www.guru3d.com Open in urlscan Pro
144.91.87.188 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Submission Tags: falconsandbox
Submission: On June 08 via api (June 8th 2021, 4:38:12 pm UTC) from US

Summary HTTP 278 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 48 IPs in 7 countries across 37 domains to perform 278 HTTP transactions. The main IP is 144.91.87.188, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is www.guru3d.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 1st 2020. Valid for: 2 years.

This is the only time www.guru3d.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	144.91.87.188 144.91.87.188	51167 (CONTABO) (CONTABO)
16	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
27	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
12	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1 14	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
9	2a02:26f0:6c0... 2a02:26f0:6c00:2b2::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5 18	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
12	213.254.244.23 213.254.244.23	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.135.226 185.29.135.226	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
3 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	63.32.41.216 63.32.41.216	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	52.209.147.172 52.209.147.172	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:58::8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:69::7	15169 (GOOGLE) (GOOGLE)
2	2600:9000:218... 2600:9000:218c:4800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2 2	52.212.242.37 52.212.242.37	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.86.138.119 185.86.138.119	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:218d:800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.45.234.7 52.45.234.7	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
278	48

19 144.91.87.188 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: one.guru3d.com

www.guru3d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.36 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 213.254.244.23 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20513.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20224.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20245.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.226 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.41.216 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-41-216.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.209.147.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:58::8 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

r2---sn-4g5e6nld.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:69::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5ednse.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:218c:4800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.242.37 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.119 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218d:800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.234.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-234-7.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com ade.googlesyndication.com	381 KB
54	doubleclick.net 5 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net static.doubleclick.net	573 KB
21	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps20513.doubleverify.com tps.doubleverify.com tps20224.doubleverify.com tps20245.doubleverify.com	221 KB
21	google.com 1 redirects adservice.google.com cse.google.com www.google.com clients1.google.com	186 KB
19	guru3d.com www.guru3d.com	152 KB
16	googletagservices.com www.googletagservices.com	445 KB
12	facebook.com www.facebook.com	160 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	152 KB
10	ampproject.org cdn.ampproject.org	200 KB
9	youtube.com www.youtube.com	639 KB
8	adsafeprotected.com 1 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	108 KB
7	2mdn.net s0.2mdn.net	161 KB
6	openx.net 5 redirects us-u.openx.net rtb.openx.net	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	google.de adservice.google.de	1 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	googleapis.com fonts.googleapis.com www.googleapis.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	consensu.org quantcast.mgr.consensu.org	66 KB
2	googlevideo.com 1 redirects r2---sn-4g5e6nld.googlevideo.com r2---sn-4g5ednse.googlevideo.com	979 KB
2	facebook.net connect.facebook.net	67 KB
2	teads.tv 1 redirects sync.teads.tv	414 B
2	quantserve.com cms.quantserve.com secure.quantserve.com	9 KB
2	fbcdn.net scontent-frt3-1.xx.fbcdn.net scontent-frx5-1.xx.fbcdn.net	42 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	quantcount.com rules.quantcount.com	344 B
1	ytimg.com i.ytimg.com	57 KB
1	ggpht.com yt3.ggpht.com	1 KB
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	456 B
1	media.net 1 redirects cs.media.net	1 KB
1	sonobi.com sync.go.sonobi.com	474 B
1	adkernel.com dsp.adkernel.com	233 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	456 B
1	e-volution.ai rtb2-useast.e-volution.ai	233 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	566 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	480 B
1	mathtag.com 1 redirects sync.mathtag.com	816 B
278	37

	Domain	Requested by
33	tpc.googlesyndication.com	www.guru3d.com securepubads.g.doubleclick.net 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com cdn.ampproject.org tpc.googlesyndication.com googleads.g.doubleclick.net b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
28	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com www.guru3d.com ad.doubleclick.net b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
22	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.guru3d.com 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
19	www.guru3d.com	www.guru3d.com
18	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net www.guru3d.com 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
16	www.googletagservices.com	www.guru3d.com securepubads.g.doubleclick.net 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
14	www.google.com	1 redirects cse.google.com www.guru3d.com 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com tpc.googlesyndication.com 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com www.google.com www.youtube.com
12	www.facebook.com	www.guru3d.com www.facebook.com connect.facebook.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	www.youtube.com	www.guru3d.com www.youtube.com
8	cdn.doubleverify.com	7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com cdn.doubleverify.com www.guru3d.com ad.doubleclick.net
7	s0.2mdn.net	7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com www.guru3d.com s0.2mdn.net b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
7	googleads.g.doubleclick.net	7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com www.guru3d.com b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com www.youtube.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	static.adsafeprotected.com	fw.adsafeprotected.com b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
4	www.gstatic.com	695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com www.youtube.com
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	ad.doubleclick.net www.guru3d.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
3	tps20245.doubleverify.com	cdn.doubleverify.com
3	tps20224.doubleverify.com	cdn.doubleverify.com
3	tps20513.doubleverify.com	7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com www.guru3d.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	dt.adsafeprotected.com	b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
2	rtb.openx.net	2 redirects
2	pm.w55c.net	2 redirects
2	quantcast.mgr.consensu.org	www.guru3d.com quantcast.mgr.consensu.org
2	csi.gstatic.com	www.gstatic.com
2	connect.facebook.net	www.guru3d.com connect.facebook.net
2	fw.adsafeprotected.com	1 redirects www.guru3d.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	tps.doubleverify.com	cdn.doubleverify.com
2	695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fonts.googleapis.com	securepubads.g.doubleclick.net 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
2	7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cse.google.com	www.guru3d.com www.google.com
2	b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.guru3d.com www.google-analytics.com
1	ade.googlesyndication.com
1	rules.quantcount.com	secure.quantserve.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	ssbsync.smartadserver.com	1 redirects
1	cs.media.net	1 redirects
1	sync.go.sonobi.com	695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
1	dsp.adkernel.com	695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	clients1.google.com	www.guru3d.com
1	www.googleapis.com	www.guru3d.com
1	r2---sn-4g5ednse.googlevideo.com	695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
1	r2---sn-4g5e6nld.googlevideo.com	1 redirects
1	rtb2-useast.e-volution.ai	7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
1	match.adsby.bidtheatre.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	cdn3.doubleverify.com	cdn.doubleverify.com
1	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
1	scontent-frt3-1.xx.fbcdn.net	www.facebook.com
1	stats.g.doubleclick.net	www.google-analytics.com
278	66

This site contains links to these domains. Also see Links.

Domain
forums.guru3d.com
newsletter.guru3d.com
plus.google.com
www.youtube.com

Subject Issuer	Validity	Valid
*.guru3d.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2022-09-03`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
teads.tv R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-06-01` - `2021-08-10`	2 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Frame ID: 89AE2E6A9560617D7E774E3E98A597F5
Requests: 55 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
Frame ID: 4EEA53080003EAD1EA94699E6FF31E33
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-QEdZUnwM_lF-I0EWUl8KyXYMQnEW6aobSkYEpxFZQGinJ82VABckFyeg_eZw6TR1DLz7sRdqLJK5x-U6NBo_oIoE3AZbaEva20c8mnb-zjjc3Ee_d1ll5kGsPSX0ojMw_MH-bM0-z1m9QFcluSCw4cDTchWjXXN_smDT-98tUiHPht5Tk7W2FIyMXWLbKovSGzoULVGDPEW-h-XHNOO8DE4saMOlKjP5ry7kfJPn9011dKN7slVnNJ0JhGUsooSIoKJqcc3cWcBqFxZpX3MTk5l3IB44wOJbzIMp5S54WEeZiGVUs2Px8SU&sai=AMfl-YQATDHn1mRL9OFHvTBDf2kcq5yDbyilk3P1QVjj7aUL6z5KHtSVGepw74JzRf3dE4898ahyd7D6gwvvBwmQ7xt4na51xi59F9iMQpw29mBPVzpy2PWvVynQWu5-dKg&sig=Cg0ArKJSzAkqyO3_U3anEAE&urlfix=1&adurl=
Frame ID: E905A4F2436FACC353D37C5022BF350F
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032105281634000/amp4ads-v0.mjs
Frame ID: 73AB3DF0E184EDC5FC8E51BA941F575D
Requests: 18 HTTP requests in this frame

Frame: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 36B46FEC5B67E913DCD6108B31191F75
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjSpsGjATAB&v=APEucNVaz24Kx0zPYb2GQibmrn-VXXpkbnzVsGmTDGRTVE7rF0Tz4Cqx6IUoJ_smqf7PRECh7KfTWo6x-wJ192ywBJ0MFOLLd1MhH6PNrUg_aFLuAW5uc-ZOiFzD-sGvVpiK7K6YaLVX8Tv4bcA41-8LegMUDubR26dpnzAPaFCJA3HkEalthosnD2KnG_TTq3Fp_Fa3lu3fV9Zc5VUvHbTj_Yvz8QXBNw
Frame ID: 64EC1C37C8BAD6B9EDF55176F29D2657
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 599B0349B206A194C35802638C4D3F10
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 377DA7F5214A7D309114292A9A41E0BB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2796571F35E0A628C8E0253D8E9D98D1
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 34C6374465C8154DAD2BB327D98BCBC3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: F15E677F641ED3F3687FA5AF59907871
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS8AyBFl8kzJbBT3OOHjXcK4_lv__o26ZvvXtze-fxrSyy09Gr90TylOv4g7smp-yeG5fVM6NwvEy61McyTTV5rwLPQkk_hLACvKWtWav1h_1mYy8yCZUwNOipG7cARaVpn2egXDEVX6naXGjJxRBIQN6iYMWgiRSGyIg6XvubN5qXahkOURpZxsLFt6KqJM2b-22dW8ArQ3j9F0B3_3vl0A5vIDZYFUBMjcIFlCQ8SqSuk9CT-Do-na45o6CjG9pj0Tq7AgivVvG9Ec6u_wrme2Mr9WVl2V_5f3-znNuOGsLEboTrp9WkRL3_ZA_X_KPWsio&sai=AMfl-YTpeYe4MHBmFxDVYVLjeLBsxXa1pAcYuV7mYwA1Td2AhLovJ-y5kqvoGcjAuTeDYYa7BbnUJ6vrJ5DLP8_joPJFwD6d910ZlV4MUJacbf5b9pA9wfSpJxOAmXWNB2I&sig=Cg0ArKJSzCiO6yK8zPo8EAE&urlfix=1&adurl=
Frame ID: 91E6DC7A944223EECA1A14B564E6DB88
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2001500C001E270E4403E4D37789AD6A
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1422.js
Frame ID: CA0BF94ADD98A94F465F86178905BA50
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7626016AFBB819538A3D56C62FA3358A
Requests: 8 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1422.js
Frame ID: 904FF57179CEA3E2E3345AB4FE870D86
Requests: 5 HTTP requests in this frame

Frame: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 50374473FABAEC7230496D50D717B043
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQla2PAhjz4JWqATAB&v=APEucNWKLIhJePCOoi29N99NnYVKvkmIa8NoHyEufXEkGb3_C5nV7TF4LX2ZA7nWW3E5vpc6q-aRiai494wEMAiigK9p-lglf0hn1Ys5Y2AQxJt8_Zcrz_kMWo4kLZ-fYZPxrT7JJFVKjKd2u3HZtPWS4GBaBo1CNd4ROXX1gLnqWT2bDH8U2Rw
Frame ID: 7D7ABFCDFAF14C360C29C1EFE6C610A7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 38C547ED6562AC5D60F8014335F28B70
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9329607/880063393630294/CKPRIDE-PRIO01-300x250-opt-5/index.html
Frame ID: 940B27B31413278B5523F8DE96825280
Requests: 4 HTTP requests in this frame

Frame: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5C8ED80C441D3E5E266A3838841E5ABF
Requests: 22 HTTP requests in this frame

Frame: https://www.youtube.com/embed/oqiHTjyKmt0
Frame ID: 29D9D92EA4E79BE1BACD4D628E777AD3
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: E9EE3418194E3A4EA0641F63F595D0E5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49B18210097C81F47B951F456B482A9A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 78C708598D693DED0D78CC0B30959BE9
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs
Frame ID: B1537ABC4CFF596E737293868BE365B1
Requests: 16 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: C9AF327280AA8AF3F290B376AA99F6AD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHwCY8GLuxcf2xudYasoj6aJ6-aXLP9od653yPm0TuBzNb2u0kkLCfWGbfHi5K7Uzg9rZKYmQ3WMEPPha34qXvRsOkbHu-IbbJh20kdwWTXREC9TEAcmT01gslw91vIG7nNI24_sskZrmQvWpwbIEHjYddnlyrz4FmshXgStctNX5m9GS9Az0aeV7nT04axGvI3gJbfx4nPJOMF-qCLV1SG5eMZD-vj4InOVjHekU-W4GcqIT3rVilfvSEXXY102B1yGi4C2Y8SMbqX9IwLIUrduucNOGPo-zeK8IG042hmr_BCLvoVZwBUXgDJ08&sig=Cg0ArKJSzCL2cavY3_5QEAE&urlfix=1&adurl=
Frame ID: 928A5087C8D5A22077F1DE4C0519E971
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ce40a355c14f%26domain%3Dwww.guru3d.com%26origin%3Dhttps%253A%252F%252Fwww.guru3d.com%252Ffb29a69b742%26relation%3Dparent.parent&container_width=0&font=&href=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&locale=en_US&sdk=joey&send=true&show_faces=false&width=450
Frame ID: 0B31E67A30B2AC0DC2E5390EFA54F1F6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 591662BA775544C160070DC5328AEE02
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DEA7372AA4931FADC209A43076CB49A2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

278
Requests

100 %
HTTPS

57 %
IPv6

37
Domains

66
Subdomains

48
IPs

7
Countries

4622 kB
Transfer

11683 kB
Size

0
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: http://forums.guru3d.com/
Title: FORUMS

Search URL Search Domain Scan URL

URL: https://newsletter.guru3d.com/lists/?p=subscribe&id=1
Title: NEWSLETTER

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/nvidia-rtx-io.437949/
Title: NVIDIA RTX IO

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/rtx-3080-ti-mining-limiter-also-affects-other-cryptocurrencies.438257/
Title: RTX 3080 Ti mining limiter also affects other cryptocurrencies

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/amd-to-launch-zen-4-and-rdna-3-both-in-q4-2022.438269/
Title: AMD to launch Zen 4 and RDNA 3 both in Q4 2022

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/windows-update-ships-new-mitigations-via-microcodehurts-intel-cpu-performance.437150/
Title: Windows Update ships new mitigations via microcode, hurts Intel CPU performance

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/amd-fidelityfx-super-resolution-in-ultra-quality-shows-visible-quality-loss.438214/
Title: AMD FidelityFX Super Resolution in Ultra Quality shows visible quality loss

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/gpu-sales-went-up-39-percent-in-2020.438268/
Title: GPU Sales went up 39 percent in 2020

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/radeon-software-adrenalin-21-5-2-discussion.437973/
Title: Radeon Software Adrenalin 21.5.2 Discussion

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/best-heat-sink-for-samsung-980-pro.438240/
Title: Best Heat Sink for Samsung 980 PRO

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/amd-radeon-software-uwp.437511/
Title: AMD Radeon Software - UWP

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/galax-now-offers-hof-oc-lab-geforce-rtx-3080-ti-graphics-card.438274/
Title: GALAX now Offers HOF OC Lab GeForce RTX 3080 Ti Graphics Card

Search URL Search Domain Scan URL

URL: https://plus.google.com/115994661506207361143
Title: Posted by: Hilbert Hagedoorn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=oZ9CP-Ci8IA
Title: Testing overlay editor plugin (visual hypertext editor) in RTSS 7.3.0

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=uH8F90B50bY
Title: A few more improvements in visual hypertext editor plugin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=oqiHTjyKmt0
Title: RTSS 7.3.0 hypertext editor is getting stronger and stronger

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdLFsZ-nS5OcQUZ0TUbRgU&google_cver=1

Request Chain 91

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YL.c3SzbaQSAk5T-1kKtnwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdLFsZ-nS5OcQUZ0TUbRgU&google_cver=1&google_hm=2

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDoR6v9TutRzww-CzDbtiH4&google_cver=1

Request Chain 93

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MjQwNTgxMDQxOTEwNzg5MA%3D%3D

Request Chain 134

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECjLCTABrFz0McwDLHgP8Xc&google_cver=1&google_push=AYg5qPInCCAec4khA1Rcz8rKIxthMe39Wm5pYcNVkJLIgsDrU9U2unvN9TZPbAytwd10r5pfxba3XX7a3vTb6uBPRsoVUZnILOFN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPInCCAec4khA1Rcz8rKIxthMe39Wm5pYcNVkJLIgsDrU9U2unvN9TZPbAytwd10r5pfxba3XX7a3vTb6uBPRsoVUZnILOFN

Request Chain 135

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFxzsmYJs2YKj1wNVsdTioM&google_cver=1&google_push=AYg5qPKjQ0nO-JcqycUcvMj5SV4L_JOy5U2pvzlk7N7dma-Q9yLel_nvY-9kddOPvzWe4EhPFVl0XyHRQTvgginK3CMeQhBSoXA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKjQ0nO-JcqycUcvMj5SV4L_JOy5U2pvzlk7N7dma-Q9yLel_nvY-9kddOPvzWe4EhPFVl0XyHRQTvgginK3CMeQhBSoXA&google_hm=RGbIWpFhScuqT2DMF_qGIFw

Request Chain 136

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEDRcxKiJnXtEpl7HrK_V9Kw&google_cver=1&google_push=AYg5qPL5WqMAJ44n3aHJb5TSqIs0eYAH1xCLudcpIJLqPt_DlaZ38JTLBEZyXizRMYvsJf0PHiC7r8PnPRrpY4EIfMpOhg6JRqj3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPL5WqMAJ44n3aHJb5TSqIs0eYAH1xCLudcpIJLqPt_DlaZ38JTLBEZyXizRMYvsJf0PHiC7r8PnPRrpY4EIfMpOhg6JRqj3

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJX7-Eh8wJ_em6muvjanbww&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJX7-Eh8wJ_em6muvjanbww&google_cver=1

Request Chain 150

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2U0MmJlNzctNGYxOC0yNDc4LWMwODAtMTYwODZiNmI2M2Ew

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEDznfddS_N7sKxdPXwsGtbo&google_cver=1

Request Chain 152

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NDc1NDcyNmU1MDg5MTMxZTQ0ZTliZjBiYTFjZTM0ZTA2ZWU0M2QyYg==

Request Chain 203

https://r2---sn-4g5e6nld.googlevideo.com/videoplayback?expire=1623199069&ei=3Zy_YP_gGpSI4gHQtrfABg&ip=152.89.163.92&id=c6af75515b4450e0&itag=243&source=youtube&requiressl=yes&mh=Il&mm=31&mn=sn-4g5e6nld&ms=au&mv=m&mvi=2&pl=24&susc=gvp&acao=yes&ctier=L&mime=video%2Fwebm&vprv=1&gir=yes&clen=1294202&dur=28.999&lmt=1620468145488496&mt=1623169984&txp=5432434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csusc%2Cacao%2Cctier%2Cmime%2Cvprv%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgALN6WLbnN3l1tui4SX02Mz7xzBJuJ8XzEOurZCxRpuUCIQD410xBMVPNJaEmnvLau4_vvZ3O2td4g4irmeuCS7Dc6g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgC7Jh6kyknwkIQlUEYTObAp240mL4xGXID3qbqZ6zUwwCIQCHotpsbiVBTwlUzoqGUGLjHPqd-wKdWO2OmAGTx5ZEHw%3D%3D&range=0-999999 HTTP 302
https://r2---sn-4g5ednse.googlevideo.com/videoplayback?expire=1623199069&ei=3Zy_YP_gGpSI4gHQtrfABg&ip=152.89.163.92&id=c6af75515b4450e0&itag=243&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video%2Fwebm&vprv=1&gir=yes&clen=1294202&dur=28.999&lmt=1620468145488496&txp=5432434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csusc%2Cacao%2Cctier%2Cmime%2Cvprv%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgALN6WLbnN3l1tui4SX02Mz7xzBJuJ8XzEOurZCxRpuUCIQD410xBMVPNJaEmnvLau4_vvZ3O2td4g4irmeuCS7Dc6g%3D%3D&range=0-999999&redirect_counter=1&rm=sn-4g5esd7l&req_id=c215e5fa32aaa560&cms_redirect=yes&ipbypass=yes&mh=Il&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednse&ms=au&mt=1623169984&mv=m&mvi=2&pl=50&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgKjr_imbCQA8P1x5PKaUpnMgRsD3Ghq4MLf-J4TpDR-ACIDeLAWEejDZRhGyMcn6_yad5A1O-1cNZOM8mO8o6Vudv

Request Chain 230

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBT7sJVvWI8Hf6Kwxdgp0uM&google_cver=1&google_push=AYg5qPILkZGzw9ihrQTqjyvWoeWSIolivxkTyMwz5_jHn6n-qT9T-tlOVRtfgcHLW3DVcEZdhpuxd9dY1TY3h-IX4aTcqBt4Kq3N HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBT7sJVvWI8Hf6Kwxdgp0uM&google_cver=1&google_push=AYg5qPILkZGzw9ihrQTqjyvWoeWSIolivxkTyMwz5_jHn6n-qT9T-tlOVRtfgcHLW3DVcEZdhpuxd9dY1TY3h-IX4aTcqBt4Kq3N HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z01EN3JNOHoxTFFFSkU1&google_gid=CAESEBT7sJVvWI8Hf6Kwxdgp0uM&google_cver=1&google_push=AYg5qPILkZGzw9ihrQTqjyvWoeWSIolivxkTyMwz5_jHn6n-qT9T-tlOVRtfgcHLW3DVcEZdhpuxd9dY1TY3h-IX4aTcqBt4Kq3N

Request Chain 231

https://rtb.openx.net/sync/dds?google_gid=CAESEDaLqpARuwvmo99GNIdyjhM&google_cver=1&google_push=AYg5qPLIuwriyOUuFaGanvNt-WgmiCraCc0NOpUxYkAFv-mFy-zfbYxHKa_AXsf1v3a5XREpYq3NidA9QC-StnI6s48MTTC6yAvH HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEDaLqpARuwvmo99GNIdyjhM&google_cver=1&google_push=AYg5qPLIuwriyOUuFaGanvNt-WgmiCraCc0NOpUxYkAFv-mFy-zfbYxHKa_AXsf1v3a5XREpYq3NidA9QC-StnI6s48MTTC6yAvH&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLIuwriyOUuFaGanvNt-WgmiCraCc0NOpUxYkAFv-mFy-zfbYxHKa_AXsf1v3a5XREpYq3NidA9QC-StnI6s48MTTC6yAvH&google_hm=00to1j6jwZcXRy21kloVRg==

Request Chain 232

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENRtFQ8FUDsMEE7VU5tTmM8&google_cver=1&google_push=AYg5qPIUM9XLUz9YNMTqkHWJfm22POCB3u9jnpKnP5qTfRqGHC2cs20HetzWbXTinNmTY9FLk64YX54OW8nQkJa05XDKa-_lDR8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BPOU80MU8tVC1IRUdU&google_push=AYg5qPIUM9XLUz9YNMTqkHWJfm22POCB3u9jnpKnP5qTfRqGHC2cs20HetzWbXTinNmTY9FLk64YX54OW8nQkJa05XDKa-_lDR8

Request Chain 235

https://cs.media.net/cksync?type=g&google_gid=CAESEJKo2ARC5zZ9ljAhSeEcWj8&google_cver=1&google_push=AYg5qPLV0ELV121mP16V8VBMbBvoG-3I3vnadg2ur012cVIXcx2ADzOf018daaOj40VJMc8aChj2ePXvcbOedB5Yz1aDppj76hZ5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjY2MTcxODcwMTEzNTYzNjAwMFYxMA%3d%3d&mn_hm=MjY2MTcxODcwMTEzNTYzNjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLV0ELV121mP16V8VBMbBvoG-3I3vnadg2ur012cVIXcx2ADzOf018daaOj40VJMc8aChj2ePXvcbOedB5Yz1aDppj76hZ5&gdpr=&gdpr_consent=

Request Chain 236

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKLcQeg1TFV5NjL1U2K4-II&google_cver=1&google_push=AYg5qPI9fZ1MfPPWrXK3rtVeUwbVOTzYGSVhsc5ie9R3v359NIp1XABNxBDtOk13wCYbC8y1mT0cHbZ5ShUBPLfGNDoMmLThNZ4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPI9fZ1MfPPWrXK3rtVeUwbVOTzYGSVhsc5ie9R3v359NIp1XABNxBDtOk13wCYbC8y1mT0cHbZ5ShUBPLfGNDoMmLThNZ4&google_hm=NTAzMTE0ODI3NDM5MzI0NTA4OQ%3D%3D

Request Chain 249

https://fw.adsafeprotected.com/rfw/st/719405/54836762/skeleton.js?adsafe_url=https%3A%2F%2Fwww.guru3d.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:2c63dc40-3239-003f-b231-be7585b5be34,c:eY9mff,sl:na,em:true,fr:false,mn:app31ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:szLj29Y+11%7C1211%7C1212%7C1213%7C1214%7C1215%7C1216%7C1217%7C1218%7C122%7C123%7C13%7C14%7C1511%7C152%7C153%7C154%7C16*.719405-54836762%7C161%7C162%7C163%7C17%7C18%7C19,idMap:16*,pl:,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:472,oid:dca8429f-c877-11eb-bd4d-06cc0da90f4d,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_300x250.js

Request Chain 253

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

278 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set rtss-rivatuner-statistics-server-download.html Show response
www.guru3d.com/files-details/ 42 KB
12 KB 153ms
59ms Document
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PHP/5.6.40 PleskLin
Resource Hash: 51c8aa57f5dc14ad8e5097203c48965abfb6128359463beaeb4f7c05078ac1a7

Request headers

Host: www.guru3d.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:42 GMT
Server: Apache
X-Powered-By: PHP/5.6.40 PleskLin
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=m9kncl02itfa4rc8roecms9mm6; path=/
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery.js Show response
www.guru3d.com/core_javaload/ 92 KB
33 KB 1099ms
35ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/jquery.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PHP/5.6.40 PleskLin
Resource Hash: 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Cookie: PHPSESSID=m9kncl02itfa4rc8roecms9mm6
Connection: keep-alive
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:43 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40 PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK index.php
www.guru3d.com/ 31 KB
6 KB 87ms
33ms Stylesheet
text/css 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PHP/5.6.40 PleskLin
Resource Hash: 7a84683ee8a423fa78ecf2b2c4c4fcf0c93bde3586c7b687c801991a41effab4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Cookie: PHPSESSID=m9kncl02itfa4rc8roecms9mm6
Connection: keep-alive
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:42 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40 PleskLin
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK WnFYg.png
www.guru3d.com/gurustuff/ 3 KB
3 KB 91ms
42ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/WnFYg.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PleskLin
Resource Hash: 828d20c8ec459667b12c0d698b9450f2a2d6127394d1dc8ada898362412d21d5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Connection: keep-alive
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:44 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:09 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "be0-595ccf460bcdc"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3040

GET
H/1.1 200
OK hoverintent.js Show response
www.guru3d.com/core_javaload/ 3 KB
1 KB 1318ms
29ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/hoverintent.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PHP/5.6.40 PleskLin
Resource Hash: 719875309a034313c742edfa43b78177ba49971a941b961ca9dd360eab569c8e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Cookie: PHPSESSID=m9kncl02itfa4rc8roecms9mm6
Connection: keep-alive
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:43 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40 PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK superfish.js Show response
www.guru3d.com/core_javaload/ 4 KB
2 KB 300ms
31ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/superfish.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PHP/5.6.40 PleskLin
Resource Hash: 3e9fb74061133f9dc6c809fb777bdcdc8e02b6812ad5bf39aad5f6c69f1b96dd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Connection: keep-alive
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:43 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40 PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK animatedcollapse.js Show response
www.guru3d.com/core_javaload/ 11 KB
4 KB 77ms
27ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/animatedcollapse.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PHP/5.6.40 PleskLin
Resource Hash: cf8014b54a505e4cb24907b253d9a89888ddc5c1e57fb7b973a87f2b2fd50e37

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Connection: keep-alive
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:44 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40 PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK kstar.gif
www.guru3d.com/images/ 888 B
1 KB 997ms
720ms Image
image/gif 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/images/kstar.gif
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PleskLin
Resource Hash: 385fa695850ccaf7910690c9170f01b3b57a9ec2f401592f49b63d480b1d84c2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Connection: keep-alive
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:45 GMT
Last-Modified: Sat, 26 Oct 2019 09:29:42 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "378-595cce8101eb2"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 888

GET
H/1.1 200
OK 225
www.guru3d.com/files_teaserimage/ 17 KB
17 KB 1129ms
36ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/225
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PHP/5.6.40 PleskLin
Resource Hash: 2e387ea940da1b59933421290c1112a89a40b7c0da2342ac4c46e4c5eef7f3f2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Connection: keep-alive
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:46 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40 PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 16849

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05fac9131326c8e60070747ff20c51b861a21da401621453a59080c1db855315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "896 / 738 of 1000 / last-modified: 1623150488"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21288
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:43 GMT

GET
H/1.1 200
OK index.php
www.guru3d.com/ 31 KB
6 KB 1460ms
49ms Stylesheet
text/css 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2&ie=6
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PHP/5.6.40 PleskLin
Resource Hash: 8be66a7482b742f3c31ba67cc325f1fd8e8b4218ae1e6525d08d3635316b1f69

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Connection: keep-alive
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:47 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40 PleskLin
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3531
date: Tue, 08 Jun 2021 15:38:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 08 Jun 2021 17:38:54 GMT

GET
H2 200 pubads_impl_2021060301.js Show response
securepubads.g.doubleclick.net/gpt/ 312 KB
110 KB 43ms
43ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 08 Jun 2021 16:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Jun 2021 08:37:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112073
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:43 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 46ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 45ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 872 B
262 B 1215ms
1215ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4291164364558076&correlator=1339379098742804&output=ldjh&impl=fifs&eid=31061359%2C44743204%2C44744015&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210608&iu_parts=21536815%2Cwrapper&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=1x1%2C1x1&ists=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623170265&dt=1623170265712&dlt=1623170262482&idt=3201&frm=20&biw=1600&bih=1200&oid=3&adxs=0%2C-9&adys=30%2C-9&adks=1612380904%2C3918806337&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x61%7C0x-1&msz=1x-1%7C0x-1&ga_vid=113647218.1623170266&ga_sid=1623170266&ga_hid=111097677&ga_fc=false&fws=4%2C2&ohw=1600%2C0&btvi=0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

07349335235be0e3140ba1ab55b0a1997eb0b217338b4c87459ba566a88b471c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 72ms
14ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK d3yoh.jpg
www.guru3d.com/gurustuff/ 33 KB
33 KB 1103ms
27ms Image
image/jpeg 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/d3yoh.jpg
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PleskLin
Resource Hash: 43cca61ef3583b0cc352dd8b3b76fc670bbb528bf2a2d269d1c91313fb53e9a9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Connection: keep-alive
Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:46 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:03 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "84d0-595ccf400da3a"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 34000

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 7 KB
4 KB 1206ms
1206ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4291164364558076&correlator=1339379098742804&output=ldjh&impl=fifs&eid=31061359%2C44743204%2C44744015&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210608&iu_parts=21536815%2Ctop_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1623170265&dt=1623170265726&dlt=1623170262482&idt=3201&frm=20&biw=1600&bih=1200&oid=3&adxs=699&adys=41&adks=1733603311&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1274x110&msz=728x-1&ga_vid=113647218.1623170266&ga_sid=1623170266&ga_hid=111097677&ga_fc=false&fws=4&ohw=1274&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

cca7714e93c2f1aa279408d29134d3cd8d0e350db1517fb8d7a654941f30ef12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4349
x-xss-protection: 0
google-lineitem-id: 129863295
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234729855
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Ovdce.png
www.guru3d.com/gurustuff/ 3 KB
3 KB 1093ms
26ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/Ovdce.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PleskLin
Resource Hash: 040cca331d65b92bd45651da329569579ad081ec68afdc8d0180c05aad170324

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Connection: keep-alive
Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:46 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:08 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "b6d-595ccf44b6fc9"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 2925

GET
H/1.1 200
OK 6gh4U.png
www.guru3d.com/gurustuff/ 3 KB
3 KB 460ms
27ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/6gh4U.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PleskLin
Resource Hash: b8dfcaa28c54fa0398fa53a50f078313a1f33345eee98cd6dd4a08b547a915e2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Connection: keep-alive
Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:46 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:01 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "b2b-595ccf3ef36a5"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 2859

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
12 KB 1999ms
1998ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4291164364558076&correlator=1339379098742804&output=ldjh&impl=fifs&eid=31061359%2C44743204%2C44744015&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210608&iu_parts=21536815%2C300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1623170265&dt=1623170265747&dlt=1623170262482&idt=3201&frm=20&biw=1600&bih=1200&oid=3&adxs=1127&adys=188&adks=1379754963&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=295x250&msz=300x-1&ga_vid=113647218.1623170266&ga_sid=1623170266&ga_hid=111097677&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

87f66cff2f82d70fa92d4cf3a1c94700e06ecd7a5f0fa9ce872d4c12e3e15aa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12018
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK C2upk.png
www.guru3d.com/gurustuff/ 3 KB
3 KB 483ms
44ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/C2upk.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PleskLin
Resource Hash: f2696ba428936d516c3dd50c2e9726d8c82cbd48e4938a6f04e965185e1ee562

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Connection: keep-alive
Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:46 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:02 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "b52-595ccf3fc947c"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 2898

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 7 KB
4 KB 2515ms
2514ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4291164364558076&correlator=1339379098742804&output=ldjh&impl=fifs&eid=31061359%2C44743204%2C44744015&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210608&iu_parts=21536815%2C300x600_navbar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cookie_enabled=1&bc=31&abxe=1&lmt=1623170265&dt=1623170265755&dlt=1623170262482&idt=3201&frm=20&biw=1600&bih=1200&oid=3&adxs=1127&adys=1038&adks=2692230078&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=295x600&msz=300x-1&ga_vid=113647218.1623170266&ga_sid=1623170266&ga_hid=111097677&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e389b9bedde44beef343381b48538fbb8cb703990174e40dead094a6eceda804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4144
x-xss-protection: 0
google-lineitem-id: 129863055
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 48542942415
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame 4EEA 46 KB
15 KB 98ms
98ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b5a14b59db762f743111ee9a702d24204f7365225ab93f0ca098ad48e7380c2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
x-xss-protection: 0
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
strict-transport-security: max-age=15552000; preload
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: d974tRVyL9VQ+4wWYz1I/wOqDWyEaSYRDMfD4Rgdl92DowodZfXoShpTN2qAySBqTUnhgP/G22fRu6699iO6NA==
date: Tue, 08 Jun 2021 16:37:45 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 3340ms
3339ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4291164364558076&correlator=1339379098742804&output=ldjh&impl=fifs&eid=31061359%2C44743204%2C44744015&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210608&iu_parts=21536815%2C300x250_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1623170265&dt=1623170265761&dlt=1623170262482&idt=3201&frm=20&biw=1600&bih=1200&oid=3&adxs=1127&adys=2166&adks=3057682820&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=315x10&msz=295x0&ga_vid=113647218.1623170266&ga_sid=1623170266&ga_hid=111097677&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9c07060cb190b578e5008ec0562684419e1a72d39b0e6b7e2c0b8d3f02c6469f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7239
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 61ms
40ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

529518246724f27b1cead326518d616dd59df475fafa0537d9a592773af64c81

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Tue, 08 Jun 2021 16:37:45 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3482
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:45 GMT

GET
H/1.1 200
OK comment2.png
www.guru3d.com/gurustuff/comments/ 459 B
715 B 509ms
25ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/comments/comment2.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PleskLin
Resource Hash: 1f1ca8a1b3681d03a2f919d1175e672f1fa42514afcb35318fe565a2ea602c50

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Connection: keep-alive
Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:46 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:12 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "1cb-595ccf48897e2"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 459

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=111097677&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&ul=en-us&de=UTF-8&dt=Guru3D%20RTSS%20Rivatuner%20Statistics%20Server%20Download%207.3.2%20Beta%202&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1897062837&gjid=1178128060&cid=113647218.1623170266&tid=UA-1106208-1&_gid=1702065417.1623170266&_r=1&_slc=1&z=363525599

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 4132ms
4131ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4291164364558076&correlator=1339379098742804&output=ldjh&impl=fifs&eid=31061359%2C44743204%2C44744015&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210608&iu_parts=21536815%2C336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1623170265&dt=1623170265781&dlt=1623170262482&idt=3201&frm=20&biw=1600&bih=1200&oid=3&adxs=193&adys=324&adks=1686487856&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=894x19&msz=894x0&ga_vid=113647218.1623170266&ga_sid=1623170266&ga_hid=111097677&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2d7e655a7ee575f4fe97a43647169b6a1803b9e411b90ff86673e935bb4aa5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10700
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
87 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-1106208-1&cid=113647218.1623170266&jid=1897062837&gjid=1178128060&_gid=1702065417.1623170266&_u=IAhAAEAAAAAAAC~&z=602086441

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 08 Jun 2021 16:37:45 GMT
content-type: text/plain
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 274 KB
90 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92213
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 16:36:01 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
9 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 07:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 07:41:02 GMT

GET
H2 200 minimalist.css
www.google.com/cse/static/style/look/v4/ 5 KB
2 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/minimalist.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5867ad740bc719bf1309b5f65537b7ba69f2cba5e9a193679859542d1bc7f95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1452
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Jun 2021 16:38:10 GMT

GET
H3-29 200 _a7GMethVmO.css
www.facebook.com/rsrc.php/v3/yU/l/0,cross/ Frame 4EEA 403 B
233 B 11ms
9ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yU/l/0,cross/_a7GMethVmO.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e33ff1358fa9a5f10a0eb4fe24b789243e6e10383dd484e042e67aa733caa00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MsJZ+OfILq3C/2e+z94hlQ==
cross-origin-resource-policy: cross-origin
content-length: 182
x-fb-rlafr: 0
x-fb-debug: MzeOLEjnfnPlgEnDtw+6AO9vcAwYYm7nHZMAR0bbmxqQZxECiJmvYLWaFjaF/3+bwJNFmWjoxQrRAatZHqPcEA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 Jun 2022 17:26:49 GMT

GET
H3-29 200 P62bCj8fm62.css
www.facebook.com/rsrc.php/v3/yE/l/0,cross/ Frame 4EEA 18 KB
5 KB 15ms
13ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yE/l/0,cross/P62bCj8fm62.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e3ee33c0d0ef6dea0f041d694d5e4cebe93ed83b6ef2a6743b72fef3fd5a725

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rCpiDejgksd/gNADu4Xsiw==
cross-origin-resource-policy: cross-origin
content-length: 4694
x-fb-rlafr: 0
x-fb-debug: sHNW1fG+t4j/TrABMHVgv2YiSgzoRsJu1jktm7iZYo0C6JgIB/Jvcop5Sn8pz5eXm3TreF0cE7NKYJRn4yQXWQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 Jun 2022 17:26:49 GMT

GET
H3-29 200 5Fsnp3irenq.css
www.facebook.com/rsrc.php/v3/yt/l/0,cross/ Frame 4EEA 2 KB
868 B 11ms
10ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yt/l/0,cross/5Fsnp3irenq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec98f88129d5c3180c878d70ae27ffcdf7907737e4d2e82ec41b6f81fe1cd8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 06:09:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: J9gtDCcpBAeYh1TcXJ9kqQ==
cross-origin-resource-policy: cross-origin
content-length: 816
x-fb-rlafr: 0
x-fb-debug: Zepo1PkFlrY2Vmesijfac2L7B4+pLQ7/igpeO3AR/8Ph7djWFSY1Q0EGRprVIRfi2Z9QqM6DW2155wQyjt8Xkw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 Jun 2022 06:09:49 GMT

GET
H3-29 200 mN8-gFiYmm3.js Show response
www.facebook.com/rsrc.php/v3/y0/r/ Frame 4EEA 293 KB
80 KB 16ms
14ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y0/r/mN8-gFiYmm3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

161d6a8c4bd0ecd29d2265fcc4c94184a0c0429630b1f086c00fdb1902a9c380

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 23:09:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: eswN4V6szo7JSf8Wt7HIzA==
cross-origin-resource-policy: cross-origin
content-length: 81495
x-fb-rlafr: 0
x-fb-debug: lGs5s0XguI3yczFn1mdHLEeGjMUJxbw6667WNs5uktBdTd8wFup466YBPR/wiMu4uF1AS8pZG2kCzAHQF6Vkxw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 Jun 2022 23:09:27 GMT

GET
H3-29 200 IEOQM8FL8ot.js Show response
www.facebook.com/rsrc.php/v3/yr/r/ Frame 4EEA 5 KB
2 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 06:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy: cross-origin
content-length: 1630
x-fb-rlafr: 0
x-fb-debug: QwdxBlgeZ21GWcm6/SH5qG8D1LYgfpg0W4ijBBBffu9GBKSANR9XhlXFoRM3Vysq6ZgDlNIOpvIgbbETXWSwjQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 Jun 2022 06:09:54 GMT

GET
H3-29 200 PMpwGp28cfY.js Show response
www.facebook.com/rsrc.php/v3/yz/r/ Frame 4EEA 63 KB
19 KB 17ms
15ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yz/r/PMpwGp28cfY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24529743c119d238d0f6d9fa9ab0f6a0acff5d9830eca12a38e467d6ce885bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 17:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0C17lcUGQTxVDFdmWzINuA==
cross-origin-resource-policy: cross-origin
content-length: 19680
x-fb-rlafr: 0
x-fb-debug: S4zYVW/qYmjUyfkCjxEUcbtgXEUWREE19919YIY1j5hi570cCgxHzu0gLjmgB9KEgx7Y4GO5yNWLNMH0E82xOg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 Jun 2022 17:26:49 GMT

GET
H3-29 200 95chlza_dno.js Show response
www.facebook.com/rsrc.php/v3iEpO4/ya/l/en_US/ Frame 4EEA 126 KB
35 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/ya/l/en_US/95chlza_dno.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a279353428bcdaa74885c504a392a01569627f0deb37cb434762f113770c3d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:59:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: v1YexYI7cKQAIp0K2oYd6Q==
cross-origin-resource-policy: cross-origin
content-length: 35919
x-fb-rlafr: 0
x-fb-debug: 28Ze6y5/Xr42h8yjEdplSzbkjf3JgD6l7MxgIxuy1ZvJsMSJTGvckKf281QkvLe5Mdh/uubvkzG3GysBHtDhSg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 Jun 2022 20:59:34 GMT

GET
H3-29 200 q3JF3hLjbAD.js Show response
www.facebook.com/rsrc.php/v3/yc/r/ Frame 4EEA 2 KB
849 B 14ms
13ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yc/r/q3JF3hLjbAD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec05ca405d0d682ad632a5e8fb5a05f817734fa108f07bdbff4afaaf6c8f11b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:18:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1ETliEs92UIU/fKzQa5sDA==
cross-origin-resource-policy: cross-origin
content-length: 797
x-fb-rlafr: 0
x-fb-debug: 2d8HVLQCTaeJ5fRJUVOg7JHgbMzWiwddZ/MZMDE8HcmD9HQciwUjy5jVp7+GaocdNAaaOIHLgMZ/VDcLiBmf5A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 Jun 2022 20:18:38 GMT

GET
H2 200 980015_533586583343807_1764489926_o.jpg
scontent-frt3-1.xx.fbcdn.net/v/t31.18172-0/p526x296/ Frame 4EEA 39 KB
40 KB 28ms
7ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t31.18172-0/p526x296/980015_533586583343807_1764489926_o.jpg?_nc_cat=104&ccb=1-3&_nc_sid=a61e81&_nc_ohc=mRhbbghshm0AX9OF9OE&_nc_ht=scontent-frt3-1.xx&tp=6&oh=58791572f6cd92852426e4fab686db93&oe=60E48419
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 627d1b49321d7a8a4a4073f34b3ba1c96738f3f0d1f9c54f3b251bb819975a8e

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2532042100
date: Tue, 08 Jun 2021 16:37:45 GMT
x-fb-trip-id: 686109401
last-modified: Fri, 07 Jun 2013 06:34:14 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1469356964
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 40365

GET
H2 200 188311_222951111074024_7587693_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.18169-1/cp0/c20.16.199.198a/s50x50/ Frame 4EEA 2 KB
2 KB 8ms
6ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.18169-1/cp0/c20.16.199.198a/s50x50/188311_222951111074024_7587693_n.jpg?_nc_cat=110&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=V6ubMEPe1hsAX_hIeA1&_nc_ht=scontent-frx5-1.xx&tp=28&oh=8e56de50a3fc427b20dbcff43adce7d4&oe=60E34B59
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a515b24a0ddb5985de71e218ff259ce1f92256cea1a61954ccf157649c3fdbeb

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 420387698
date: Tue, 08 Jun 2021 16:37:45 GMT
x-fb-trip-id: 917726464
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3867042620
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1800

GET
H3-29 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame 4EEA 573 B
623 B 7ms
7ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yU/l/0,cross/_a7GMethVmO.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yU/l/0,cross/_a7GMethVmO.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: zHXZqDCIbZWuLgeI1XMP4yspbsvVzTMwVO7Xp0MzbQ8lQaOZoUm9Z4B/EHtyyG1yLxpcXiuYBh0yRqmQuhHCTg==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Sat, 29 May 2021 00:13:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 573
timing-allow-origin: *
priority: u=3,i
x-fb-rlafr: 0
expires: Sun, 29 May 2022 00:13:04 GMT

GET
H3-29 200 IcaTm-jFAR8.js Show response
www.facebook.com/rsrc.php/v3/yP/r/ Frame 4EEA 7 KB
2 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yP/r/IcaTm-jFAR8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y0/r/mN8-gFiYmm3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b26263e492d4334076354b0db27917b73fdf99ca6f24ecb267ddca57a40138b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 06:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XfPy4s+vkyIdTYCGlL45zw==
cross-origin-resource-policy: cross-origin
content-length: 2240
x-fb-rlafr: 0
x-fb-debug: Jr+EwBfbTkFHNGYUNS2Bq3bQwu1ZtIN4zCSud5UUhz4PzXvtAQSx/15TLBrYg72gOF351PtqK5Z7bRyUr6hVNg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 Jun 2022 06:09:54 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E905 0
0 87ms
86ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-QEdZUnwM_lF-I0EWUl8KyXYMQnEW6aobSkYEpxFZQGinJ82VABckFyeg_eZw6TR1DLz7sRdqLJK5x-U6NBo_oIoE3AZbaEva20c8mnb-zjjc3Ee_d1ll5kGsPSX0ojMw_MH-bM0-z1m9QFcluSCw4cDTchWjXXN_smDT-98tUiHPht5Tk7W2FIyMXWLbKovSGzoULVGDPEW-h-XHNOO8DE4saMOlKjP5ry7kfJPn9011dKN7slVnNJ0JhGUsooSIoKJqcc3cWcBqFxZpX3MTk5l3IB44wOJbzIMp5S54WEeZiGVUs2Px8SU&sai=AMfl-YQATDHn1mRL9OFHvTBDf2kcq5yDbyilk3P1QVjj7aUL6z5KHtSVGepw74JzRf3dE4898ahyd7D6gwvvBwmQ7xt4na51xi59F9iMQpw29mBPVzpy2PWvVynQWu5-dKg&sig=Cg0ArKJSzAkqyO3_U3anEAE&urlfix=1&adurl=

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 08 Jun 2021 16:37:46 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame E905 61 KB
21 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05fac9131326c8e60070747ff20c51b861a21da401621453a59080c1db855315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "896 / 793 of 1000 / last-modified: 1623150488"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21288
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E905 122 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066169988846"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:46 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066164336645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28149
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:46 GMT

GET
H3-29 200 pubads_impl_2021060301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E905 312 KB
109 KB 27ms
26ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Jun 2021 08:37:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112073
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame E905 107 B
165 B 18ms
18ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame E905 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E905 22 KB
12 KB 573ms
573ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=194494179706694&correlator=119340793857661&output=ldjh&impl=fif&eid=21064368%2C44741898&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210608&iu_parts=8095840%2C43.guru3d.com_728x90_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie=ID%3D2cd439efd9e73367-22bec7ca5bc800be%3AT%3D1623170265%3AS%3DALNI_MaDHqJNZ0p2vGRM2XKV8iXWMIBTCQ&cdm=www.guru3d.com&bc=31&abxe=1&lmt=1623170267&dt=1623170267102&dlt=1623170266949&idt=144&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=699&adys=41&adks=1056697662&ucis=7yc1xvrgb00g&ifi=1&ifk=879406812&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&top=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=728x0&ga_vid=1499508040.1623170267&ga_sid=1623170267&ga_hid=958906431&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

247245d0cb1ac7dba1fa1f9007fb66629abd05d52cbbd9b9d7a98c6d934fa9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12186
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E905 0
0 47ms
14ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame E905 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5d9e4e9dbd57f24851995a5a63abab40d3e575c700256b59eb8c40147105216

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E905 0
0 62ms
61ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHapQN8QlDulbof7F7O2lCU7rzs0Zz7J9vcMXld8WYqdCdo6VZerOVtDPoBq6rVfBq0xNDQUHOHFsug1AEeUNFElTEEsTQTN7R7a54S-bDo-M0KW4OhMEJqNcoWqB-5oY0goKmB2n3UDkiSSHUb4GIoQkxOzlrzQzzE1bnawCOEanffQA8V5r0rIWjt2VztyFyMgFZsFmqAuBwEOtq0J8-TNfR6t4g3dUY1V4yM4h-3GKyg6CvWCUAQCC0rc1zp_UmNrSeQKc4i0Uau-SJ682AdYHrY_uzdTpoHYl6PBkV&sai=AMfl-YTUJeSYwE8ZZ4CjPc4j_NgclIy2kMzb_Mqt3QlJOjW1UPkM5W9ov55kJQx0wyZj73ni0P_xb3guZywuA3U-G4vQwh6dn14TfSoAnJo8Ry7SpVdFX1uyl40BQgNKXiM&sig=Cg0ArKJSzPVmbJrMcnHOEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 08 Jun 2021 16:37:47 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032105281634000/ Frame 73AB 191 KB
55 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bec5f2d4c04b745da44edaf721e56b231f9d08914a11b397d848c40f69d0c48f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 36711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55252
x-xss-protection: 0
server: sffe
date: Tue, 08 Jun 2021 06:25:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d4150df44d24ecdc"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:25:56 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032105281634000/v0/ Frame 73AB 12 KB
5 KB 50ms
23ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 576019
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Wed, 02 Jun 2021 00:37:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:37:28 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032105281634000/v0/ Frame 73AB 87 KB
27 KB 47ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 588448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Tue, 01 Jun 2021 21:10:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 21:10:19 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032105281634000/v0/ Frame 73AB 4 KB
2 KB 49ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 581308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Tue, 01 Jun 2021 23:09:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 23:09:19 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032105281634000/v0/ Frame 73AB 41 KB
13 KB 45ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Tue, 08 Jun 2021 14:24:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 14:24:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 73AB 4 KB
713 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 14:40:40 GMT
server: ESF
date: Tue, 08 Jun 2021 16:37:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Jun 2021 16:37:47 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17446340177569403089/ Frame 73AB 12 KB
13 KB 32ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17446340177569403089/downsize_200k_v1?w=400&h=209

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdf8bb72e7cd524f1439d64b7fedb01ede8cf9af6b87a4eb6c2afb7ac00585ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 08:07:29 GMT
x-content-type-options: nosniff
age: 30618
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12713
x-xss-protection: 0
last-modified: Tue, 18 May 2021 22:41:38 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 08:07:29 GMT

GET
DATA 200
OK truncated
/ Frame 73AB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 73AB 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95f435fd687ecc701151cf3438556717e8c0e48be2ac52d77447146beafeaa1b

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 73AB 2 KB
3 KB 28ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 13:34:38 GMT
x-content-type-options: nosniff
server: cafe
age: 10989
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 09 Jun 2021 13:34:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 73AB 295 B
399 B 28ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 20:37:24 GMT
x-content-type-options: nosniff
server: cafe
age: 72023
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 08 Jun 2021 20:37:24 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 73AB 0
0 18ms
16ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnPnjArZYme1KJPxXgl_LWyMz8gGc6n0ZBTzWWUpwfFCA1LnCBh2uP2F3-aEw2lI3g1ndP-vpLgpK5ALjgY1-3JzyOrw
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 73AB 0
0 78ms
76ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLi5x2py_YI_bNq2xlQecqZCQCKmixYpjwvHNmI8O-O-os5EOEAEgndqDAmCV-vCBjAegAY_2-fYDyAEJ4AIAqAMByAMKqgSmAk_Qlf3p2DO51A9rycNAKJl_1M_rX60M1BWvAY1cYFBYMUSZwsXVIfM_zThR5z0GfF9FfC1pP7j6uk7DVBQDODzekXulZb41AHI3EYMMm4FwmPIMToFPlo2yLOHmbknpG-tagaSjNwY2mosf8GRxc5uBJbfn5bdgkMHnTsRRo7h_dZmSVXqbHxoELvTe37umrZqDk8zc7X4gJ9b-AvuzLah9XTMyL7MJ97QsbJfRp9nPQh2i7k62bc98hqf8PmDWbvG44I9JYGKZVGrjVX9mCqk3YBLYjo1zNjttJa_-SnTaysy96FptsSRWGeP9fvAMPZh4PJVegF7KBQp-kEgu_WvD4Zazy-7FSORCbrh2oRblipmYmcCTfeowL-TrZJTVPwMfukCyycAE3fvJ2IID4AQBkgUECAQYAZIFBAgFGASgBi6AB8TL32KoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ7JI60ggJCIjhgBAQARgdgAoByAsBuBOIJ9gTDYgUAdAVAYAXAbIXGgoYCAASFHB1Yi02MjI5ODI2NTUwNzYzNDkx&sigh=ZRQflK5fJxA&template_id=5000
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html Show response
7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 36B4 6 KB
3 KB 24ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 08 Jun 2021 16:37:47 GMT
expires: Wed, 08 Jun 2022 16:37:47 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E905 73 KB
28 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:47 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066164336645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28149
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E905 10 KB
8 KB 38ms
17ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61c0848f7415eaba2723d26af043b77f67109da6dcadd93e812b5f8ae8f926c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7891
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 73AB 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.guru3d.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 00:19:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 577089
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Thu, 02 Jun 2022 00:19:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 73AB 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.guru3d.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:14:27 GMT
x-content-type-options: nosniff
age: 12200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:14:27 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E905 17 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:47 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 64EC 624 B
474 B 19ms
19ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjSpsGjATAB&v=APEucNVaz24Kx0zPYb2GQibmrn-VXXpkbnzVsGmTDGRTVE7rF0Tz4Cqx6IUoJ_smqf7PRECh7KfTWo6x-wJ192ywBJ0MFOLLd1MhH6PNrUg_aFLuAW5uc-ZOiFzD-sGvVpiK7K6YaLVX8Tv4bcA41-8LegMUDubR26dpnzAPaFCJA3HkEalthosnD2KnG_TTq3Fp_Fa3lu3fV9Zc5VUvHbTj_Yvz8QXBNw

Requested by

Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJfnugEQw7j0ARjSpsGjATAB&v=APEucNVaz24Kx0zPYb2GQibmrn-VXXpkbnzVsGmTDGRTVE7rF0Tz4Cqx6IUoJ_smqf7PRECh7KfTWo6x-wJ192ywBJ0MFOLLd1MhH6PNrUg_aFLuAW5uc-ZOiFzD-sGvVpiK7K6YaLVX8Tv4bcA41-8LegMUDubR26dpnzAPaFCJA3HkEalthosnD2KnG_TTq3Fp_Fa3lu3fV9Zc5VUvHbTj_Yvz8QXBNw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkBzBoKdXR91KJyUGHNUV3vIgCXZ1wTMJRfLFloj1LcAgYWnI1_p31FhZCfZa0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 08 Jun 2021 16:37:47 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Jun 2021 16:37:47 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 36B4 24 KB
12 KB 43ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnxKkoZUg7w4akqguN1EEikkKXN85VXqPMJT9Ra2Z3PRE3SOpJrsNdmDFKJasPO5PbxHnEhskb0u9OA-d_doNrA_oAUTVLOuK6C6wmSVfh53r8lqbI1dh9cG3hvajjqXl63j53E-YXawSGwJouXHp_gxte_A&cry=1&dbm_d=AKAmf-BHM1_op211cGTC0ClKwws59MKpAaNjFz9QoagBu1ZZ9JviupSQujlp_ad14OM6Yi3bq8fy8UB66N3IjaGSaSTqRoodSF_Bgu1jqeypRjfis6gRaKLjGxFqLRlbK6szmxoDF8Yyp6LUVP0ntmry5AsnVc1rBkF0g6GpxDsBOWD7lYMfdr2ve_KKwhRSVXlF8oubs8QVigpOPLEtKuNgIlpzVurVDH6ejc5YvvwzFsdDmJbSMdo66VQZTCa1et7BY3R4Ws36XD7KlmQK69EeMzgyxe4xEUBEMvsgMzTsz2x7Wh46eA1fzb0PCCwk-dNxrqzOx2N1dHK8TIcGoIzS3fod3U31ZwhtwWd8QjM5lvgF5OXE7ypzX0XB1TKbfZXyyZ49K2YGIgrWFeL5utmQIhXCWg2p56VURxPv7pTXWehUoClnPKVVNveE3jDEkfbdk5VKV2-3bC29oVTBN6q40Q8kFDT5_AcFBC71eICp8UM3Q4MQrUqIciC0pSzEOcSvUiu2SD2CqSaTK4Sto40TyxjiBATem2ZRQQz2VC_I6WM3N5OvYYNcDTXsErg5mAh59ZHwhp7OTGwbIEX0u-f0aQ52DA9a9uYc0iqHago3tM8Iwb_E7UxxR_A8PRIaAmlya5SOKYNpMndSFIHl5p-84LZSQwdDTisDAaNIIsKukWq6RczhlYGnuUHGcJf0qUxWiWXgEgBgsO_8zyudQ9m3RrQJ8u0qD8kI7RveUxtEJ5HevVEwN11hKz5QmtpRTmNbxlBAi0-GZJKmf1OlbnyLEU_jcbGY_gbSJo6sKsRyeDA8AsVGnoPIlWpCPziXQ2t_skLK8AhLcx4IOHq4Kx10RLjbJVnP8-TzoVqjEw4DWVPgL2_RXWNBixASVWrnGFRYZuoD5oQxW2Q5o_ld63qL0cTSGaAlsy2ufC6W2czVLv4btnbKWQS0DoDHR7qWnMt3yWx4SOe8WevXDFZAxRohze-e6UGxKr0oDR3YI7d9OZzz3or0majzckDj_TMFS7MWZJLFFE-sow0zwPun1nbTCArR0lUzGvpOXvitzrDS11BEzntxoIrzKbQJyz18i6IldjHZvqJD6f2ZDiYrKTEe6p0i1zWebs-uMJuAfY6NpEeUU4MrJmap-wO9LBS3MOyvhnSgudU01T821wqFnwm4J6vda7KF3T3Ji9cLtwaiU_yVAgQKhcw8lLq419Lk1MM8An48r8ghaza1vWfuWT8cdNcp5xdmkzWZbFYFMRQRzoEvvS-8FkJkJEnL4srWSfUW3Gmc9MSz6Ac6qPC5sQLqX4RD3l8qrrBEgGDhEZxz-6-d0_f73_vu-mLKAyw7SV5tLF7Yuexa4XGifxlvoKqoJAoHZ_zMgQUSWRJdbDmOFU9M5zD7AyLptB5HnIlWqBOUDX_JBt-6skRLqCPm-1jtKMt4DHADB90iqBHxVKbNxCAqy0X-6epM8P7C-2VLnhrKgC22nuI0ku2UQVRndL7F98JXozxf7wg6qjSLQLNuyK_T0fmFxCA98yZ30PUcJ0gIQ0jlI2fyBf8mwMOoX7NoKWdt9fBdP2sZW88QW6TPnsPjerSYTWvsbcrXwF4G0wgUXk9qG0-LeH_wFX3hYBpoK7sif4JyGsSF6zb3ZVradlFapeSRjuOE1Gx6zTfmg6Cj3342sj2HTNbXYCFUt61RJjL-9LfUKnX9k3QuOf2dBYlqL1_uZGiLKuPZry7uvL2plZHZ76rINPDK8aC2OVQt_GW-vV2Zq0Ck43hH8dtQDQq55ikAZRyIgdbsSO8YNmewHXyuEwJhwc0ah071O01GzleZ5_u0IR_XJVcuHwu2Rl1_f3BiAzptBUmVyJnErpUIPe65PbQ7vPrC8tJWRsYQONaxlrM9X4LSM59hkAgXOKEM6TGsqKdd9hTEDVaWPVFhWBvcdxf03mRX3ZU4OEIQRH7C4mypMfhmEYbsuOvLBTjIFJhLd5NxMA73O8C2LIaHORbEH5_PmhsuD7nYNW8B-JuvptWHKEfd928AnUzCcTzRPrx-9v6oIGlRkaP2sVjYxrKWrQQbD6mexPTI83trCtN6FjvoeM2HsHsi1z1r1xfXdCa_paqtzV33qTRvjw9lSB5BhrYxaWvJ_cWN9SIoScAfvGN4IW6D-Aw70LfgDa24iBui0Hev_PtoskXFSKemXMVjETaP_QJ_D71RK5Lt_oLSg0FRTkliW9mkP4PyPlzKTzB5RWsY-vdTYYyuY2E_QvTItPCNkzfbtTszP0ssq2pFW4utp3RNaogE4TKoi02FpN9403Nnbd9pKzzUIWjsyhjzzRK_S53EuZvvsxOnaYDoqlzXFMVnx0BA_WUdBipMU-L18tN0cMO_JSs2ymQCah66ovaczUyenEph2cqozlUwpmGdhyWbDc0HVOwc-PckvuTnYn1OwT9vEGuzMD3e7JErGVGlk0KZ5zZ_GZaDj6K60vqIU6bRCxnrPDtvnM2GO--7bQWxT0aVNRsLvFkMIWompRxGQegDpvJ3jQp8eF9eQk-h8ZaYpKHVVx6xVwu0QqMlBQZElE5aLWAS5tMeSt01H8ftORU4qKF-rjEy5_dkDVz_qhqcZBCEz_ZQnV7t18D9CX0H8aAxvVHblHvUggx-4BZoLDPl2y1pJpzEcM7q_GBV2jKhAGGMzOgrW1nbuWv5XYIZPOps_F6Zcu_r5An-CNwaqTJmoPsFvgFV5WC5yO0xo9lAA9IG1_oTWBbZjqo4kduRFLK9aVl4fpCxV5PddmMsnt_khZwx4r-Xd_vU1FjO2pJ4pAFVl-QKrRhLsoHkuFSkl_SaAshHUGU4BOIrztVEuCnDzj1x_LLqHhrLPmMGgWuljV2c37YeH6V2EC76dwNY_hKLlHxV5PAvKNm8EwUj82HxvqADOCyEBGfso1C5MirmEFNkAGwIe_SybbmcavHv4KLQbh0xz4PI_BMc5BO2iaVWKPq_hYAceFafbgAYUC8hTeyGzwgcgV6f6HF8kFCMwucEfaGUzpIxJF3MT9qEW8hvQzh4NR5aZMMyvXgD6l2oEKYPUF9wCD_ifom8aehkpazerNQH0rTvsa5kPgV2jra8snsFD9PHgQEEmzpsOxftgzUpL2NhtbQUyVUIdqU4jHE6rAxgoUi4bD1JQIdqS3HKeOqFti5i7VHA5EELVqTZ4AZmChEkWjQHzc1vbUODf5Tq1pZ1AlAvMaZB9RTR&cid=CAASEuRoinshLZUj94rQJVk0J9tzKw&rfl=2%2Chttps%253A%252F%252Fwww.guru3d.com%242%2Chttps%253A%252F%252Fwww.guru3d.com%252F%240

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac229a2835688860241f4bb9bd9afe3a792e7fe89f3cdcbbd0fb81b69c37104b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12243
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 36B4 42 B
63 B 52ms
47ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CItUxwHxG7OXail-LXnjhgxYIZzGsT-VXWm4YlHTn55JtRp4g3lWl5HeqIvYirMoYlocnyfdGrG9T0gkqb5QfPWq32uswnqZ7YUt9RbY56ICsxzxI

Requested by

Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 36B4 2 KB
2 KB 38ms
13ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4172036&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hCYOFkPWBpqw6qELwDN-Ai&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=32118294&DVP_DBM_4=342905682&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17959148862&turl=https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html&DVP_PP_BUNDLE_ID=
Requested by: Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b6b0cae917b7cab30c559158025a1bbd5d2a026aa792934722b30e075abdf65f

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 May 2021 11:07:16 GMT
Server: Microsoft-IIS/10.0
ETag: "11a0951dd56d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 36B4 7 KB
3 KB 33ms
8ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hCYOFkPWBpqw6qELwDN-Ai&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=32118294&DVP_DBM_4=342905682&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17959148862&turl=https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html&DVP_PP_BUNDLE_ID=
Requested by: Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 93221b2540f4908bb46bb234138e38a3c0905b920ee6753b726518aa859a21b7

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Jun 2021 15:12:12 GMT
Server: Microsoft-IIS/10.0
ETag: "0aee07daf5bd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3195

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/ Frame 36B4 2 KB
1 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:37:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36B4 122 KB
37 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:47 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066169988846"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:47 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/ Frame 36B4 13 KB
6 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:33:49 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 36B4 0
0 19ms
16ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZBzuDw5Wlq65euigDKufQ29gnbpv32PYmgzxMhCEkmOfBljKUUhS14IUXbt5ig2RXAFjrzqNs89_kREVWTBdjcj6eUA
Requested by: Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 73AB 2 KB
2 KB 15ms
11ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 13:34:38 GMT
x-content-type-options: nosniff
server: cafe
age: 10989
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 09 Jun 2021 13:34:38 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 73AB 295 B
319 B 14ms
11ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 20:37:24 GMT
x-content-type-options: nosniff
server: cafe
age: 72023
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 08 Jun 2021 20:37:24 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 599B 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 08 Jun 2021 16:28:06 GMT
expires: Wed, 08 Jun 2022 16:28:06 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 581
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 377D 783 B
531 B 17ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9847c6653dd00281fa303059abe54d82dc897b66345590ba18f925bb49382b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nNcoK0NHQsI1d6HsweqJQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

expires: Tue, 08 Jun 2021 16:37:47 GMT
date: Tue, 08 Jun 2021 16:37:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-nNcoK0NHQsI1d6HsweqJQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210603/r20110914/ Frame 36B4 22 KB
8 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210603/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnxKkoZUg7w4akqguN1EEikkKXN85VXqPMJT9Ra2Z3PRE3SOpJrsNdmDFKJasPO5PbxHnEhskb0u9OA-d_doNrA_oAUTVLOuK6C6wmSVfh53r8lqbI1dh9cG3hvajjqXl63j53E-YXawSGwJouXHp_gxte_A&cry=1&dbm_d=AKAmf-BHM1_op211cGTC0ClKwws59MKpAaNjFz9QoagBu1ZZ9JviupSQujlp_ad14OM6Yi3bq8fy8UB66N3IjaGSaSTqRoodSF_Bgu1jqeypRjfis6gRaKLjGxFqLRlbK6szmxoDF8Yyp6LUVP0ntmry5AsnVc1rBkF0g6GpxDsBOWD7lYMfdr2ve_KKwhRSVXlF8oubs8QVigpOPLEtKuNgIlpzVurVDH6ejc5YvvwzFsdDmJbSMdo66VQZTCa1et7BY3R4Ws36XD7KlmQK69EeMzgyxe4xEUBEMvsgMzTsz2x7Wh46eA1fzb0PCCwk-dNxrqzOx2N1dHK8TIcGoIzS3fod3U31ZwhtwWd8QjM5lvgF5OXE7ypzX0XB1TKbfZXyyZ49K2YGIgrWFeL5utmQIhXCWg2p56VURxPv7pTXWehUoClnPKVVNveE3jDEkfbdk5VKV2-3bC29oVTBN6q40Q8kFDT5_AcFBC71eICp8UM3Q4MQrUqIciC0pSzEOcSvUiu2SD2CqSaTK4Sto40TyxjiBATem2ZRQQz2VC_I6WM3N5OvYYNcDTXsErg5mAh59ZHwhp7OTGwbIEX0u-f0aQ52DA9a9uYc0iqHago3tM8Iwb_E7UxxR_A8PRIaAmlya5SOKYNpMndSFIHl5p-84LZSQwdDTisDAaNIIsKukWq6RczhlYGnuUHGcJf0qUxWiWXgEgBgsO_8zyudQ9m3RrQJ8u0qD8kI7RveUxtEJ5HevVEwN11hKz5QmtpRTmNbxlBAi0-GZJKmf1OlbnyLEU_jcbGY_gbSJo6sKsRyeDA8AsVGnoPIlWpCPziXQ2t_skLK8AhLcx4IOHq4Kx10RLjbJVnP8-TzoVqjEw4DWVPgL2_RXWNBixASVWrnGFRYZuoD5oQxW2Q5o_ld63qL0cTSGaAlsy2ufC6W2czVLv4btnbKWQS0DoDHR7qWnMt3yWx4SOe8WevXDFZAxRohze-e6UGxKr0oDR3YI7d9OZzz3or0majzckDj_TMFS7MWZJLFFE-sow0zwPun1nbTCArR0lUzGvpOXvitzrDS11BEzntxoIrzKbQJyz18i6IldjHZvqJD6f2ZDiYrKTEe6p0i1zWebs-uMJuAfY6NpEeUU4MrJmap-wO9LBS3MOyvhnSgudU01T821wqFnwm4J6vda7KF3T3Ji9cLtwaiU_yVAgQKhcw8lLq419Lk1MM8An48r8ghaza1vWfuWT8cdNcp5xdmkzWZbFYFMRQRzoEvvS-8FkJkJEnL4srWSfUW3Gmc9MSz6Ac6qPC5sQLqX4RD3l8qrrBEgGDhEZxz-6-d0_f73_vu-mLKAyw7SV5tLF7Yuexa4XGifxlvoKqoJAoHZ_zMgQUSWRJdbDmOFU9M5zD7AyLptB5HnIlWqBOUDX_JBt-6skRLqCPm-1jtKMt4DHADB90iqBHxVKbNxCAqy0X-6epM8P7C-2VLnhrKgC22nuI0ku2UQVRndL7F98JXozxf7wg6qjSLQLNuyK_T0fmFxCA98yZ30PUcJ0gIQ0jlI2fyBf8mwMOoX7NoKWdt9fBdP2sZW88QW6TPnsPjerSYTWvsbcrXwF4G0wgUXk9qG0-LeH_wFX3hYBpoK7sif4JyGsSF6zb3ZVradlFapeSRjuOE1Gx6zTfmg6Cj3342sj2HTNbXYCFUt61RJjL-9LfUKnX9k3QuOf2dBYlqL1_uZGiLKuPZry7uvL2plZHZ76rINPDK8aC2OVQt_GW-vV2Zq0Ck43hH8dtQDQq55ikAZRyIgdbsSO8YNmewHXyuEwJhwc0ah071O01GzleZ5_u0IR_XJVcuHwu2Rl1_f3BiAzptBUmVyJnErpUIPe65PbQ7vPrC8tJWRsYQONaxlrM9X4LSM59hkAgXOKEM6TGsqKdd9hTEDVaWPVFhWBvcdxf03mRX3ZU4OEIQRH7C4mypMfhmEYbsuOvLBTjIFJhLd5NxMA73O8C2LIaHORbEH5_PmhsuD7nYNW8B-JuvptWHKEfd928AnUzCcTzRPrx-9v6oIGlRkaP2sVjYxrKWrQQbD6mexPTI83trCtN6FjvoeM2HsHsi1z1r1xfXdCa_paqtzV33qTRvjw9lSB5BhrYxaWvJ_cWN9SIoScAfvGN4IW6D-Aw70LfgDa24iBui0Hev_PtoskXFSKemXMVjETaP_QJ_D71RK5Lt_oLSg0FRTkliW9mkP4PyPlzKTzB5RWsY-vdTYYyuY2E_QvTItPCNkzfbtTszP0ssq2pFW4utp3RNaogE4TKoi02FpN9403Nnbd9pKzzUIWjsyhjzzRK_S53EuZvvsxOnaYDoqlzXFMVnx0BA_WUdBipMU-L18tN0cMO_JSs2ymQCah66ovaczUyenEph2cqozlUwpmGdhyWbDc0HVOwc-PckvuTnYn1OwT9vEGuzMD3e7JErGVGlk0KZ5zZ_GZaDj6K60vqIU6bRCxnrPDtvnM2GO--7bQWxT0aVNRsLvFkMIWompRxGQegDpvJ3jQp8eF9eQk-h8ZaYpKHVVx6xVwu0QqMlBQZElE5aLWAS5tMeSt01H8ftORU4qKF-rjEy5_dkDVz_qhqcZBCEz_ZQnV7t18D9CX0H8aAxvVHblHvUggx-4BZoLDPl2y1pJpzEcM7q_GBV2jKhAGGMzOgrW1nbuWv5XYIZPOps_F6Zcu_r5An-CNwaqTJmoPsFvgFV5WC5yO0xo9lAA9IG1_oTWBbZjqo4kduRFLK9aVl4fpCxV5PddmMsnt_khZwx4r-Xd_vU1FjO2pJ4pAFVl-QKrRhLsoHkuFSkl_SaAshHUGU4BOIrztVEuCnDzj1x_LLqHhrLPmMGgWuljV2c37YeH6V2EC76dwNY_hKLlHxV5PAvKNm8EwUj82HxvqADOCyEBGfso1C5MirmEFNkAGwIe_SybbmcavHv4KLQbh0xz4PI_BMc5BO2iaVWKPq_hYAceFafbgAYUC8hTeyGzwgcgV6f6HF8kFCMwucEfaGUzpIxJF3MT9qEW8hvQzh4NR5aZMMyvXgD6l2oEKYPUF9wCD_ifom8aehkpazerNQH0rTvsa5kPgV2jra8snsFD9PHgQEEmzpsOxftgzUpL2NhtbQUyVUIdqU4jHE6rAxgoUi4bD1JQIdqS3HKeOqFti5i7VHA5EELVqTZ4AZmChEkWjQHzc1vbUODf5Tq1pZ1AlAvMaZB9RTR&cid=CAASEuRoinshLZUj94rQJVk0J9tzKw&rfl=2%2Chttps%253A%252F%252Fwww.guru3d.com%242%2Chttps%253A%252F%252Fwww.guru3d.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5975f21c81bda9dfd465bc96ee93a336e22d160bed0054ef916a8392d5aa406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8601
x-xss-protection: 0
server: cafe
etag: 12295082536333688880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:36:33 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 36B4 41 KB
15 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 06:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37055
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:20:13 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 64EC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdLFsZ-nS5OcQUZ0TUbRgU&google_cver=1

43 B
894 B

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdLFsZ-nS5OcQUZ0TUbRgU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjSpsGjATAB&v=APEucNVaz24Kx0zPYb2GQibmrn-VXXpkbnzVsGmTDGRTVE7rF0Tz4Cqx6IUoJ_smqf7PRECh7KfTWo6x-wJ192ywBJ0MFOLLd1MhH6PNrUg_aFLuAW5uc-ZOiFzD-sGvVpiK7K6YaLVX8Tv4bcA41-8LegMUDubR26dpnzAPaFCJA3HkEalthosnD2KnG_TTq3Fp_Fa3lu3fV9Zc5VUvHbTj_Yvz8QXBNw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 08 Jun 2021 16:37:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdLFsZ-nS5OcQUZ0TUbRgU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 64EC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YL.c3SzbaQSAk5T-1kKtnwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdLFsZ-nS5OcQUZ0TUbRgU&google_cver=1&google_hm=2

43 B
894 B

26ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdLFsZ-nS5OcQUZ0TUbRgU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjSpsGjATAB&v=APEucNVaz24Kx0zPYb2GQibmrn-VXXpkbnzVsGmTDGRTVE7rF0Tz4Cqx6IUoJ_smqf7PRECh7KfTWo6x-wJ192ywBJ0MFOLLd1MhH6PNrUg_aFLuAW5uc-ZOiFzD-sGvVpiK7K6YaLVX8Tv4bcA41-8LegMUDubR26dpnzAPaFCJA3HkEalthosnD2KnG_TTq3Fp_Fa3lu3fV9Zc5VUvHbTj_Yvz8QXBNw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 08 Jun 2021 16:37:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdLFsZ-nS5OcQUZ0TUbRgU&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 64EC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDoR6v9TutRzww-CzDbtiH4&google_cver=1

43 B
1022 B

495ms
481ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDoR6v9TutRzww-CzDbtiH4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjSpsGjATAB&v=APEucNVaz24Kx0zPYb2GQibmrn-VXXpkbnzVsGmTDGRTVE7rF0Tz4Cqx6IUoJ_smqf7PRECh7KfTWo6x-wJ192ywBJ0MFOLLd1MhH6PNrUg_aFLuAW5uc-ZOiFzD-sGvVpiK7K6YaLVX8Tv4bcA41-8LegMUDubR26dpnzAPaFCJA3HkEalthosnD2KnG_TTq3Fp_Fa3lu3fV9Zc5VUvHbTj_Yvz8QXBNw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:48 GMT
X-Proxy-Origin: 152.89.163.92; 152.89.163.92; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.30:80
AN-X-Request-Uuid: a3434414-2d80-4db0-a956-0f4e21a31ef5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDoR6v9TutRzww-CzDbtiH4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 64EC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MjQwNTgxMDQxOTEwNzg5MA%3D%3D

170 B
188 B

43ms
34ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MjQwNTgxMDQxOTEwNzg5MA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:48 GMT
X-Proxy-Origin: 152.89.163.92; 152.89.163.92; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.237:80
AN-X-Request-Uuid: d77c9fce-68d3-4388-918f-dc7b79970020
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MjQwNTgxMDQxOTEwNzg5MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 599B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 11:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jun 2022 11:08:14 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2796 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 08 Jun 2021 14:44:09 GMT
expires: Wed, 08 Jun 2022 14:44:09 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6819
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dvbs_src_internal92.js Show response
cdn.doubleverify.com/ Frame 36B4 60 KB
19 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal92.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4172036&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hCYOFkPWBpqw6qELwDN-Ai&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=32118294&DVP_DBM_4=342905682&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17959148862&turl=https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e58c7574cfd80a0be2e2368f3313ab30ac688f14d078a367ed45ffc03b51bf71

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 May 2021 11:07:30 GMT
Server: Microsoft-IIS/10.0
ETag: "05d525d56d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19061

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame 34C6 1 KB
1 KB 30ms
6ms Document
text/html 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal92.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=47104
Date: Tue, 08 Jun 2021 16:37:48 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 36B4 2 KB
1 KB 74ms
24ms Script
text/javascript 213.254.244.23
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_670952059386&jsTagObjCallback=__tagObject_callback_670952059386&num=6&ctx=1828362&cmp=115750&plc=4172036&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=670952059386&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.40&dvpx_strhd=0.40&brid=0&brver=&bridua=3&dup=null&turl=https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html&srcurlD=1&ssl=1&refD=2&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hCYOFkPWBpqw6qELwDN-Ai&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=32118294&DVP_DBM_4=342905682&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17959148862&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=4&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=140&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D8FCFb5%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D8FCFb5%5D4%40%3ETar9EEADTbpTauTauHHH%5D8FCFb5%5D4%40%3ETar9EEADTbpTauTauf6ddd%602g_dd3c4f6hcf2_a3_72bce6f3%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D8FCFb5%5D4%40%3ETau7%3A%3D6D%5C56E2%3A%3DDTauCEDD%5CC%3AG2EF%3F6C%5CDE2E%3ADE%3A4D%5CD6CG6C%5C5%40H%3F%3D%4025%5D9E%3E%3D&dvp_exetime=10.00
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal92.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7c6e15ec681a50120c26ab34c0b2e49a4feca0f95c75aeb24be2b25670a0b847

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Date: Tue, 08 Jun 2021 16:37:47 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 6/7/2021 4:37:48 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame F15E 4 KB
2 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:48 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=46280
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2796 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 11:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jun 2022 11:08:14 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E905 42 B
64 B 23ms
22ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyh50IFPZ4giSRRc7xT-EDo_IXpZN0go4c9WVffk9NuPOjlkMZv64VBcIKl05n3uJjABJd6Mw3YRFQk0w3suvBjcyhzLfUVN6mQFgrQFs&sig=Cg0ArKJSzMZ_gnpfMbb_EAE&id=lidar2&mcvt=1017&p=41,699,131,1427&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20210607&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1733603311&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623170266955&dlt=0&rpt=222&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 36B4 8 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal92.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3796
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:22:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 08 Jun 2021 17:36:01 GMT

GET
H/1.1 200
OK bsevent.gif
tps20513.doubleverify.com/ Frame 36B4 807 B
1 KB 310ms
20ms Image
image/gif 213.254.244.23
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20513.doubleverify.com/bsevent.gif?impid=0be9c26fcfae469a9e4c72cafd95dabe&dvp_or2=1&cbust=1623170268202789
Requested by: Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:48 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 6/7/2021 4:37:48 PM

GET
H3-29 200 impl_v75.js Show response
www.googletagservices.com/dcm/ Frame 36B4 37 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v75.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 09:23:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15538
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 19:52:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 09:23:08 GMT

GET
H2 200 B10224936.280246103;dc_ver=75.217;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=2784033090;ord=slciph;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.guru3d.com$... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 36B4 34 KB
18 KB 390ms
47ms Script
text/javascript 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280246103;dc_ver=75.217;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=2784033090;ord=slciph;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.guru3d.com$2,https%3A%2F%2Fwww.guru3d.com%2F$0;xdt=1;crlt=D0G6RlVetS;osda=2;sttr=24;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

a79776790aa633b51813cac6aec4f0c606472fc4f59df5d751dacb122f920dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17454
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91E6 0
0 77ms
77ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS8AyBFl8kzJbBT3OOHjXcK4_lv__o26ZvvXtze-fxrSyy09Gr90TylOv4g7smp-yeG5fVM6NwvEy61McyTTV5rwLPQkk_hLACvKWtWav1h_1mYy8yCZUwNOipG7cARaVpn2egXDEVX6naXGjJxRBIQN6iYMWgiRSGyIg6XvubN5qXahkOURpZxsLFt6KqJM2b-22dW8ArQ3j9F0B3_3vl0A5vIDZYFUBMjcIFlCQ8SqSuk9CT-Do-na45o6CjG9pj0Tq7AgivVvG9Ec6u_wrme2Mr9WVl2V_5f3-znNuOGsLEboTrp9WkRL3_ZA_X_KPWsio&sai=AMfl-YTpeYe4MHBmFxDVYVLjeLBsxXa1pAcYuV7mYwA1Td2AhLovJ-y5kqvoGcjAuTeDYYa7BbnUJ6vrJ5DLP8_joPJFwD6d910ZlV4MUJacbf5b9pA9wfSpJxOAmXWNB2I&sig=Cg0ArKJSzCiO6yK8zPo8EAE&urlfix=1&adurl=

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 91E6 61 KB
21 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05fac9131326c8e60070747ff20c51b861a21da401621453a59080c1db855315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "896 / 728 of 1000 / last-modified: 1623150488"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21288
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:48 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91E6 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:48 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066169988846"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:48 GMT

GET
H3-29 200 pubads_impl_2021060301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 91E6 312 KB
109 KB 27ms
27ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Jun 2021 08:37:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112073
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:48 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E905 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021060301&jk=194494179706694&bg=!oaKloubNAAY6sG-_OrA7ACkAdvg8WrFDtQbVLsz7kIHJ3_2xdokTouJJYRCrLh5WfDdyAP6YDDkYEgIAAAEYUgAAAC5oAQeZAoBJVin2Ql8NW7GaroGyH-KbP2Vf1p9vJgc7iQOQxImvoNveLehiqHkmNt049B6ZN8aXuZ6iwgEk2ITFxcHBgfE1I4FbRgKYHUQEAGIMJ0fko1kFk1NcxZHT_BFX7sMP6QQrY5AX6-lEzneEz_UE4xLleb3yDkS_1Jq52nixqPnOOP1IHfncrThFNDU5l7F1cuAP0BNookwtED_W3I0gTmOxByJ6ffVuYHCGLaawXcpAmrmnVtSb0HLcaBUT9SjwX-isxsZsgkndiaiiOp7V6qWKwmfK2qDMzxx-8yfH9-eG6fvWDXnJDBI1s2Ihl7d6DfGEw-wva2YPPdhFaJnzCBqDATbozqR4dCEDo3q3HLyfUxHY8JDlAA-JRqxdTGSGO47g6cuTZiU3cEEnkclQo_mW4NoeKZyphC0nvUVFVwDVjkXT-jfiVEGIFfmw6evWFAJiBlr8pc7BnhLNYoc4_QPB_wP_GC616yvvGws_VpomXQWDrbQpBiYvUspeOY5ynZ56nBPpbF1m05uf7IceUfF08kKEZYYNQOYNOPQhRRgHLc_SHTh-SgFhNcm5saqx2JpZlZ2S-43kPVcHdBTUzUsw_csgVVGnjU_8gNqzvj7SYqzL3LYyCZCOKhs1H9T1xuGs38Ns7aJsvVPOer7Uy6I77cb4GRkRXzg1N0Ccffx_N1ML5qcVeEwpUdLV4UteaXv0W8gfTof4RkUmSNtT3Q4qYnu5s7Yqy_iDia3BSzqufs1frZoiq1pd93n2R7ZQa7TMVuuMkjF09Tz_10fGOvmMGyMgVbEr3B5v248v0S8y9D8t6l7qJhWtlCXGd2gb9J_vaQ2u52PzbzrYGMDVBmGY

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2796 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1dnq25y_YMDPO5qYlQeO5Yr4DAAAAAA4AeAEAg&bg=!xcalxoLNAAY6sG-_OrA7ACkAdvg8WmIwTVVa8H1jumudCVQRSWg8IctZ1OhvAekBH0VlF4AWVdJg7wIAAAEVUgAAAA9oAQeZAtDqe86gkmJkGEu5ZeiZ6pyaaXR2tgbfcJE1OI0gSv3eMD-ol0di5xvJ69zBdusjuGUyVumsGZ7YFpFSub4Y1MznXByvsEQtI3c8Fu57HCCKjzMj38UqfkMyvMfmQDYkgLwlYdm1AFZ79qZFLYGxyTnY1fuSfKZmAsOYt6Vlb0saIrus3eJrNWTgKK5BrZxoE4BDngumrbdlt9MWA8HK3w-LQNCsnl99CHqUv1zHCaCzxbgCd_3-ectk_ig9oVF90tYbCQ87vJAwJUoRiSx16Ia7Y2cuTg-Ly-VwsTtV8toWKLVlvTBwl3psV9bZ73oR8Jqbbk40ssMR72VTxq_lrzszZzlHi4PWxnEM2-y2wUcFOXDRyC3cZZNBlbA4B_v8xXpBRfMJO-QNuTpkle8ctmbxDTBa6VrbrePC_MZYesxPXWW8MT18rgE1u8xxzxCuWxGOIfUiR0eH5TwUzpZlftA-VUj3lnj7QLqXzM6TrabGR6OqUH4LWBi-Ca0eTvj8aQ0dEjBgVFcKuRMjLFk-U_6x00OxRblYzH3VNLUD6li1bV8gzfCI6W0WGqiG_YBywe3mr4awjZ8KgvWg8OMnEhnaJLl02KuL4dd19SbOOXybKUhSPnXJny6ptrrB2WjoaGtGK4HzbS7hqDR_f2V4DdKD_2N5PjsYrF_dQDV33PnPHR0fUdVDK-sRzzM0xN0jGkFFWk0pdRfQXLovVxZJB9ciKXoVOs3K3Wi9tUlFh4BcK_Lrf26-GmHTB7_aznblDVnPZ60wN7wXEHs8AZ-h_iJ_n9WlKpIuDt5VKx-S0rwXcXVzjRByLRBUit5avOYCkAhWw9WbBXDK8ik1tKsSE8EXw3Mjz7Mf7Ql3SAEug9J5TJE5pbOp2JYCJTctvul_-ddiCLAXimDUcpRcjcqtAh7BhDk88jw1HVOFHQJ3b-O14OVqmYNUbE9lH4ZqW7uh7HA

Requested by

Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 91E6 107 B
122 B 34ms
21ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 91E6 107 B
122 B 34ms
20ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 91E6 73 KB
19 KB 932ms
931ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=282867098596598&correlator=409164329616967&output=ldjh&impl=fif&eid=31060783%2C31061143&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210608&iu_parts=8095840%2C43.guru3d.com_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&eri=2&cookie=ID%3D515849435645b3ff-22d7abdd5bc8005c%3AT%3D1623170265%3AS%3DALNI_MbAlcw1GUHcgUF25s85dY65YEqIAA&cdm=www.guru3d.com&bc=31&abxe=1&lmt=1623170268&dt=1623170268573&dlt=1623170268334&idt=230&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=1127&adys=1038&adks=1466295783&ucis=5gt12yynndd5&ifi=1&ifk=4280362425&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&top=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=53365209.1623170269&ga_sid=1623170269&ga_hid=1032789438&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

7d42ae3af66e330ebe3bf6b9f6ddf1e020f0839cbba5ba9d4180aaae5db00608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19541
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 91E6 0
0 30ms
14ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 91E6 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e56ab4ca999129375bcd8cd028d89166da20e24162d394c3787e0d5929593dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91E6 0
0 54ms
53ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvheEmN4CrkhuPrgHhC8xEac14Yr6ZbTXLzUKtiPLIq7b1w8Nio2v5IjLh7TbQLW46ngEQ7JVI9-50E0NH5nR-g-8XW5LJQ-3Gm1O9SA9VD0QHS9Lr3NhqjPeh7uy8YvZcL5kL_Nn4j7egHPi5QYUPOB433PygHFPvyD33_0uMykJLXNoq26w_-YR_IfJjfpey8HTgpXgQMkCiLL9uWXy66qPKMuuceoFJK75zaHplhqihwVTmj4hpFZwqNDdI_f2t2Aqgmxr1jBBjvh6p61txIfZEVeEK3Y_mUVZE9zMSMbFWVcsPqiee3&sai=AMfl-YRBJTz1f_cqQw9XAd9LmB23qLczEAjAIYnImR6jO4y_B8cN7NHXIrQt5eDN0C3XKAXBIbKKNCQ0Kwxy6u5uad25_ZR86c9fN3lVsg14BYAcbEVSuF6eCW8gVXcuLPs&sig=Cg0ArKJSzPSqO-_Qqv7gEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 08 Jun 2021 16:37:48 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210603/r20110914/elements/html/ Frame 36B4 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210603/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280246103;dc_ver=75.217;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=2784033090;ord=slciph;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.guru3d.com$2,https%3A%2F%2Fwww.guru3d.com%2F$0;xdt=1;crlt=D0G6RlVetS;osda=2;sttr=24;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:28:05 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 36B4 0
528 B 116ms
70ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssln4z7qsqiWzczoDoHQV6Uy_Q6IfecI_YMkLZeQs9dkJ1AWapqaGR3yFVPaUbjhjRfIZ8PwBr81vrIe-J4ZCaRWHVz6dKcYyfPzuOTzJDw749mj1TeMnVZV5BJBF1Ld7RRFqWAbb3ujp0umf2ojw&sig=Cg0ArKJSzB2bCA6c5UqsEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210603.14914&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 36B4 7 KB
3 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=10224936&sid=2641434&plc=280246103&num=&adid=&advid=2276943&adsrv=1&btreg=315865137&btadsrv=doubleclick&crt=117573815&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280246103;dc_ver=75.217;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=2784033090;ord=slciph;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.guru3d.com$2,https%3A%2F%2Fwww.guru3d.com%2F$0;xdt=1;crlt=D0G6RlVetS;osda=2;sttr=24;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 93221b2540f4908bb46bb234138e38a3c0905b920ee6753b726518aa859a21b7

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Jun 2021 15:12:12 GMT
Server: Microsoft-IIS/10.0
ETag: "0aee07daf5bd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3195

GET
H2 200 adc_hun_EndHungerStory_728x90_Evergreen.jpg
s0.2mdn.net/2276943/ Frame 36B4 46 KB
47 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/2276943/adc_hun_EndHungerStory_728x90_Evergreen.jpg

Requested by

Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

780849559953abc98981f7964d063930d1b9cdf5f9aff09e60bd64cc2d9de59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 19:07:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Jun 2019 18:23:23 GMT
server: sffe
age: 77418
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
expires: Tue, 08 Jun 2021 19:07:30 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2001 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 08 Jun 2021 14:44:09 GMT
expires: Wed, 08 Jun 2022 14:44:09 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6819
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36B4 122 KB
37 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:48 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066169988846"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:48 GMT

GET
H/1.1 200
OK dv-omid.js Show response
cdn.doubleverify.com/ Frame 36B4 27 KB
6 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-omid.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hCYOFkPWBpqw6qELwDN-Ai&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=32118294&DVP_DBM_4=342905682&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17959148862&turl=https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 2ccb0e5d42e6167ccc065c9ab67c61e72a34bba3df465c678ec8dbc5b957f241

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:53:50 GMT
Server: Microsoft-IIS/10.0
ETag: "01b62d2923ad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=46710
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6284

GET
H/1.1 200
OK dv-measurements1422.js Show response
cdn.doubleverify.com/ Frame CA0B 483 KB
87 KB 10ms
9ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1422.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 37b37d85601b9b3425796ed00a4deddcdb7da1ceef41587d47dd6b0844292230

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:48 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Jun 2021 15:15:45 GMT
Server: Microsoft-IIS/10.0
ETag: "80266cd2e65ad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88591

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7626 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 08 Jun 2021 03:04:19 GMT
expires: Wed, 09 Jun 2021 03:04:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 48809
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 36B4 0
60 B 74ms
74ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dv-measurements1422.js Show response
cdn.doubleverify.com/ Frame 904F 483 KB
87 KB 8ms
6ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1422.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 37b37d85601b9b3425796ed00a4deddcdb7da1ceef41587d47dd6b0844292230

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:48 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Jun 2021 15:15:45 GMT
Server: Microsoft-IIS/10.0
ETag: "80266cd2e65ad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88591

GET
DATA 200
OK truncated
/ Frame 36B4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffe054b4a5f85d82004b77845f54207eade2ce2b2b6f3c8d24b70675f9410511

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame CA0B 1 KB
1 KB 65ms
23ms Script
text/javascript 213.254.244.23
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D8FCFb5%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D8FCFb5%5D4%40%3ETar9EEADTbpTauTauHHH%5D8FCFb5%5D4%40%3ETar9EEADTbpTauTauf6ddd%602g_dd3c4f6hcf2_a3_72bce6f3%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D8FCFb5%5D4%40%3ETau7%3A%3D6D%5C56E2%3A%3DDTauCEDD%5CC%3AG2EF%3F6C%5CDE2E%3ADE%3A4D%5CD6CG6C%5C5%40H%3F%3D%4025%5D9E%3E%3D&srcurlD=1&aUrlD=-1&ssl=https:&dfs=895&ddur=9&uid=1623170268887848&jsCallback=dvCallback_1623170268887668&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1422&tgjsver=1422&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2F7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&fcifrms=5&brh=2&dvp_epl=401&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html&errorURL=https://tps.doubleverify.com/visit.jpg&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hCYOFkPWBpqw6qELwDN-Ai&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=32118294&DVP_DBM_4=342905682&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17959148862&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=5327381203.206467&dvp_tukv=312963805.299965&dvp_uuid=607.9507065041703&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1152199170688&dvp_vcms=47&dvp_slmsd=71&dvp_vcmsd=118
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1422.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7d9d6dab37c3b51b6d03fd032ce37c4760f3d159cc00ccddf690d9098e7d4de3

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:48 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 6/7/2021 4:37:48 PM

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2001 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 15:43:53 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 904F 1 KB
1 KB 39ms
23ms Script
text/javascript 213.254.244.23
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D8FCFb5%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D8FCFb5%5D4%40%3ETar9EEADTbpTauTauHHH%5D8FCFb5%5D4%40%3ETar9EEADTbpTauTauf6ddd%602g_dd3c4f6hcf2_a3_72bce6f3%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D8FCFb5%5D4%40%3ETau7%3A%3D6D%5C56E2%3A%3DDTauCEDD%5CC%3AG2EF%3F6C%5CDE2E%3ADE%3A4D%5CD6CG6C%5C5%40H%3F%3D%4025%5D9E%3E%3D&srcurlD=1&aUrlD=-1&ssl=https:&dfs=895&ddur=9&uid=1623170268942512&jsCallback=dvCallback_1623170268942454&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1422&tgjsver=1422&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2F7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&fcifrms=5&brh=2&dvp_epl=401&noc=16&ctx=13311291&cmp=10224936&sid=2641434&plc=280246103&crt=117573815&btreg=315865137&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=5327381203.206467&dvp_tukv=1179263292036.6013&dvp_uuid=38764538569.44018&dvp_strhd=0.09999847412109375&dvpx_strhd=0.09999847412109375&dvp_tuid=1150884645483&dvp_vcms=11&dvp_slmsd=126&dvp_vcmsd=137
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1422.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3aa2a69b81ab3001c877fc18bdf4c806760b01034cdab6e58e6301b7f2b1a876

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:48 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 6/7/2021 4:37:48 PM

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7626 35 B
462 B 12ms
9ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKWe96OJlMrQp5F5pDs0OqU&google_cver=1&google_push=AYg5qPLB0dF4eZGb70jqe4yFgoeZai25qEFhExgsND1QGmAljo4qKIodY020hBLhEBKLgoPmY4146MhL7KHFFWlRH69eoCpB4Uyi

Requested by

Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7626
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECjLCTABrFz0McwDLHgP8Xc&google_cver=1&google_push=AYg5qPInCCAec4khA1Rcz8rKIxthMe39Wm5pYcNVkJLIgsDrU9U2unvN9TZPbAytwd10r5pfxba3XX7a3vTb6uBP...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPInCCAec4khA1Rcz8rKIxthMe39Wm5pYcNVkJLIgsDrU9U2unvN9TZPbAytwd10r5pfxba3XX7a3vTb6uBPRsoVUZnILOFN

170 B
188 B

55ms
52ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPInCCAec4khA1Rcz8rKIxthMe39Wm5pYcNVkJLIgsDrU9U2unvN9TZPbAytwd10r5pfxba3XX7a3vTb6uBPRsoVUZnILOFN

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 08 Jun 2021 16:39:39 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPInCCAec4khA1Rcz8rKIxthMe39Wm5pYcNVkJLIgsDrU9U2unvN9TZPbAytwd10r5pfxba3XX7a3vTb6uBPRsoVUZnILOFN
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 08 Jun 2021 16:39:38 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7626
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFxzsmYJs2YKj1wNVsdTioM&google_cver=1&google_push=AYg5qPKjQ0nO-JcqycUcvMj5SV4L_JOy5U2pvzlk7N7dma-Q9yLel_nvY-9kddOPvzWe4EhPFVl0XyHRQTv...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKjQ0nO-JcqycUcvMj5SV4L_JOy5U2pvzlk7N7dma-Q9yLel_nvY-9kddOPvzWe4EhPFVl0XyHRQTvgginK3CMeQhBSoXA&google_hm=RGbIWpFhScuqT2DMF_qGIFw

170 B
188 B

30ms
28ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKjQ0nO-JcqycUcvMj5SV4L_JOy5U2pvzlk7N7dma-Q9yLel_nvY-9kddOPvzWe4EhPFVl0XyHRQTvgginK3CMeQhBSoXA&google_hm=RGbIWpFhScuqT2DMF_qGIFw

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKjQ0nO-JcqycUcvMj5SV4L_JOy5U2pvzlk7N7dma-Q9yLel_nvY-9kddOPvzWe4EhPFVl0XyHRQTvgginK3CMeQhBSoXA&google_hm=RGbIWpFhScuqT2DMF_qGIFw
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7626
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEDRcxKiJnXtEpl7HrK_V9Kw&google_cver=1&google_push=AYg5qPL5WqMAJ44n3aHJb5TSqIs0eYAH1xCLudcpIJLqPt_DlaZ38JTLBEZyXizRMYvsJf0PHiC7r8PnPRr...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPL5WqMAJ44n3aHJb5TSqIs0eYAH1xCLudcpIJLqPt_DlaZ38JTLBEZyXizRMYvsJf0PHiC7r8PnPRrpY4EIfMpOhg6JRqj3

170 B
188 B

54ms
53ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPL5WqMAJ44n3aHJb5TSqIs0eYAH1xCLudcpIJLqPt_DlaZ38JTLBEZyXizRMYvsJf0PHiC7r8PnPRrpY4EIfMpOhg6JRqj3

Requested by

Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPL5WqMAJ44n3aHJb5TSqIs0eYAH1xCLudcpIJLqPt_DlaZ38JTLBEZyXizRMYvsJf0PHiC7r8PnPRrpY4EIfMpOhg6JRqj3
Date: Tue, 08 Jun 2021 16:37:49 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame 7626 42 B
233 B 360ms
100ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEFkG2j9lhkMzOlUqRC0lHJA&google_cver=1&google_push=AYg5qPK-NFWaHr6dokVlUuYngS7gBb5X8kW-5S43diXD4SDUfOfbGoFzaNpm5DHQxv4ZIez858a2Op46LfpiY-0UkmqB3RwIk1n4FA
Requested by: Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:49 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3-29 200 dot.gif
s0.2mdn.net/ Frame 7626 43 B
63 B 26ms
24ms Image
image/gif 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEILJ1ZGBQ5xn3SzQkCtmkuE&google_cver=1&google_push=AYg5qPIa5KhuJRyYYMvVWrBTbSPIxNESbSHmsdbLWUWuqXrXWImOm6Fls39L1y5F9bx_HwZpd25UtvzBzbyhgXiYfYSQ12Crjqju

Requested by

Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 09 Jun 2021 16:37:48 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 7626 0
12 B 76ms
74ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2MGnzg547GT6HMtjufjF-1Y33J09_S92LVHQPyLN1V07vOpsrJjmMHON4vQdGZgTE

Requested by

Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:48 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 73AB 42 B
64 B 37ms
36ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsty93JtIg3UusrkZ4g-I0pfKnTmqUF9UTVuF-Oe2LvViAF_vrVBU9QMJ1PgkgmeoaYg9U5t8AzeUzjbiiTI6lu8kpxONzor18HHybPpalG_MZGZfhqaVeDmaFh0mePG83fLvxD0thhdSKnZLFqB1p5i&sai=AMfl-YQFCFlo_MF17ToQOj7dHrPVKgStP3TVTTJpBDWGKLTOH5DML8S_bme3an8-IQP11fXcxmED-TWTYUOZClLdp-_SqQ3qaS4CfHJNQPIDhCWBv94coawVC7voILF3mOs&sig=Cg0ArKJSzI9UmkkuSC3wEAE&id=ampim&o=1127,188&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=109&tls=1109&g=100&h=100&tt=1109&r=v&avms=ampa&adk=1379754963

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5037 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 08 Jun 2021 16:37:45 GMT
expires: Wed, 08 Jun 2022 16:37:45 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7D7A 640 B
318 B 30ms
29ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQla2PAhjz4JWqATAB&v=APEucNWKLIhJePCOoi29N99NnYVKvkmIa8NoHyEufXEkGb3_C5nV7TF4LX2ZA7nWW3E5vpc6q-aRiai494wEMAiigK9p-lglf0hn1Ys5Y2AQxJt8_Zcrz_kMWo4kLZ-fYZPxrT7JJFVKjKd2u3HZtPWS4GBaBo1CNd4ROXX1gLnqWT2bDH8U2Rw

Requested by

Host: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPTQ7wEQla2PAhjz4JWqATAB&v=APEucNWKLIhJePCOoi29N99NnYVKvkmIa8NoHyEufXEkGb3_C5nV7TF4LX2ZA7nWW3E5vpc6q-aRiai494wEMAiigK9p-lglf0hn1Ys5Y2AQxJt8_Zcrz_kMWo4kLZ-fYZPxrT7JJFVKjKd2u3HZtPWS4GBaBo1CNd4ROXX1gLnqWT2bDH8U2Rw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkBzBoKdXR91KJyUGHNUV3vIgCXZ1wTMJRfLFloj1LcAgYWnI1_p31FhZCfZa0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 08 Jun 2021 16:37:49 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Jun 2021 16:37:49 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5037 65 KB
25 KB 76ms
75ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CcuhHek8vZNBVN1Cy8coSUD0H8cAYEZQaGGTosxZq3Q0HkgEa1bNCtvs3llzgTIBE5aTv60b4vwL1iDZlK7ry_DUjmnexitbdemGQJ6ERRg2rGCyoVgV3SR2e80dzo7nVrVslnok0mPUgwagsHALTye49Zsw&dbm_d=AKAmf-Ac2Wql6yBomcDGvQvRZA64C2fapsjiEysAEGi5PHFfdTFY5RbQE4tc61SGrFT-Uinxyuhzpt5qLN2o-1M_jrenNE4Mr9Sg5CzGTF0lMacYMrHrmdA25FROnBpS2Hx_G2IWorckHsGZED7at8QUDUqV-ulZriv6pVdMiRgzHToxRA9PwQoGyox2X6D4N067bIM4P7uuCVd5wbe_UTiVnRLZgNjgDjZqGqOytHI2UU5FYrAiAZce_sXuZJsmmR_9u7G0dM5JKFBDESmJq3mvTbc7hjWX0EnF51GgapOPi5l9nAvQhiGONU2h542seydatdgRpJffpUYHJXkCO7XHGm-kTL1toX9FUFkgt_rUcmxxlne5SdC5pLsSqPOe2ssgdMI-zmPaFsm45qEity86Gz5zVDJ7OrrlJhHUnd22QRhWAiwn0KGC6yVhZsWUbnuDfOgAjPZI9sBlzvAnB51atg8KUS_hZk-85IqUnMEWbIc3cwtAn6E1letG0rINkmc4MSbjNpsI3YNvSx9RPwXBaLLZpHDBd59D2GEMBNKoV1jkR0055SFC7Ki00vQ-O1a8eBpr8Cz_xYPrYduLL7ITB3BpISCMHT0875hJUBXTTsnUj0HnFZjvqczv9xXOdZ8GIv6M2lqj8FF0He3M7o1t3wWdhnUgwK-3MMMYu-AdLs7Jvb-RAVYMXJyN2gntlVYwCliY2olPKdxapNJ5fdNtwm6I7a2jec68lP00DF2qZFDReUJrloMqh-irM633uym7fCqDPd7vJo75fl4xkHiqixPf_-TVF6lUAtvnjQ5zm_UbFxhkrkiQYWGWcWMTr5aS6XJ20RvpID0vK5cagVTs-GH4tUCpWvSAQ9HGdY9HxygXeyELd7sWYQMUGG2WsiaOW3N114nBbZQFIfw75Y9AnJs-cdbX6tN68a72sKg-CTC5-qtXm3BmQiRBZobi1Rc_iKCI42bQln9afXMY1cz5pbdXn0OnZkoEQFmi57rRu4Er4Q2Ogio4m7kc-G2qRwU9a2VnQHqQbn2TVIdC56txzH1SWADikV_Bu9aZMSrjy7au69U0veczIOsd0nsIZkrJJCw_m2_35c1Uo99IEJhmqPItBzi5ReATSpfxUaMlsYrcNXhDA-Nm2xefF8OOYZZc0dnhhMM8wsDiVcPmnDvu33YfSYLfKYZM18Am7-T1kzLXmm7ZXj5VaL7bJlwS5Whyq1xnj3uNNMnAFkwdQqMn__Esa3nNC2X9NKJUaAD-z53vxuKPC55xLdOuqlDxs3I_pZLTG2Wyl8JQbLhT2SyzOwkaFiEj2OFq0j41KRDoJJjpl6eukD9R3a0LMGuCTN86D-AhRXydLNF8xg90gAzWXtg1z6B-aUz2jRGsI00DesMfoTL6nbvchAaGZ_3_iO5m5ATFiwsGeHl-bn3op-fPDMkmHiEpY0wIsAYJTf0OhltrqYBO0c4QCYcG4DGY2vYskSWjKgFrGN-BaG2f_BJPWT9M4ZK13rEgOphBi5z933SKlrWp9nUUv9RXwNq0bJ9Baujfqi4zp43b0WH3z6mSS1-9MTFQUb9ghZJpkgGjlQ9gE2tQDbF2zGIqBWcLPa48efmR38HDeQuRutkLbvj3G6nWoCcOQuFEBMccB0Nco2SsnFSHBYevBb_Sf7NHS1ywxBGRhawCeWiFNIIe-RtGNVBMR0Obs-VJrWiEz2yuMSLAsNR2xcbVrX4WFwEOyuQY7o9FF_m1Mn55okqvgwU43Ie41XTPlM0438L2ET5XamOOcB6C5ZTZYqOGT0kqHs9ZXHvHyRPShDqa6BeWwKdnotLTCkBZPPOUdGXOOAcQ3qJziwqqu77jqBhZ0nrKbzYwdhaQp47K_HCy3TJQ8M459ndPvZP8H-NY7-M-_2VjIB7Pqv2IqLBMBXDmajeedYHca1ut5HZLeqK-_GBfzSNMp4nGjJhgiIv30tCojskY5649n6B84FEf-aSLU_Zf2HaKnrMj4IlE_qbXBDQO7BnJUwuyNyytFGaWtdhrd_q0m6kbm2DpNmb28yCUyG5pYo8lj_rmOIdlCMdRLxjn4mHiNmFU5No-NPCXo2Ds-Oh30xUESGp1-WqLiHoaisjUE1ipH4-MZkIevyPJXGPmgDp01e3yCwWMbyWMLL_iLJFPKaj-Ocmy1jHidtBTrqfrWfRWsWs3p0hhdxBIlhm4eW-GfEaXCmks-0iv4Yl4twZDCKlc7nNIL0ouUyGbmy4_bz1MVfaljmjy1pK333wFPA1uTBkItSWHN2d9ofyUqDRre1Y9FLiaafkFOl6X6JCD90r4TKqKWObywJSbACHWoC0hTDr0jDTrOSggulWkTOEdtSBc_Pvmuc54QNwMkYR5d7ZDdZPBuLZiXEBo1dob-PaVHEVJuQaj05NVAA32SSB8_v_CPs3-HeSdcLNNuNsgmLBU-Te0QmgCMnQilJ3D5WYRjrS9DLRNHBxUea7E4Cca5LCRJb9GrIvvOkjQtjq7mIaI2Lv8ZoX1qWcCUwF2AQy_OTsPC1aReB7-kzj-POfpRJkW7Z0HyKcdqpZWlJKrSrBG4uUcn-cexc6GIWE1MPsaGYeW9FALVYW3cHNX3IiOq-O-xE4kunjwdk8IKBBSEVdyQ_pQhRpplsMvHh3_ch9f9x8kRBWJ-wp56bq5OfwOROkfkl1YlEM4_5kmj8sCb4gSBs5QrYmPk_YVh8mNSm6rs0F2vAJknLomUGIQReq5e9ls82mf5D-UXGGtsREZDffD9kAjX7BjirAM9yzi979TWkiLwPVJLVHQXt7JGkRXMkB2UQa8loFBh-MpEWigY5kyS-3znKOfga9HxG9vRhB6UP9zkPd5wKF_isuHsMKYWxEudxlaCwRrtmApjQziqlsqK-lOLTqoiJKzkc8MqYOA4YUGdbKPmDsIR81qwXQa33qRMhjupFAjdeqBYOCfa2yoBbmhmbhe85dDst6n7QCgnddbnxGtZ5XGVTp1G0oCrz1wMzmcRYCHJKu0juxfxe1Szo-E6JBoGZW-gCc5JM4Gpz2pV6m2Ma1IfdQhvdLAC7slDM393dJ7IgBy-f3D7bk0X2HPziS8bRhRJlzS2U_xRJithgWGL9LeDU8bD2X6LJHaX5YgHwF99Ul_AtZ5xaYy6xfGCTwevVo2DUowmiIFu4H9s0a8rw&cid=CAASFeRoCz-_uBOnGzkMHXqMHBvG6G5Eow&rfl=1%2Chttps%253A%252F%252Fwww.guru3d.com%252F%240

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

046785a45c5994739ced58cdaaa3707c14bdf26ea04646787119f9660fe01b48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25869
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5037 42 B
63 B 40ms
38ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CM9A61diSPIcZuC4p-DLRBfxgooKhl6vw4_XByxJqVheqjMsc_DYSpMhaEPsCC7C6IFYQQ_zVPIeZRKaM_HgGyJ0GDtcS06NS42FRggHs4RnvgqLI

Requested by

Host: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/ Frame 5037 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/window_focus_fy2019.js

Requested by

Host: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:37:00 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/ Frame 5037 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:33:49 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5037 122 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066169988846"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:49 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2001 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbqlA3Jy_YJH0JYaV3wP8jbOYDAAAAAA4AeAEAg&bg=!m5ilmNzNAAY6sG-_OrA7ACkAdvg8WrAWXfOF-MSc8qAzOn4fv7BtI4IRmiHtvfQH5EZEEoeBvnoCLQIAAAB-UgAAABhoAQcKAGRiATd60RL9geFQhmRlXyzzqNCg8Hf7kMNYri96VYaBMu1HjvFVm4-mboVM1l70j7TyRDzdlHRv9gVMTbdmC83PYD7-HxTw9rFfTrIdwCoVq3Vf_YlkFuPU45cpb0ToY5wOiuG2mQLHxrdyKdxsynGa9KpKd8o2oJINSPzdDdLU6NG4TTGZ7qZpRw6fbzjHjjCtAafsSW9sjmMJZsJ8pTHeJg-utBiQ_A9mEE74Fu1Aui_QTSvErZ7rCODdcfIEA6LGjFRVjGuHncw2thvrWOCqqgrItG2x65O4BXFhM_y9UIt13G-_5R6qO9Bh2GqQIwurAqsm-nxGboMJDGTCLicunxkwsTiQ-542tDNEqR0HU-R7gx_m31UWUfaE8XIuoHWNX2k-LzPBTrCK2E-N0KMfKy_YbcJCnpfH18XbJXowBsHL16XPg1QOutxDeyK6aKQ0FkyoFxVE2UFOe4RLATm4M5TST_Fq7NegEWP1yWw1Znob6ULt7-Gp6V4gHDbeoAttWGdD0_Ci7T70kBp9ONKhInTQOEN1CXokyyFzvcmwN0-od8oYhqeeczLGlA43iCrNr4JfW5zGmORfBB5pM_QLCpy44GvTa4iymV-E_TziFuk75gdmjXnlAIPpKq6io9tUkZRZxJpYULvAv8R9n_s2dqEGplY7TphYdIpp2JWY4rw_82YBjBs78TykRLZWwA1YajjszhPHL7UWvP34Btkmvg9K-WgBUyvHbUjwfrvWgViISOOScnE_KrOdnowrzUIsqC0fVT9d0X-h1MwoyheJ05Q-MFQ4x772oTnNzBvOC0OsGRa3T3vKoBw_09rcM3FCbQgsg6pUu8EnhUvL7Ty1tPAzFmbq2_6qDYPbfjEql7VvZBODexmP6IdH2Phu2jvUpFVJKPSiKCaLNvgg_OdRBSxRaGjaBo7978FyLxo-6eKpwWNZXX8cQjRosWk2AINeaZAyvospZkSmUN6E7kRYkFbivW4-KLuV7yYZitj3nBRFKyv6A9iRoou1thJkgLe_fLQg_ydvpg36WhQjETb4-nDF4WxI9ZTiFgH3fQ8RuOxbZftszfGzTV3WJAgw

Requested by

Host: 7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
URL: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7D7A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJX7-Eh8wJ_em6muvjanbww&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJX7-Eh8wJ_em6muvjanbww&google_cver=1

43 B
172 B

27ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJX7-Eh8wJ_em6muvjanbww&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQla2PAhjz4JWqATAB&v=APEucNWKLIhJePCOoi29N99NnYVKvkmIa8NoHyEufXEkGb3_C5nV7TF4LX2ZA7nWW3E5vpc6q-aRiai494wEMAiigK9p-lglf0hn1Ys5Y2AQxJt8_Zcrz_kMWo4kLZ-fYZPxrT7JJFVKjKd2u3HZtPWS4GBaBo1CNd4ROXX1gLnqWT2bDH8U2Rw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:51 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJX7-Eh8wJ_em6muvjanbww&google_cver=1
date: Tue, 08 Jun 2021 16:37:51 GMT
via: 1.1 google
server: OXGW/16.208.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7D7A
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2U0MmJlNzctNGYxOC0yNDc4LWMwODAtMTYwODZiNmI2M2Ew

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2U0MmJlNzctNGYxOC0yNDc4LWMwODAtMTYwODZiNmI2M2Ew

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQla2PAhjz4JWqATAB&v=APEucNWKLIhJePCOoi29N99NnYVKvkmIa8NoHyEufXEkGb3_C5nV7TF4LX2ZA7nWW3E5vpc6q-aRiai494wEMAiigK9p-lglf0hn1Ys5Y2AQxJt8_Zcrz_kMWo4kLZ-fYZPxrT7JJFVKjKd2u3HZtPWS4GBaBo1CNd4ROXX1gLnqWT2bDH8U2Rw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 08 Jun 2021 16:37:51 GMT
content-encoding: gzip
server: OXGW/16.208.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2U0MmJlNzctNGYxOC0yNDc4LWMwODAtMTYwODZiNmI2M2Ew
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 7D7A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEDznfddS_N7sKxdPXwsGtbo&google_cver=1

23 B
172 B

58ms
47ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEDznfddS_N7sKxdPXwsGtbo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQla2PAhjz4JWqATAB&v=APEucNWKLIhJePCOoi29N99NnYVKvkmIa8NoHyEufXEkGb3_C5nV7TF4LX2ZA7nWW3E5vpc6q-aRiai494wEMAiigK9p-lglf0hn1Ys5Y2AQxJt8_Zcrz_kMWo4kLZ-fYZPxrT7JJFVKjKd2u3HZtPWS4GBaBo1CNd4ROXX1gLnqWT2bDH8U2Rw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 08 Jun 2021 16:37:49 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEDznfddS_N7sKxdPXwsGtbo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7D7A
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NDc1NDcyNmU1MDg5MTMxZTQ0ZTliZjBiYTFjZTM0ZTA2ZWU0M2QyYg==

170 B
188 B

29ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NDc1NDcyNmU1MDg5MTMxZTQ0ZTliZjBiYTFjZTM0ZTA2ZWU0M2QyYg==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
server: akka-http/10.2.3
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NDc1NDcyNmU1MDg5MTMxZTQ0ZTliZjBiYTFjZTM0ZTA2ZWU0M2QyYg==
cache-control: max-age=0, no-cache, no-store
content-length: 197
expires: Tue, 08 Jun 2021 16:37:49 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/719405/54836762/ Frame 5037 44 KB
13 KB 413ms
325ms Script
application/javascript 63.32.41.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/719405/54836762/skeleton.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.41.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-41-216.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3d37c3402aaf031d8c322c2ba3539f4c97a95fac633fc70cb0fc226d39dc5a0b

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: gzip
x-server-name: app31.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 5037 111 KB
38 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 19:05:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77564
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Jun 2021 19:05:05 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210603/r20110914/elements/html/ Frame 5037 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210603/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CcuhHek8vZNBVN1Cy8coSUD0H8cAYEZQaGGTosxZq3Q0HkgEa1bNCtvs3llzgTIBE5aTv60b4vwL1iDZlK7ry_DUjmnexitbdemGQJ6ERRg2rGCyoVgV3SR2e80dzo7nVrVslnok0mPUgwagsHALTye49Zsw&dbm_d=AKAmf-Ac2Wql6yBomcDGvQvRZA64C2fapsjiEysAEGi5PHFfdTFY5RbQE4tc61SGrFT-Uinxyuhzpt5qLN2o-1M_jrenNE4Mr9Sg5CzGTF0lMacYMrHrmdA25FROnBpS2Hx_G2IWorckHsGZED7at8QUDUqV-ulZriv6pVdMiRgzHToxRA9PwQoGyox2X6D4N067bIM4P7uuCVd5wbe_UTiVnRLZgNjgDjZqGqOytHI2UU5FYrAiAZce_sXuZJsmmR_9u7G0dM5JKFBDESmJq3mvTbc7hjWX0EnF51GgapOPi5l9nAvQhiGONU2h542seydatdgRpJffpUYHJXkCO7XHGm-kTL1toX9FUFkgt_rUcmxxlne5SdC5pLsSqPOe2ssgdMI-zmPaFsm45qEity86Gz5zVDJ7OrrlJhHUnd22QRhWAiwn0KGC6yVhZsWUbnuDfOgAjPZI9sBlzvAnB51atg8KUS_hZk-85IqUnMEWbIc3cwtAn6E1letG0rINkmc4MSbjNpsI3YNvSx9RPwXBaLLZpHDBd59D2GEMBNKoV1jkR0055SFC7Ki00vQ-O1a8eBpr8Cz_xYPrYduLL7ITB3BpISCMHT0875hJUBXTTsnUj0HnFZjvqczv9xXOdZ8GIv6M2lqj8FF0He3M7o1t3wWdhnUgwK-3MMMYu-AdLs7Jvb-RAVYMXJyN2gntlVYwCliY2olPKdxapNJ5fdNtwm6I7a2jec68lP00DF2qZFDReUJrloMqh-irM633uym7fCqDPd7vJo75fl4xkHiqixPf_-TVF6lUAtvnjQ5zm_UbFxhkrkiQYWGWcWMTr5aS6XJ20RvpID0vK5cagVTs-GH4tUCpWvSAQ9HGdY9HxygXeyELd7sWYQMUGG2WsiaOW3N114nBbZQFIfw75Y9AnJs-cdbX6tN68a72sKg-CTC5-qtXm3BmQiRBZobi1Rc_iKCI42bQln9afXMY1cz5pbdXn0OnZkoEQFmi57rRu4Er4Q2Ogio4m7kc-G2qRwU9a2VnQHqQbn2TVIdC56txzH1SWADikV_Bu9aZMSrjy7au69U0veczIOsd0nsIZkrJJCw_m2_35c1Uo99IEJhmqPItBzi5ReATSpfxUaMlsYrcNXhDA-Nm2xefF8OOYZZc0dnhhMM8wsDiVcPmnDvu33YfSYLfKYZM18Am7-T1kzLXmm7ZXj5VaL7bJlwS5Whyq1xnj3uNNMnAFkwdQqMn__Esa3nNC2X9NKJUaAD-z53vxuKPC55xLdOuqlDxs3I_pZLTG2Wyl8JQbLhT2SyzOwkaFiEj2OFq0j41KRDoJJjpl6eukD9R3a0LMGuCTN86D-AhRXydLNF8xg90gAzWXtg1z6B-aUz2jRGsI00DesMfoTL6nbvchAaGZ_3_iO5m5ATFiwsGeHl-bn3op-fPDMkmHiEpY0wIsAYJTf0OhltrqYBO0c4QCYcG4DGY2vYskSWjKgFrGN-BaG2f_BJPWT9M4ZK13rEgOphBi5z933SKlrWp9nUUv9RXwNq0bJ9Baujfqi4zp43b0WH3z6mSS1-9MTFQUb9ghZJpkgGjlQ9gE2tQDbF2zGIqBWcLPa48efmR38HDeQuRutkLbvj3G6nWoCcOQuFEBMccB0Nco2SsnFSHBYevBb_Sf7NHS1ywxBGRhawCeWiFNIIe-RtGNVBMR0Obs-VJrWiEz2yuMSLAsNR2xcbVrX4WFwEOyuQY7o9FF_m1Mn55okqvgwU43Ie41XTPlM0438L2ET5XamOOcB6C5ZTZYqOGT0kqHs9ZXHvHyRPShDqa6BeWwKdnotLTCkBZPPOUdGXOOAcQ3qJziwqqu77jqBhZ0nrKbzYwdhaQp47K_HCy3TJQ8M459ndPvZP8H-NY7-M-_2VjIB7Pqv2IqLBMBXDmajeedYHca1ut5HZLeqK-_GBfzSNMp4nGjJhgiIv30tCojskY5649n6B84FEf-aSLU_Zf2HaKnrMj4IlE_qbXBDQO7BnJUwuyNyytFGaWtdhrd_q0m6kbm2DpNmb28yCUyG5pYo8lj_rmOIdlCMdRLxjn4mHiNmFU5No-NPCXo2Ds-Oh30xUESGp1-WqLiHoaisjUE1ipH4-MZkIevyPJXGPmgDp01e3yCwWMbyWMLL_iLJFPKaj-Ocmy1jHidtBTrqfrWfRWsWs3p0hhdxBIlhm4eW-GfEaXCmks-0iv4Yl4twZDCKlc7nNIL0ouUyGbmy4_bz1MVfaljmjy1pK333wFPA1uTBkItSWHN2d9ofyUqDRre1Y9FLiaafkFOl6X6JCD90r4TKqKWObywJSbACHWoC0hTDr0jDTrOSggulWkTOEdtSBc_Pvmuc54QNwMkYR5d7ZDdZPBuLZiXEBo1dob-PaVHEVJuQaj05NVAA32SSB8_v_CPs3-HeSdcLNNuNsgmLBU-Te0QmgCMnQilJ3D5WYRjrS9DLRNHBxUea7E4Cca5LCRJb9GrIvvOkjQtjq7mIaI2Lv8ZoX1qWcCUwF2AQy_OTsPC1aReB7-kzj-POfpRJkW7Z0HyKcdqpZWlJKrSrBG4uUcn-cexc6GIWE1MPsaGYeW9FALVYW3cHNX3IiOq-O-xE4kunjwdk8IKBBSEVdyQ_pQhRpplsMvHh3_ch9f9x8kRBWJ-wp56bq5OfwOROkfkl1YlEM4_5kmj8sCb4gSBs5QrYmPk_YVh8mNSm6rs0F2vAJknLomUGIQReq5e9ls82mf5D-UXGGtsREZDffD9kAjX7BjirAM9yzi979TWkiLwPVJLVHQXt7JGkRXMkB2UQa8loFBh-MpEWigY5kyS-3znKOfga9HxG9vRhB6UP9zkPd5wKF_isuHsMKYWxEudxlaCwRrtmApjQziqlsqK-lOLTqoiJKzkc8MqYOA4YUGdbKPmDsIR81qwXQa33qRMhjupFAjdeqBYOCfa2yoBbmhmbhe85dDst6n7QCgnddbnxGtZ5XGVTp1G0oCrz1wMzmcRYCHJKu0juxfxe1Szo-E6JBoGZW-gCc5JM4Gpz2pV6m2Ma1IfdQhvdLAC7slDM393dJ7IgBy-f3D7bk0X2HPziS8bRhRJlzS2U_xRJithgWGL9LeDU8bD2X6LJHaX5YgHwF99Ul_AtZ5xaYy6xfGCTwevVo2DUowmiIFu4H9s0a8rw&cid=CAASFeRoCz-_uBOnGzkMHXqMHBvG6G5Eow&rfl=1%2Chttps%253A%252F%252Fwww.guru3d.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:28:05 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210603/r20110914/ Frame 5037 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210603/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5975f21c81bda9dfd465bc96ee93a336e22d160bed0054ef916a8392d5aa406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8601
x-xss-protection: 0
server: cafe
etag: 12295082536333688880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:36:33 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5037 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 06:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37056
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:20:13 GMT

GET
DATA 200
OK truncated
/ Frame 5037 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e41ab622fa2661e8fa1d783224551a77a540dfcd2aa70e30eb9e6472f2e771e8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 38C5 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 08 Jun 2021 14:44:09 GMT
expires: Wed, 08 Jun 2022 14:44:09 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6820
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
s0.2mdn.net/9329607/880063393630294/CKPRIDE-PRIO01-300x250-opt-5/ Frame 940B 74 KB
18 KB 8ms
7ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9329607/880063393630294/CKPRIDE-PRIO01-300x250-opt-5/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029690738ef7814c31fc8fb8d9e79d2a17d6cc5f95c76ce4114ea3639c8ce28c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9329607/880063393630294/CKPRIDE-PRIO01-300x250-opt-5/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 18231
date: Tue, 08 Jun 2021 07:05:46 GMT
expires: Wed, 09 Jun 2021 07:05:46 GMT
last-modified: Thu, 20 May 2021 12:52:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 34323
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5037 0
24 B 113ms
86ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVh6kaUWsZDMvVeoyLuxUhynTmbIzJ3NrfYjIlBwxIOIhSITuxFN0ScO7gbcJJHd5fHqGbq8WgfOPp7mInCHa-Sn9FAyt65sOEFpJ0WFtVMBLNxFyWMKLCRg6hrZXl9TXseHOe7aJJPu3uSccqkmDrVdYqvqx9CWxXl78B3i0X7qX9suHtVj_BgWUHFGNfy87aPXFJW-jaRkkghsatE2_UkfErCd4Cbd91BujSaLZmF3kcygmYg3aZFuQmqzreVGP8pxGmc0mgxypGwwV9X-6Ajz0pg65iLrHmDGunlvc-H2qJK_YoK4ANmZ4V3_-pUUVYRz0yln7-e-dt-V7bztBzIJ-8yQqUn1jYHUgI9zqXffOTikNzVOs9XbZ3jmdOnMe8SvgS5whywdWrLwW9saekl8_PqV4OuTh14bMtBqmFpUwfQhEyEKUzorsUax4pZSUdyF3dmum4k2Val4HP_LK6m4fq9H1MKtT1N_vKxwOyt8pgrET0nyO0V-bDuFJ6zcjQRoeiyulnyk_IGcvc7t6Fd5RuQQ8gm6kZVqZh41zPXMsORthGLB97wX8yn__xhtDC2JDRDZTa7YcgPD_Zd6EUDWAUH0RKie8wC1uOG2ATldFeBKmw6GRNBg2WeXbkstcb023fwv1Y4Fa9cS1Fr6x6_exiUZZUxEvJkmgJX-Tf8ucXIzo80CjdIK4Z2DnDA6jkG0qP0m1xNJrVUnGH3ssGV1TTmH8IjoaYZamBvB54YWaO_2PMX8_J5XJJBCvMjrXYLMZ51QpsFF0ojWFjVpZiAD3OqowOnXnScGFFBrhguDZdG3ApNmbPJ27iyowv2ZYSMV5gwsBiWoN00e1Ix7Jjx1CmlbTCAnBbCs7xL63exLU2WpHYZ7WGh97RONDjMLBou-dWwSQ-mbd8UYb7u63soJ4R0g-6CACODUWvujIxxl97N3lJdaK-QR2wXM1j7GDxk9mey0eAU01BQu5Ci2m2mqG-o2lWY7e7YcsGUOEmtJs9D1Dv_AyinMEbUB4D1NPFAnPELv3F8ZefEVElfFlVQTBxNNLqQuA-2gjprmdnZBTdqOHAPxRdtPayenHdk0zK7_oJmv7TW9tl-e0RRT_HjEzvKaPnFIys9OyNE0ycLYQuak8_rvjwdYIM5R9cF2Ao_aU&sai=AMfl-YSEswQXLyz-Ik5rnpPa_uegDGajujV561o2qTcWUefTc8cX1xh7uThOY_XOcH_kJJbrXSaKpUi7yrKQ-QXPReopVv_7JyLDG7CE0ttyEpDpyFmK7OUv8adh_4jJj7GPWFCeqo6qo3euV2I1m3nmamELlFBzGdox79P3--Y&sig=Cg0ArKJSzO6v0_058djrEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=70&cbvp=1&cstd=65&cisv=r20210603.08969&adurl=

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 08 Jun 2021 16:37:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 38C5 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 15:43:53 GMT

GET
H3-29 200 DcmEnabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 940B 28 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9329607/880063393630294/CKPRIDE-PRIO01-300x250-opt-5/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9329607/880063393630294/CKPRIDE-PRIO01-300x250-opt-5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10181
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10285
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 13:48:08 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5037 0
23 B 57ms
56ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 300x250_.jpg
s0.2mdn.net/9329607/880063393630294/CKPRIDE-PRIO01-300x250-opt-5/ Frame 940B 26 KB
26 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9329607/880063393630294/CKPRIDE-PRIO01-300x250-opt-5/300x250_.jpg

Requested by

Host: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50aac955370f293dcf253cdcbd5bbdf17bbab0f59434e9b808c3b2000298487e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9329607/880063393630294/CKPRIDE-PRIO01-300x250-opt-5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 14:52:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 May 2021 12:52:15 GMT
server: sffe
age: 6329
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26769
x-xss-protection: 0
expires: Wed, 09 Jun 2021 14:52:20 GMT

GET
H3-29 200 300x250_1.jpg
s0.2mdn.net/9329607/880063393630294/CKPRIDE-PRIO01-300x250-opt-5/ Frame 940B 22 KB
22 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9329607/880063393630294/CKPRIDE-PRIO01-300x250-opt-5/300x250_1.jpg

Requested by

Host: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5aa8080dc880f38cbe29b77af2dd60c25bee0cc9377ce432afd356286b270ed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9329607/880063393630294/CKPRIDE-PRIO01-300x250-opt-5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 00:11:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 May 2021 12:52:15 GMT
server: sffe
age: 59170
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22116
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:11:39 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38C5 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIuOX3Zy_YLqXCZHu3wOS3JiwCwAAAAA4AeAEAg&bg=!ISKlImbNAAY6sG-_OrA7ACkAdvg8WmAw7djo50fVlOjOkodnCKC1_OPBUmgRp9PyMV15uMq__kSzAQIAAAB3UgAAAAxoAQcKACFAFkzk6bhYDFZNbZfDhh0TSW4m3UpmPoDoeBLql_sv7luZAsVH5r3B0_Bl25JQLkhgFDw7NsPWYZ9RhKg5dOr2t00pnaWOMYrnEGN1QDeJiWW1JwPsf_YBzUa3pg669isORvO47l-8_S_tOLGU1SMgUx5jEYTfDYIjnc1MbdrL370aVnhPmZNtqqIwk2VSna1eKPcqSVo-IPzjVpxJ0hNhPON0792lPZgNB5NNRXZY6c782BW3onU4SbXBVFRvB-6krjIE_usLUPqHlz73c_S5EnCtVKnDeOjqSL95GIthzZYEl0XGAGoJdR4RigZuQKbA7BOJrCUeXIVKKKt-ju6ZD44sjF5ArSHpw8VKpnZiOO1Y_zglCb23eYnSXuFpxMvY_Bu4cUXOOzeitdqceeH4ZyQF4HkaM7XfvodBO05XfowH4dp44TKpMPhZhY2M3RhOLhhq8aeuF-Q3ogA27SWYsy69MoEr2BmbsHU11jnCv8CE2meup4RSidRxdcmISvMkvdzmCGL5uUYtaYbLdgWeWRv8xPUcObfdVZX-7P_LnX7ydYhcGKsoBoV-Kt2mr4BDROKvEXCv36Ftf9a-FLUpNQA18_6liXCT4TjWZTixxAtuSbaxlkBT9rNqIvg0EvAabdonCyz3qtV1qLZNEJ8v7EWH_puY9N8L7UTnFw8parqDw42Opv5Akg36kjZilvr2OngKZypS_PjpPw3djTH1FVMNok3LUqhb6Nshyq6EZ-n4AqxDY3BQT9XhpKT-aS_T1BR_sC2gyEYJO_lEc7vxeyUH0wMxwByvVGm4VUbX39YSo7T7eAqmDC0UErKMfUQ2lE3h5Y8CsG6Ln9xqFj_9-2jb2zwxn3Dkn0NXPIsKM0I1semazPBLOKY09III1kvQbwI2aZbSQ4jl6iQNHBlIU_zEiqYFTdIGla288CINax9T8HHkU4KILFJXXE9toZCr-VmC4YSE9qh3r6fS2V6ty29A2Od0y_fF

Requested by

Host: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5C8E 6 KB
3 KB 26ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 08 Jun 2021 16:37:48 GMT
expires: Wed, 08 Jun 2022 16:37:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91E6 73 KB
28 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066164336645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28149
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:49 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 91E6 10 KB
8 KB 23ms
19ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5071940399f87d2787ede741e2ede430ad9c2fcb004e5b6ad2b5787060841e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7877
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 91E6 17 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:49 GMT

GET
H/1.1 200
OK lightbox.js Show response
www.guru3d.com/core_javaload/ 10 KB
3 KB 146ms
94ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/lightbox.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PHP/5.6.40 PleskLin
Resource Hash: c92a10fe1436e3cb16e8433eba72384ac1e90922cdb10efdb1adae0cca230e90

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Cookie: __gads=ID=515849435645b3ff:T=1623170265:S=ALNI_Ma1dotVrEWIKuWqNavbm4nKvevRjw
Connection: keep-alive
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:49 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40 PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK index.php
www.guru3d.com/ 17 KB
17 KB 83ms
31ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/index.php?ct=files&action=thumb&id=303
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PHP/5.6.40 PleskLin
Resource Hash: 2e387ea940da1b59933421290c1112a89a40b7c0da2342ac4c46e4c5eef7f3f2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Cookie: __gads=ID=515849435645b3ff:T=1623170265:S=ALNI_Ma1dotVrEWIKuWqNavbm4nKvevRjw
Connection: keep-alive
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:49 GMT
Content-Disposition: attachment; filename="thumbnail_rtss-v7-guru3d.png"
Connection: close
X-Powered-By: PHP/5.6.40 PleskLin
Content-Length: 17167
Server: Apache
Content-Type: image/png

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed23ef0570ddb874088d689cf1e698b14d381adf4890b1c07e0a38b388aa91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rAiU4zCYxh7WYfpOx7AJtg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: pHFOrQflQ88xMP0GCJ4sYq5KTcgY5EEhB4TwkRuQnu3uGS9g2Re+W4AOdV3T72FvLcgvywSdoQkODTKyTT0Mmg==
x-fb-trip-id: 917726464
x-fb-content-md5: 443e8c2838d3762be4bf88d2d1267431
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 08 Jun 2021 16:37:49 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b866c0e75dc95cc4ac100e3b811fa0a1"
timing-allow-origin: *
expires: Tue, 08 Jun 2021 16:54:41 GMT

GET
H/1.1 200
OK index.php
www.guru3d.com/ 3 KB
3 KB 298ms
28ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/index.php?ct=core&action=tasks
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PHP/5.6.40 PleskLin
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Cookie: __gads=ID=515849435645b3ff:T=1623170265:S=ALNI_Ma1dotVrEWIKuWqNavbm4nKvevRjw
Connection: keep-alive
Referer: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:49 GMT
Content-Disposition: attachment; filename="index.png"
Connection: close
X-Powered-By: PHP/5.6.40 PleskLin
Content-Length: 2808
Server: Apache
Content-Type: image/png

GET
H2 200 oqiHTjyKmt0 Show response
www.youtube.com/embed/ Frame 29D9 52 KB
22 KB 49ms
49ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/oqiHTjyKmt0

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aec59120b01090222233f0684439a1ee463a31cafd62309af54ed5f8902b0da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/oqiHTjyKmt0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 08 Jun 2021 16:37:49 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=_f0cpZJF6Es; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=Pcu-_-MMp1Y; Domain=.youtube.com; Expires=Sun, 05-Dec-2021 16:37:49 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+652; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 5d7f7505a10e8c849470265ce393f6ab.js Show response
www.gstatic.com/mysidia/ Frame 5C8E 7 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d7f7505a10e8c849470265ce393f6ab.js?tag=client_fast_engine_2019

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d061cf248e6817cc9497fdf606aefb9ca23ebb78d4f19d2a4d9651090c78a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 11:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2965
x-xss-protection: 0
last-modified: Thu, 03 Jun 2021 11:40:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Sep 2021 11:59:59 GMT

GET
H2 200 506824e1a269747fdbfa68edf6a1b915.js Show response
www.gstatic.com/mysidia/ Frame 5C8E 130 KB
48 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/506824e1a269747fdbfa68edf6a1b915.js?tag=video_mra/web_raspberry

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd461a3a10ed00d5e8a2ee0642a79cb2f0cd664a3bc88abf26e74befce054e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49021
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 06:08:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 06 Sep 2021 13:55:52 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 5C8E 3 KB
578 B 39ms
37ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 16:32:29 GMT
server: ESF
date: Tue, 08 Jun 2021 16:37:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Jun 2021 16:37:49 GMT

GET
H3-29 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/elements/html/spam_signals/ Frame 5C8E 6 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5fef98536ca998c6c96da019f7c4db5bb28cd498b885375eadef7bf691bdbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2937
x-xss-protection: 0
server: cafe
etag: 16555246400765552577
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:21:25 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/ Frame 5C8E 1 KB
913 B 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:34:33 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/ Frame 5C8E 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/abg_lite_fy2019.js

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97bd8342439af3d67fd67c50ae141bd62f62d621104f58e75f61f054d5c06983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 17852637887628504664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:36:05 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/ Frame 5C8E 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/window_focus_fy2019.js

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:37:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C8E 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066169988846"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:49 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/ Frame 5C8E 13 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210603/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 16:33:49 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5C8E 0
0 14ms
13ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_ZvMDWwgjpd35Z5SpHChD7LNyMqb5WJCmt8yStQHCElNSNg1H0JSyR81bwwDzORuLgSIg2kWjCx-QXh_IEb8-MBe9OQ
Requested by: Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ef1eb58ff665bb7a112fcf12029c3c9f.js Show response
www.gstatic.com/mysidia/ Frame 5C8E 25 KB
10 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef1eb58ff665bb7a112fcf12029c3c9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 12:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10553
x-xss-protection: 0
last-modified: Thu, 03 Jun 2021 11:40:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Sep 2021 12:00:57 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame E9EE 12 KB
5 KB 10ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 08 Jun 2021 16:28:06 GMT
expires: Wed, 08 Jun 2022 16:28:06 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 583
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 49B1 783 B
533 B 17ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

46300811671c9af393b9a2f05b6eb84e33cdac8a0be15efeb70ef4bb1e242a13

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nzLNV8ac5FA39MHv0n184Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

expires: Tue, 08 Jun 2021 16:37:49 GMT
date: Tue, 08 Jun 2021 16:37:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-nzLNV8ac5FA39MHv0n184Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame 5C8E 2 KB
2 KB 22ms
19ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 18:28:25 GMT
x-content-type-options: nosniff
server: cafe
age: 79764
etag: 9923804599063086578
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2033
x-xss-protection: 0
expires: Tue, 08 Jun 2021 18:28:25 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2096280280947928850/ Frame 5C8E 4 KB
4 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2096280280947928850/downsize_200k_v1?w=100&h=100

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4183ab72e57c4f50fc26c2ecfabe411a81c6dcaff17f9b462362ed1d4214e59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:23:44 GMT
x-content-type-options: nosniff
age: 845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4069
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 12:48:32 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 16:23:44 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5C8E 0
331 B 49ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kpo9o3rb&c=7547412261736&slotId=3773706130868&qqid=CKGmlbq8iPECFYiUdwodruUCcw&sei=44729911%2C44730425%2C44730426&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1&umsem=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/506824e1a269747fdbfa68edf6a1b915.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13776356438267067043/ Frame 5C8E 115 KB
115 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13776356438267067043/downsize_200k_v1

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21dbf97ef31fc487b4c5c6089656beb9bf43c1215794a87744d83d9047890c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:24:54 GMT
x-content-type-options: nosniff
age: 775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117733
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 12:48:32 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 16:24:54 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5C8E 0
0 76ms
76ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSOO03Jy_YKHIJYip3gOuy4uYB9Gm9phj5O7yn7UOsJAfEAEgiIC_FGCV-vCBjAegAYeb-74ByAEJ4AIAqAMByAMIqgSMAk_QqqAg1iN-rHiu7exn8J0wEjesCL0vcLuTbbhkfDhR5D_nhL5VKTglVWpHFKYDE7l1w_FYzAvLyLtYfFA8rKs518gYsPE9cu8xUOz7UaNGtg769cKWaUoiF2EyxsNtTX_LD_MTnp4uvkhsui71gekCY2xvjm5SFJLBC4cXLAzXfb3Moh8_ALk6SfoKxKQIGeS_sGBNItbcu0mCrMS5uvc8m7EcQMNPnWr-Brn6eks25gElMsJyQA94jMkXakv2WvT70LP2Ud1-GggHOF09sABcrkJgUuGi0expHXr2az5VSvYM1AkCtmkUWsYMS5xdDwZvB-sHtUehs1QRdtGFLojhX7CNNG5U80C6VzjABM7fndjGA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfh5ITBAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBD8nyXSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTg4ODE5NzY4MzM1OTM0NTeACgPICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItNjE2Mzg1Nzk5Mjk1Njk2NA&sigh=rs2THxvklP8&template_id=3484
Requested by: Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 78C7 1 KB
749 B 10ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 08 Jun 2021 03:04:19 GMT
expires: Wed, 09 Jun 2021 03:04:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 48810
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5C8E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8b6a54c2214da2d664320526171117aa5c1a932657825851111d74c375af6f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/00fe505f/ Frame 29D9 358 KB
45 KB 15ms
13ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00fe505f/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oqiHTjyKmt0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60abaf88d6790a81e6f4edd4a174032609f24f6ffd767a837c96e1c956175e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/oqiHTjyKmt0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 15:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 00:19:22 GMT
server: sffe
age: 92212
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46187
x-xss-protection: 0
expires: Tue, 07 Jun 2022 15:00:57 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/00fe505f/www-embed-player.vflset/ Frame 29D9 193 KB
63 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00fe505f/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oqiHTjyKmt0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6098464fc2e79a514e9fe383932f4eed6a1c99ff10b7c68e4985161728ef8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/oqiHTjyKmt0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 12:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 00:19:22 GMT
server: sffe
age: 16484
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64984
x-xss-protection: 0
expires: Wed, 08 Jun 2022 12:03:05 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/00fe505f/player_ias.vflset/en_US/ Frame 29D9 2 MB
468 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00fe505f/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oqiHTjyKmt0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ded76441d40cbfc6d43dda7a994820cf0a64ad3d0dee4e4635951203945143a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/oqiHTjyKmt0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 11:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 00:19:22 GMT
server: sffe
age: 18508
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 478837
x-xss-protection: 0
expires: Wed, 08 Jun 2022 11:29:21 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/00fe505f/fetch-polyfill.vflset/ Frame 29D9 8 KB
3 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00fe505f/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oqiHTjyKmt0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/oqiHTjyKmt0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 15:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 00:19:22 GMT
server: sffe
age: 92214
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Tue, 07 Jun 2022 15:00:55 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 29D9 15 KB
15 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oqiHTjyKmt0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 22:38:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 583147
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Wed, 01 Jun 2022 22:38:42 GMT

GET
H2 200 main.gr.19.8.206.js Show response
static.adsafeprotected.com/ Frame 5037 183 KB
58 KB 147ms
63ms Script
application/javascript 52.209.147.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/719405/54836762/skeleton.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:03:45 GMT
server: nginx/1.16.1
etag: W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H/1.1

200
OK

videoplayback Show response
r2---sn-4g5ednse.googlevideo.com/ Frame 5C8E
Redirect Chain

https://r2---sn-4g5e6nld.googlevideo.com/videoplayback?expire=1623199069&ei=3Zy_YP_gGpSI4gHQtrfABg&ip=152.89.163.92&id=c6af75515b4450e0&itag=243&source=youtube&requiressl=yes&mh=Il&mm=31&mn=sn-4g5e...
https://r2---sn-4g5ednse.googlevideo.com/videoplayback?expire=1623199069&ei=3Zy_YP_gGpSI4gHQtrfABg&ip=152.89.163.92&id=c6af75515b4450e0&itag=243&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctie...

977 KB
978 KB

25ms
6ms

XHR
video/webm

2a00:1450:4001:69::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednse.googlevideo.com/videoplayback?expire=1623199069&ei=3Zy_YP_gGpSI4gHQtrfABg&ip=152.89.163.92&id=c6af75515b4450e0&itag=243&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video%2Fwebm&vprv=1&gir=yes&clen=1294202&dur=28.999&lmt=1620468145488496&txp=5432434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csusc%2Cacao%2Cctier%2Cmime%2Cvprv%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgALN6WLbnN3l1tui4SX02Mz7xzBJuJ8XzEOurZCxRpuUCIQD410xBMVPNJaEmnvLau4_vvZ3O2td4g4irmeuCS7Dc6g%3D%3D&range=0-999999&redirect_counter=1&rm=sn-4g5esd7l&req_id=c215e5fa32aaa560&cms_redirect=yes&ipbypass=yes&mh=Il&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednse&ms=au&mt=1623169984&mv=m&mvi=2&pl=50&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgKjr_imbCQA8P1x5PKaUpnMgRsD3Ghq4MLf-J4TpDR-ACIDeLAWEejDZRhGyMcn6_yad5A1O-1cNZOM8mO8o6Vudv

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:69::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e290fdf966bc9a883f871229cdbb2113d0802030addda032cc0122947b7b0181

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:49 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1000000
Last-Modified: Sat, 08 May 2021 10:02:25 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=28500
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 08 Jun 2021 16:37:49 GMT

Redirect headers

Date: Tue, 08 Jun 2021 16:37:49 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://r2---sn-4g5ednse.googlevideo.com/videoplayback?expire=1623199069&ei=3Zy_YP_gGpSI4gHQtrfABg&ip=152.89.163.92&id=c6af75515b4450e0&itag=243&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video%2Fwebm&vprv=1&gir=yes&clen=1294202&dur=28.999&lmt=1620468145488496&txp=5432434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csusc%2Cacao%2Cctier%2Cmime%2Cvprv%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgALN6WLbnN3l1tui4SX02Mz7xzBJuJ8XzEOurZCxRpuUCIQD410xBMVPNJaEmnvLau4_vvZ3O2td4g4irmeuCS7Dc6g%3D%3D&range=0-999999&redirect_counter=1&rm=sn-4g5esd7l&req_id=c215e5fa32aaa560&cms_redirect=yes&ipbypass=yes&mh=Il&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednse&ms=au&mt=1623169984&mv=m&mvi=2&pl=50&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgKjr_imbCQA8P1x5PKaUpnMgRsD3Ghq4MLf-J4TpDR-ACIDeLAWEejDZRhGyMcn6_yad5A1O-1cNZOM8mO8o6Vudv
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=900
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
Expires: Tue, 08 Jun 2021 16:37:49 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 36B4 42 B
64 B 38ms
21ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrFf7Lov6z2lZgvt-Zq_95EP_hfzfcrA7MwwkmJn155Y9caIyguJ0CdgoPNhmLuclVfjBBV26rqZH5E4tpaRjiVbSoKjGh4j7aVtqyzy3dVQ0ZO-pjV_u_aR7mHw&sai=AMfl-YTgesdq5qQvqzYGr2InIPSQlfDo69VLkGP24J3MJfbyjIV3t8vn7JH1WjpS4Tz_UU7zWWAKYBTzvOL6sK4R-yAXMISAZBopk3W6Jhlx5GWqXyY-WzyX0ul6lF0&sig=Cg0ArKJSzJg4zoizDyfZEAE&cid=CAASEuRoinshLZUj94rQJVk0J9tzKw&id=lidar2&mcvt=1022&p=0,0,94,728&mtos=0,1022,1022,1022,1022&tos=0,1022,0,0,0&v=20210607&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1056697662&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623170267806&dlt=60&rpt=957&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 5C8E 21 KB
21 KB 23ms
9ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 17:27:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 601823
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Wed, 01 Jun 2022 17:27:26 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 5C8E 21 KB
21 KB 21ms
9ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:29:03 GMT
x-content-type-options: nosniff
age: 4126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 15:29:03 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 36B4 42 B
64 B 34ms
14ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNirEZMtMJVfnbzJq9oOUug21qKu9MDZe-pTI-eGekcOH9lxsIDNbyRkFAyA76pRHQYWBqCMedAWidgL4adbNGuB9HTo-L&sig=Cg0ArKJSzA5JpCtTJvAxEAE&id=lidar2&mcvt=1031&p=0,0,90,728&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20210607&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=2784033090&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 all.js Show response
connect.facebook.net/en_US/ 219 KB
64 KB 20ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=413357167695cb276fece66570e0f79d&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89fbd67df52c8a24c5e78a8792e6d153925e158c915369c8f79d254ede177e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.guru3d.com
Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: C3u5PEld5A/2ECatX/MYyg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65849
x-fb-rlafr: 0
x-fb-debug: HGf4h6cIRaVFpm8QrXKCAUYQc2cq9l1UZkkBDCPeE82YWdc9WZ7DVY2yjOWaGNgoTxnIktjJNm+pBpS/vOP0Jw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e4feac5ba678f841b2d7ade750445607
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 08 Jun 2021 16:37:49 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "9f353f69097ebed8aa61112e3eecbc63"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Jun 2022 15:55:04 GMT

GET
H/1.1 200
OK download_button_small.jpg
www.guru3d.com/gurustuff/ 1 KB
2 KB 2019ms
27ms Image
image/jpeg 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/download_button_small.jpg
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: one.guru3d.com
Software: Apache / PleskLin
Resource Hash: d08d4cd6485a4083d52e4f2d59bb02c941321e235fb50177daf4ade5f8c1e3f7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.guru3d.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Cookie: __gads=ID=515849435645b3ff:T=1623170265:S=ALNI_Ma1dotVrEWIKuWqNavbm4nKvevRjw
Connection: keep-alive
Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 16:37:51 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:03 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "52b-595ccf402be98"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 1323

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 21ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 7 KB
4 KB 577ms
576ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4291164364558076&correlator=1339379098742804&output=ldjh&impl=fifs&eid=31061359%2C44743204%2C44744015&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210608&iu_parts=21536815%2C728x90_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D515849435645b3ff%3AT%3D1623170265%3AS%3DALNI_Ma1dotVrEWIKuWqNavbm4nKvevRjw&bc=31&abxe=1&lmt=1623170269&dt=1623170269863&dlt=1623170262482&idt=3201&frm=20&biw=1600&bih=1200&oid=3&adxs=163&adys=3377&adks=1111642073&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=944x0&msz=944x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-kzh03bRdLohJA2DgKLOtOURXcKkotmpXyrk6soLnI8i6-vhlNRleS6FplkTUnPa5VmloU0oQWaw%2CAGkb-H85IpjXxElvZyzjgrXbfRDcoGq__hv9KNpUlZeKrKxit9-fp5i2qn61CiecpP5z9-80-UoWB3oy8A&ga_vid=113647218.1623170266&ga_sid=1623170266&ga_hid=111097677&ga_fc=false&fws=4&ohw=944&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c3ddb2e59244755003ec0332a93cd2853e32265b4c68a74591f0dc08b40cb0f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3777
x-xss-protection: 0
google-lineitem-id: 129863415
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 48543002775
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/xNQQ4Ja1ehbNf/www.guru3d.com/ 5 KB
2 KB 34ms
34ms Script
application/javascript 2600:9000:218c:4800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/xNQQ4Ja1ehbNf/www.guru3d.com/choice.js?timestamp=1623170269867
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:4800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69439656dea473a2b061c934e843071a2d10a889fc74484b0cc5521767d2b1de

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: br
last-modified: Wed, 10 Feb 2021 23:03:35 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P1
etag: W/"2dffc2b03414afb57d77b6bd1cdb70c0"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f71686f416809921055425c79026dd71.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: EKwTOOMqb7_K12Rs_zwCkAjZDWn_ajNPQDxmix1mrkLx5vqrdttbig==

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 180 KB
63 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc669f5973433db3c76865836e6ec704de07d1e4b8b43c912c454e5d205a4d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:49 GMT
content-encoding: gzip
vary: Accept-Encoding
server: sffe
x-content-type-options: nosniff
etag: "16041096307961051294"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:49 GMT

GET
H3-29 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 14:05:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 9137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Wed, 08 Jun 2022 14:05:32 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
39 B 12ms
6ms Image
text/plain 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 9ms
6ms Image
image/png 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 12:57:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 13191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Wed, 08 Jun 2022 12:57:58 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
182 B 33ms
5ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:49 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105242203000/ Frame B153 191 KB
54 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b90f60459b17f2ddf447768e249c21c662e70bde6148deff13643982f93f9a6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.guru3d.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 381101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55246
x-xss-protection: 0
server: sffe
date: Fri, 04 Jun 2021 06:46:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9907e100ee706e0"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jun 2022 06:46:08 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame B153 12 KB
4 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8de063d7075aa9a9a68120f3eb37178e85777138d4154903a2d4b187b4a893d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.guru3d.com
Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 11964
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4568
x-xss-protection: 0
server: sffe
date: Tue, 08 Jun 2021 13:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b435c2fa80137a0e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:18:25 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame B153 87 KB
27 KB 27ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12993a139a46e15abb56308ef8656d80812fb748dfa88116ee6e20ad3494ae98

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.guru3d.com
Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27371
x-xss-protection: 0
server: sffe
date: Tue, 08 Jun 2021 06:16:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6687a81702b10306"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:16:34 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame B153 4 KB
2 KB 25ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de4196056e2ffb92e9e6eb78502d3ed77f71a1e8045434a907251ff0b998357

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.guru3d.com
Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 11964
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1521
x-xss-protection: 0
server: sffe
date: Tue, 08 Jun 2021 13:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5a9e085610d63d0a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:18:25 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame B153 41 KB
13 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e53b8865f7f1e34e44d14f6ff8789dd7f421e7d3c69e48dab33188ff4d99f4e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.guru3d.com
Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 381103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13132
x-xss-protection: 0
server: sffe
date: Fri, 04 Jun 2021 06:46:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1bd5431ac5ac76b7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jun 2022 06:46:06 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B153 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 13:34:38 GMT
x-content-type-options: nosniff
server: cafe
age: 10991
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 09 Jun 2021 13:34:38 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B153 295 B
325 B 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 20:37:24 GMT
x-content-type-options: nosniff
server: cafe
age: 72025
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 08 Jun 2021 20:37:24 GMT

GET
DATA 200
OK truncated
/ Frame B153 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48dd8f208fe9822fc2dfca081c1e5a3b6ca803d6eab46ba53aced01111a31bea

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4602793261247227446
tpc.googlesyndication.com/simgad/ Frame B153 13 KB
13 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4602793261247227446?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkJCAIUT4Z1EjRRrgm1mKHClV1HOQ

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18a2c435253e7dec1200bdd06d81f0821aeb69a43bf4feedb446eefbd445015c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 00:03:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 13:33:12 GMT
server: sffe
age: 578042
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13241
x-xss-protection: 0
expires: Thu, 02 Jun 2022 00:03:47 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B153 0
0 14ms
14ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTu55NX4s-2Gm4iBrRHjpLqcFeR8KMhLxLNBS1zHHX8LYwToTJB3omck5vdYxUh4K1_qxV_sPmQBMR_3vPWoZH71VQsWA
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B153 0
0 54ms
54ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl_ml3Zy_YM3iA-Oj7_UP__ywqAm6u9GUY5u7nbbRDZ3M_d8FEAEgndqDAmCV-vCBjAegAZfKjZoCyAECqQLPGqj8bW60PuACAKgDAcgDCKoEiQJP0Cndt0XpNGjc22uLc4M8ejCYfVM-57cuyS_8B0MTe0kAz2Sb7HtszIXj8iOVASygzHe7JHCbqQWDGm2YQdN4C3Lsn2G1MRh3n5LVQn54QyXKsssc0WJTAIUEP_5qjVYpcWDIy8N6d1SUj9N0Hx2BmOZKCnUuTfHqqOj8v-v0SyHURpvafWhCxXOdufZVZB7gWJbeB9Qsj-KgIkb0tlOVcZdbZuNwlIztYGxZI6rIU5IvM3lXg8jUFa3WA3PKS8x3eethTRMWIb10zuJyAL0pTiDOwVcQfdQNVBICftpdmpcAS-qKxcl1cDFKSBGfRQW73dq28lV8igXuTRP70LAari0glTrtXU36wASTorbapgPgBAGSBQQIBBgBkgUECAUYBKAGAoAH0bXy5QGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwUQtqeFAdIICQiI4YAQEAEYHYAKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi02MjI5ODI2NTUwNzYzNDkx&sigh=KXE6iOoWJNc
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 78C7
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBT7sJVvWI8Hf6Kwxdgp0uM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBT7sJVvWI8Hf6Kwxdgp0uM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z01EN3JNOHoxTFFFSkU1&google_gid=CAESEBT7sJVvWI8Hf6Kwxdgp0uM&google_cver=1&google_push=AYg5qPILkZGzw9ihrQTqjyvWoeWSIolivxkTyMwz5_jHn6n...

170 B
188 B

78ms
78ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z01EN3JNOHoxTFFFSkU1&google_gid=CAESEBT7sJVvWI8Hf6Kwxdgp0uM&google_cver=1&google_push=AYg5qPILkZGzw9ihrQTqjyvWoeWSIolivxkTyMwz5_jHn6n-qT9T-tlOVRtfgcHLW3DVcEZdhpuxd9dY1TY3h-IX4aTcqBt4Kq3N

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:49 GMT
Server: PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-0b104204c7a5d73bd@eu-west-1a@dxedge-app-eu-west-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z01EN3JNOHoxTFFFSkU1&google_gid=CAESEBT7sJVvWI8Hf6Kwxdgp0uM&google_cver=1&google_push=AYg5qPILkZGzw9ihrQTqjyvWoeWSIolivxkTyMwz5_jHn6n-qT9T-tlOVRtfgcHLW3DVcEZdhpuxd9dY1TY3h-IX4aTcqBt4Kq3N
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 78C7
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDaLqpARuwvmo99GNIdyjhM&google_cver=1&google_push=AYg5qPLIuwriyOUuFaGanvNt-WgmiCraCc0NOpUxYkAFv-mFy-zfbYxHKa_AXsf1v3a5XREpYq3NidA9QC-StnI6s48MTTC6yAvH
https://rtb.openx.net/sync/dds?google_gid=CAESEDaLqpARuwvmo99GNIdyjhM&google_cver=1&google_push=AYg5qPLIuwriyOUuFaGanvNt-WgmiCraCc0NOpUxYkAFv-mFy-zfbYxHKa_AXsf1v3a5XREpYq3NidA9QC-StnI6s48MTTC6yAvH&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLIuwriyOUuFaGanvNt-WgmiCraCc0NOpUxYkAFv-mFy-zfbYxHKa_AXsf1v3a5XREpYq3NidA9QC-StnI6s48MTTC6yAvH&google_hm=00to1j6jwZcXRy21kloVRg==

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLIuwriyOUuFaGanvNt-WgmiCraCc0NOpUxYkAFv-mFy-zfbYxHKa_AXsf1v3a5XREpYq3NidA9QC-StnI6s48MTTC6yAvH&google_hm=00to1j6jwZcXRy21kloVRg==

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:49 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLIuwriyOUuFaGanvNt-WgmiCraCc0NOpUxYkAFv-mFy-zfbYxHKa_AXsf1v3a5XREpYq3NidA9QC-StnI6s48MTTC6yAvH&google_hm=00to1j6jwZcXRy21kloVRg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 1o6ilrjunc1i04cjfmdk91d4tk5duhge

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 78C7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENRtFQ8FUDsMEE7VU5tTmM8&google_cver=1&google_push=AYg5qPIUM9XLUz9YNMTqkHWJfm22POCB3u9jnpKnP5qTfRqGHC2cs20HetzWbXTinNmTY9FLk64...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BPOU80MU8tVC1IRUdU&google_push=AYg5qPIUM9XLUz9YNMTqkHWJfm22POCB3u9jnpKnP5qTfRqGHC2cs20HetzWbXTinNmTY9FLk64YX54OW8nQkJa05XDKa-_lDR8

170 B
188 B

55ms
54ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BPOU80MU8tVC1IRUdU&google_push=AYg5qPIUM9XLUz9YNMTqkHWJfm22POCB3u9jnpKnP5qTfRqGHC2cs20HetzWbXTinNmTY9FLk64YX54OW8nQkJa05XDKa-_lDR8

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BPOU80MU8tVC1IRUdU&google_push=AYg5qPIUM9XLUz9YNMTqkHWJfm22POCB3u9jnpKnP5qTfRqGHC2cs20HetzWbXTinNmTY9FLk64YX54OW8nQkJa05XDKa-_lDR8
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 78C7 42 B
233 B 624ms
401ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEHYqK_pEVjb1KLtxN6sWvEU&google_cver=1&google_push=AYg5qPLN5DbV5PvEqPp-zp3mc4pHM6PG2YNukKpSDVyHp7xd-PLrz45rOgmcEt0EdUGAflOxXLbgmHS5b3Hf8mzRcA-y3gX_P96O
Requested by: Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:50 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 78C7 0
474 B 594ms
248ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPIygR6wmLBSCXn_KalN-ldnMzNw1LsJxxfxu34oGLaGXr2YU_12IiheGykFlvYNFOpEORjz1j8TIWqsSkcPPM3I0LNIFSE%26google_hm%3D%5BUID%5D&google_gid=CAESEDR5KAzZmYHpt94RL7HFO-A&google_cver=1

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:50 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 78C7
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEJKo2ARC5zZ9ljAhSeEcWj8&google_cver=1&google_push=AYg5qPLV0ELV121mP16V8VBMbBvoG-3I3vnadg2ur012cVIXcx2ADzOf018daaOj40VJMc8aChj2ePXvcbOedB5Yz1aDppj76hZ5
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjY2MTcxODcwMTEzNTYzNjAwMFYxMA%3d%3d&mn_hm=MjY2MTcxODcwMTEzNTYzNjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLV0ELV121mP16V8VBMbBvoG-3...

170 B
188 B

29ms
28ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjY2MTcxODcwMTEzNTYzNjAwMFYxMA%3d%3d&mn_hm=MjY2MTcxODcwMTEzNTYzNjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLV0ELV121mP16V8VBMbBvoG-3I3vnadg2ur012cVIXcx2ADzOf018daaOj40VJMc8aChj2ePXvcbOedB5Yz1aDppj76hZ5&gdpr=&gdpr_consent=

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:50 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjY2MTcxODcwMTEzNTYzNjAwMFYxMA%3d%3d&mn_hm=MjY2MTcxODcwMTEzNTYzNjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLV0ELV121mP16V8VBMbBvoG-3I3vnadg2ur012cVIXcx2ADzOf018daaOj40VJMc8aChj2ePXvcbOedB5Yz1aDppj76hZ5&gdpr=&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html
Content-Length: 154
X-MNET-HL2: E
Expires: Tue, 08 Jun 2021 16:37:50 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 78C7
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKLcQeg1TFV5NjL1U2K4-II&google_cver=1&google_push=AYg5qPI9fZ1MfPPWrXK3rtVeUwbVOTzYGSVhsc5ie9R3v359NIp1XABNxBDtOk13wCYbC8y1mT0cHb...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPI9fZ1MfPPWrXK3rtVeUwbVOTzYGSVhsc5ie9R3v359NIp1XABNxBDtOk13wCYbC8y1mT0cHbZ5ShUBPLfGNDoMmLThNZ4&google_hm=NTAzMTE0ODI...

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPI9fZ1MfPPWrXK3rtVeUwbVOTzYGSVhsc5ie9R3v359NIp1XABNxBDtOk13wCYbC8y1mT0cHbZ5ShUBPLfGNDoMmLThNZ4&google_hm=NTAzMTE0ODI3NDM5MzI0NTA4OQ%3D%3D

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPI9fZ1MfPPWrXK3rtVeUwbVOTzYGSVhsc5ie9R3v359NIp1XABNxBDtOk13wCYbC8y1mT0cHbZ5ShUBPLfGNDoMmLThNZ4&google_hm=NTAzMTE0ODI3NDM5MzI0NTA4OQ%3D%3D
date: Tue, 08 Jun 2021 16:37:49 GMT
content-length: 0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 78C7 0
12 B 76ms
72ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KSKJmYCeUF-4NzAcjYdtEPBfRsGDb7lHEkfHCKY02IGY3QJjtff-9GyW1VuxYpkfvmNyCO

Requested by

Host: 695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
URL: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:50 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 8ms
7ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/xNQQ4Ja1ehbNf/www.guru3d.com/choice.js?timestamp=1623170269867
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:50 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 15 Jun 2021 16:37:50 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 234 KB
64 KB 29ms
29ms Script
text/javascript 2600:9000:218c:4800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.guru3d.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/xNQQ4Ja1ehbNf/www.guru3d.com/choice.js?timestamp=1623170269867
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:4800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ddef05ee7b0caa6fd9be281a5b4e53ada42bff7814578d748144f2f9181e476

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:50 GMT
content-encoding: gzip
x-amz-cf-pop: CDG50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 19:03:54 GMT
server: AmazonS3
etag: W/"2848b39634e3b71d7b4f01531f83807a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 f71686f416809921055425c79026dd71.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-id: uhGT2eZXciCKMnZyqAPOgUSbqUAlgfMeohOnvhn_rNA8rcuKIgFm3A==

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 29D9 113 B
163 B 51ms
51ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00fe505f/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1946a162c88d3def4a1a30d5b808ce014d7349ed6d7f0c68c1018c1e87a90dc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 29D9 29 B
407 B 28ms
7ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00fe505f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:31:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 392
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:46:18 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame E9EE 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 11:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jun 2022 11:08:14 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/00fe505f/player_ias.vflset/en_US/ Frame 29D9 98 KB
30 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00fe505f/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00fe505f/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6e0a0fe337d88801541d8a75a75c0b7a43485445feba33975c6f02f55b8f960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/oqiHTjyKmt0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 00:19:22 GMT
server: sffe
age: 3969
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30987
x-xss-protection: 0
expires: Wed, 08 Jun 2022 15:31:41 GMT

GET
H3-29 200 JkOGFtd2O7OJOaiBCy8UQlxZxJ8i7JdKsJxLZ7OZ_h8.js Show response
www.google.com/js/th/ Frame 29D9 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/JkOGFtd2O7OJOaiBCy8UQlxZxJ8i7JdKsJxLZ7OZ_h8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00fe505f/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26438616d7763bb38939a8810b2f14425c59c49f22ec974ab09c4b67b399fe1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 12:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13387
x-xss-protection: 0
last-modified: Mon, 31 May 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 12:29:28 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/00fe505f/player_ias.vflset/en_US/ Frame 29D9 25 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00fe505f/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00fe505f/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94fb21a4c660caa6b870eb1b203570f64148eed235be4f41be7fa177a7851578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/oqiHTjyKmt0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 15:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 00:19:22 GMT
server: sffe
age: 92214
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7459
x-xss-protection: 0
expires: Tue, 07 Jun 2022 15:00:56 GMT

GET
DATA 200
OK truncated
/ Frame 29D9 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwngaf8_q3-wj6SoUZXxx0cLzE_a0sC6Vm2aB8Q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 29D9 1 KB
1 KB 27ms
6ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwngaf8_q3-wj6SoUZXxx0cLzE_a0sC6Vm2aB8Q=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oqiHTjyKmt0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

868e8d3b8499ae3d1f5f79c41939f1b823adfda97c29ac9e41bc061751225a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:02:41 GMT
x-content-type-options: nosniff
server: fife
age: 5709
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1137
x-xss-protection: 0
expires: Wed, 09 Jun 2021 15:02:41 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/oqiHTjyKmt0/ Frame 29D9 56 KB
57 KB 28ms
7ms Image
image/webp 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/oqiHTjyKmt0/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oqiHTjyKmt0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea520e1a8543d8b285dc5032e9c7fabc62e4920c90e871dccb2ad4f74354cd5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:19:29 GMT
x-content-type-options: nosniff
server: sffe
age: 1101
etag: "1590449304"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57828
x-xss-protection: 0
expires: Tue, 08 Jun 2021 18:19:29 GMT

GET
H2

200

passback_300x250.js Show response
static.adsafeprotected.com/ Frame 5037
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/719405/54836762/skeleton.js?adsafe_url=https%3A%2F%2Fwww.guru3d.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb0cc70a407a42b5c604a26bf011a9e76.safeframe.google...
https://static.adsafeprotected.com/passback_300x250.js

3 KB
1 KB

45ms
44ms

Script
application/javascript

52.209.147.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_300x250.js
Requested by: Host: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:50 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 17:25:08 GMT
server: nginx/1.16.1
age: 113595
etag: W/"44f0ac540dc9c11f94344414c879b658"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:50 GMT
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_300x250.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame C9AF 82 KB
21 KB 67ms
66ms Script
application/javascript 52.209.147.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:50 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 1033698
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H/1.1 200
OK bsevent.gif
tps20513.doubleverify.com/ Frame 36B4 807 B
1 KB 20ms
19ms Image
image/gif 213.254.244.23
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20513.doubleverify.com/bsevent.gif?impid=0be9c26fcfae469a9e4c72cafd95dabe&pltfrm=Linux%20x86_64&cbust=1623170270288510
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:49 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 6/7/2021 4:37:50 PM

GET
H2 200 rules-p-xNQQ4Ja1ehbNf.js Show response
rules.quantcount.com/ 2 B
344 B 21ms
21ms Script
application/javascript 2600:9000:218d:800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-xNQQ4Ja1ehbNf.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:51:25 GMT
via: 1.1 bb94c626686a13857c0144152dfd53b9.cloudfront.net (CloudFront)
server: AmazonS3
age: 2784
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: CDG50-P2
content-length: 2
x-amz-cf-id: ta6tLPhZdZCynikVGu03_ApfbGsyWq1-XmLgo0FvngclQ7PDwtP4Lg==

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame B153
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

51ms
51ms

Image
text/html

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 08 Jun 2021 16:37:50 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 4602793261247227446
tpc.googlesyndication.com/simgad/ Frame B153 13 KB
13 KB 6ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4602793261247227446?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkJCAIUT4Z1EjRRrgm1mKHClV1HOQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18a2c435253e7dec1200bdd06d81f0821aeb69a43bf4feedb446eefbd445015c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 00:03:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 13:33:12 GMT
server: sffe
age: 578043
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13241
x-xss-protection: 0
expires: Thu, 02 Jun 2022 00:03:47 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B153 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 13:34:38 GMT
x-content-type-options: nosniff
server: cafe
age: 10992
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 09 Jun 2021 13:34:38 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B153 295 B
326 B 6ms
5ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 20:37:24 GMT
x-content-type-options: nosniff
server: cafe
age: 72026
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 08 Jun 2021 20:37:24 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5037 43 B
216 B 596ms
116ms Image
image/gif 52.45.234.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=719405&asId=2c63dc40-3239-003f-b231-be7585b5be34&tv=%7Bc:eY9mhp,pingTime:-2,time:605,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:146,bdZ:560,beA:691,beZ:693,mfA:1139,cmA:1141,inA:1141,inZ:1146,prA:1146,prZ:1158,si:1164,poA:1165,poZ:1177,cmZ:1177,mfZ:1177,loA:1243,loZ:1246,ltA:1296,ltZ:1296%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:-1,vs:n,r:r,w:300,h:250,t:471%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:605,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:471,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B153~1%5D,as:%5B153~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:szLj29Y+11%7C1211%7C1212%7C1213%7C1214%7C1215%7C1216%7C1217%7C1218%7C122%7C123%7C13%7C14%7C1511%7C152%7C153%7C154%7C16*.719405-54836762%7C161%7C162%7C163%7C17%7C18%7C19,idMap:16*,rmeas:1,rend:0,renddet:na,sinceFw:131,readyFired:true%7D&br=u
Requested by: Host: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.234.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-234-7.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:50 GMT
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 29D9 4 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00fe505f/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:50 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 29D9 0
9 B 6ms
5ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?o9cDdA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/oqiHTjyKmt0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/oqiHTjyKmt0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:50 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 928A 0
0 54ms
53ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHwCY8GLuxcf2xudYasoj6aJ6-aXLP9od653yPm0TuBzNb2u0kkLCfWGbfHi5K7Uzg9rZKYmQ3WMEPPha34qXvRsOkbHu-IbbJh20kdwWTXREC9TEAcmT01gslw91vIG7nNI24_sskZrmQvWpwbIEHjYddnlyrz4FmshXgStctNX5m9GS9Az0aeV7nT04axGvI3gJbfx4nPJOMF-qCLV1SG5eMZD-vj4InOVjHekU-W4GcqIT3rVilfvSEXXY102B1yGi4C2Y8SMbqX9IwLIUrduucNOGPo-zeK8IG042hmr_BCLvoVZwBUXgDJ08&sig=Cg0ArKJSzCL2cavY3_5QEAE&urlfix=1&adurl=

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 928A 61 KB
21 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05fac9131326c8e60070747ff20c51b861a21da401621453a59080c1db855315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "896 / 186 of 1000 / last-modified: 1623150488"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21288
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 928A 122 KB
37 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066169988846"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:50 GMT

GET
H2 200 IAS_PassbackAds_300x250.png
static.adsafeprotected.com/ Frame 5037 14 KB
14 KB 140ms
140ms Image
image/png 52.209.147.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png
Requested by: Host: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.147.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-172.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:50 GMT
last-modified: Wed, 14 Apr 2021 17:24:38 GMT
server: nginx/1.16.1
age: 64320
etag: "65a8b98b798ce416d94c2847aca40c71"
x-cache-status: HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 14233

GET
H3-29 200 pubads_impl_2021060301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 928A 312 KB
109 KB 27ms
26ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Jun 2021 08:37:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112073
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:50 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91E6 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021060301&jk=282867098596598&bg=!iomlic3NAAY6sG-_OrA7ACkAdvg8WjuJ02k76GFoTYai27kvZcd2aJ_win4pi7Kz6uchAa5Z3zz8MQIAAAFzUgAAAApoAQcKAKSbNhL5TH1j6p5NFlLwxbR4h6fVJyE-Cv4-XmAoE-IHhwHLw7FUutfnapQNdFRUFvYG4gKfPB4Ss3orv3ijw81gcjoktS5LnSOmDxeWlrDF5EzBxA5hlV1f8kY12nrtXGZJw-nFQrRd0Z0lqhGPMUV7cMUaQ6en2eF9xJ5yMPVDIVQ5ffMAk3c2d5l071xUUPOP0g655jtdbZGInKuOTJM7FaQJ4ZkCfAEQ5qQYhNTOBjiWVT_R2cwlJC_p8Z_1pvrpQeDN5zXE-P6CN4pMi_zu9gtoZobYMLpnlyyPLHl8IbSrJB7DcB8X0Hsj3pozB_hiDxpgG9d6Dy6PR4NoBOhOfQ7NC55t3HxuOdxI1VBGCotPRq33JR6BQnsodI9ukZm59pIaQvM8gYVY5drg9u2DGLC_AcvtdNAQis9Tp6Ri73WeUbpe3covmIYk1r6SrGhNFr6nlegOu3mVVnRE5-pZbaWHZ7iBXuzJBQ5GYXAEX_2RcFf4EEn8s2Y5nlA0Y8dxaqA_D4upUzWO-Oob7bxmhz8iTIOHggBlmvx93uALlfkUooY2PtHWZUPwJX_u4VoTKTyql3XGLbAjOFJu1HuwyEVoDz7Zt9HUjeD9rhkuIMEoyvMqcvLeLIF2w27DJn_8sy3vzoXKQsRn-B72HtPcUyMe9lDd71KtjPO60DnbLoPn_4YChE1LNA8ya9MvdSugrMm42G0rndstzS1ohCF9im_bm4rp6hsOUhSrfSEf47otenq1ovIhvC4wIYYS30XxhF0lTDVJdhZd0DgIhXtQh_yWrNW_Z9Zv5GeJD7SNnvBEvD6PyqG5BpYPq6tVvj3ke0XNEL4u6Dkkubeo91oa2Ye48jV_MPQP1cZ50Jan_RoV5pdObnie3abMSLTqVNS2l94hJ9lsLeHnrMZTBuBZSZuB6u_jJT8lp3LIVodz67Dl-1U-3gJyWv7IrCETsTiEBF6IYh9vqINUSwSoguZUke8KH7dzdAELJoqhC0EaNjmbf_LQl8c6MjWJMm3gCeY3QaBZ8PAvJk7IcjLrMFbPLABpVbbf6jrp-sF-dKm9QinBPA

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 928A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5503f2cb2c4faa7315fe6cba042f18b89df0df0123018ad5d56f37044629d073

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 928A 0
0 55ms
54ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubhBMSJMkfSaWceBytYAlaYHu0j89O2jR6I5BSRdpndKaVSiP7EP613wL9iL2rQ40r3DADEs0_RaQPJuhmQkAD13f7Q56ptGEIVTi3ZGESSiWYtNbuIhecGFR8brJi-SYBIRgg4SiE2yaLR5bB0RWrBcAB2GMix5vwpFuUtecBdHMx_F5YfvE1P8bTuIRAzk5jJ4QCfdjKA-d5b2Mj29EDuSbHnjASApiUzLVuSLSGlUl6phW2YuC_BTJ93IhgdyhpSGteHccDpf72A2oWrq8gstX3qkQ033JnJYkppqbF3PWH&sig=Cg0ArKJSzKgX_wj_vyqoEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 08 Jun 2021 16:37:50 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5037 43 B
215 B 116ms
116ms Image
image/gif 52.45.234.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=719405&asId=2c63dc40-3239-003f-b231-be7585b5be34&tv=%7Bc:eY9mpj,pingTime:-10,time:1095,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623170270895%7C%7C7975c1ed32d6f511719bf61956107878%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C936ba40b3716841acf612aaab31ed678%7C%7C30e252ce70a0e243d9680cfd6899ace8%7C%7Ca8bdd67267be7d5858b299efa5fa1a1c%7C%7C260b9cb469adec03a4ad3c456ca1650d%7C%7C2c9116fdbe589c8e50426bc305c53ada%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bimprf:%7Bttecl:1369,ecd:45,tsecr:189%7D%7D%7D
Requested by: Host: b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
URL: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.234.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-234-7.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:50 GMT
x-server-name: dt33.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H/1.1 200
OK event.png
tps20224.doubleverify.com/ Frame CA0B 67 B
491 B 81ms
19ms Ping
image/png 213.254.244.23
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20224.doubleverify.com/event.png?impid=37fea1bed6d4497ca81155a9d52d0b93&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=112&vdur=67&eoid=5&msrjs=1422&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1623170270983733
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1422.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:51 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 6/7/2021 4:37:51 PM

POST
H/1.1 200
OK event.png
tps20245.doubleverify.com/ Frame 904F 67 B
491 B 163ms
66ms Ping
image/png 213.254.244.23
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20245.doubleverify.com/event.png?impid=a232fff9d1aa4ea89c1e5e9c3182e8f0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=25&vdur=41&eoid=5&msrjs=1422&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1623170271001342
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1422.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:50 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 6/7/2021 4:37:51 PM

POST
H3-29 204 csi
csi.gstatic.com/ Frame 5C8E 0
17 B 40ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kpo9o3rl&c=7547412261736&slotId=3773706130868&qqid=CKGmlbq8iPECFYiUdwodruUCcw&met.4=msms_oso.kpo9o3u8~lvlcl.kpo9o4i2&msms_mime0=video%2Fwebm%3B%20codecs%3D%22vp9%22&msms_cs0=150000&msms_ns=1&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/506824e1a269747fdbfa68edf6a1b915.js?tag=video_mra/web_raspberry
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B153 42 B
64 B 16ms
16ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-FS6d_orQ8ajKhd5VsXyMp9k3dZWL-Sbbf6JsW4wl02RejGGmDqFpJTEo-YlS5f6J73BemQGDjedps8ZlqNKSVQ6oMLlQgSDTKfRZj00sU-mPJebdgadmwPXA1g&sai=AMfl-YQVAZmYZDMb0qptcmbmfH8NR-lTOa8FcqtbnstYJ1sTNZluqH3gFd_m_PEb2kGklj_7aZvt3fth4_-dxLMqCHM21FVTVoz2BqvyWcewnxCLlLDvfIqSOdYSHH9QBeE&sig=Cg0ArKJSzJdhEaUwHR_8EAE&id=ampim&o=565,324&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=312&tls=1313&g=100&h=100&tt=1313&r=v&avms=ampa&adk=1686487856

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2eb4f978f464c7cf85f0c9aa750cd4ba20b0ab64e2e5a6a4f755ff8065a78eb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 16:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7984
x-xss-protection: 0

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 0B31 0
0 38ms
37ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ce40a355c14f%26domain%3Dwww.guru3d.com%26origin%3Dhttps%253A%252F%252Fwww.guru3d.com%252Ffb29a69b742%26relation%3Dparent.parent&container_width=0&font=&href=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&locale=en_US&sdk=joey&send=true&show_faces=false&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=413357167695cb276fece66570e0f79d&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ce40a355c14f%26domain%3Dwww.guru3d.com%26origin%3Dhttps%253A%252F%252Fwww.guru3d.com%252Ffb29a69b742%26relation%3Dparent.parent&container_width=0&font=&href=https%3A%2F%2Fwww.guru3d.com%2Ffiles-details%2Frtss-rivatuner-statistics-server-download.html&locale=en_US&sdk=joey&send=true&show_faces=false&width=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
content-type: text/html;charset=utf-8
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug: Tcz71Lp8quSqd0X+rsHarKohRNOxqLDt9MRWO8ytF6+0V3P07HxhBvxX09C29vxL2pK4WtHzLd2QQsx6SXm+tw==
content-length: 0
date: Tue, 08 Jun 2021 16:37:52 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

POST
H/1.1 200
OK event.png
tps20224.doubleverify.com/ Frame CA0B 67 B
491 B 21ms
21ms Ping
image/png 213.254.244.23
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20224.doubleverify.com/event.png?impid=37fea1bed6d4497ca81155a9d52d0b93&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=7&ismms=64&isumms=63&isvelg=1&nvr=6&isgmmims=64&isgmv4mims=64&elmtp=6&isbxdms=2163&b0=100&b11=2246&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2346&sftb=2346&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1105&isuiabvms=1105&isgmpims=175&isgmv4dpims=1105&ispmxpms=1105&engalms=61&dvp_dpr=1&cbust=1623170271982826
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1422.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:51 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 6/7/2021 4:37:51 PM

POST
H/1.1 200
OK event.png
tps20245.doubleverify.com/ Frame 904F 67 B
491 B 23ms
23ms Ping
image/png 213.254.244.23
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20245.doubleverify.com/event.png?impid=a232fff9d1aa4ea89c1e5e9c3182e8f0&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=7&ismms=20&isumms=19&isvelg=1&nvr=6&elmtp=3&isbxdms=2119&b0=100&b11=2246&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2346&sftb=2346&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1010&isuiabvms=1010&ispmxpms=1010&engalms=19&dvp_dpr=1&cbust=1623170272001241
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1422.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:51 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 6/7/2021 4:37:51 PM

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:52 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5916 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 08 Jun 2021 16:28:06 GMT
expires: Wed, 08 Jun 2022 16:28:06 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 586
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DEA7 783 B
777 B 16ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b1871b9a37d458609efcb5194687516ce33132bffcfcd9897a5a5939ec0dfd51

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tdow7olNGqmDUUdYZJSzsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

expires: Tue, 08 Jun 2021 16:37:52 GMT
date: Tue, 08 Jun 2021 16:37:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-tdow7olNGqmDUUdYZJSzsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5916 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 11:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jun 2022 11:08:14 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021060301&jk=4291164364558076&bg=!PzylPHjNAAY6sG-_OrA7ACkAdvg8Wu2sW4l5HL8diHLVTBdmiqspNwbHIIQCEbtTa6TGeMep7IZmnAIAAACBUgAAAAtoAQcKAMlmK3Dfxioorke-BkUCzYrlwY1RT8ak21xVCMw-bLx4QVOyKepJXB9otv7k-FLnrgoE1zwAwjt5PFXjhis3CRHdnxfsyB27IdVQGVp4TMPg0jtcrIms8yuOOtfQMb5XNBGM7j9Y6LvDOXfZb3nvRuf--2WVk2FMXEl0tx-0l5offTNKlqL3uS2PiVbrqQl0penAeFDXI1m_zmVTdJi-xhQ2P0_FGbrxZFu_um2kVx42RwOepmnDhrbxpuZuEMQoONENFk-LaIP8QLuZAnPbZjHRDODEeuh5VCTh5X5pZb8T0s39QzaSU3N5WNz1RCE427ynfzaFLWKh7WAqxmT8b4dbsIXcUpPAcIVzKYlR1x6BF5VIF-mWrPlFHJpN7FjXyO3snZZUSzOJXgpjLRZFVLmcuEZNTMzeQ_7XapXH_60MIVGz4pWm_at843v8Dh_pG3WDUt6J15bRzKsa4GB6yqYRU5f4GKlehgz3IXCa4AUvLbZZl_BEn-fvOQj4uWw6o5sOoKbyG-WghuH6e4CV-ZuG2zIa1w9RGWYZ6oRbn9DVNfZWPVXXS_BNZsrgbo0fWQj-A_uCQVFdMVPqW66S5dvm2uU1hqAHoP5B8v6aDzw29lYJcydCwFGBEwsMR8PJ_iWMrJpkO3RY-8zkaPweR515yPFOhfP_RHlZUBv6zFLhVoYQQSRdxMhmFR3w6SQRUeHww1zxkmgf3p8C1U6G-lMfzpOdg00wB31Hoc8NK-qwQMQOFOMxkKzfL48LFuZ5cy6oBIjTs8kBr9HZxk_nK3WGN62bxkAIHmEyUqTVLJDO_FM1I4yhqptlpikFo3RwbeR24xkGOPzCp01KT8Glw0xVRhAC_Zm932DI-mUrUiIGrMHaGK-K4Fyqp4048V7GfSuEFw5sorJwe0nhXakGv0XtiwKMtGY8tnoVW9huBrvqiMD6rNIIAtxpXrxNSOxkl83dOPCv0i3bX9hwBcueeIQksE1XWubyeK0AG1RhYQPzNxUKKebD1pDbZOt0CBJl46tlkUlVcvQbbwMAnMXuF9r_m7Xmp8R0tX4HcF5Y1ClvJVqfm75cVnZw3iBjdKZdbDmP2SNYRIdwKg-kDg_LxnE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:37:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 29D9 28 B
299 B 21ms
21ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00fe505f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/oqiHTjyKmt0
X-YouTube-Client-Version: 1.20210606.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtQY3UtXy1NTXAxWSjduf6FBg%3D%3D
X-YouTube-Ad-Signals: dt=1623170270044&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C725%2C410&vis=1&wgl=true&ca_type=image&bid=ANyPxKrSPqcqBQU_w0XSYa3gVusiatFEnombXe_4psjIXr_5SqiFlAjFlDhulBB8XmVicHeog4ILyKpj2ft8K5_e1-l8bPpoyw

Response headers

date: Tue, 08 Jun 2021 16:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 08 Jun 2021 16:37:52 GMT

GET
H/1.1 200
OK bsevent.gif
tps20513.doubleverify.com/ Frame 36B4 807 B
1 KB 25ms
25ms Image
image/gif 213.254.244.23
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20513.doubleverify.com/bsevent.gif?impid=0be9c26fcfae469a9e4c72cafd95dabe&mascid=kpo9o2k42uyj67zjs547mk070qu9x1v1&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=774&cbust=1623170273149355
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:52 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 6/7/2021 4:37:53 PM

POST
H/1.1 200
OK event.png
tps20224.doubleverify.com/ Frame CA0B 67 B
491 B 20ms
20ms Ping
image/png 213.254.244.23
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20224.doubleverify.com/event.png?impid=37fea1bed6d4497ca81155a9d52d0b93&gdpr=&gdpr_consent=&mascid=kpo9o2k42uyj67zjs547mk070qu9x1v1&dvp_masver=1422&eoid=8&cbust=1623170274085761
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1422.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:54 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 6/7/2021 4:37:54 PM

POST
H/1.1 200
OK event.png
tps20245.doubleverify.com/ Frame 904F 67 B
491 B 26ms
26ms Ping
image/png 213.254.244.23
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20245.doubleverify.com/event.png?impid=a232fff9d1aa4ea89c1e5e9c3182e8f0&gdpr=&gdpr_consent=&mascid=kpo9o36308wg9wz3g8hmotlj4mgrgd3k&dvp_masver=1422&eoid=8&cbust=1623170274106747
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1422.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 16:37:53 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 6/7/2021 4:37:54 PM

GET
H2 200 dc_oe=ChMI-vm1uryI8QIVEfd3Ch0SLga2EAAYACDq3JRIQhMIgeP9ubyI8QIV_cO7CB0-OQhM;met=1;&timestamp=1623170281135;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5037 42 B
515 B 114ms
70ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-vm1uryI8QIVEfd3Ch0SLga2EAAYACDq3JRIQhMIgeP9ubyI8QIV_cO7CB0-OQhM;met=1;&timestamp=1623170281135;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 16:38:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js(Line 6) Message: GPT synchronous rendering is no longer supported, ads will be requested and rendered asynchronously. See https://support.google.com/admanager/answer/9212594 for more details.
console-api	error	URL: https://www.facebook.com/rsrc.php/v3/y0/r/mN8-gFiYmm3.js?_nc_x=Ij3Wp8lg5Kz(Line 56) Message: ErrorUtils caught an error: Minified invariant #11797; Params: 113 [Caught in: Module "VisibilityListener"] Subsequent non-fatal errors won't be logged; see https://fburl.com/debugjs.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	info	URL: https://cdn.ampproject.org/rtv/032105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	info	URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105242203000 https://www.guru3d.com/files-details/rtss-rivatuner-statistics-server-download.html
console-api	error	URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.guru3d.com(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.000732421875 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

695d4ee9f041ce91a06d8ae39b4adcde.safeframe.googlesyndication.com
7e5551a8055b4c7e947a02b0fa346e7b.safeframe.googlesyndication.com
ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
b0cc70a407a42b5c604a26bf011a9e76.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.doubleverify.com
cdn3.doubleverify.com
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cs.media.net
cse.google.com
csi.gstatic.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
match.adsby.bidtheatre.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
quantcast.mgr.consensu.org
r2---sn-4g5e6nld.googlevideo.com
r2---sn-4g5ednse.googlevideo.com
rtb.openx.net
rtb0.doubleverify.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s0.2mdn.net
scontent-frt3-1.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.adsafeprotected.com
static.doubleclick.net
stats.g.doubleclick.net
sync.go.sonobi.com
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
tps20224.doubleverify.com
tps20245.doubleverify.com
tps20513.doubleverify.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagservices.com
www.gstatic.com
www.guru3d.com
www.youtube.com
yt3.ggpht.com
104.111.242.245
142.250.181.226
142.250.185.98
142.250.186.38
142.250.186.66
144.91.87.188
159.65.197.210
174.137.133.49
178.162.133.149
185.29.135.226
185.86.138.119
2.18.234.21
2.18.235.93
2001:4860:4802:32::3
213.254.244.23
216.58.212.130
2600:9000:218c:4800:9:46dc:4700:93a1
2600:9000:218d:800:6:44e3:f8c0:93a1
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:58::8
2a00:1450:4001:69::7
2a00:1450:4001:803::2001
2a00:1450:4001:803::2006
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:827::2016
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9c
2a02:26f0:6c00:2b2::4469
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.186.193.173
35.227.252.103
35.244.159.8
37.252.172.36
52.209.147.172
52.212.242.37
52.45.234.7
63.32.41.216
69.173.144.165
029690738ef7814c31fc8fb8d9e79d2a17d6cc5f95c76ce4114ea3639c8ce28c
040cca331d65b92bd45651da329569579ad081ec68afdc8d0180c05aad170324
046785a45c5994739ced58cdaaa3707c14bdf26ea04646787119f9660fe01b48
05fac9131326c8e60070747ff20c51b861a21da401621453a59080c1db855315
07349335235be0e3140ba1ab55b0a1997eb0b217338b4c87459ba566a88b471c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12993a139a46e15abb56308ef8656d80812fb748dfa88116ee6e20ad3494ae98
161d6a8c4bd0ecd29d2265fcc4c94184a0c0429630b1f086c00fdb1902a9c380
18a2c435253e7dec1200bdd06d81f0821aeb69a43bf4feedb446eefbd445015c
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1946a162c88d3def4a1a30d5b808ce014d7349ed6d7f0c68c1018c1e87a90dc3
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d
1e53b8865f7f1e34e44d14f6ff8789dd7f421e7d3c69e48dab33188ff4d99f4e
1f1ca8a1b3681d03a2f919d1175e672f1fa42514afcb35318fe565a2ea602c50
21dbf97ef31fc487b4c5c6089656beb9bf43c1215794a87744d83d9047890c8c
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
24529743c119d238d0f6d9fa9ab0f6a0acff5d9830eca12a38e467d6ce885bbf
247245d0cb1ac7dba1fa1f9007fb66629abd05d52cbbd9b9d7a98c6d934fa9e6
26438616d7763bb38939a8810b2f14425c59c49f22ec974ab09c4b67b399fe1f
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
2a279353428bcdaa74885c504a392a01569627f0deb37cb434762f113770c3d2
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ccb0e5d42e6167ccc065c9ab67c61e72a34bba3df465c678ec8dbc5b957f241
2d7e655a7ee575f4fe97a43647169b6a1803b9e411b90ff86673e935bb4aa5d4
2ddef05ee7b0caa6fd9be281a5b4e53ada42bff7814578d748144f2f9181e476
2e33ff1358fa9a5f10a0eb4fe24b789243e6e10383dd484e042e67aa733caa00
2e387ea940da1b59933421290c1112a89a40b7c0da2342ac4c46e4c5eef7f3f2
2eb4f978f464c7cf85f0c9aa750cd4ba20b0ab64e2e5a6a4f755ff8065a78eb8
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37b37d85601b9b3425796ed00a4deddcdb7da1ceef41587d47dd6b0844292230
385fa695850ccaf7910690c9170f01b3b57a9ec2f401592f49b63d480b1d84c2
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3aa2a69b81ab3001c877fc18bdf4c806760b01034cdab6e58e6301b7f2b1a876
3b90f60459b17f2ddf447768e249c21c662e70bde6148deff13643982f93f9a6
3d37c3402aaf031d8c322c2ba3539f4c97a95fac633fc70cb0fc226d39dc5a0b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e9fb74061133f9dc6c809fb777bdcdc8e02b6812ad5bf39aad5f6c69f1b96dd
3f5fef98536ca998c6c96da019f7c4db5bb28cd498b885375eadef7bf691bdbd
43cca61ef3583b0cc352dd8b3b76fc670bbb528bf2a2d269d1c91313fb53e9a9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46300811671c9af393b9a2f05b6eb84e33cdac8a0be15efeb70ef4bb1e242a13
48dd8f208fe9822fc2dfca081c1e5a3b6ca803d6eab46ba53aced01111a31bea
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b5a14b59db762f743111ee9a702d24204f7365225ab93f0ca098ad48e7380c2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5071940399f87d2787ede741e2ede430ad9c2fcb004e5b6ad2b5787060841e5d
50aac955370f293dcf253cdcbd5bbdf17bbab0f59434e9b808c3b2000298487e
51c8aa57f5dc14ad8e5097203c48965abfb6128359463beaeb4f7c05078ac1a7
529518246724f27b1cead326518d616dd59df475fafa0537d9a592773af64c81
5503f2cb2c4faa7315fe6cba042f18b89df0df0123018ad5d56f37044629d073
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5aa8080dc880f38cbe29b77af2dd60c25bee0cc9377ce432afd356286b270ed7
5e3ee33c0d0ef6dea0f041d694d5e4cebe93ed83b6ef2a6743b72fef3fd5a725
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0
60abaf88d6790a81e6f4edd4a174032609f24f6ffd767a837c96e1c956175e6b
61c0848f7415eaba2723d26af043b77f67109da6dcadd93e812b5f8ae8f926c6
627d1b49321d7a8a4a4073f34b3ba1c96738f3f0d1f9c54f3b251bb819975a8e
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69439656dea473a2b061c934e843071a2d10a889fc74484b0cc5521767d2b1de
6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1
6b26263e492d4334076354b0db27917b73fdf99ca6f24ecb267ddca57a40138b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
719875309a034313c742edfa43b78177ba49971a941b961ca9dd360eab569c8e
7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41
780849559953abc98981f7964d063930d1b9cdf5f9aff09e60bd64cc2d9de59a
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7a84683ee8a423fa78ecf2b2c4c4fcf0c93bde3586c7b687c801991a41effab4
7c6e15ec681a50120c26ab34c0b2e49a4feca0f95c75aeb24be2b25670a0b847
7d42ae3af66e330ebe3bf6b9f6ddf1e020f0839cbba5ba9d4180aaae5db00608
7d9d6dab37c3b51b6d03fd032ce37c4760f3d159cc00ccddf690d9098e7d4de3
7dc669f5973433db3c76865836e6ec704de07d1e4b8b43c912c454e5d205a4d0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
828d20c8ec459667b12c0d698b9450f2a2d6127394d1dc8ada898362412d21d5
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
868e8d3b8499ae3d1f5f79c41939f1b823adfda97c29ac9e41bc061751225a50
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
87f66cff2f82d70fa92d4cf3a1c94700e06ecd7a5f0fa9ce872d4c12e3e15aa6
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
89fbd67df52c8a24c5e78a8792e6d153925e158c915369c8f79d254ede177e8d
8be66a7482b742f3c31ba67cc325f1fd8e8b4218ae1e6525d08d3635316b1f69
8d061cf248e6817cc9497fdf606aefb9ca23ebb78d4f19d2a4d9651090c78a95
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
93221b2540f4908bb46bb234138e38a3c0905b920ee6753b726518aa859a21b7
94fb21a4c660caa6b870eb1b203570f64148eed235be4f41be7fa177a7851578
95f435fd687ecc701151cf3438556717e8c0e48be2ac52d77447146beafeaa1b
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97bd8342439af3d67fd67c50ae141bd62f62d621104f58e75f61f054d5c06983
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c07060cb190b578e5008ec0562684419e1a72d39b0e6b7e2c0b8d3f02c6469f
9de4196056e2ffb92e9e6eb78502d3ed77f71a1e8045434a907251ff0b998357
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a515b24a0ddb5985de71e218ff259ce1f92256cea1a61954ccf157649c3fdbeb
a6098464fc2e79a514e9fe383932f4eed6a1c99ff10b7c68e4985161728ef8d3
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79776790aa633b51813cac6aec4f0c606472fc4f59df5d751dacb122f920dcf
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ac229a2835688860241f4bb9bd9afe3a792e7fe89f3cdcbbd0fb81b69c37104b
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
aec59120b01090222233f0684439a1ee463a31cafd62309af54ed5f8902b0da5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152
b1871b9a37d458609efcb5194687516ce33132bffcfcd9897a5a5939ec0dfd51
b4183ab72e57c4f50fc26c2ecfabe411a81c6dcaff17f9b462362ed1d4214e59
b5975f21c81bda9dfd465bc96ee93a336e22d160bed0054ef916a8392d5aa406
b5d9e4e9dbd57f24851995a5a63abab40d3e575c700256b59eb8c40147105216
b6b0cae917b7cab30c559158025a1bbd5d2a026aa792934722b30e075abdf65f
b8de063d7075aa9a9a68120f3eb37178e85777138d4154903a2d4b187b4a893d
b8dfcaa28c54fa0398fa53a50f078313a1f33345eee98cd6dd4a08b547a915e2
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bdf8bb72e7cd524f1439d64b7fedb01ede8cf9af6b87a4eb6c2afb7ac00585ef
bec5f2d4c04b745da44edaf721e56b231f9d08914a11b397d848c40f69d0c48f
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c3ddb2e59244755003ec0332a93cd2853e32265b4c68a74591f0dc08b40cb0f6
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c92a10fe1436e3cb16e8433eba72384ac1e90922cdb10efdb1adae0cca230e90
ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cca7714e93c2f1aa279408d29134d3cd8d0e350db1517fb8d7a654941f30ef12
cd461a3a10ed00d5e8a2ee0642a79cb2f0cd664a3bc88abf26e74befce054e83
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8014b54a505e4cb24907b253d9a89888ddc5c1e57fb7b973a87f2b2fd50e37
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d08d4cd6485a4083d52e4f2d59bb02c941321e235fb50177daf4ade5f8c1e3f7
d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d6e0a0fe337d88801541d8a75a75c0b7a43485445feba33975c6f02f55b8f960
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
ded76441d40cbfc6d43dda7a994820cf0a64ad3d0dee4e4635951203945143a0
e290fdf966bc9a883f871229cdbb2113d0802030addda032cc0122947b7b0181
e389b9bedde44beef343381b48538fbb8cb703990174e40dead094a6eceda804
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41ab622fa2661e8fa1d783224551a77a540dfcd2aa70e30eb9e6472f2e771e8
e56ab4ca999129375bcd8cd028d89166da20e24162d394c3787e0d5929593dcd
e5867ad740bc719bf1309b5f65537b7ba69f2cba5e9a193679859542d1bc7f95
e58c7574cfd80a0be2e2368f3313ab30ac688f14d078a367ed45ffc03b51bf71
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
e8b6a54c2214da2d664320526171117aa5c1a932657825851111d74c375af6f2
ea520e1a8543d8b285dc5032e9c7fabc62e4920c90e871dccb2ad4f74354cd5e
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec05ca405d0d682ad632a5e8fb5a05f817734fa108f07bdbff4afaaf6c8f11b3
ec98f88129d5c3180c878d70ae27ffcdf7907737e4d2e82ec41b6f81fe1cd8ea
ed23ef0570ddb874088d689cf1e698b14d381adf4890b1c07e0a38b388aa91b7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2696ba428936d516c3dd50c2e9726d8c82cbd48e4938a6f04e965185e1ee562
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370
f9847c6653dd00281fa303059abe54d82dc897b66345590ba18f925bb49382b9
ffe054b4a5f85d82004b77845f54207eade2ce2b2b6f3c8d24b70675f9410511

www.guru3d.com Open in urlscan Pro 144.91.87.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

278 Requests

100 %HTTPS

57 %IPv6

37 Domains

66 Subdomains

48 IPs

7 Countries

4622 kBTransfer

11683 kBSize

0 Cookies

16 Outgoing links

Redirected requests

278 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.guru3d.com Open in urlscan Pro
144.91.87.188 Public Scan

Screenshot
Live screenshot

Full Image

278
Requests

100 %
HTTPS

57 %
IPv6

37
Domains

66
Subdomains

48
IPs

7
Countries

4622 kB
Transfer

11683 kB
Size

0
Cookies

278 HTTP transactions
10 data transactions