97ms	Image image/gif	52.71.187.127 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=81d686bf-e870-dfb9-5e20-051d290d5324&tv=%7Bc:5dV1Wj,time:512,type:e,im:%7Bpci:%7Btdr:471%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:512,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B507~0%5D,as:%5B507~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:102,fm:sYrxEAb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.912962-59461380%7C1a1%7C1a21%7C1a3,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.71.187.127 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-187-127.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://c5c3d62f11a46902f4670688dbf2840b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 25 Feb 2022 09:32:28 GMT x-server-name dt05.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012202072236000/ Frame 9325	220 KB 60 KB	41ms 13ms	Script text/javascript	2a00:1450:400e:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 1043 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61519 x-xss-protection 0 server sffe date Fri, 25 Feb 2022 09:15:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "609f9f524fc23ab6" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 25 Feb 2023 09:15:08 GMT
GET H3	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012202072236000/v0/ Frame 9325	16 KB 6 KB	59ms 32ms	Script text/javascript	2a00:1450:400e:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 1043 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5708 x-xss-protection 0 server sffe date Fri, 25 Feb 2022 09:15:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "4c9170e21c83610c" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 25 Feb 2023 09:15:08 GMT
GET H3	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012202072236000/v0/ Frame 9325	96 KB 29 KB	65ms 38ms	Script text/javascript	2a00:1450:400e:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 1043 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29623 x-xss-protection 0 server sffe date Fri, 25 Feb 2022 09:15:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "f660f99fdfd5d6c6" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 25 Feb 2023 09:15:08 GMT
GET H3	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012202072236000/v0/ Frame 9325	5 KB 2 KB	61ms 34ms	Script text/javascript	2a00:1450:400e:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 1043 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1844 x-xss-protection 0 server sffe date Fri, 25 Feb 2022 09:15:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "b0f41eb8e6d0a727" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 25 Feb 2023 09:15:08 GMT
GET H3	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012202072236000/v0/ Frame 9325	42 KB 13 KB	61ms 34ms	Script text/javascript	2a00:1450:400e:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400e:810::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 1043 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13623 x-xss-protection 0 server sffe date Fri, 25 Feb 2022 09:15:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "14164defe327400f" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 25 Feb 2023 09:15:08 GMT
GET H3	200	css fonts.googleapis.com/ Frame 9325	8 KB 892 B	41ms 27ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 25 Feb 2022 08:24:09 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 25 Feb 2022 09:32:31 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 25 Feb 2022 09:32:31 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9325	2 KB 2 KB	7ms 7ms	Image image/png	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 18:59:48 GMT x-content-type-options nosniff server cafe age 52363 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 14819457070020093239 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2502 x-xss-protection 0 expires Fri, 25 Feb 2022 18:59:48 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9325	295 B 319 B	9ms 9ms	Image image/png	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 05:43:34 GMT x-content-type-options nosniff server cafe age 13737 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 426692510519060060 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Sat, 26 Feb 2022 05:43:34 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 9325	0 0	15ms 14ms	Image text/html	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgKDgazKrQewPO_m6KpYExDOO-iFeZ5_jdnEdSrsH7Tn3ze2NXZnNq9UbLxZkhAT69J9r53Y02nTdpi6Vb5_J-4RgyZw Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 9325	0 0	79ms 79ms	Image text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CWQ5VLKIYYq74Go7a3wPM44TYDPO2-tFozZHcyK0Ps9XPg5IOEAEgndqDAmCVgqCCsAegAYuUkIEDyAEB4AIAqAMByAMKqgSgAk_QF8pclyzXgy-KjQx2SBYVYnKTzdr3hlEQ713jnCRHAJ7SCRNdyRDgahfu4kyq-Qh8Jcan9F7Utz6bxDr70_y4nQe6aQ8nIOrFCucXCPKpHgnfjU3GLv4M10fC0PdI0iWkBkvUkiIZbq9VhGd0sJyr4Hl0btHHMKE47nllSmy8XKmu6d5KyklJh0jksnNecWdyWQtRpFlwtnYKzlrlDRgubkle00ChPiT7CVyFaaSFEutgN6fK6dODeXsqYTo5yPlz1jQAwO2wZ1DFVb5DG7jfaQT7Fa-mTAgvDlzIe50OKysFKfJXP_ljMQQNk3TK5k3JZXzldk1mDUhfgYDAxpiQ_1ID0FFEoJmh8uEW4XQjE2PRC_h3SAZjGcKO6TOaisAEvLCA1oQE4AQBkgUECAQYAZIFBAgFGASAB93r736oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRCK7uwB0ggJCIjhgBAQARgdgAoByAsB2BMMiBQB0BUBmBYBgBcBshceChwIABIUcHViLTYyMjk4MjY1NTA3NjM0OTEYz98T&sigh=vEjpB74Ft04&uach_m=[UACH] Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame 9325	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fdc12ac2a0196f3e35bd61241bd1115c870a3b471ab9f5d4b8321e65dee66dc6 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/png
GET H3	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v41/ Frame 9325	28 KB 28 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.guru3d.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 00:52:22 GMT x-content-type-options nosniff age 31209 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28196 x-xss-protection 0 last-modified Tue, 18 Jan 2022 17:53:50 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 25 Feb 2023 00:52:22 GMT
GET H3	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 9325 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	51ms 50ms	Image text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Redirect headers date Fri, 25 Feb 2022 09:32:31 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0