www.guru3d.com Open in urlscan Pro
144.91.87.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.guru3d.com/index.php?ct=files&action=download
Effective URL:
https://www.guru3d.com/index.php?ct=files
Submission Tags: falconsandbox
Submission: On April 01 via api (April 1st 2021, 6:12:21 am UTC) from US

Summary HTTP 303 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 31 IPs in 7 countries across 27 domains to perform 303 HTTP transactions. The main IP is 144.91.87.188, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is www.guru3d.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 1st 2020. Valid for: 2 years.

This is the only time www.guru3d.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
55	144.91.87.188 144.91.87.188	51167 (CONTABO) (CONTABO)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
91	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
14	2a03:2880:f10... 2a03:2880:f106:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
9	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
14	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 3	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	18.157.239.120 18.157.239.120	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	185.86.137.107 185.86.137.107	201081 (SMARTADSE...) (SMARTADSERVER)
4	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:1000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:9600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	78.159.97.6 78.159.97.6	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
303	31

55 144.91.87.188 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)

www.guru3d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

91 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
183c782a58b51559379973a02194e17e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:2880:f106:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f045:10:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-ams4-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.239.120 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-239-120.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.107 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:1000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:9600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 78.159.97.6 (Paderborn, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)

servedbyadbutler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	874 KB
56	googlesyndication.com f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com 183c782a58b51559379973a02194e17e.safeframe.googlesyndication.com 5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com	217 KB
55	guru3d.com www.guru3d.com	550 KB
31	googletagservices.com www.googletagservices.com	830 KB
24	google.com adservice.google.com cse.google.com www.google.com clients1.google.com	342 KB
14	adform.net track.adform.net s1.adform.net	169 KB
14	facebook.com www.facebook.com	297 KB
6	google.ch adservice.google.ch	2 KB
5	servedbyadbutler.com servedbyadbutler.com	52 KB
4	fbcdn.net scontent-ams4-1.xx.fbcdn.net	83 KB
4	google-analytics.com www.google-analytics.com	38 KB
3	pubmatic.com 3 redirects image6.pubmatic.com	2 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	3 KB
2	consensu.org quantcast.mgr.consensu.org	73 KB
2	2mdn.net s0.2mdn.net	107 KB
2	openx.net 2 redirects rtb.openx.net	764 B
2	rfihub.com 2 redirects a.rfihub.com	2 KB
2	3lift.com 2 redirects eb2.3lift.com	945 B
2	quantserve.com cms.quantserve.com secure.quantserve.com	9 KB
2	googleapis.com www.googleapis.com	360 B
1	quantcount.com rules.quantcount.com	356 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	459 B
1	sonobi.com 1 redirects sync.go.sonobi.com	856 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	586 B
1	adkernel.com dsp.adkernel.com	233 B
1	google.de adservice.google.de	799 B
303	27

	Domain	Requested by
55	www.guru3d.com	www.guru3d.com
42	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.guru3d.com f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com 5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com
31	www.googletagservices.com	www.guru3d.com securepubads.g.doubleclick.net 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com www.googletagservices.com 5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com ad.doubleclick.net
25	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com ad.doubleclick.net 5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com
22	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com www.googletagservices.com 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com ad.doubleclick.net
14	cm.g.doubleclick.net	603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
14	www.facebook.com	www.guru3d.com www.facebook.com
11	www.google.com	cse.google.com www.google.com www.guru3d.com 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
9	s1.adform.net	track.adform.net s1.adform.net 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
7	adservice.google.com	securepubads.g.doubleclick.net
6	adservice.google.ch	securepubads.g.doubleclick.net
5	servedbyadbutler.com	www.guru3d.com servedbyadbutler.com
5	track.adform.net	603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com s1.adform.net 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
4	googleads4.g.doubleclick.net	ad.doubleclick.net
4	scontent-ams4-1.xx.fbcdn.net	www.facebook.com
4	cse.google.com	www.guru3d.com www.google.com
4	www.google-analytics.com	www.guru3d.com www.google-analytics.com
3	image6.pubmatic.com	3 redirects
2	quantcast.mgr.consensu.org	www.guru3d.com quantcast.mgr.consensu.org
2	5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	s0.2mdn.net	f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com srcdoc
2	rtb.openx.net	2 redirects
2	ad.doubleclick.net	www.googletagservices.com srcdoc
2	a.rfihub.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	eb2.3lift.com	2 redirects
2	6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	clients1.google.com	www.guru3d.com
2	www.googleapis.com	www.guru3d.com
2	f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	ssbsync.smartadserver.com	1 redirects
1	sync.go.sonobi.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	183c782a58b51559379973a02194e17e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	dsp.adkernel.com	603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	cms.quantserve.com	603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.de	securepubads.g.doubleclick.net
303	43

This site contains links to these domains. Also see Links.

Domain
forums.guru3d.com
newsletter.guru3d.com

Subject Issuer	Validity	Valid
*.guru3d.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2022-09-03`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
adbutler.io Sectigo RSA Domain Validation Secure Server CA	`2021-03-25` - `2021-08-01`	4 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.guru3d.com/index.php?ct=files
Frame ID: 97F1652FB8B0A701667601FBE0C5E83B
Requests: 117 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
Frame ID: 710C9398C5BA094F1F05B49BF19161A4
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0bZLg3m-gXVGrNT_27-Z5Snbx_xeUvTkqlwfl286CuLioZJAamL1oD2YLgPFwJ46uPtfW2yfCcB04EmgOV98KiDaVLPlA9BKpfVGuHxLiu6TwsQxAMuTBmADQ-dXuKqOTEF6gpg0vjkY61dcL9-5ynGOG4pzB3pvP0XMZR0TmR_eivNNfIkSsn5xkCgpbaAL9kNLUNLjzbiJiLGDrzlpiKCshO0L51h7EqWNKSXLRaAZ5IzfBrzpVdYzVTMVCDL7BDqHUVvLserbkDmJCt3KVoQwgIyqpUrjQPf4dUk7YAFNHT2lcdPlyJHdsWw&sai=AMfl-YTSyuPq5a5HNfYx29y3nb84fcWw_56b0zZigxenFCTlgVr9IHavNOMfaQSR-xNcmHYdlLLQERAbxzcx_Q5Ihn_r90suWJj0VazZDOBPFK7FZ4qNVe6KBuIP078gCSsA&sig=Cg0ArKJSzJMzr8jZKJa4EAE&urlfix=1&adurl=
Frame ID: 9593C6AE97F83499299A348792117D65
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 4AA9093CD204968B88C4B8729CD81D73
Requests: 2 HTTP requests in this frame

Frame: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 00C19461BA42B3A584C6D18BF95A70D9
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: E6FA2A76083E60D3BB965AF3FCC1C289
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9qMcVRXxVPWnErWVjAdU1Y1cUg3-Vv1Mw-drNKMfV2J93Bjf9hnWNJjL0AEHDVQkNWzbuRXGC3UbiLGUMosKrQLQXdTUzAg1X2Q8XXQmd1jcEbH8EdMDF265EJeuOP_MHQjjJiorfAwBzCHSYfwm0TVFI1YFO2IwOyn0CnVCAmeBWsQMlT2XrKzKvTOeQTFYUvw94MwZx89iggudOjdJoe_zoADCrLUru6u7dqp1Fzeo0F3CeO974u50rgNVkOrmusx-bwMTe8Pa4lXZukGWB74LGrOfutRVMDMdPZUkNJEheOGavGa2GXow&sai=AMfl-YSdl3kfa5HCsoLR_Kyyj2nA_d4nPgJnh3gfhVUwL1bOtBY-yf9XZJiy3bVcZEQmBzlhxe4vs6yjkMnQX9Py-2Ruw0O9P4IWrfrxP_ugTKZB6LDQhqBYnN6ZOQB7KTA&sig=Cg0ArKJSzLivifmYuk9XEAE&urlfix=1&adurl=
Frame ID: EA9524030F6BC1619D5428C1DFAF05C5
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 634748D6832163C3E2D63DC764F7576B
Requests: 9 HTTP requests in this frame

Frame: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 02368D69C58C7626F238CBBEE8581DB0
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEC8xQXAfJWbwUlfi4qwrI_NI0oxjK8mhNV6Kq3eK42aQf0DLGbK_Lfz1oX6V37VXaLiYyb3aKZ1jCIT97fwB2SKM635Z8N3qf5qkswxfcc5Ahnphxa57WSk-SEj7q-7jF1z39F49Pypvhu_GBCUZ90mFy480fYERgjkrA0OtoTqHhqtjTr9PdDsB9IB8gLCoOe-18mWva-7sl1jL5xHS1WU-Qad9uyhIxA5DxmmakXrHhnH9QIjWacX1-gmwGA2aYXBJMjvV_Fzh35VDbWS7Zc5V2MQiRiV7fJdoq3LFFa1SkoI6AvjKFEpr8zMQ0h0k&sai=AMfl-YSqJQD9JO1xwtQblEqqdfOK3arNRpV-yzb64BsrkQVVBdHJjWVq_aJ-qQ3GAr4lQPkZWIvC28pNvUpUVWRGYzrx7Wklo-j-tzBz0VU1BIQjPeiHYm6baCyL8FL6qmx_&sig=Cg0ArKJSzCsVfvRQE_xqEAE&urlfix=1&adurl=
Frame ID: 9A85017FCE7EE3AF8A6D9A6EBCD19E01
Requests: 15 HTTP requests in this frame

Frame: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 840A250A75C8F75092E6901C4590A343
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 57DD7B1ED86579C8D3568B852846F496
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 22F126603076C864EC0453DB1777F832
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 86FC6C664509EA6AA5ED0351D15800D5
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg8cjviskpCH4c1RPnxSYmD80RHld4793GhXMFbt5Aume0QrRVwqN_kEN1MQv8lMrSXs1AXflo5A8VERvAQfHZwOsskY0FZqsRzq7l60SL8xDUiEUnc7-PG9Ua1Ar6SqJdj4BA61xHxAoFhW8TKlYLYtZEGJ8c4u19MTw9kXTSAHsDSDfb2aHk3nEqyz9POPc7ghtv7usWFDDU1QWkTs8pKNwZ6HvN5jVv_NazmfW756bwSI5dwFBdNq4SR3jn43wo__wbNscQT4Oj1a6S0kDSR5ijIK4br7RdAjpIB62M9fygQ6U&sig=Cg0ArKJSzCs_ZClCAkqREAE&urlfix=1&adurl=
Frame ID: CD311E0BB6FEBEDEA365E5424EBF2364
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
Frame ID: E95C60DB56C2789AB260BE0219DED2EF
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbfe4Bg3Vbg3AGjfP2tA4KD4L35OmAaNZdawBKg2WB048d23ovYq_EoM8vEiYGVw-cBO3xzAH1gzO6KmyfJIw6Mh6znOntiotwJaDXew50U5gyV9J_7kVJx_QEvjjoGNhE93Q3CjA-gEq7HI5RAheXhPenkliKCIh2XlBeNtHMqoCQfY603-QK7hBXypEpiGvy8Y3rN8zihbX7ZpSqfA-5yHM-V13148vFgxNrAd3feFs0nQ_NZ7hSwAv87CCjbuUrKqqR9FoZ-LB1kegLMKd6PRaCkmbjO99ryHUTiWqRuoRVacAZezEIwLI&sig=Cg0ArKJSzAkAh3nOLgMeEAE&urlfix=1&adurl=
Frame ID: 43BF6D0DF0EEB1C054E8C221CB77B1DC
Requests: 7 HTTP requests in this frame

Frame: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5E3814677031D9678CCD17BD7160CC73
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdCWMYAkk87VuSqfonIm5n0Y7KLC5KUxNTLVn1Cfel2TFoWgIPW4OIzxMtOV01UDeRb1izEytaDkhfyyMYNIUwblYoJjIzv7tutf8NHt8-mjXGbo0ct-yzowM4dYL6IuANn3B8ATXdUppa6k5yE2Nd6QICWlVZbMbXd3-KHCJnkn_A1LzR7rIMIOUaAfSO9-BuFr1_ney6Sv-KuQs7zAonAtAQuT1QgqmqNC7S1x2MR--8YFgl7YMdhsxFR7T76eLjRRPOcedVEGhvUA24zQRblGMt5Kbmc-YWO0zm90u9vQ5U_InvKa4MwAcSsP-Y&sig=Cg0ArKJSzOJSp7QLt3DNEAE&urlfix=1&adurl=
Frame ID: 141F6DD50A32D8BB53CF7B85A298C738
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubLqOG1wvyjkGzat2xcaXciROP8QompT2REgFT4Xj-j3Wrq9WLflO8NgRcDHqwWhdCLtV-mrKwj3MlK_yB1m7eWo3sMkgUGOBIO5vCm_0CFp5GunisRLE-bz9waIUuvzo2M0hdjD0QP_1qt4pH1zMUac0z4Uy0XAyNya0YqWURwlaMy5eZl7efX0gc78cTLeNrvhZBE-DgpTArKc05CsHZfr2XTwjRbcc4kAbb8GfTkCrUsiTH6v5aI4CKDi5A9gKSb6XPNaHOf4WOJbD3yb4cyHWvlGVEsXxVzstIcWCDZzDe&sig=Cg0ArKJSzJNwjF89mVZTEAE&urlfix=1&adurl=
Frame ID: 380F0C627B9E3BAECCD1102172FCCF39
Requests: 9 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adj/N30602.160827GURU3D/B24670551.281396572;dc_ver=69.198;dc_eid=40004001;sz=300x250;u_sd=1;gdpr_consent=tcunavailable;dc_adk=2539895705;ord=punk6m;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstBEXKXWByNILsgk_lHl-e0x4AZU_dgYBbR5D672FCf-0IRIyrnIubmZsoEZC0bfBUZXZSrjicumlpTHpRMNGQhUMHEV8u24f28b7MRWYTNg6PlAM2CYtFIBQ9BnqM3mfO07J17ULkDL7P-Odzm_IifieRnyktR4NH3qhEdWXAtvu8DD1_2S8DirGOBimLVmA5LpvR3aaXLMpHNz9apIUqIZnc9d1U7t453QGgca403wKxp_FsHqmXb15Qtx5JwG0elW2TMIEF1xl8ddlXgAy_M-4gVrLDg5Gjn%26sig%3DCg0ArKJSzPPKmE9O-BBsEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.guru3d.com%2F$0;xdt=1;crlt=5'!h.lVC1j;cmpl=8;gcsr=a;osda=2;sttr=542;prcl=s
Frame ID: 064B8B2CBA7C4E70C79ABF51E053352D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0F631EB31E1E043783621E9526F3A756
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2nBE98gtPBnLFI7C1_kZv0CEg0QqzyJGD5FiZ3muUluy9u_mdx4rz1CcleIjvmRSi2fo_DNS2cJNFBCLDrxILOaygUo4h3DqQzOZQV5_39Cq3k-q9X7i2gim6lZsVssicZofJGtDxQ91C8HZrAYEcvxVZ-UGXAA10RxlIolvL7a8uvoyaZSCJKkxtul-FzoBVZ0R-y9pVti-zu53ZYN0ZM4u9XGzT381ld34aRWal2cRHyNyPqQICcMrY_C_vRGT-txIQ2jLs4ah4KpStMDxISW3Uy3MtkHpPjnn-T3bkkFJT_imNLsWDpJoKIxQ&sig=Cg0ArKJSzLZD48-RbeDYEAE&urlfix=1&adurl=
Frame ID: 76FC3B13447E01D74072369D04558038
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8020590F0004F1CE7E2F5AD1F95AE636
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.guru3d.com/index.php?ct=files&action=download Page URL
https://www.guru3d.com/index.php?ct=files Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

303
Requests

95 %
HTTPS

55 %
IPv6

27
Domains

43
Subdomains

31
IPs

7
Countries

3643 kB
Transfer

9455 kB
Size

0
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://forums.guru3d.com/
Title: FORUMS

Search URL Search Domain Scan URL

URL: https://newsletter.guru3d.com/lists/?p=subscribe&id=1
Title: NEWSLETTER

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/intel-core-i9-11900k-processor-review.437372/
Title: Intel Core i9-11900K processor review

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/red-dead-redemption-2-ampere-performance.437232/
Title: Red Dead Redemption 2 Ampere performance

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/rx6800-not-recognized-when-used-with-pcie-riser.437401/
Title: RX6800 not recognized when used with PCIe riser

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/resizable-bar.436822/
Title: Resizable Bar?

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/ms-flight-simulator-(2020)-the-2021-pc-graphics-performance-benchmark-review.436991/
Title: MS Flight Simulator (2020): the 2021 PC graphics performance benchmark review

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/fine-utilise-power-of-radeonpro-software-sweetfx-part-2.423193/
Title: Fine Utilise Power of RadeonPRO Software & SweetFX Part 2

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/asrock-launches-z590-oc-formula-motherboard.437385/
Title: ASRock launches Z590 OC Formula Motherboard

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/geforce-461-72-whql-drivers-download-discussion.436876/
Title: GeForce 461.72 WHQL drivers: download & discussion

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/rdna2-rx6000-series-owners-threadtestsmodsbios-tweaks.434911/
Title: RDNA2 RX6000 Series Owners Thread, Tests, Mods, BIOS & Tweaks !

Search URL Search Domain Scan URL

URL: https://forums.guru3d.com/threads/evga-precision-x1-gets-ability-to-toggle-resizable-bar.437383/
Title: EVGA Precision X1 Gets Ability to Toggle Resizable BAR

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.guru3d.com/index.php?ct=files&action=download Page URL
https://www.guru3d.com/index.php?ct=files Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEB6NpdNeo3eeTvHrdEGq0Wk&google_cver=1&google_push=AQvitUITciulJLYhWX0RSBPMUYVQt3o8H9lYenpNo7Tb8dls1w6DXe5qIVYM0jOi4DEr5fNqKmq_c-c5LG8WM2Qi4xy-K8sui_-jfA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUITciulJLYhWX0RSBPMUYVQt3o8H9lYenpNo7Tb8dls1w6DXe5qIVYM0jOi4DEr5fNqKmq_c-c5LG8WM2Qi4xy-K8sui_-jfA&google_hm=NDE1MDg3ODQ0MTk1NjY3ODI1Mg%3D%3D

Request Chain 95

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENIoz1sovzoQH07jstiN_iQ&google_cver=1&google_push=AQvitULH1Elm868wN24RxBwANpKZCkDxE6YvZe2XKsO4r6BvKSGKqmzKbIkcKRPJTqWm6QIP-uBVWSlbn7JCyP7Oa3EEoO0iNvUAAw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENIoz1sovzoQH07jstiN_iQ&google_cver=1&google_push=AQvitULH1Elm868wN24RxBwANpKZCkDxE6YvZe2XKsO4r6BvKSGKqmzKbIkcKRPJTqWm6QIP-uBVWSlbn7JCyP7Oa3EEoO0iNvUAAw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IGpvS9tuQESkYNeC_eXxBw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULH1Elm868wN24RxBwANpKZCkDxE6YvZe2XKsO4r6BvKSGKqmzKbIkcKRPJTqWm6QIP-uBVWSlbn7JCyP7Oa3EEoO0iNvUAAw

Request Chain 97

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEINzXsJRmBS9BwTVjfJxSXo&google_cver=1&google_push=AQvitUIiae2Kle16bZOL0fwVNwF6XFSauiCQwXbqQ4IuCPIWjWj-tCZVQM8x49JKD1g74f0EIY6m8m3P20dIX2Mxjc10eLXF9XVD HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUIiae2Kle16bZOL0fwVNwF6XFSauiCQwXbqQ4IuCPIWjWj-tCZVQM8x49JKD1g74f0EIY6m8m3P20dIX2Mxjc10eLXF9XVD&google_gid=CAESEINzXsJRmBS9BwTVjfJxSXo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTExMzM4MDIxMDg5NjUxOTQ0Mg%3D%3D&google_push=AQvitUIiae2Kle16bZOL0fwVNwF6XFSauiCQwXbqQ4IuCPIWjWj-tCZVQM8x49JKD1g74f0EIY6m8m3P20dIX2Mxjc10eLXF9XVD

Request Chain 98

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBiHzS0_GAORs8ZpDWl-b7M&google_cver=1&google_push=AQvitULOuEvPK5uhFu6_1VfJGr3dDjEQUgpARitRbT3cWDItJUpCvcg3ssAZj1wI4vYY9I-d7z08xH-WCVQBZRVwUZcJHkonIhXavQ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBiHzS0_GAORs8ZpDWl-b7M&google_cver=1&google_push=AQvitULOuEvPK5uhFu6_1VfJGr3dDjEQUgpARitRbT3cWDItJUpCvcg3ssAZj1wI4vYY9I-d7z08xH-WCVQBZRVwUZcJHkonIhXavQ&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ZRGxMclRGRTJ1RTVaOXNESnBNYkRwRzdkLmdqUVMyN35B&google_push=AQvitULOuEvPK5uhFu6_1VfJGr3dDjEQUgpARitRbT3cWDItJUpCvcg3ssAZj1wI4vYY9I-d7z08xH-WCVQBZRVwUZcJHkonIhXavQ

Request Chain 99

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDE4UTjUU6t0y-gByI_Eo9I&google_cver=1&google_push=AQvitUJpwVBdCpoO1S7Ms_hqYzcWbv6gofq9lDYJILhnjdIfxJy-xzRy-LQIeJmbwP0MZmALnN8gNAPdcyEaSYM6FNYuDss-YMnwC28 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJpwVBdCpoO1S7Ms_hqYzcWbv6gofq9lDYJILhnjdIfxJy-xzRy-LQIeJmbwP0MZmALnN8gNAPdcyEaSYM6FNYuDss-YMnwC28&google_hm=NzA4MDEzMzc3OTEwMDU4NzE1Mg==

Request Chain 140

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHPhT11gjJLQNlm3Y-ZQ2X0&google_cver=1&google_push=AQvitUKd7doRe-lePAKmZozn1eA91ZrAbptYBWP3MWa8aPXcMcCBu0WRvBK0ydOnb0ZdU379iRe9yC3FlCsXPUop7Pz7shHMeC6cLQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk0NjA2ODE3OTA4ODMwODM3Mw%3D%3D&google_push=AQvitUKd7doRe-lePAKmZozn1eA91ZrAbptYBWP3MWa8aPXcMcCBu0WRvBK0ydOnb0ZdU379iRe9yC3FlCsXPUop7Pz7shHMeC6cLQ

Request Chain 141

https://rtb.openx.net/sync/dds?google_gid=CAESEIXdkSW4JBOpIjtk-6FwOs4&google_cver=1&google_push=AQvitUIFBXo-CCzVRF8apuSTzJHiAMrD5tuSWTzes-QHpdkAP5FnLHLxYf8rdwUn2GLk2hON0WejqMozlxWvOmIyeup4rVBDU7ClZw HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEIXdkSW4JBOpIjtk-6FwOs4&google_cver=1&google_push=AQvitUIFBXo-CCzVRF8apuSTzJHiAMrD5tuSWTzes-QHpdkAP5FnLHLxYf8rdwUn2GLk2hON0WejqMozlxWvOmIyeup4rVBDU7ClZw&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIFBXo-CCzVRF8apuSTzJHiAMrD5tuSWTzes-QHpdkAP5FnLHLxYf8rdwUn2GLk2hON0WejqMozlxWvOmIyeup4rVBDU7ClZw&google_hm=ueNiUlWdx3A9Vm_hi8GjsQ==

Request Chain 142

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENIoz1sovzoQH07jstiN_iQ&google_cver=1&google_push=AQvitULdXI2hnqDezXg-VjMeygrj2brGWoRmjiRWv17t0Zww210zLDnykdiEDHaQElqjWD5spV02BwTrC7nIcYj9b6SeYqH-QXzSOQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IGpvS9tuQESkYNeC_eXxBw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULdXI2hnqDezXg-VjMeygrj2brGWoRmjiRWv17t0Zww210zLDnykdiEDHaQElqjWD5spV02BwTrC7nIcYj9b6SeYqH-QXzSOQ

Request Chain 143

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEMq522-Ln3SlSaCxq8-i-I&google_cver=1&google_push=AQvitUIwqvkzv0eAgs27NDLI5vsq0KQykPrjnMRjMkQJgq5D3ivG2SCdAZ0D_E8ZI6-T0nJhYhLrV4lV5unaPM17zdyJujPTP2Yn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01ZSERHVk8tMi1DQkYx&google_push=AQvitUIwqvkzv0eAgs27NDLI5vsq0KQykPrjnMRjMkQJgq5D3ivG2SCdAZ0D_E8ZI6-T0nJhYhLrV4lV5unaPM17zdyJujPTP2Yn

Request Chain 144

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAQvitUKRYiruB2Ya_vpERewWGC17j_jKRGjmViibHbfcwCb50a8ktU8tjqb3q-R-DmGSn-7UGTviWJK2yWoaBx_sfQMHAgIkO0bP8w%26google_hm%3D%5BUID%5D&google_gid=CAESEJE2twV9d5k9c2VcFF0ict8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUKRYiruB2Ya_vpERewWGC17j_jKRGjmViibHbfcwCb50a8ktU8tjqb3q-R-DmGSn-7UGTviWJK2yWoaBx_sfQMHAgIkO0bP8w&google_hm=d9e71f02-0a89-416d-8801-6ca099db1165

Request Chain 145

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEB0CoicLIhzPV23iC0I5uew&google_cver=1&google_push=AQvitUJjmoe24vME5-irqWmEcOh25stcve8-x0JbIYJHR0--C1cJjMJIcU0bA8gjgHp1XflTtb-S1o2jIs9JwY0D5vT-Csk_ut-mFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJjmoe24vME5-irqWmEcOh25stcve8-x0JbIYJHR0--C1cJjMJIcU0bA8gjgHp1XflTtb-S1o2jIs9JwY0D5vT-Csk_ut-mFg&google_hm=NTkxMDQ1NDY4MjYxMDIwMTgyNQ%3D%3D

Request Chain 146

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDE4UTjUU6t0y-gByI_Eo9I&google_cver=1&google_push=AQvitUKETbDNvvikVLQwJX1Y-8FIFTR3MC03XCrmkkXIrXkI1wWrveN05SYm-jigJICI3umJWqYgFWPUCdn_JZ3cR311qCmq5ec0Fqc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUKETbDNvvikVLQwJX1Y-8FIFTR3MC03XCrmkkXIrXkI1wWrveN05SYm-jigJICI3umJWqYgFWPUCdn_JZ3cR311qCmq5ec0Fqc&google_hm=NzA4MDEzMzc3OTEwMDU4NzE1Mg==

303 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set index.php Show response
www.guru3d.com/ 21 KB
6 KB 140ms
58ms Document
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/index.php?ct=files&action=download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40 PleskLin
Resource Hash: 6d69b73a001575ab8b7c0fd790793d949aca7c97e3598004e99829651db9bf35

Request headers

Host: www.guru3d.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:02 GMT
Server: Apache
X-Powered-By: PHP/5.6.40 PleskLin
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=eom06el8ekm1vt0be7d0d0frb7; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5673
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery.js Show response
www.guru3d.com/core_javaload/ 92 KB
33 KB 111ms
44ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/jquery.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

Referer: https://www.guru3d.com/index.php?ct=files&action=download
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:02 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK index.php
www.guru3d.com/ 31 KB
6 KB 108ms
41ms Stylesheet
text/css 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 7a84683ee8a423fa78ecf2b2c4c4fcf0c93bde3586c7b687c801991a41effab4

Request headers

Referer: https://www.guru3d.com/index.php?ct=files&action=download
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:02 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK WnFYg.png
www.guru3d.com/gurustuff/ 3 KB
3 KB 99ms
33ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/WnFYg.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 828d20c8ec459667b12c0d698b9450f2a2d6127394d1dc8ada898362412d21d5

Request headers

Referer: https://www.guru3d.com/index.php?ct=files&action=download
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:02 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:09 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "be0-595ccf460bcdc"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3040

GET
H/1.1 200
OK hoverintent.js Show response
www.guru3d.com/core_javaload/ 3 KB
1 KB 103ms
37ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/hoverintent.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 719875309a034313c742edfa43b78177ba49971a941b961ca9dd360eab569c8e

Request headers

Referer: https://www.guru3d.com/index.php?ct=files&action=download
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:02 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK superfish.js Show response
www.guru3d.com/core_javaload/ 4 KB
2 KB 103ms
36ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/superfish.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 3e9fb74061133f9dc6c809fb777bdcdc8e02b6812ad5bf39aad5f6c69f1b96dd

Request headers

Referer: https://www.guru3d.com/index.php?ct=files&action=download
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:02 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK animatedcollapse.js Show response
www.guru3d.com/core_javaload/ 11 KB
4 KB 105ms
38ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/animatedcollapse.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: cf8014b54a505e4cb24907b253d9a89888ddc5c1e57fb7b973a87f2b2fd50e37

Request headers

Referer: https://www.guru3d.com/index.php?ct=files&action=download
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:02 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK index.php
www.guru3d.com/ 31 KB
6 KB 167ms
37ms Stylesheet
text/css 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2&ie=6
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 8be66a7482b742f3c31ba67cc325f1fd8e8b4218ae1e6525d08d3635316b1f69

Request headers

Referer: https://www.guru3d.com/index.php?ct=files&action=download
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:03 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 7015
date: Thu, 01 Apr 2021 04:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Thu, 01 Apr 2021 06:15:07 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 58 KB
20 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a21c4123f8204557904105848e0e1955a20463a6acd3589bc5bc8e2372853f2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "829 / 934 of 1000 / last-modified: 1617228603"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19707
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:02 GMT

GET
H2 200 pubads_impl_2021032202.js Show response
securepubads.g.doubleclick.net/gpt/ 286 KB
101 KB 93ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

783355ba48d24f37c27cafa383cef88a462f95b7fc65d4fdaf57a0bcca7f371c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 01 Apr 2021 06:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 18:01:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102487
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 872 B
287 B 1335ms
1298ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2191299454796698&correlator=1932884050412413&output=ldjh&impl=fifs&eid=31060550%2C31060321%2C44739387&vrg=2021032202&ptt=17&sc=1&sfv=1-0-38&ecs=20210401&iu_parts=21536815%2Cwrapper&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=1x1%2C1x1&ists=1&cookie_enabled=1&bc=31&abxe=1&lmt=1617257522&dt=1617257522895&dlt=1617257522490&idt=383&frm=20&biw=1600&bih=1200&oid=3&adxs=0%2C-9&adys=30%2C-9&adks=1612380904%2C3918806337&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x61%7C0x-1&msz=1x-1%7C0x-1&ga_vid=863289859.1617257523&ga_sid=1617257523&ga_hid=1493685080&ga_fc=false&fws=4%2C2&ohw=1600%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

62d75a2df7b1fb94be8c1f494e9349ce72e7c26e808301b8a4925e0924dd64a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 71ms
14ms Other
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 28ms
6ms Other
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK d3yoh.jpg
www.guru3d.com/gurustuff/ 33 KB
33 KB 99ms
34ms Image
image/jpeg 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/d3yoh.jpg
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 43cca61ef3583b0cc352dd8b3b76fc670bbb528bf2a2d269d1c91313fb53e9a9

Request headers

Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:02 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:03 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "84d0-595ccf400da3a"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 34000

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
4 KB 709ms
685ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2191299454796698&correlator=1932884050412413&output=ldjh&impl=fifs&eid=31060550%2C31060321%2C44739387&vrg=2021032202&ptt=17&sc=1&sfv=1-0-38&ecs=20210401&iu_parts=21536815%2Ctop_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1617257522&dt=1617257522912&dlt=1617257522490&idt=383&frm=20&biw=1600&bih=1200&oid=3&adxs=699&adys=41&adks=1733603311&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1274x110&msz=728x-1&ga_vid=863289859.1617257523&ga_sid=1617257523&ga_hid=1493685080&ga_fc=false&fws=4&ohw=1274

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

339d4818e48786da7a82d07d6f214e1b35148653d81d80312d028b2e49ae4d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2919
x-xss-protection: 0
google-lineitem-id: 129863295
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234729855
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Ovdce.png
www.guru3d.com/gurustuff/ 3 KB
3 KB 99ms
33ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/Ovdce.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 040cca331d65b92bd45651da329569579ad081ec68afdc8d0180c05aad170324

Request headers

Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:03 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:08 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "b6d-595ccf44b6fc9"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 2925

GET
H/1.1 200
OK 6gh4U.png
www.guru3d.com/gurustuff/ 3 KB
3 KB 48ms
33ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/6gh4U.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: b8dfcaa28c54fa0398fa53a50f078313a1f33345eee98cd6dd4a08b547a915e2

Request headers

Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:02 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:01 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "b2b-595ccf3ef36a5"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 2859

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 1296ms
1296ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2191299454796698&correlator=1932884050412413&output=ldjh&impl=fifs&eid=31060550%2C31060321%2C44739387&vrg=2021032202&ptt=17&sc=1&sfv=1-0-38&ecs=20210401&iu_parts=21536815%2C300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1617257522&dt=1617257522934&dlt=1617257522490&idt=383&frm=20&biw=1600&bih=1200&oid=3&adxs=1127&adys=188&adks=1379754963&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&vis=1&dmc=8&scr_x=0&scr_y=0&psz=295x250&msz=300x-1&ga_vid=863289859.1617257523&ga_sid=1617257523&ga_hid=1493685080&ga_fc=false&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ed03a9ff209062c2fd431b979b592e93480db9a3bd1ca6367443141e88f4719e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2770
x-xss-protection: 0
google-lineitem-id: 129862815
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234861163
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK C2upk.png
www.guru3d.com/gurustuff/ 3 KB
3 KB 89ms
33ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/C2upk.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: f2696ba428936d516c3dd50c2e9726d8c82cbd48e4938a6f04e965185e1ee562

Request headers

Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:03 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:02 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "b52-595ccf3fc947c"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 2898

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 1777ms
1776ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2191299454796698&correlator=1932884050412413&output=ldjh&impl=fifs&eid=31060550%2C31060321%2C44739387&vrg=2021032202&ptt=17&sc=1&sfv=1-0-38&ecs=20210401&iu_parts=21536815%2C300x600_navbar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cookie_enabled=1&bc=31&abxe=1&lmt=1617257522&dt=1617257522955&dlt=1617257522490&idt=383&frm=20&biw=1600&bih=1200&oid=3&adxs=1127&adys=1010&adks=2692230078&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&vis=1&dmc=8&scr_x=0&scr_y=0&psz=295x600&msz=300x-1&ga_vid=863289859.1617257523&ga_sid=1617257523&ga_hid=1493685080&ga_fc=false&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6327b24c6bd01db691bd3a924c43756a93466d100577a4101bdc0d8d8c1f0421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2749
x-xss-protection: 0
google-lineitem-id: 129863055
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 48542942415
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame 710C 44 KB
14 KB 263ms
262ms Document
text/html 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54e0b20f209dad07d6e278d7eb7132eced51033e0fa2f569276ea8d238b62eba

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: WNjczGR1P9ZEHPJnyL7Vw6jgFWws/55fW+DPMK0cY+g2SpgZQ/1ny4ns9lCB9oqfe1FnugR5Ko2gVotp8MuZEA==
date: Thu, 01 Apr 2021 06:12:03 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
3 KB 1775ms
1775ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2191299454796698&correlator=1932884050412413&output=ldjh&impl=fifs&eid=31060550%2C31060321%2C44739387&vrg=2021032202&ptt=17&sc=1&sfv=1-0-38&ecs=20210401&iu_parts=21536815%2C300x250_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1617257522&dt=1617257522962&dlt=1617257522490&idt=383&frm=20&biw=1600&bih=1200&oid=3&adxs=1127&adys=2138&adks=3057682820&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&vis=1&dmc=8&scr_x=0&scr_y=0&psz=315x260&msz=295x250&ga_vid=863289859.1617257523&ga_sid=1617257523&ga_hid=1493685080&ga_fc=false&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6f50d1a146d18a576b5982c718b577fa80eef6996cf2e77dcf8d9858f6ec3395

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3225
x-xss-protection: 0
google-lineitem-id: 5627289002
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138340943632
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 69ms
39ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

1db078eb878691cec33884aed30f8b263ed71b679a79be700c3a3ed787593ffb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:03 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3481
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:03 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
68 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1493685080&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&ul=en-us&de=UTF-8&dt=Guru3D.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1502409026&gjid=1118876232&cid=863289859.1617257523&tid=UA-1106208-1&_gid=925526140.1617257523&_r=1&_slc=1&z=506992265

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
87 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-1106208-1&cid=863289859.1617257523&jid=1502409026&gjid=1118876232&_gid=925526140.1617257523&_u=IAhAAEAAAAAAAC~&z=2078835393

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Apr 2021 06:12:03 GMT
content-type: text/plain
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 274 KB
90 KB 8ms
3ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 12:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 236760
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92213
x-xss-protection: 0
expires: Tue, 29 Mar 2022 12:26:03 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
9 KB 19ms
14ms Stylesheet
text/css 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 12:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 236760
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
expires: Tue, 29 Mar 2022 12:26:03 GMT

GET
H2 200 minimalist.css
www.google.com/cse/static/style/look/v4/ 5 KB
2 KB 19ms
15ms Stylesheet
text/css 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/minimalist.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5867ad740bc719bf1309b5f65537b7ba69f2cba5e9a193679859542d1bc7f95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 05:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 926
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1452
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:46:37 GMT

GET
H3-Q050 200 async-ads.js Show response
cse.google.com/adsense/search/ 181 KB
63 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d22e5297fca3c39e57aea125d7fac1be0210d64fd5530f6b100cfc41308fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1698023212646863493"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:03 GMT

GET
H3-Q050 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 08:54:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 508660
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Sat, 26 Mar 2022 08:54:23 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
182 B 29ms
5ms Image
text/plain 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:03 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:15:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 140170
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Wed, 30 Mar 2022 15:15:53 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
182 B 28ms
5ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:03 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 marMItmZNfV.css
www.facebook.com/rsrc.php/v3/yM/l/0,cross/ Frame 710C 25 KB
6 KB 15ms
13ms Stylesheet
text/css 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yM/l/0,cross/marMItmZNfV.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

34c2a6b2fd25bb0b5bda545af77d1a0af494cbe11c65ee2d0c8acdd497a49b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 18:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: tvwOd0DTa0xfwwAyyYeaBA==
cross-origin-resource-policy: cross-origin
content-length: 5929
x-fb-rlafr: 0
x-fb-debug: cdNVC/RVXWcV8/5gF4hVFEfMf2htGqNI8e9loj9wijlPK3jQfqgXzGnzI3oCFIi6a572+oDyyQDOdY9B2QbBFw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 31 Mar 2022 18:39:33 GMT

GET
H2 200 uktFqoSGNQ2.js Show response
www.facebook.com/rsrc.php/v3/yl/r/ Frame 710C 271 KB
72 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yl/r/uktFqoSGNQ2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fdeddda6872052e957921cb5ed1ac9f5af08dd6ac35ca43949ae87723b6dd0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: pCjAYLlojt/uXEJZVbmbngeQ6fWdMUzxDv1w+WyFLKiS91XWMZ0POy0fQMtKZLJnD9i7wgu5MaQTXZ5BHnBHyw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: q9xfnxe2jJcyK6cZDxflng==
date: Tue, 30 Mar 2021 16:19:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 73695
x-fb-rlafr: 0
expires: Wed, 30 Mar 2022 16:19:39 GMT

GET
H2 200 R-94njMYEPI.js Show response
www.facebook.com/rsrc.php/v3/yk/r/ Frame 710C 61 KB
19 KB 39ms
38ms Script
application/x-javascript 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yk/r/R-94njMYEPI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

93ed3d00fb0c638f0144f3448d3f7fec80003d5e4e50598dafd403d8fd232b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: lxnglHBthDypDl6bwaP0vlc+KxxPk3B8NlD8WFVLFrGjnXr0TnLelAZzNr6HiAotgr7Vsi09qtSwWBLMS/6dhg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: qMPVrpmEjfzvmMEF5P9xSA==
date: Tue, 30 Mar 2021 22:45:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19271
x-fb-rlafr: 0
expires: Wed, 30 Mar 2022 22:45:19 GMT

GET
H2 200 gdMhOJz-gDn.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yM/l/en_US/ Frame 710C 127 KB
35 KB 39ms
38ms Script
application/x-javascript 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yM/l/en_US/gdMhOJz-gDn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e5e5c268fdaa87b5bf12b1b706d7010e604e67910f91802ed51ab7a3b2eb119

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: +MGCnHBSuBB9cZ495dWpYerCpuhg6mFabCW8dIl0YNQtHmZeQX1IzVUQLAtjcbyZ9cNvmaL5D/PWbgK41URTJA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Ps1zKc2V9IWfV/V9hMPcHA==
date: Tue, 30 Mar 2021 22:45:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36161
x-fb-rlafr: 0
expires: Wed, 30 Mar 2022 22:45:19 GMT

GET
H2 200 hXQHwyZQ5vj.js Show response
www.facebook.com/rsrc.php/v3/yo/r/ Frame 710C 6 KB
2 KB 39ms
38ms Script
application/x-javascript 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yo/r/hXQHwyZQ5vj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cac2837aba5655412929c56e39e9debc509bd67fc030875246ff7a493b249fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 06:52:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: OuLZhuOJI87YSWy5uFIW2A==
cross-origin-resource-policy: cross-origin
content-length: 1706
x-fb-rlafr: 0
x-fb-debug: n1dWK3cv34AWiB12hq8aX7+o50RQcnDE0RtOf9EPvlWDl3ddGCizikGR0w8mRo84NOvcHwvhTdOCYMmmwluIbQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 28 Mar 2022 06:52:27 GMT

GET
H2 200 980015_533586583343807_1764489926_o.jpg
scontent-ams4-1.xx.fbcdn.net/v/t31.18172-0/p526x296/ Frame 710C 39 KB
40 KB 43ms
13ms Image
image/jpeg 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t31.18172-0/p526x296/980015_533586583343807_1764489926_o.jpg?_nc_cat=104&ccb=1-3&_nc_sid=a61e81&_nc_ohc=k2pLxuOMgtoAX_NLIo_&_nc_ht=scontent-ams4-1.xx&tp=6&oh=9704c2f9a36d6575b019a1b8b157a8ce&oe=60898C99
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 627d1b49321d7a8a4a4073f34b3ba1c96738f3f0d1f9c54f3b251bb819975a8e

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2532042100
date: Thu, 01 Apr 2021 06:12:03 GMT
x-fb-trip-id: 664085054
last-modified: Fri, 07 Jun 2013 06:34:14 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1469356964
x-fb-config-version-olb-prod: 1056
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 40365

GET
H2 200 188311_222951111074024_7587693_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t1.18169-1/cp0/c20.16.199.198a/s50x50/ Frame 710C 2 KB
2 KB 45ms
16ms Image
image/jpeg 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t1.18169-1/cp0/c20.16.199.198a/s50x50/188311_222951111074024_7587693_n.jpg?_nc_cat=110&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=1idsHGE_f_UAX9UNY2s&_nc_ht=scontent-ams4-1.xx&tp=28&oh=a4201315b518b2a3e93e086f8e6ee3a9&oe=608C4859
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a515b24a0ddb5985de71e218ff259ce1f92256cea1a61954ccf157649c3fdbeb

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 420387698
date: Thu, 01 Apr 2021 06:12:03 GMT
x-fb-trip-id: 664085054
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3867042620
x-fb-config-version-olb-prod: 1056
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1800

GET
H2 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame 710C 573 B
791 B 13ms
13ms Image
image/png 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/l/0,cross/marMItmZNfV.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yM/l/0,cross/marMItmZNfV.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: j94WZdJ6ahz4zR/1BTX01djMrpiTj7d2RkqIbbIjJfPEw4Ay9i2bBCw1RInlnwBRghrmwwhenabYB8308jWjJw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Thu, 18 Mar 2021 19:16:16 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 573
x-fb-rlafr: 0
expires: Fri, 18 Mar 2022 19:16:16 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9593 0
0 62ms
61ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0bZLg3m-gXVGrNT_27-Z5Snbx_xeUvTkqlwfl286CuLioZJAamL1oD2YLgPFwJ46uPtfW2yfCcB04EmgOV98KiDaVLPlA9BKpfVGuHxLiu6TwsQxAMuTBmADQ-dXuKqOTEF6gpg0vjkY61dcL9-5ynGOG4pzB3pvP0XMZR0TmR_eivNNfIkSsn5xkCgpbaAL9kNLUNLjzbiJiLGDrzlpiKCshO0L51h7EqWNKSXLRaAZ5IzfBrzpVdYzVTMVCDL7BDqHUVvLserbkDmJCt3KVoQwgIyqpUrjQPf4dUk7YAFNHT2lcdPlyJHdsWw&sai=AMfl-YTSyuPq5a5HNfYx29y3nb84fcWw_56b0zZigxenFCTlgVr9IHavNOMfaQSR-xNcmHYdlLLQERAbxzcx_Q5Ihn_r90suWJj0VazZDOBPFK7FZ4qNVe6KBuIP078gCSsA&sig=Cg0ArKJSzJMzr8jZKJa4EAE&urlfix=1&adurl=

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Apr 2021 06:12:03 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9593 58 KB
19 KB 36ms
35ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

47a0d4982b0bbe31ffc27913ea3b0c0b2720c160300c0d9f055b2a64061895c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "829 / 476 of 1000 / last-modified: 1617228727"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19705
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:03 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9593 118 KB
36 KB 34ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:03 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 35ms
35ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017733465819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:03 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 37ms
18ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021032202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b472f8eff8af3779b3e0a9e11c438492cde5b55a78407dfb75854ed0c2aa1e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6539
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:03 GMT

GET
H3-Q050 200 pubads_impl_2021032202.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9593 286 KB
100 KB 34ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js?31060600

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

783355ba48d24f37c27cafa383cef88a462f95b7fc65d4fdaf57a0bcca7f371c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 18:01:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102487
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:03 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 4AA9 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 01 Apr 2021 00:27:49 GMT
expires: Fri, 01 Apr 2022 00:27:49 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20654
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ Frame 9593 107 B
799 B 39ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js?31060600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9593 107 B
531 B 42ms
29ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js?31060600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9593 10 KB
5 KB 251ms
250ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2632496103706765&correlator=1855384974577836&output=ldjh&impl=fif&eid=31060473%2C31060550%2C31060600%2C31060604%2C31060656%2C44739387&vrg=2021032202&ptt=17&sc=1&sfv=1-0-38&ecs=20210401&iu_parts=8095840%2C43.guru3d.com_728x90_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie=ID%3D94116fc0617b83c1-22525836f0ba0094%3AT%3D1617257522%3AS%3DALNI_MapZK6AO_-hV0xpga86_4YAFPYzlw&cdm=www.guru3d.com&bc=31&abxe=1&lmt=1617257523&dt=1617257523782&dlt=1617257523636&idt=126&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=699&adys=41&adks=1056697662&ucis=cyrkpp6lrhm0&ifi=1&ifk=1875357622&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&top=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=863289859.1617257523&ga_sid=1617257524&ga_hid=62044813&ga_fc=true&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js?31060600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

337772d78d062203c5d496bb6e43d88a97769b67e0575f3af4384a12ed3fb6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5168
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9593 0
0 70ms
13ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js?31060600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 9593 0
0 6ms
6ms Other
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js?31060600
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 9593 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6cae1478dbd477445e5790dd876da9a106a44244577c063b47109fd690b92dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9593 0
0 111ms
76ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvamSb_4wx4s-GHvqJEWnj--1wfL5bLpbaePWx4Zl7xLnwvFpTgmijmPVe04BTualwc1nL2Ceqxcoz9SfIG7bXj6GP4knfIFw-MlYcEAmj9ctAI-TIJd_GZ5cw6985ntfaqGcDI4MsmOUKLVDNISMAjb-4fIl-LZ9K4xi46GilB1yS5bsCFpE-QjGiVAiOh8GIflvMSyAToAdKJ4Av5n1U5kevDygLJmDU0p2g9OD1Np79-1t5m5-eqzD0sTGbf_ZNwBYZUAZjm4YkEP9O0Fv0wnLWKZrUxrhystSymw3zhqpw&sai=AMfl-YRpPj9bezd1A7KNzVKog2daFf7CYXrH9a-3-VJR9XTDqOkZKSnCXrsdpbH3PWCye0pSblKPrybnMpJg8Uwkb8BLO1NDjGvZLBSnpWnt9j1vuRjOgefQ_bVB1iInp5lf&sig=Cg0ArKJSzEeL7tONckNtEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Apr 2021 06:12:03 GMT

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AA9 14 KB
6 KB 26ms
26ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 538420
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 26 Mar 2022 00:38:23 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
163 B 60ms
60ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021032202&jk=2191299454796698&bg=!PD-lP3vNAAY56aLOOek7ACkAdvg8WoC2oqJWOi67_MqxzB1V2NKlbtBP8Jd-DFPg_qf3Q3esT7gWAwIAAABbUgAAAAhoAQcKAL2prtHsYVblNe6RpTJoe9uViDfOfwvlRIIpHtllYmXed8dMRmARKR0XZoB8YkB9WDfR-EAn-Au-B5QDUTgXQo4Jo1tmKACa7Tgvt2rrFL0-FGtNpuSRsIvyzJfZHhN81XG8FYmrtriVMyqSVxC5oLRqnIJ2hrpiNj-WJCTAP5y2f0NIyFihUGJCCYaA6auhCfu7U2Uy3Enx33yUEIyMijOCimsKA_CyCHhrPQpEC6euXkDLrBBLl_nPHtyzIDyZAcgjnRAh7u1cu90eLLGbzYxupzVDhEo9QVo_DBDXTiW35k_JcDfjys0w_6kp4pR2d1dtjLv04UjBpsOv14QkOxM8_NOZxv2nZeQBzgwZYfIckT_t3r6oOPN226Z_N92qchthht98jqP8V40YZnODwEw020wfeYm-xN71MPUCXnVbSsbey4otwJ-Or9EJJBn9LpV8v46VL-zugrkXoLhw4igsF6EgLds5ZbKhRuybQ7guysepPSCb2zvyxvTzn_CusDsxL6M-_sRlnE8quKYyCNm9ImsuCH152Xrlhut6zAHdExsLge4OSqYgEQ69biSgCYThYlY5s6JYlCYeLHyE0HvGr4bJCyZjSEAoBAKOLNPB-LYsGm7kpPRaFBTzUvotEC_p0zyBpRLa4NUhI19tDDjBCd26naLVfscL-KHkvG_9XAc7CSRG5Xnsi0GOepiMgqpbVBQfUYpYVURWYvUto5QAMfoekrmkqgUvFuMO_TzKW1TQNhFr7Z0OlbBbXVrEMU3pRx5GDScjdJQWFaYQ_dCMKcuxuCjQuEOpvXV9w8NhZ67Jnr8TGex83vSfO5cWqt5iGR8sCodYrNzq7b9v6_TEcLifQNA7_BQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html Show response
603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 00C1 6 KB
3 KB 34ms
21ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js?31060600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 01 Apr 2021 06:12:03 GMT
expires: Fri, 01 Apr 2022 06:12:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9593 73 KB
28 KB 34ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js?31060600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017733465819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9593 8 KB
7 KB 39ms
39ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021032202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js?31060600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b3d3a5f55f874bf0051eeabc4bf8eb85d216919f41ff137a2024cc7684e5d36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6614
x-xss-protection: 0

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 00C1 0
0 48ms
48ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmWugM2RlYOKyM4WI-gbizYHIDcSzoJRcvtC4heUCwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTYxNjM4NTc5OTI5NTY5NjTIAQmpArUTii2YKYU-4AIAqAMBqgT9AU_Q1dXKS7_HaYIX6pIEhOGhuxV_vielW-RcAy0CFI4WJhq_Mxd46tZvxuOxC_e2Sw2R9V6UyoBX6rdIchc9PZFL0RassocFbO_rE2_mD0ZG11aFnekMRqEJsTchRGtGNKMngnxpVXHwbo4QZ1511_sHj8HJtTA_JoxdSoKZrbzue2r0SmSbzHEXP5kBUvRzB-GsrQI3wtX6ADMTgaiz8SI0qtKuqPoNo1G1ttRZwHSJFAgJ1LkEUyRtb6yxM9CRZKPPzRfvr9LOLAiniMUwZPSAMWqCyQB4iUGlGvV4teXNuAo5ynUMIDsKKOMidvZNA-WNgwQgU6zI2HTaiWzgBAGABr6U2IzmgJfFpAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIBhEAHyCBthZHgtc3Vic3luLTg4ODE5NzY4MzM1OTM0NTeACgP6CwIIAYAMAbIXGAoWEhRwdWItNjE2Mzg1Nzk5Mjk1Njk2NA&sigh=Je23Dbu0kEs&tpd=AGWhJmv3TUjmgCpc2Bx4N99AB6ahh0lQYDxSEcIBIbqubKFGWw
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 00C1 2 KB
2 KB 140ms
46ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=44480674;rtbwp=YGVkMwAM2WIK3oQFAABm4tQphnMMHB0Bo-OatA;rtbdata=213YhU2VLU3ZNbgiNl1n6ne_aN0RdVj5SGiVKgICUGZVcKuH7bimoQ6lzVbaIVSCiQ2IDH8GRfT-nw-2JKTywmqGqvyUAGwSqxhQjR4UbUMKFPhMl5a5DGc3QqnujATQVfoL0fAFyxKlwOpNnKhhCIYPcPxgYD5sczJJdGs2pEUsqnKJL5hvIKPCO2IB4KkcNEcDocHkEMbICaqKmZeS_flpf__GZTu4bp8nW30iqjvhQW6FXjSrzw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cr78IM2RlYOKyM4WI-gbizYHIDcSzoJRcvtC4heUCwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTYxNjM4NTc5OTI5NTY5NjTIAQmpArUTii2YKYU-4AIAqAMBqgSAAk_Q1dXKS7_HaYIX6pIEhOGhuxV_vielW-RcAy0CFI4WJhq_Mxd46tZvxuOxC_e2Sw2R9V6UyoBX6rdIchc9PZFL0RassocFbO_rE2_mD0ZG11aFnekMRqEJsTchRGtGNKMngnxpVXHwbo4QZ1511_sHj8HJtTA_JoxdSoKZrbzue2r0SmSbzHEXP5kBUvRzB-GsrQI3wtX6ADMTgaiz8SI0qtKuqPoNo1G1ttRZwHSJFAgJ1LkEUyRtb6yxM9CRZKPPzRfvr9LOLAiniMUwZPSAMWqCyQB4iUGlGvV4teXNuAo5ynUMIDsKKONgdPvftjdWy8j7BX4b36EhhHjoHjHgBAGABr6U2IzmgJfFpAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIBhEAHyCBthZHgtc3Vic3luLTg4ODE5NzY4MzM1OTM0NTf6CwIIAYAMAQ&num=1&sig=AOD64_1ClV1Bfk16BQSBqRq99AjSj6HEqw&client=ca-pub-6163857992956964&adurl=

Requested by

Host: 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
URL: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

64dae794cc38a8fc8d65b4d5645b4bb93619f6a9186903212dcb3be247b197fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1701
expires: -1

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 00C1 2 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/window_focus_fy2019.js

Requested by

Host: 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
URL: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 06:08:30 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00C1 118 KB
36 KB 34ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
URL: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 00C1 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
URL: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 06:10:51 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 00C1 0
0 14ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS30YlwLUUSuYypu5slNVuqsXnHtPWNVpmv5eNOBq9eyN4Ks6tBmerR33TWjxNs01SSuF0qS2wBCCpjOCUvpWcUorehVw
Requested by: Host: 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
URL: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 00C1 22 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
URL: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 10:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330202
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Mar 2022 10:28:42 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9593 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js?31060600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame E6FA 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 01 Apr 2021 00:27:49 GMT
expires: Fri, 01 Apr 2022 00:27:49 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20655
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js Show response
pagead2.googlesyndication.com/bg/ Frame E6FA 14 KB
6 KB 26ms
25ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 538133
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5693
x-xss-protection: 0
expires: Sat, 26 Mar 2022 00:43:11 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/620/s1.adform.net/ Frame 00C1 35 KB
16 KB 140ms
47ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=44480674;rtbwp=YGVkMwAM2WIK3oQFAABm4tQphnMMHB0Bo-OatA;rtbdata=213YhU2VLU3ZNbgiNl1n6ne_aN0RdVj5SGiVKgICUGZVcKuH7bimoQ6lzVbaIVSCiQ2IDH8GRfT-nw-2JKTywmqGqvyUAGwSqxhQjR4UbUMKFPhMl5a5DGc3QqnujATQVfoL0fAFyxKlwOpNnKhhCIYPcPxgYD5sczJJdGs2pEUsqnKJL5hvIKPCO2IB4KkcNEcDocHkEMbICaqKmZeS_flpf__GZTu4bp8nW30iqjvhQW6FXjSrzw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cr78IM2RlYOKyM4WI-gbizYHIDcSzoJRcvtC4heUCwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTYxNjM4NTc5OTI5NTY5NjTIAQmpArUTii2YKYU-4AIAqAMBqgSAAk_Q1dXKS7_HaYIX6pIEhOGhuxV_vielW-RcAy0CFI4WJhq_Mxd46tZvxuOxC_e2Sw2R9V6UyoBX6rdIchc9PZFL0RassocFbO_rE2_mD0ZG11aFnekMRqEJsTchRGtGNKMngnxpVXHwbo4QZ1511_sHj8HJtTA_JoxdSoKZrbzue2r0SmSbzHEXP5kBUvRzB-GsrQI3wtX6ADMTgaiz8SI0qtKuqPoNo1G1ttRZwHSJFAgJ1LkEUyRtb6yxM9CRZKPPzRfvr9LOLAiniMUwZPSAMWqCyQB4iUGlGvV4teXNuAo5ynUMIDsKKONgdPvftjdWy8j7BX4b36EhhHjoHjHgBAGABr6U2IzmgJfFpAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIBhEAHyCBthZHgtc3Vic3luLTg4ODE5NzY4MzM1OTM0NTf6CwIIAYAMAQ&num=1&sig=AOD64_1ClV1Bfk16BQSBqRq99AjSj6HEqw&client=ca-pub-6163857992956964&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 686df60545fbf0a0d59457fc410d3f997b5c904afdedb6d1b67a48984d6a2cda

Request headers

Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 15:51:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 02 Apr 2021 09:36:51 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA95 0
0 61ms
60ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9qMcVRXxVPWnErWVjAdU1Y1cUg3-Vv1Mw-drNKMfV2J93Bjf9hnWNJjL0AEHDVQkNWzbuRXGC3UbiLGUMosKrQLQXdTUzAg1X2Q8XXQmd1jcEbH8EdMDF265EJeuOP_MHQjjJiorfAwBzCHSYfwm0TVFI1YFO2IwOyn0CnVCAmeBWsQMlT2XrKzKvTOeQTFYUvw94MwZx89iggudOjdJoe_zoADCrLUru6u7dqp1Fzeo0F3CeO974u50rgNVkOrmusx-bwMTe8Pa4lXZukGWB74LGrOfutRVMDMdPZUkNJEheOGavGa2GXow&sai=AMfl-YSdl3kfa5HCsoLR_Kyyj2nA_d4nPgJnh3gfhVUwL1bOtBY-yf9XZJiy3bVcZEQmBzlhxe4vs6yjkMnQX9Py-2Ruw0O9P4IWrfrxP_ugTKZB6LDQhqBYnN6ZOQB7KTA&sig=Cg0ArKJSzLivifmYuk9XEAE&urlfix=1&adurl=

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame EA95 58 KB
19 KB 35ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

4ee6b4b915de8905fc5f94dd96c1cf00d69a9e46acda45d7597a2448c7c7533d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "829 / 66 of 1000 / last-modified: 1617228603"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19704
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA95 118 KB
36 KB 35ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9593 0
23 B 48ms
48ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021032202&jk=2632496103706765&bg=!W1ilWBzNAAY56aLOOek7ACkAdvg8WjH900ZnVP68-O3KvRFEKCr5haLRI3iWt8DLiE2HxgwINvJPZgIAAABwUgAAAAhoAQcKAaUanpeue2my_i6yUsJ_7yE6ppD9T6rm9tbSJrjwXXCD7uEiHl2vFN5LLraO07Ewa4RFoG7TbB5K2BSXlk1wi3Q9sF5DrfbJGZBsilYvxrp_wnOHeU0jg66cijdXbrUvRsnmpJTpEHj8wWl7Or7ijFkRZ1oirQ6x7x_Nw23cYy0TOQTSCq-lEjZAiNG8BpWniwFe7M5BtbD6HXIxGZdXE9aB8KnbL6ntM1UwSmhv0lKGFiAMZ3amtnOSh1ZQzOKTBhb9uKHQNdQYXm_S-mBnh8nm5rK6CFQCBnPGr7n612pVogXG79m59ci--1iorM1zRS478pKt3kLt3zhebhhICyaTLEO9knjdCKqC0-lH-CD9txBwctM3BrQKjjbEEG1eAokCPkQ6Mp9Sux4dicR7IHl28XedQKXkO5sTZuQAOY_nWej36fJVEyIsOpbHd-Z8-7UJvSRyr73TYJzvDjaG5R-lbWXIMeE-9TBZ5Jtd-gWvVMssw6Ky7KoOPHCCgaN29KuYN0Hc4elA7_Dkeebw0xu8EsCne7NBt0W3H1iODMUCGsVFKFdpmQHzTglT8vYLaFWi9cgZTTTTQoCOoiDR2TlrfhscY7SnysJIWXzdlYDarLpMAvL6lGPoSuHMp53ouA0B2yyVZBvX39qVKCVMJoyrv3Mk-aqlz_6O9V3cN38BH6K5ixajV9EYT6oFRe7izhmMXRkO1BiUD04CjGRYes1gAIEdzSDbGD3989X-xCTWGFVs-gP5B0NUkZ26TI5NdeNek_1mCrbMqgzfhChRdeWu-CFzjs6r0BZaM2aXJ9E3CarAfDpEzD0P53z7w3EXl35ePlZ_eTIV4NN2vBkqgqjwkYCryAqS5iYC0YAZqBdxIn1NhCwJTnhWlUfqgqyt0_zRHPmmwaCJ253MWKRUp7HYs_2I3RgzRkoo-uxC7FN0ZmzWlo_IeeAzuQVVYjbYYPRy1w08I1AD3jaUp-jTIgitLHJM0viWIzHdyRYLR1d7RtqI6S4wlUVsXXFxcfG4CYifVc8dz65wQohuKbkkCIUKdRZYYPfLjSyGppMl9VfC-RgnfRrGkaG4Uy4IqSzYLNqZ3ChbSGSh6nG4IoPc2qSM4tzIOQwfUbnHUIfm8I6ZttxFoYwWYsZ1LVDzls1jZJMa80o4yh7bdI8LuV4RaOI3f2v-zBYjVwOLM7GOu2fc9kYACBe1R8eSAi-4XaasfspgczIVva2CKRwyDQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021032202.js Show response
securepubads.g.doubleclick.net/gpt/ Frame EA95 286 KB
100 KB 34ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

783355ba48d24f37c27cafa383cef88a462f95b7fc65d4fdaf57a0bcca7f371c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 18:01:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102487
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.ch/adsid/ Frame EA95 107 B
777 B 43ms
29ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame EA95 107 B
146 B 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EA95 10 KB
5 KB 304ms
303ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4085743261180247&correlator=1162072724336761&output=ldjh&impl=fif&eid=31060550%2C31060010%2C44739387&vrg=2021032202&ptt=17&sc=1&sfv=1-0-38&ecs=20210401&iu_parts=8095840%2C43.guru3d.com_300x250_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie=ID%3Ddb36a96309a33f8a-221f3fddf0ba005d%3AT%3D1617257522%3AS%3DALNI_MYwmsBfF1b2kitDLrZv98oS_SIZBQ&cdm=www.guru3d.com&bc=31&abxe=1&lmt=1617257524&dt=1617257524381&dlt=1617257524268&idt=107&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1127&adys=188&adks=349619623&ucis=wcgjayeefh0v&ifi=1&ifk=1820165996&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&top=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=863289859.1617257523&ga_sid=1617257524&ga_hid=1396272724&ga_fc=true&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

4c100d2fccf1d170cddf48b79f22c6c34b27d304261d00e0b0517527dd291478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4854
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EA95 0
0 39ms
13ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame EA95 0
0 6ms
6ms Other
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame EA95 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9add47ebb1d0a1a0ce5e9dd93b5bc4cd7854e63173e0465f9e9ae350f1ad1f55

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
s1.adform.net/adfstub/ Frame 00C1 49 B
270 B 47ms
46ms Script
application/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/adfstub/?url=https%3A%2F%2Fwww.guru3d.com%2Fadform%2FIFrameManager.html
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8240098c8d78f4dd63ef17825c7f8c9ab5526fd2a84c34b192523b6062c82654

Request headers

Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 06:12:04 GMT
server: nginx
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, private
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H2 200 StubHelper.js Show response
s1.adform.net/banners/scripts/extra/ Frame 00C1 46 B
342 B 46ms
45ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/extra/StubHelper.js?bv=620
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: fa6b2f75bc927f7d7aba7e7d09f3e374226cdad86b180c6601801971b1d81f12

Request headers

Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2016 13:50:30 GMT
server: nginx
etag: W/"57bda626-2e"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA95 0
0 63ms
62ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvm10m7EHcJZc5P3Oe2Z5luUZ-espEaS9s1GxbZKqLkRvJY0i5AqVeeCM7l4wgJutuNFFJbzTSowWf9Ym3QaC0DXgHAdEAasjqqSS5ry8fkLMbN8JDlfPaIRy7FL5H-G1TtAOBS5gB5RVKyByytUGuEnYQIcaNridPUv_Do72CiCoF7Gsw2K0bXuASLI9YUotoDQzBmWZtCthFfltoDFjjZjclB2pAcWkJ-rFaE3cqGp_tEFoLu1YGHgPQGRQGx_R-QoqpHXvSUxbzO97k2qZ4-Tlq_rl0uKhkkN18-wCmK&sai=AMfl-YS-v9LhssjiXzTaBl6LyHhpqrOpbsOukVLT2xXJyoe4Luw6U1R5yuYSI9tvI29-8AfM5espMkk4OL-nKHM3hyZk8iVW7qZPzRCMq5Vn6ynTF8izygpFwo_RcmQWOpI&sig=Cg0ArKJSzBcgdf3048h3EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 00C1 7 KB
4 KB 46ms
46ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=44480674;rtbwp=YGVkMwAM2WIK3oQFAABm4tQphnMMHB0Bo-OatA;rtbdata=213YhU2VLU3ZNbgiNl1n6ne_aN0RdVj5SGiVKgICUGZVcKuH7bimoQ6lzVbaIVSCiQ2IDH8GRfT-nw-2JKTywmqGqvyUAGwSqxhQjR4UbUMKFPhMl5a5DGc3QqnujATQVfoL0fAFyxKlwOpNnKhhCIYPcPxgYD5sczJJdGs2pEUsqnKJL5hvIKPCO2IB4KkcNEcDocHkEMbICaqKmZeS_flpf__GZTu4bp8nW30iqjvhQW6FXjSrzw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cr78IM2RlYOKyM4WI-gbizYHIDcSzoJRcvtC4heUCwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTYxNjM4NTc5OTI5NTY5NjTIAQmpArUTii2YKYU-4AIAqAMBqgSAAk_Q1dXKS7_HaYIX6pIEhOGhuxV_vielW-RcAy0CFI4WJhq_Mxd46tZvxuOxC_e2Sw2R9V6UyoBX6rdIchc9PZFL0RassocFbO_rE2_mD0ZG11aFnekMRqEJsTchRGtGNKMngnxpVXHwbo4QZ1511_sHj8HJtTA_JoxdSoKZrbzue2r0SmSbzHEXP5kBUvRzB-GsrQI3wtX6ADMTgaiz8SI0qtKuqPoNo1G1ttRZwHSJFAgJ1LkEUyRtb6yxM9CRZKPPzRfvr9LOLAiniMUwZPSAMWqCyQB4iUGlGvV4teXNuAo5ynUMIDsKKONgdPvftjdWy8j7BX4b36EhhHjoHjHgBAGABr6U2IzmgJfFpAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIBhEAHyCBthZHgtc3Vic3luLTg4ODE5NzY4MzM1OTM0NTf6CwIIAYAMAQ&num=1&sig=AOD64_1ClV1Bfk16BQSBqRq99AjSj6HEqw&client=ca-pub-6163857992956964&adurl=;js=1;adfxid=1x;6821;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.guru3d.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

48495728104d9571432504ed32259ea74d116acf276cf5a81fa72dc0b6890dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3167
expires: -1

GET
H2 200 Standard Show response
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 00C1 85 KB
36 KB 54ms
54ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9bb78f632f67780c00b07e1164aec256155ae77de114a65df8dd39f8088cd83c

Request headers

Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 15:51:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 02 Apr 2021 09:36:42 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6347 1 KB
835 B 27ms
26ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
URL: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 31 Mar 2021 16:59:40 GMT
expires: Thu, 01 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 47544
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 00C1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12749663dc7e15a05d48298ce56668d271c616ce1062602e3f2a43a505e911ab

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6347 35 B
463 B 24ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMWiP6X6HUeuuShvcDJKYBA&google_cver=1&google_push=AQvitUK4U_x-cAkd_uH6ymgYKMawRbh4jseOPVH465ctZu9Z5DNWPfTNUZ3Z3OC8OKFCOl-ryy0EGNBd2Sp636lDLkQLkBaGdkJ_

Requested by

Host: 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
URL: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6347
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEB6NpdNeo3eeTvHrdEGq0Wk&google_cver=1&google_push=AQvitUITciulJLYhWX0RSBPMUYVQt3o8H9lYenpNo7Tb8dls1w6DXe5qIVYM0jOi4DEr5fNqKmq_c-c5LG8WM2Qi4xy-K8s...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUITciulJLYhWX0RSBPMUYVQt3o8H9lYenpNo7Tb8dls1w6DXe5qIVYM0jOi4DEr5fNqKmq_c-c5LG8WM2Qi4xy-K8sui_-jfA&google_hm=NDE1MDg3ODQ0MTk1NjY3...

170 B
329 B

38ms
37ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUITciulJLYhWX0RSBPMUYVQt3o8H9lYenpNo7Tb8dls1w6DXe5qIVYM0jOi4DEr5fNqKmq_c-c5LG8WM2Qi4xy-K8sui_-jfA&google_hm=NDE1MDg3ODQ0MTk1NjY3ODI1Mg%3D%3D

Requested by

Host: 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
URL: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 01 Apr 2021 06:12:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUITciulJLYhWX0RSBPMUYVQt3o8H9lYenpNo7Tb8dls1w6DXe5qIVYM0jOi4DEr5fNqKmq_c-c5LG8WM2Qi4xy-K8sui_-jfA&google_hm=NDE1MDg3ODQ0MTk1NjY3ODI1Mg%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6347
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IGpvS9tuQESkYNeC_eXxBw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

37ms
37ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IGpvS9tuQESkYNeC_eXxBw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULH1Elm868wN24RxBwANpKZCkDxE6YvZe2XKsO4r6BvKSGKqmzKbIkcKRPJTqWm6QIP-uBVWSlbn7JCyP7Oa3EEoO0iNvUAAw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IGpvS9tuQESkYNeC_eXxBw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULH1Elm868wN24RxBwANpKZCkDxE6YvZe2XKsO4r6BvKSGKqmzKbIkcKRPJTqWm6QIP-uBVWSlbn7JCyP7Oa3EEoO0iNvUAAw
Date: Thu, 01 Apr 2021 06:12:03 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 6347 42 B
233 B 340ms
111ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEOR9iBX3FcWnVOSQbXzxOLY&google_cver=1&google_push=AQvitULGGXsG8DZFJUg_ZWEtvgP0w7E33HUlGeoLGm9p0kgfqMAZw4GhR81QItQt2MrwP8Q9u5Cd_HXC2EZPxWqncOWx9SnOrfCS2A
Requested by: Host: 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
URL: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Apr 2021 06:12:04 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6347
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEINzXsJRmBS9BwTVjfJxSXo&google_cver=1&google_push=AQvitUIiae2Kle16bZOL0fwVNwF6XFSauiCQwXbqQ4IuCPIWjWj-tCZVQM8x49JKD1g74f0EIY6m8m3P20dIX2Mxjc10eLXF9XVD
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUIiae2Kle16bZOL0fwVNwF6XFSauiCQwXbqQ4IuCPIWjWj-tCZVQM8x49JKD1g74f0EIY6m8m3P20dIX2Mxjc10eLXF9XVD&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTExMzM4MDIxMDg5NjUxOTQ0Mg%3D%3D&google_push=AQvitUIiae2Kle16bZOL0fwVNwF6XFSauiCQwXbqQ4IuCPIWjWj-tCZVQM8x...

170 B
484 B

85ms
51ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTExMzM4MDIxMDg5NjUxOTQ0Mg%3D%3D&google_push=AQvitUIiae2Kle16bZOL0fwVNwF6XFSauiCQwXbqQ4IuCPIWjWj-tCZVQM8x49JKD1g74f0EIY6m8m3P20dIX2Mxjc10eLXF9XVD

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTExMzM4MDIxMDg5NjUxOTQ0Mg%3D%3D&google_push=AQvitUIiae2Kle16bZOL0fwVNwF6XFSauiCQwXbqQ4IuCPIWjWj-tCZVQM8x49JKD1g74f0EIY6m8m3P20dIX2Mxjc10eLXF9XVD
date: Thu, 01 Apr 2021 06:12:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6347
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBiHzS0_GAORs8ZpDWl-b7M&google_cver=1&google_push=AQvitULOuEvPK5uhFu6_1VfJGr3dDjEQUgpARitRbT3cWDItJUpCvcg3ssAZj1wI4vYY9I-d7z...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBiHzS0_GAORs8ZpDWl-b7M&google_cver=1&google_push=AQvitULOuEvPK5uhFu6_1VfJGr3dDjEQUgpARitRbT3cWDItJUpCvcg3ssAZj1wI4vYY9I-d7z...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ZRGxMclRGRTJ1RTVaOXNESnBNYkRwRzdkLmdqUVMyN35B&google_push=AQvitULOuEvPK5uhFu6_1VfJGr3dDjEQUgpARitRbT3cWDItJUpCvcg3s...

170 B
190 B

36ms
35ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ZRGxMclRGRTJ1RTVaOXNESnBNYkRwRzdkLmdqUVMyN35B&google_push=AQvitULOuEvPK5uhFu6_1VfJGr3dDjEQUgpARitRbT3cWDItJUpCvcg3ssAZj1wI4vYY9I-d7z08xH-WCVQBZRVwUZcJHkonIhXavQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 01 Apr 2021 06:12:04 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ZRGxMclRGRTJ1RTVaOXNESnBNYkRwRzdkLmdqUVMyN35B&google_push=AQvitULOuEvPK5uhFu6_1VfJGr3dDjEQUgpARitRbT3cWDItJUpCvcg3ssAZj1wI4vYY9I-d7z08xH-WCVQBZRVwUZcJHkonIhXavQ
Connection: keep-alive
Content-Length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6347
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDE4UTjUU6t0y-gByI_Eo9I&google_cver=1&google_push=AQvitUJpwVBdCpoO1S7Ms_hqYzcWbv6gofq9lDYJILhnjdIfxJy-xzRy-LQIeJmbwP0MZmALnN8gNAPdcyEaSYM6FNYuDss...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJpwVBdCpoO1S7Ms_hqYzcWbv6gofq9lDYJILhnjdIfxJy-xzRy-LQIeJmbwP0MZmALnN8gNAPdcyEaSYM6FNYuDss-YMnwC28&google_hm=NzA4MDEz...

170 B
190 B

36ms
36ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJpwVBdCpoO1S7Ms_hqYzcWbv6gofq9lDYJILhnjdIfxJy-xzRy-LQIeJmbwP0MZmALnN8gNAPdcyEaSYM6FNYuDss-YMnwC28&google_hm=NzA4MDEzMzc3OTEwMDU4NzE1Mg==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJpwVBdCpoO1S7Ms_hqYzcWbv6gofq9lDYJILhnjdIfxJy-xzRy-LQIeJmbwP0MZmALnN8gNAPdcyEaSYM6FNYuDss-YMnwC28&google_hm=NzA4MDEzMzc3OTEwMDU4NzE1Mg==
Date: Thu, 01 Apr 2021 06:12:04 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6347 0
227 B 103ms
34ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LIhY5JN-kZYBt-d-BoDBkYQuKmuysorYXVXax1QyTS7r_bGt3nDiERJ9YMOmBO4iyH1CpwG7A

Requested by

Host: 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
URL: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 /
track.adform.net/csimpr/ Frame 00C1 35 B
503 B 45ms
45ms Other
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=44480674&csi=_bYv7P_bnnwXzs5QGcJjXLLEejJFE_s3cPXrpz5NRqjrygPkIxxfk3JHeI__sYQE5kjtQTVeyqMIZ-uBlqqkamQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 43892464.jpg
s1.adform.net/Banners/43892464/ Frame 00C1 50 KB
50 KB 51ms
51ms Image
image/jpeg 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/43892464/43892464.jpg?bv=2

Requested by

Host: 603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
URL: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

11c5b8b82457a64c7e921cddd29030a85d1f2cc7c4b74cd1be6af42f9997fd72

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
last-modified: Fri, 05 Mar 2021 13:44:34 GMT
server: nginx
etag: "604235c2-c871"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 51313

GET
H3-Q050 200 container.html Show response
6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0236 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 01 Apr 2021 06:12:04 GMT
expires: Fri, 01 Apr 2022 06:12:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA95 73 KB
28 KB 35ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017733465819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EA95 8 KB
6 KB 40ms
39ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021032202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

43db90014dd0e1965a3823d621d47a5a6590cc7ab7046f62e6fdf2061b45e353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6609
x-xss-protection: 0

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0236 0
0 50ms
48ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_Iz3NGRlYKnbGsiBx_APzc6K2AXEs6CUXL7QuIXlAsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0yAEJqQK1E4otmCmFPuACAKgDAaoEggJP0LMjqdmpejeduHPj-vdntBB1yCMOGo3TuCQx7vZYj2q_ksab9SHpdYVmFEkP9DfAzPxo0dY63OznPu2je_U5U8_hUyatdcyzjCCpzZQcw3yDaaGEpIqriUD8s8oJYV75hXwTlDuSq0IleB2U3IjxY4E2YP_VGaad2sYpzeVJQMr6ka-5gmYISsJwe1HyzgWxbF10580HsAk2tcMXGJ_DbWI5NU46vdGUfdlcFDwpGUzj-8CD3LZynPm-zohbhfEiyFocCFlERcUp7aZ9niEbzuf9aN1qQ0acZpKGx1p5AvCtjiTudurINIH4dJxqBZMGgbEHYRgSXzWdth839MDK2xXgBAGABraAxpnAopKHhAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIBhEAHyCBthZHgtc3Vic3luLTg4ODE5NzY4MzM1OTM0NTeACgP6CwIIAYAMAbIXGAoWEhRwdWItNjE2Mzg1Nzk5Mjk1Njk2NA&sigh=r56om2qwzdo&tpd=AGWhJmur46PsGhvgXdccuweBRJ409TMSHapqC_HsTx6dT-0GWg
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 0236 2 KB
2 KB 48ms
46ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=44399510;rtbwp=YGVkNAAGrakIEcDIAAKnTdLncbvrWRfk8T9AgA;rtbdata=213YhU2VLU0xPDKocNm-Ms5I_NB9lxaKzdQMLH-TDy8NBbHBgY0m8A6lzVbaIVSCiQ2IDH8GRfT-nw-2JKTywmqGqvyUAGwSqxhQjR4UbUMKFPhMl5a5DGc3QqnujATQVfoL0fAFyxKlwOpNnKhhCIYPcPxgYD5sXfiOcW7MzFrav5dbw0f4YS1_Nc_0uZXlpHrPW8FDasocopzLFVSQC3T5S_dQz4Q6gL72yMDPXNlk9JUJFwE_MQ2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CsafZNGRlYKnbGsiBx_APzc6K2AXEs6CUXL7QuIXlAsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0yAEJqQK1E4otmCmFPuACAKgDAaoEhQJP0LMjqdmpejeduHPj-vdntBB1yCMOGo3TuCQx7vZYj2q_ksab9SHpdYVmFEkP9DfAzPxo0dY63OznPu2je_U5U8_hUyatdcyzjCCpzZQcw3yDaaGEpIqriUD8s8oJYV75hXwTlDuSq0IleB2U3IjxY4E2YP_VGaad2sYpzeVJQMr6ka-5gmYISsJwe1HyzgWxbF10580HsAk2tcMXGJ_DbWI5NU46vdGUfdlcFDwpGUzj-8CD3LZynPm-zohbhfEiyFocCFlERcUp7aZ9niEbzuf9aN1qQ0acZpKGx1p5AvCtjiTudurINIH4dJxqBZNEg7yV1MrJF_lG4M3k8xUx1gFmDdjgBAGABraAxpnAopKHhAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIBhEAHyCBthZHgtc3Vic3luLTg4ODE5NzY4MzM1OTM0NTf6CwIIAYAMAQ&num=1&sig=AOD64_2hFdtLkbqfHl-_-JiTD6vzWHNL6g&client=ca-pub-6163857992956964&adurl=

Requested by

Host: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0446aa675e2f4870526d40a72a1920e03c7d0c63056831fe2da8bc60a8676e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1695
expires: -1

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 0236 2 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 06:08:30 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0236 118 KB
36 KB 35ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 0236 13 KB
5 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 06:10:51 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0236 22 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 10:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330202
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Mar 2022 10:28:42 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9A85 0
0 61ms
60ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEC8xQXAfJWbwUlfi4qwrI_NI0oxjK8mhNV6Kq3eK42aQf0DLGbK_Lfz1oX6V37VXaLiYyb3aKZ1jCIT97fwB2SKM635Z8N3qf5qkswxfcc5Ahnphxa57WSk-SEj7q-7jF1z39F49Pypvhu_GBCUZ90mFy480fYERgjkrA0OtoTqHhqtjTr9PdDsB9IB8gLCoOe-18mWva-7sl1jL5xHS1WU-Qad9uyhIxA5DxmmakXrHhnH9QIjWacX1-gmwGA2aYXBJMjvV_Fzh35VDbWS7Zc5V2MQiRiV7fJdoq3LFFa1SkoI6AvjKFEpr8zMQ0h0k&sai=AMfl-YSqJQD9JO1xwtQblEqqdfOK3arNRpV-yzb64BsrkQVVBdHJjWVq_aJ-qQ3GAr4lQPkZWIvC28pNvUpUVWRGYzrx7Wklo-j-tzBz0VU1BIQjPeiHYm6baCyL8FL6qmx_&sig=Cg0ArKJSzCsVfvRQE_xqEAE&urlfix=1&adurl=

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9A85 58 KB
19 KB 36ms
35ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

9e5cc85ec4a144767defc8936434d2a56219d82a06a5839d3c88a7c077910dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "829 / 24 of 1000 / last-modified: 1617228603"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19699
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A85 118 KB
36 KB 34ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H3-Q050 200 container.html Show response
f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 840A 6 KB
3 KB 34ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 01 Apr 2021 06:12:02 GMT
expires: Fri, 01 Apr 2022 06:12:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EA95 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/620/s1.adform.net/ Frame 0236 35 KB
16 KB 49ms
49ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=44399510;rtbwp=YGVkNAAGrakIEcDIAAKnTdLncbvrWRfk8T9AgA;rtbdata=213YhU2VLU0xPDKocNm-Ms5I_NB9lxaKzdQMLH-TDy8NBbHBgY0m8A6lzVbaIVSCiQ2IDH8GRfT-nw-2JKTywmqGqvyUAGwSqxhQjR4UbUMKFPhMl5a5DGc3QqnujATQVfoL0fAFyxKlwOpNnKhhCIYPcPxgYD5sXfiOcW7MzFrav5dbw0f4YS1_Nc_0uZXlpHrPW8FDasocopzLFVSQC3T5S_dQz4Q6gL72yMDPXNlk9JUJFwE_MQ2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CsafZNGRlYKnbGsiBx_APzc6K2AXEs6CUXL7QuIXlAsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0yAEJqQK1E4otmCmFPuACAKgDAaoEhQJP0LMjqdmpejeduHPj-vdntBB1yCMOGo3TuCQx7vZYj2q_ksab9SHpdYVmFEkP9DfAzPxo0dY63OznPu2je_U5U8_hUyatdcyzjCCpzZQcw3yDaaGEpIqriUD8s8oJYV75hXwTlDuSq0IleB2U3IjxY4E2YP_VGaad2sYpzeVJQMr6ka-5gmYISsJwe1HyzgWxbF10580HsAk2tcMXGJ_DbWI5NU46vdGUfdlcFDwpGUzj-8CD3LZynPm-zohbhfEiyFocCFlERcUp7aZ9niEbzuf9aN1qQ0acZpKGx1p5AvCtjiTudurINIH4dJxqBZNEg7yV1MrJF_lG4M3k8xUx1gFmDdjgBAGABraAxpnAopKHhAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIBhEAHyCBthZHgtc3Vic3luLTg4ODE5NzY4MzM1OTM0NTf6CwIIAYAMAQ&num=1&sig=AOD64_2hFdtLkbqfHl-_-JiTD6vzWHNL6g&client=ca-pub-6163857992956964&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 686df60545fbf0a0d59457fc410d3f997b5c904afdedb6d1b67a48984d6a2cda

Request headers

Referer: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 15:51:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 02 Apr 2021 09:36:51 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 57DD 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 01 Apr 2021 00:27:49 GMT
expires: Fri, 01 Apr 2022 00:27:49 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20655
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 pubads_impl_2021032202.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9A85 286 KB
100 KB 34ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

783355ba48d24f37c27cafa383cef88a462f95b7fc65d4fdaf57a0bcca7f371c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 18:01:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102487
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 840A 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com
URL: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 10:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330202
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Mar 2022 10:28:42 GMT

GET
H3-Q050 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 840A 5 KB
3 KB 26ms
25ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com
URL: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

a8f13154eb1406bcfb612d0499b161329c95da4c8af2082da52f22b0d7020efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Mar 2021 16:38:43 GMT
server: sffe
age: 75
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2587
x-xss-protection: 0
expires: Thu, 01 Apr 2021 07:10:49 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 840A 118 KB
36 KB 37ms
36ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com
URL: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:04 GMT

GET
H2 200 / Show response
s1.adform.net/adfstub/ Frame 0236 107 B
324 B 47ms
46ms Script
application/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/adfstub/?url=https%3A%2F%2Fwww.guru3d.com%2Fadform%2FIFrameManager.html
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d0514ba6ebd8e2760c2531a1ab67a322d3b00b5449bdc59c7649eed18f003ffe

Request headers

Referer: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 06:12:04 GMT
server: nginx
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800, private
expires: Thu, 01 Apr 2021 06:42:04 GMT

GET
H2 200 StubHelper.js Show response
s1.adform.net/banners/scripts/extra/ Frame 0236 46 B
342 B 45ms
44ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/extra/StubHelper.js?bv=620
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: fa6b2f75bc927f7d7aba7e7d09f3e374226cdad86b180c6601801971b1d81f12

Request headers

Referer: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2016 13:50:30 GMT
server: nginx
etag: W/"57bda626-2e"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H3-Q050 200 71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js Show response
pagead2.googlesyndication.com/bg/ Frame 57DD 14 KB
6 KB 27ms
27ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 538133
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5693
x-xss-protection: 0
expires: Sat, 26 Mar 2022 00:43:11 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 840A 0
0 61ms
61ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-wym9qeafUHg6uVL3zbLaGB5FUJ_NgDULwi5s_Lm-fvLYkV42Kq9KR3y3Sd_BoIVs7N-zyIAYh-gizCCyPDjsMUZNlpEQD27SgH9DoenlRrRYHFfRgoqHNJRdkg1n0lNMZoRH1pEkee4PbwfvxzN8zuEW8E4dlne2_OHz_ffM39GH1nNqIia_fFQ3PeULXPn-sQFYNUFEyo_5fTcuLCaUEUJgT2cBDfWRl2mgVXZ4094h51b_jV2-ZGbcdcWA_fZAIn_2Mmq2rh0OdxU4EJfeJOOdm_FDx7yAtQ6aFrVtACifJco&sai=AMfl-YSrL9kajI-ahKbWog23UURHwZVGZ8Gdx1Y64faPC8iiTs3PHUZ81aGYzQQjOGAjX4Bc9DxyKwMsn_bg6TyVFbFxvVbsmQwrPujE9yZI9laD4DZfWVeHzXZ_SaVSxdnq&sig=Cg0ArKJSzP3_thi8B33KEAE&urlfix=1&adurl=

Requested by

Host: f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com
URL: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9593 42 B
124 B 50ms
49ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvf6-86Mpq_JREMMJmQCp37jM0yA-TMOpAPp11_NJq36-ZcI-_PYeUJ30_gMLbfMYeV9PygohOBleP5g9-cLspCOXe7SdmVbW7f9kPu_DY&sig=Cg0ArKJSzKBlnKCZi-5hEAE&id=osdim&mcvt=1001&p=41,699,131,1427&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210329&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1733603311&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617257523641&dlt=0&rpt=204&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 impl_v69.js Show response
www.googletagservices.com/dcm/ Frame 840A 36 KB
15 KB 27ms
26ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v69.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

8841615a819c2620b366e3fc9bd7189f37ae881e637dad71739c6e56d595e7e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 13:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 14:56:40 GMT
server: sffe
age: 493324
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15221
x-xss-protection: 0
expires: Sat, 26 Mar 2022 13:10:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.ch/adsid/ Frame 9A85 107 B
123 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9A85 107 B
123 B 16ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads
securepubads.g.doubleclick.net/gampad/ Frame 9A85 4 KB
2 KB 339ms
338ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2443198674152469&correlator=1474787000667673&output=ldjh&impl=fif&eid=31060525%2C31060550%2C31060655%2C44739387&vrg=2021032202&ptt=17&sc=1&sfv=1-0-38&ecs=20210401&iu_parts=8095840%2C43.guru3d.com_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&eri=2&cookie=ID%3De56d734aae0a4ccf-22e0e146f0ba0069%3AT%3D1617257522%3AS%3DALNI_MY3CpV9Ir-cczLSMo2jMPy_m-Pl_w&cdm=www.guru3d.com&bc=31&abxe=1&lmt=1617257524&dt=1617257524890&dlt=1617257524740&idt=136&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=1127&adys=1010&adks=1466295783&ucis=jeuwonxt72uj&ifi=1&ifk=2403676291&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&top=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x600&ga_vid=863289859.1617257523&ga_sid=1617257525&ga_hid=1628999535&ga_fc=true&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2339
x-xss-protection: 0
google-lineitem-id: 13161960
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138213652668
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
183c782a58b51559379973a02194e17e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A85 0
0 28ms
13ms Other
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://183c782a58b51559379973a02194e17e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A85 0
0 6ms
6ms Other
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 9A85 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f87aa1d05dbe6af42e9c7cd226be7d23385194a311959d108d381fba3478985

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
track.adform.net/adfserve/ Frame 0236 7 KB
3 KB 47ms
46ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=44399510;rtbwp=YGVkNAAGrakIEcDIAAKnTdLncbvrWRfk8T9AgA;rtbdata=213YhU2VLU0xPDKocNm-Ms5I_NB9lxaKzdQMLH-TDy8NBbHBgY0m8A6lzVbaIVSCiQ2IDH8GRfT-nw-2JKTywmqGqvyUAGwSqxhQjR4UbUMKFPhMl5a5DGc3QqnujATQVfoL0fAFyxKlwOpNnKhhCIYPcPxgYD5sXfiOcW7MzFrav5dbw0f4YS1_Nc_0uZXlpHrPW8FDasocopzLFVSQC3T5S_dQz4Q6gL72yMDPXNlk9JUJFwE_MQ2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CsafZNGRlYKnbGsiBx_APzc6K2AXEs6CUXL7QuIXlAsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0yAEJqQK1E4otmCmFPuACAKgDAaoEhQJP0LMjqdmpejeduHPj-vdntBB1yCMOGo3TuCQx7vZYj2q_ksab9SHpdYVmFEkP9DfAzPxo0dY63OznPu2je_U5U8_hUyatdcyzjCCpzZQcw3yDaaGEpIqriUD8s8oJYV75hXwTlDuSq0IleB2U3IjxY4E2YP_VGaad2sYpzeVJQMr6ka-5gmYISsJwe1HyzgWxbF10580HsAk2tcMXGJ_DbWI5NU46vdGUfdlcFDwpGUzj-8CD3LZynPm-zohbhfEiyFocCFlERcUp7aZ9niEbzuf9aN1qQ0acZpKGx1p5AvCtjiTudurINIH4dJxqBZNEg7yV1MrJF_lG4M3k8xUx1gFmDdjgBAGABraAxpnAopKHhAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggFCIBhEAHyCBthZHgtc3Vic3luLTg4ODE5NzY4MzM1OTM0NTf6CwIIAYAMAQ&num=1&sig=AOD64_2hFdtLkbqfHl-_-JiTD6vzWHNL6g&client=ca-pub-6163857992956964&adurl=;js=1;adfxid=1x;248;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.guru3d.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3161
expires: -1

GET
H2 200 B24670551.281396572;dc_ver=69.198;sz=300x250;u_sd=1;dc_adk=545847856;ord=5me355;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst21YWrFs3tPEWtzMo_A7IWcoM9xhEedxqEd6F3N2qpe...
ad.doubleclick.net/ddm/adj/N30602.160827GURU3D/ Frame 840A 26 KB
14 KB 121ms
58ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N30602.160827GURU3D/B24670551.281396572;dc_ver=69.198;sz=300x250;u_sd=1;dc_adk=545847856;ord=5me355;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst21YWrFs3tPEWtzMo_A7IWcoM9xhEedxqEd6F3N2qpeSmPKBmNXgQBtmZDeG_0iXWLcZEWIkjlRT5J_ItTaCHsWyk6vVtnewIPZ6g8hRXz60XsxkjtwnTwb9cZaBACraiuW2_pgcgZoZMkpdnYvXi3qXvLngflYWJ4d3WHNzaS1g7ESU8RJb2kntyNRbLqEDDIZUmAvK6C29X89-338f6aRdb-46HEHv7nkt2aCNFoHO8yGZa6dCsicqMCK6QdJeZuj4wKjZDWxmTfdSYunrPLtPL2X3nCv5OYX_wWrYDXz4s%26sai%3DAMfl-YTjj8buK0BQ_LiYzSmCi2nSWZxrTJEMHQaNfhHTCSh1ZroIGPdjNFB6CE3VT_YdB8OMlnDqXbNSYZ-MmLemMcQNI5380Wk7zcxh4B6aut2HfRSdOTaEwPTECiiSrMi6%26sig%3DCg0ArKJSzHD6Ux4DBR5iEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.guru3d.com%2F$0;xdt=1;crlt=)QDyof5zTu;osda=2;sttr=84;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v69.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13788
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9A85 0
0 63ms
63ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZFM_Q6h0xK8AnVTAfSkoUOur45dClDn8VS46EiteCWx-26qwPhCy48HKBXHatnhHnFA9US90MpVl9azyc34d06350vRzhxgYc_LZPhq0spxxWG35BQ5pH6n0OjfDCjA9jHK-2zklMSZhtzdkliTZLVH8pWQorhkLiik-TZKfmJdEdjAn-IHIyB3yQdNyWKD8IkRE3BgTwU5urRzZQkaqN7_7l1qOuKQ9IILFIBUhbqpq8uECzO4pf6GCJn063EWxPYU1vIEMBApexJMpEKR7Zqrkn5DXNYxEqlHuZQ97QZjJ2luhQ&sai=AMfl-YT_L33eHiKTF2MqivrjKgrKoGUTUOq_YXiWxNGAu8s_C3bPXQirBPAWKJatxlKiPhk469GCSAfmlUupZQXd3fp1ZjN3pL68OVwMhaSbREo3xr0q9l3SsnLJvL1zs5t5&sig=Cg0ArKJSzO-bYIOWhBSZEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Apr 2021 06:12:05 GMT

GET
H/1.1 200
OK Primary Request index.php Show response
www.guru3d.com/ 74 KB
14 KB 325ms
257ms Document
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/index.php?ct=files
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40 PleskLin
Resource Hash: d0fba8c33a18e0e638c9825e0e019e07abe72bb38e28d9a6da1428c84d91375c

Request headers

Host: www.guru3d.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.guru3d.com/index.php?ct=files&action=download
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PHPSESSID=eom06el8ekm1vt0be7d0d0frb7; _ga=GA1.2.863289859.1617257523; _gid=GA1.2.925526140.1617257523; _gat=1; __gads=ID=e56d734aae0a4ccf-22e0e146f0ba0069:T=1617257522:S=ALNI_MY3CpV9Ir-cczLSMo2jMPy_m-Pl_w
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/index.php?ct=files&action=download

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Server: Apache
X-Powered-By: PHP/5.6.40 PleskLin
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 22F1 1 KB
844 B 28ms
27ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 31 Mar 2021 16:59:40 GMT
expires: Thu, 01 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 47545
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0236 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 22F1
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHPhT11gjJLQNlm3Y-ZQ2X0&google_cver=1&google_push=AQvitUKd7doRe-lePAKmZozn1eA91ZrAbptYBWP3MWa8aPXcMcCBu0WRvBK0ydOnb0ZdU379iRe9yC3FlCsXPU...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk0NjA2ODE3OTA4ODMwODM3Mw%3D%3D&google_push=AQvitUKd7doRe-lePAKmZozn1eA91ZrAbptYBWP3MWa8aPXcMcCBu0WRvBK0ydOnb0ZdU379iRe9yC3FlCsXPUop7P...

170 B
190 B

36ms
36ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk0NjA2ODE3OTA4ODMwODM3Mw%3D%3D&google_push=AQvitUKd7doRe-lePAKmZozn1eA91ZrAbptYBWP3MWa8aPXcMcCBu0WRvBK0ydOnb0ZdU379iRe9yC3FlCsXPUop7Pz7shHMeC6cLQ

Requested by

Host: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk0NjA2ODE3OTA4ODMwODM3Mw%3D%3D&google_push=AQvitUKd7doRe-lePAKmZozn1eA91ZrAbptYBWP3MWa8aPXcMcCBu0WRvBK0ydOnb0ZdU379iRe9yC3FlCsXPUop7Pz7shHMeC6cLQ
Date: Thu, 01 Apr 2021 06:12:05 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 22F1
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEIXdkSW4JBOpIjtk-6FwOs4&google_cver=1&google_push=AQvitUIFBXo-CCzVRF8apuSTzJHiAMrD5tuSWTzes-QHpdkAP5FnLHLxYf8rdwUn2GLk2hON0WejqMozlxWvOmIyeup4rVBDU7ClZw
https://rtb.openx.net/sync/dds?google_gid=CAESEIXdkSW4JBOpIjtk-6FwOs4&google_cver=1&google_push=AQvitUIFBXo-CCzVRF8apuSTzJHiAMrD5tuSWTzes-QHpdkAP5FnLHLxYf8rdwUn2GLk2hON0WejqMozlxWvOmIyeup4rVBDU7ClZ...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIFBXo-CCzVRF8apuSTzJHiAMrD5tuSWTzes-QHpdkAP5FnLHLxYf8rdwUn2GLk2hON0WejqMozlxWvOmIyeup4rVBDU7ClZw&google_hm=ueNiUlWdx3A9Vm_hi8GjsQ==

170 B
190 B

37ms
36ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIFBXo-CCzVRF8apuSTzJHiAMrD5tuSWTzes-QHpdkAP5FnLHLxYf8rdwUn2GLk2hON0WejqMozlxWvOmIyeup4rVBDU7ClZw&google_hm=ueNiUlWdx3A9Vm_hi8GjsQ==

Requested by

Host: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:04 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIFBXo-CCzVRF8apuSTzJHiAMrD5tuSWTzes-QHpdkAP5FnLHLxYf8rdwUn2GLk2hON0WejqMozlxWvOmIyeup4rVBDU7ClZw&google_hm=ueNiUlWdx3A9Vm_hi8GjsQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: oedhcliqrsj7gifc90j904ir8a7lgau8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 22F1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IGpvS9tuQESkYNeC_eXxBw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

36ms
36ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IGpvS9tuQESkYNeC_eXxBw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULdXI2hnqDezXg-VjMeygrj2brGWoRmjiRWv17t0Zww210zLDnykdiEDHaQElqjWD5spV02BwTrC7nIcYj9b6SeYqH-QXzSOQ

Requested by

Host: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IGpvS9tuQESkYNeC_eXxBw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULdXI2hnqDezXg-VjMeygrj2brGWoRmjiRWv17t0Zww210zLDnykdiEDHaQElqjWD5spV02BwTrC7nIcYj9b6SeYqH-QXzSOQ
Date: Thu, 01 Apr 2021 06:12:04 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 22F1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEMq522-Ln3SlSaCxq8-i-I&google_cver=1&google_push=AQvitUIwqvkzv0eAgs27NDLI5vsq0KQykPrjnMRjMkQJgq5D3ivG2SCdAZ0D_E8ZI6-T0nJhYhL...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01ZSERHVk8tMi1DQkYx&google_push=AQvitUIwqvkzv0eAgs27NDLI5vsq0KQykPrjnMRjMkQJgq5D3ivG2SCdAZ0D_E8ZI6-T0nJhYhLrV4lV5unaPM17zdyJujPTP2Yn

170 B
190 B

37ms
36ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01ZSERHVk8tMi1DQkYx&google_push=AQvitUIwqvkzv0eAgs27NDLI5vsq0KQykPrjnMRjMkQJgq5D3ivG2SCdAZ0D_E8ZI6-T0nJhYhLrV4lV5unaPM17zdyJujPTP2Yn

Requested by

Host: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01ZSERHVk8tMi1DQkYx&google_push=AQvitUIwqvkzv0eAgs27NDLI5vsq0KQykPrjnMRjMkQJgq5D3ivG2SCdAZ0D_E8ZI6-T0nJhYhLrV4lV5unaPM17zdyJujPTP2Yn
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 22F1
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAQvitUKRYiruB2Ya_vpERewWGC17j_jKRGjmViibHbfcwCb50a8ktU8tjqb3q-R-DmGSn-7UGTviWJK2yW...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUKRYiruB2Ya_vpERewWGC17j_jKRGjmViibHbfcwCb50a8ktU8tjqb3q-R-DmGSn-7UGTviWJK2yWoaBx_sfQMHAgIkO0bP8w&google_hm=d9e71f02-0a89-416d-...

170 B
190 B

37ms
37ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUKRYiruB2Ya_vpERewWGC17j_jKRGjmViibHbfcwCb50a8ktU8tjqb3q-R-DmGSn-7UGTviWJK2yWoaBx_sfQMHAgIkO0bP8w&google_hm=d9e71f02-0a89-416d-8801-6ca099db1165

Requested by

Host: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 01 Apr 2021 06:12:05 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUKRYiruB2Ya_vpERewWGC17j_jKRGjmViibHbfcwCb50a8ktU8tjqb3q-R-DmGSn-7UGTviWJK2yWoaBx_sfQMHAgIkO0bP8w&google_hm=d9e71f02-0a89-416d-8801-6ca099db1165
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 22F1
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEB0CoicLIhzPV23iC0I5uew&google_cver=1&google_push=AQvitUJjmoe24vME5-irqWmEcOh25stcve8-x0JbIYJHR0--C1cJjMJIcU0bA8gjgHp1XflTtb-S1o...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJjmoe24vME5-irqWmEcOh25stcve8-x0JbIYJHR0--C1cJjMJIcU0bA8gjgHp1XflTtb-S1o2jIs9JwY0D5vT-Csk_ut-mFg&google_hm=NTkxMDQ1...

170 B
190 B

37ms
37ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJjmoe24vME5-irqWmEcOh25stcve8-x0JbIYJHR0--C1cJjMJIcU0bA8gjgHp1XflTtb-S1o2jIs9JwY0D5vT-Csk_ut-mFg&google_hm=NTkxMDQ1NDY4MjYxMDIwMTgyNQ%3D%3D

Requested by

Host: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJjmoe24vME5-irqWmEcOh25stcve8-x0JbIYJHR0--C1cJjMJIcU0bA8gjgHp1XflTtb-S1o2jIs9JwY0D5vT-Csk_ut-mFg&google_hm=NTkxMDQ1NDY4MjYxMDIwMTgyNQ%3D%3D
date: Thu, 01 Apr 2021 06:12:04 GMT
content-length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 22F1
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDE4UTjUU6t0y-gByI_Eo9I&google_cver=1&google_push=AQvitUKETbDNvvikVLQwJX1Y-8FIFTR3MC03XCrmkkXIrXkI1wWrveN05SYm-jigJICI3umJWqYgFWPUCdn_JZ3cR311qCm...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUKETbDNvvikVLQwJX1Y-8FIFTR3MC03XCrmkkXIrXkI1wWrveN05SYm-jigJICI3umJWqYgFWPUCdn_JZ3cR311qCmq5ec0Fqc&google_hm=NzA4MDEz...

170 B
190 B

37ms
37ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUKETbDNvvikVLQwJX1Y-8FIFTR3MC03XCrmkkXIrXkI1wWrveN05SYm-jigJICI3umJWqYgFWPUCdn_JZ3cR311qCmq5ec0Fqc&google_hm=NzA4MDEzMzc3OTEwMDU4NzE1Mg==

Requested by

Host: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUKETbDNvvikVLQwJX1Y-8FIFTR3MC03XCrmkkXIrXkI1wWrveN05SYm-jigJICI3umJWqYgFWPUCdn_JZ3cR311qCmq5ec0Fqc&google_hm=NzA4MDEzMzc3OTEwMDU4NzE1Mg==
Date: Thu, 01 Apr 2021 06:12:05 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 22F1 0
49 B 35ms
33ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ka7OPe1WE6LK9ehuARNHciSo2SVpBsy1zK7mEaCNPievYKTKBbrWB7P1xZt7MKJi-g0PJDsQ

Requested by

Host: 6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
URL: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:05 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210329/r20110914/elements/html/ Frame 840A 8 KB
3 KB 26ms
26ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210329/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N30602.160827GURU3D/B24670551.281396572;dc_ver=69.198;sz=300x250;u_sd=1;dc_adk=545847856;ord=5me355;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst21YWrFs3tPEWtzMo_A7IWcoM9xhEedxqEd6F3N2qpeSmPKBmNXgQBtmZDeG_0iXWLcZEWIkjlRT5J_ItTaCHsWyk6vVtnewIPZ6g8hRXz60XsxkjtwnTwb9cZaBACraiuW2_pgcgZoZMkpdnYvXi3qXvLngflYWJ4d3WHNzaS1g7ESU8RJb2kntyNRbLqEDDIZUmAvK6C29X89-338f6aRdb-46HEHv7nkt2aCNFoHO8yGZa6dCsicqMCK6QdJeZuj4wKjZDWxmTfdSYunrPLtPL2X3nCv5OYX_wWrYDXz4s%26sai%3DAMfl-YTjj8buK0BQ_LiYzSmCi2nSWZxrTJEMHQaNfhHTCSh1ZroIGPdjNFB6CE3VT_YdB8OMlnDqXbNSYZ-MmLemMcQNI5380Wk7zcxh4B6aut2HfRSdOTaEwPTECiiSrMi6%26sig%3DCg0ArKJSzHD6Ux4DBR5iEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.guru3d.com%2F$0;xdt=1;crlt=)QDyof5zTu;osda=2;sttr=84;prcl=s

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 06:08:53 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 840A 0
528 B 124ms
60ms Other
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuyeZf9TJ3N2qLqyygE1oKw9r82KKzxVQBJRbu7nBV0ysNOfTRbeJXpNnapI-L5oxYQjC096nnnD1cRyufBxhMqkT8MZS0wBrvZB9hPv9XCTmERcAWnxIH9lQ0cW_uk89BLha4eQcQZ&sig=Cg0ArKJSzBFYBZJCnUXCEAE&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20210329.37519&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 840A 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 00:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20657
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 00:27:48 GMT

GET
H2 200 game-ready-fornite-standard-bnr-300x250.jpg
s0.2mdn.net/8488484/ Frame 840A 54 KB
54 KB 30ms
8ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8488484/game-ready-fornite-standard-bnr-300x250.jpg

Requested by

Host: f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com
URL: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 18:21:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 14:41:33 GMT
server: sffe
age: 42623
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54784
x-xss-protection: 0
expires: Thu, 01 Apr 2021 18:21:42 GMT

GET
H3-Q050 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 840A 118 KB
36 KB 34ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com
URL: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:05 GMT

GET
H2 200 Standard
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 0236 85 KB
36 KB 51ms
51ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.200/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 15:51:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 02 Apr 2021 09:36:42 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 840A 0
60 B 77ms
62ms Other
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 86FC 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 28 Mar 2021 13:47:36 GMT
expires: Mon, 28 Mar 2022 13:47:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 318269
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 840A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 840A 0
0 62ms
62ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDZxKpBSqvmeVnjWhSe7l4-aLUPmK9rJiJKqzLGcdkQANW7udl3CKim_jg5QUfhf598w631QNL4MSD1lVOM-b5hewt3r7AoHI9LhTd3DTsVRQzJfuS7KpYxCN_TO_qkUstWSnaKDlIh2YwNHwpsoiajkxR6_a_A1z4cEfCxfKS-WpRu6cAwC6ikwgFbd5FKz0oe6501va0YFjstHFeA7-QTzw-RHFvjHvNFHDLXdHff0Sf_uTZDB8afoLrlbnOzOqHdURnzklqka4VKYaa3y3niJbmF3q12nt-AKr1HvfkzYS1oS-JqQ&sai=AMfl-YQkZKcpulzaebnXMpSOElVjhxyLXjD1xwJ1EsM-GqGhtHjY3ldHRcVwUJjdvTvp96SsQHSKchcI-GiDMhqJ4BJQyhcsEW7cSE1ykwO3pjXiSnl76SEUUF61hLZ89sGV&sig=Cg0ArKJSzJzrJgPxJGoLEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Apr 2021 06:12:05 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame CD31 0
0

GET
H3-Q050 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CD31 118 KB
36 KB 36ms
35ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:05 GMT

GET
H3-Q050 200 osd.js
www.googletagservices.com/activeview/js/current/ Frame 9A85 73 KB
28 KB 33ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017733465819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:05 GMT

GET
H3-Q050 200 sodar
pagead2.googlesyndication.com/getconfig/ Frame 9A85 8 KB
6 KB 39ms
39ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021032202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6594
x-xss-protection: 0

POST /
track.adform.net/csimpr/ Frame 0236 0
0

GET 43836544.jpg
s1.adform.net/Banners/43836544/ Frame 0236 0
0

GET 71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
pagead2.googlesyndication.com/bg/ Frame 86FC 0
0

GET sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9A85 0
0

GET
DATA 200
OK truncated
/ Frame CD31 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET view
securepubads.g.doubleclick.net/pcs/ Frame CD31 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 9593 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 00C1 0
0

POST /
track.adform.net/serving/unload/ Frame 00C1 0
0

GET 43892464.jpg
s1.adform.net/Banners/43892464/ Frame 00C1 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame EA95 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 0236 0
0

GET 43836544.jpg
s1.adform.net/Banners/43836544/ Frame 0236 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 9A85 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame CD31 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 840A 0
0

GET
H/1.1 200
OK jquery.js Show response
www.guru3d.com/core_javaload/ 92 KB
33 KB 106ms
39ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/jquery.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK index.php
www.guru3d.com/ 31 KB
6 KB 104ms
37ms Stylesheet
text/css 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 7a84683ee8a423fa78ecf2b2c4c4fcf0c93bde3586c7b687c801991a41effab4

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK WnFYg.png
www.guru3d.com/gurustuff/ 3 KB
3 KB 225ms
36ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/WnFYg.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 828d20c8ec459667b12c0d698b9450f2a2d6127394d1dc8ada898362412d21d5

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:09 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "be0-595ccf460bcdc"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3040

GET
H/1.1 200
OK hoverintent.js Show response
www.guru3d.com/core_javaload/ 3 KB
1 KB 107ms
41ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/hoverintent.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 719875309a034313c742edfa43b78177ba49971a941b961ca9dd360eab569c8e

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK superfish.js Show response
www.guru3d.com/core_javaload/ 4 KB
2 KB 107ms
39ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/superfish.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 3e9fb74061133f9dc6c809fb777bdcdc8e02b6812ad5bf39aad5f6c69f1b96dd

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK animatedcollapse.js Show response
www.guru3d.com/core_javaload/ 11 KB
4 KB 126ms
36ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/animatedcollapse.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: cf8014b54a505e4cb24907b253d9a89888ddc5c1e57fb7b973a87f2b2fd50e37

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK jcarousel.js Show response
www.guru3d.com/core_javaload/ 15 KB
5 KB 115ms
36ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/jcarousel.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 57188db6b78f3bc778063fdc1285fbca0a26e15f23db1e2e22dfa05cce03c06a

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK captify.js Show response
www.guru3d.com/core_javaload/ 5 KB
2 KB 127ms
48ms Script
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/core_javaload/captify.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 43499314048acc242966effd86ee0073638f179c0ccd3b7d3ffea392f837113d

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK skin.css
www.guru3d.com/images/carousel/ 5 KB
1 KB 113ms
30ms Stylesheet
text/css 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/images/carousel/skin.css
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 3bd437c5bc4bbddd6787074f169c59fd0c025386f1b898fefc57fc21c9104cc8

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Oct 2019 09:29:46 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "1329-595cce84e506a-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 792

GET
H/1.1 200
OK 242
www.guru3d.com/files_teaserimage/ 4 KB
5 KB 229ms
37ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/242
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: a2afd20f507ad842b7942ae4b43db417a9cd561dcff60bc16d59dc2dd4d5aa9c

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 4425

GET
H/1.1 200
OK 262
www.guru3d.com/files_teaserimage/ 32 KB
32 KB 123ms
37ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/262
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: f0cd24d395e62f8fc94c2eba77cf961a26f8894d95f7b8abc29fc48477dc3d41

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 32739

GET
H/1.1 200
OK 156
www.guru3d.com/files_teaserimage/ 3 KB
3 KB 121ms
36ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/156
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: cfe2e1f999b74eeb141c463061facc63dd97d65ee4c66c39c3f14263cc6157b6

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 3187

GET
H/1.1 200
OK 54
www.guru3d.com/files_teaserimage/ 7 KB
7 KB 354ms
38ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/54
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 027256bec6e9b873ceb4b9d9180beac24e6d0b9024f540d1b4cf0302b91535e9

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 6566

GET
H/1.1 200
OK 263
www.guru3d.com/files_teaserimage/ 30 KB
30 KB 360ms
37ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/263
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: b1d81042d7f39b69fed545d74aa2e60e27534cfaa8460b44d7963fdcd6c18fe4

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 30694

GET
H/1.1 200
OK 175
www.guru3d.com/files_teaserimage/ 11 KB
11 KB 326ms
37ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/175
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: a967bdad4b5f9b2a1acdbdea63f35168cae59643c595fe9ef672a4ca207a457a

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 11128

GET
H/1.1 200
OK 94
www.guru3d.com/files_teaserimage/ 7 KB
7 KB 349ms
37ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/94
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: aec43616adf0ab4f84e3ee1e5820bc48a3f8a4a9bd875cc8853e03e91db14b26

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 6742

GET
H/1.1 200
OK 139
www.guru3d.com/files_teaserimage/ 47 KB
47 KB 343ms
37ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/139
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: a5d4a90aeadb89347d68c8f99a98c271ae12a0df66b0683e2f8a0f9bb582ae5b

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK 85
www.guru3d.com/files_teaserimage/ 7 KB
7 KB 111ms
36ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/85
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 4e407fbb7b1204fd218aaa05b70eb04e1036f9cc66b9281f81a8406cc2580f9d

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 6688

GET
H/1.1 200
OK 200
www.guru3d.com/files_teaserimage/ 2 KB
2 KB 203ms
41ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/200
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 8ba2d52ebdcc24384bf69dc95b710d7418903602b0461e52a9f3f52e6ba3bebb

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 2131

GET
H/1.1 200
OK 31
www.guru3d.com/files_teaserimage/ 10 KB
10 KB 101ms
38ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/31
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 25075022cea6f81dafbd9e4ba66431f89eeccd6a4bfd434db25b2fdbee0cfda6

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 10094

GET
H/1.1 200
OK 225
www.guru3d.com/files_teaserimage/ 17 KB
17 KB 100ms
37ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/225
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 2e387ea940da1b59933421290c1112a89a40b7c0da2342ac4c46e4c5eef7f3f2

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 16849

GET
H/1.1 200
OK 268
www.guru3d.com/files_teaserimage/ 43 KB
43 KB 100ms
38ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/268
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 589a1d7eedae99cf3dd4bee4219d238cd6f58e97f03c9fb0d1fe65beb90b0c71

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK kstar.gif
www.guru3d.com/images/ 888 B
1 KB 126ms
34ms Image
image/gif 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/images/kstar.gif
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 385fa695850ccaf7910690c9170f01b3b57a9ec2f401592f49b63d480b1d84c2

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Last-Modified: Sat, 26 Oct 2019 09:29:42 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "378-595cce8101eb2"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 888

GET
H/1.1 200
OK 223
www.guru3d.com/files_teaserimage/ 36 KB
36 KB 126ms
49ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/223
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 277022aef03f6f935072e92f67cacac60de867c2727c26c6ba5f82cc203b37a6

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 36343

GET
H/1.1 200
OK rssfeed.gif
www.guru3d.com/images/ 594 B
850 B 108ms
33ms Image
image/gif 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/images/rssfeed.gif
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 2934ccf5551e53d40a55ec12203eace83896813c0d09f3d558e8f112b04f0e0d

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Last-Modified: Sat, 26 Oct 2019 09:29:43 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "252-595cce81d9bc9"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 594

GET
H/1.1 200
OK 46
www.guru3d.com/files_teaserimage/ 10 KB
10 KB 107ms
38ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/46
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 0991547678f5bf46df54e55b8faaf7ab871d17c2f28db6df3f81add38eff35d9

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 10040

GET
H/1.1 200
OK 186
www.guru3d.com/files_teaserimage/ 5 KB
5 KB 103ms
37ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/186
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 2bd875a53f49d36737164e14eff58b51328c6643787dd7e0eb5870806ea86462

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 5232

GET
H/1.1 200
OK 259
www.guru3d.com/files_teaserimage/ 5 KB
5 KB 102ms
36ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/259
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 392a6d7af658818fea4c15fe1aa3f03a344566f9b5ad583aa3a3b80e0a901219

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 4790

GET
H/1.1 200
OK 92
www.guru3d.com/files_teaserimage/ 25 KB
25 KB 122ms
46ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/92
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 6325a6a3117de764f157feceee92cabccbeba6bd5182ec154837a43a4479ffc8

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 25691

GET
H/1.1 200
OK 138
www.guru3d.com/files_teaserimage/ 5 KB
5 KB 107ms
41ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/138
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 9ccf5516df407728d0f415c944e340497a0cd8fc7b2a850c74de7523e22b7d60

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 5091

GET
H/1.1 200
OK 231
www.guru3d.com/files_teaserimage/ 4 KB
4 KB 107ms
36ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/231
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 2c7ffbddf601001e9c81f51306d03788945e59270a949aa700f91c000c347214

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 3797

GET
H/1.1 200
OK 227
www.guru3d.com/files_teaserimage/ 4 KB
4 KB 111ms
44ms Image
text/html 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/files_teaserimage/227
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 12ed546354ebdec88fc6065400e2ac050f826cbc9dddb458539506095938cb8d

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 3970

GET
H/1.1 200
OK index.php
www.guru3d.com/ 3 KB
3 KB 111ms
44ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/index.php?ct=core&action=tasks
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Content-Disposition: attachment; filename="index.png"
Connection: close
X-Powered-By: PHP/5.6.40, PleskLin
Content-Length: 2808
Server: Apache
Content-Type: image/png

GET
H/1.1 200
OK index.php
www.guru3d.com/ 31 KB
6 KB 1124ms
36ms Stylesheet
text/css 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2&ie=6
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PHP/5.6.40, PleskLin
Resource Hash: 8be66a7482b742f3c31ba67cc325f1fd8e8b4218ae1e6525d08d3635316b1f69

Request headers

Referer: https://www.guru3d.com/index.php?ct=files
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:07 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 7018
date: Thu, 01 Apr 2021 04:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Thu, 01 Apr 2021 06:15:07 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ 58 KB
19 KB 35ms
35ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

734570f762a112d6fd1829fcb2ff2eaa11f908d7ebf6131be5e4dfa4cfb56321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "829 / 142 of 1000 / last-modified: 1617228727"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19709
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:05 GMT

GET
H3-Q050 200 pubads_impl_2021032901.js Show response
securepubads.g.doubleclick.net/gpt/ 288 KB
101 KB 34ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

0862c2487c0665ea2123f42a17adf474adee38aab90c6a1a4288a0124d05294a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 08:36:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103062
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:05 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
146 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 640 B
328 B 63ms
63ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1590353518451642&correlator=3799728492463945&output=ldjh&impl=fifs&eid=31060473%2C31060550%2C31060640%2C44739387&vrg=2021032901&ptt=17&sc=1&sfv=1-0-38&ecs=20210401&iu_parts=21536815%2Cwrapper&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=1x1%2C1x1&ists=1&cookie=ID%3De56d734aae0a4ccf%3AT%3D1617257522%3AS%3DALNI_MbtAOU3_2RJKzlR55E5R8clVVlqCA&bc=31&abxe=1&lmt=1617257525&dt=1617257525668&dlt=1617257525382&idt=258&frm=20&biw=1600&bih=1200&oid=3&adxs=0%2C-9&adys=30%2C-9&adks=1612380904%2C3918806337&ucis=1%7C2&ifi=1&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles&ref=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x61%7C0x-1&msz=1x-1%7C0x-1&ga_vid=863289859.1617257523&ga_sid=1617257526&ga_hid=1310605311&ga_fc=true&fws=4%2C2&ohw=1600%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

bb6c533351bc20a28d7d9f09a9dfdb6e70ce724c722071db321e45acf81cd668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 46ms
18ms Other
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK d3yoh.jpg
www.guru3d.com/gurustuff/ 33 KB
33 KB 67ms
39ms Image
image/jpeg 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/d3yoh.jpg
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 43cca61ef3583b0cc352dd8b3b76fc670bbb528bf2a2d269d1c91313fb53e9a9

Request headers

Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:03 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "84d0-595ccf400da3a"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 34000

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 734ms
734ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1590353518451642&correlator=3799728492463945&output=ldjh&impl=fifs&eid=31060473%2C31060550%2C31060640%2C44739387&vrg=2021032901&ptt=17&sc=1&sfv=1-0-38&ecs=20210401&iu_parts=21536815%2Ctop_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3De56d734aae0a4ccf%3AT%3D1617257522%3AS%3DALNI_MbtAOU3_2RJKzlR55E5R8clVVlqCA&bc=31&abxe=1&lmt=1617257525&dt=1617257525679&dlt=1617257525382&idt=258&frm=20&biw=1600&bih=1200&oid=3&adxs=699&adys=41&adks=1733603311&ucis=3&ifi=3&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles&ref=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1274x110&msz=728x-1&ga_vid=863289859.1617257523&ga_sid=1617257526&ga_hid=1310605311&ga_fc=false&fws=4&ohw=1274

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

caf1ca9defb27f2ab345cfbdd9148813c45f544ad7ada0a03297990e1ea29e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2559
x-xss-protection: 0
google-lineitem-id: 129863295
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234729855
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Ovdce.png
www.guru3d.com/gurustuff/ 3 KB
3 KB 74ms
33ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/Ovdce.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 040cca331d65b92bd45651da329569579ad081ec68afdc8d0180c05aad170324

Request headers

Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:08 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "b6d-595ccf44b6fc9"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 2925

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
48 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1310605311&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles&ul=en-us&de=UTF-8&dt=Guru3D.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEABAAAAAC~&jid=&gjid=&cid=863289859.1617257523&tid=UA-1106208-1&_gid=925526140.1617257523&_slc=1&z=1727402970

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 6gh4U.png
www.guru3d.com/gurustuff/ 3 KB
3 KB 89ms
35ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/6gh4U.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: b8dfcaa28c54fa0398fa53a50f078313a1f33345eee98cd6dd4a08b547a915e2

Request headers

Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:01 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "b2b-595ccf3ef36a5"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 2859

GET
H3-Q050 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
123 B 18ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
123 B 24ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 613ms
609ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1590353518451642&correlator=3799728492463945&output=ldjh&impl=fifs&eid=31060473%2C31060550%2C31060640%2C44739387&vrg=2021032901&ptt=17&sc=1&sfv=1-0-38&ecs=20210401&iu_parts=21536815%2C300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3De56d734aae0a4ccf%3AT%3D1617257522%3AS%3DALNI_MbtAOU3_2RJKzlR55E5R8clVVlqCA&bc=31&abxe=1&lmt=1617257525&dt=1617257525802&dlt=1617257525382&idt=258&frm=20&biw=1600&bih=1200&oid=3&adxs=1127&adys=188&adks=1379754963&ucis=4&ifi=4&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles&ref=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&vis=1&dmc=8&scr_x=0&scr_y=0&psz=295x250&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=863289859.1617257523&ga_sid=1617257526&ga_hid=1310605311&ga_fc=false&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b351cec47b19e9de0c5b834cd00350033daa03b9b805a82ff05c2775d34f4910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2715
x-xss-protection: 0
google-lineitem-id: 5627289002
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138340943632
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK C2upk.png
www.guru3d.com/gurustuff/ 3 KB
3 KB 60ms
36ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/C2upk.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: f2696ba428936d516c3dd50c2e9726d8c82cbd48e4938a6f04e965185e1ee562

Request headers

Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:02 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "b52-595ccf3fc947c"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 2898

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 1124ms
1123ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1590353518451642&correlator=3799728492463945&output=ldjh&impl=fifs&eid=31060473%2C31060550%2C31060640%2C44739387&vrg=2021032901&ptt=17&sc=1&sfv=1-0-38&ecs=20210401&iu_parts=21536815%2C300x600_navbar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cookie=ID%3De56d734aae0a4ccf%3AT%3D1617257522%3AS%3DALNI_MbtAOU3_2RJKzlR55E5R8clVVlqCA&bc=31&abxe=1&lmt=1617257525&dt=1617257525821&dlt=1617257525382&idt=258&frm=20&biw=1600&bih=1200&oid=3&adxs=1127&adys=2117&adks=2692230078&ucis=5&ifi=5&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles&ref=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&vis=1&dmc=8&scr_x=0&scr_y=0&psz=295x600&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=863289859.1617257523&ga_sid=1617257526&ga_hid=1310605311&ga_fc=false&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0a30aba47445690608c40fe86c7827346570a6f30b7aaea50af0638758b61d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2367
x-xss-protection: 0
google-lineitem-id: 129863055
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 48542942415
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame E95C 44 KB
13 KB 62ms
60ms Document
text/html 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b6bff2c3068d224006fc0f8fe966339c03159fbf2ad269e0b67d26322397469

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: v3osgDnbSudlxDKCxKDeWBo1Y5M1SrQmHLd4grKIZNfEeHF+2s1uDJ3esfZOe3cvKEMQE97sasMZ04nl1OJ3AQ==
date: Thu, 01 Apr 2021 06:12:05 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 1111ms
1110ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1590353518451642&correlator=3799728492463945&output=ldjh&impl=fifs&eid=31060473%2C31060550%2C31060640%2C44739387&vrg=2021032901&ptt=17&sc=1&sfv=1-0-38&ecs=20210401&iu_parts=21536815%2C300x250_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3De56d734aae0a4ccf%3AT%3D1617257522%3AS%3DALNI_MbtAOU3_2RJKzlR55E5R8clVVlqCA&bc=31&abxe=1&lmt=1617257525&dt=1617257525838&dlt=1617257525382&idt=258&frm=20&biw=1600&bih=1200&oid=3&adxs=1127&adys=3189&adks=3057682820&ucis=6&ifi=6&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles&ref=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&vis=1&dmc=8&scr_x=0&scr_y=0&psz=315x260&msz=295x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=863289859.1617257523&ga_sid=1617257526&ga_hid=1310605311&ga_fc=false&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

43cf7e453a057fc64a04d5edaa1816045d7f0df36b7275aa2d5333c95134bca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2613
x-xss-protection: 0
google-lineitem-id: 5577218819
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138335622936
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

887aa90c52c270653d0d1809a07e52124045eb6cf81e8160e71f53adc5166b00

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3484
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:05 GMT

GET
H/1.1 200
OK comment2.png
www.guru3d.com/gurustuff/comments/ 459 B
715 B 96ms
33ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/comments/comment2.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 1f1ca8a1b3681d03a2f919d1175e672f1fa42514afcb35318fe565a2ea602c50

Request headers

Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:05 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:12 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "1cb-595ccf48897e2"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 459

GET
H3-Q050 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
123 B 15ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
123 B 16ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.guru3d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 1472ms
1470ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1590353518451642&correlator=3799728492463945&output=ldjh&impl=fifs&eid=31060473%2C31060550%2C31060640%2C44739387&vrg=2021032901&ptt=17&sc=1&sfv=1-0-38&ecs=20210401&iu_parts=21536815%2C728x90_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3De56d734aae0a4ccf%3AT%3D1617257522%3AS%3DALNI_MbtAOU3_2RJKzlR55E5R8clVVlqCA&bc=31&abxe=1&lmt=1617257525&dt=1617257525898&dlt=1617257525382&idt=258&frm=20&biw=1600&bih=1200&oid=3&adxs=163&adys=6339&adks=1111642073&ucis=7&ifi=7&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles&ref=https%3A%2F%2Fwww.guru3d.com%2Findex.php%3Fct%3Dfiles%26action%3Ddownload&vis=1&dmc=8&scr_x=0&scr_y=0&psz=944x90&msz=944x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=863289859.1617257523&ga_sid=1617257526&ga_hid=1310605311&ga_fc=false&fws=4&ohw=944

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

dca4b8b1d0e8b00ed17c15ac1c76bbf4c956ed20bd7879e8d35706b077943808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2370
x-xss-protection: 0
google-lineitem-id: 129863415
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 48543002775
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.guru3d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/xNQQ4Ja1ehbNf/www.guru3d.com/ 5 KB
2 KB 30ms
7ms Script
application/javascript 2600:9000:214f:1000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/xNQQ4Ja1ehbNf/www.guru3d.com/choice.js?timestamp=1617257525902
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69439656dea473a2b061c934e843071a2d10a889fc74484b0cc5521767d2b1de

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:11:19 GMT
content-encoding: br
etag: W/"2dffc2b03414afb57d77b6bd1cdb70c0"
last-modified: Wed, 10 Feb 2021 23:03:35 GMT
server: AmazonS3
age: 77
x-amz-server-side-encryption: AES256
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: w3PO79o7ItWAyCT6HisPSz_AOwAjxfdVZTZgXsn1C9LDZUTY0AOQZg==

GET
H/1.1 200
OK prev-horizontal.png
www.guru3d.com/images/carousel/ 2 KB
2 KB 189ms
33ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/images/carousel/prev-horizontal.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/images/carousel/skin.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 226be6dc7c2ce2519ea2c3d02d056aee3e51212e30f5bcd754942fbe22b8f861

Request headers

Referer: https://www.guru3d.com/images/carousel/skin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Last-Modified: Sat, 26 Oct 2019 09:29:46 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "71b-595cce843ffd0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 1819

GET
H/1.1 200
OK next-horizontal.png
www.guru3d.com/images/carousel/ 2 KB
2 KB 190ms
34ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/images/carousel/next-horizontal.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/images/carousel/skin.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 20f8268a29c805c82bb9501513e6f6dd2622c620cbebf7608a37daac2da95754

Request headers

Referer: https://www.guru3d.com/images/carousel/skin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Last-Modified: Sat, 26 Oct 2019 09:29:45 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "714-595cce83e4314"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 1812

GET
H/1.1 200
OK JUYGd.png
www.guru3d.com/gurustuff/ 3 KB
3 KB 168ms
37ms Image
image/png 144.91.87.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guru3d.com/gurustuff/JUYGd.png
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: 22de8bba2db54997d0944355ab032fc375ece3590515e4d5c26fafb92266360e

Request headers

Referer: https://www.guru3d.com/index.php?ct=core&action=css&id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 06:12:06 GMT
Last-Modified: Sat, 26 Oct 2019 09:33:04 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "af5-595ccf419442a"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 2805

GET
H3-Q050 200 cse_element__en.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 274 KB
90 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 12:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 236762
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92213
x-xss-protection: 0
expires: Tue, 29 Mar 2022 12:26:03 GMT

GET
H3-Q050 200 default+en.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
9 KB 13ms
12ms Stylesheet
text/css 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 12:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 236762
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
expires: Tue, 29 Mar 2022 12:26:03 GMT

GET
H3-Q050 200 minimalist.css
www.google.com/cse/static/style/look/v4/ 5 KB
2 KB 12ms
12ms Stylesheet
text/css 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/minimalist.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5867ad740bc719bf1309b5f65537b7ba69f2cba5e9a193679859542d1bc7f95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 05:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 928
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1452
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:46:37 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 21ms
8ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/xNQQ4Ja1ehbNf/www.guru3d.com/choice.js?timestamp=1617257525902
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:05 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 08 Apr 2021 06:12:05 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 278 KB
71 KB 9ms
8ms Script
text/javascript 2600:9000:214f:1000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.guru3d.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/xNQQ4Ja1ehbNf/www.guru3d.com/choice.js?timestamp=1617257525902
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29507fd3a172d0d54a23c53defa95fe78dbf477c5577b7b789abc2946c8a40d8

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 01 Apr 2021 06:11:08 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 17:11:22 GMT
server: AmazonS3
age: 57
etag: W/"814cf3c7bdd5dafb6ad642c1b52006c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: g9AVMfJrmbq16ujLo7lf4xYNVwmbs_KLS_sj-8wDBUqlnhdL9NltyA==

GET
H2 200 marMItmZNfV.css
www.facebook.com/rsrc.php/v3/yM/l/0,cross/ Frame E95C 25 KB
6 KB 23ms
13ms Stylesheet
text/css 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yM/l/0,cross/marMItmZNfV.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

34c2a6b2fd25bb0b5bda545af77d1a0af494cbe11c65ee2d0c8acdd497a49b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 18:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: tvwOd0DTa0xfwwAyyYeaBA==
cross-origin-resource-policy: cross-origin
content-length: 5929
x-fb-rlafr: 0
x-fb-debug: cdNVC/RVXWcV8/5gF4hVFEfMf2htGqNI8e9loj9wijlPK3jQfqgXzGnzI3oCFIi6a572+oDyyQDOdY9B2QbBFw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 31 Mar 2022 18:39:33 GMT

GET
H2 200 uktFqoSGNQ2.js Show response
www.facebook.com/rsrc.php/v3/yl/r/ Frame E95C 271 KB
72 KB 24ms
12ms Script
application/x-javascript 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yl/r/uktFqoSGNQ2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fdeddda6872052e957921cb5ed1ac9f5af08dd6ac35ca43949ae87723b6dd0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: pCjAYLlojt/uXEJZVbmbngeQ6fWdMUzxDv1w+WyFLKiS91XWMZ0POy0fQMtKZLJnD9i7wgu5MaQTXZ5BHnBHyw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: q9xfnxe2jJcyK6cZDxflng==
date: Tue, 30 Mar 2021 16:19:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 73695
x-fb-rlafr: 0
expires: Wed, 30 Mar 2022 16:19:39 GMT

GET
H2 200 R-94njMYEPI.js Show response
www.facebook.com/rsrc.php/v3/yk/r/ Frame E95C 61 KB
19 KB 24ms
13ms Script
application/x-javascript 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yk/r/R-94njMYEPI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

93ed3d00fb0c638f0144f3448d3f7fec80003d5e4e50598dafd403d8fd232b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: lxnglHBthDypDl6bwaP0vlc+KxxPk3B8NlD8WFVLFrGjnXr0TnLelAZzNr6HiAotgr7Vsi09qtSwWBLMS/6dhg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: qMPVrpmEjfzvmMEF5P9xSA==
date: Tue, 30 Mar 2021 22:45:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19271
x-fb-rlafr: 0
expires: Wed, 30 Mar 2022 22:45:19 GMT

GET
H2 200 gdMhOJz-gDn.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yM/l/en_US/ Frame E95C 127 KB
35 KB 23ms
13ms Script
application/x-javascript 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yM/l/en_US/gdMhOJz-gDn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e5e5c268fdaa87b5bf12b1b706d7010e604e67910f91802ed51ab7a3b2eb119

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: +MGCnHBSuBB9cZ495dWpYerCpuhg6mFabCW8dIl0YNQtHmZeQX1IzVUQLAtjcbyZ9cNvmaL5D/PWbgK41URTJA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Ps1zKc2V9IWfV/V9hMPcHA==
date: Tue, 30 Mar 2021 22:45:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36161
x-fb-rlafr: 0
expires: Wed, 30 Mar 2022 22:45:19 GMT

GET
H2 200 hXQHwyZQ5vj.js Show response
www.facebook.com/rsrc.php/v3/yo/r/ Frame E95C 6 KB
2 KB 25ms
15ms Script
application/x-javascript 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yo/r/hXQHwyZQ5vj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cac2837aba5655412929c56e39e9debc509bd67fc030875246ff7a493b249fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 06:52:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: OuLZhuOJI87YSWy5uFIW2A==
cross-origin-resource-policy: cross-origin
content-length: 1706
x-fb-rlafr: 0
x-fb-debug: n1dWK3cv34AWiB12hq8aX7+o50RQcnDE0RtOf9EPvlWDl3ddGCizikGR0w8mRo84NOvcHwvhTdOCYMmmwluIbQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 28 Mar 2022 06:52:27 GMT

GET
H2 200 980015_533586583343807_1764489926_o.jpg
scontent-ams4-1.xx.fbcdn.net/v/t31.18172-0/p526x296/ Frame E95C 39 KB
40 KB 13ms
13ms Image
image/jpeg 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t31.18172-0/p526x296/980015_533586583343807_1764489926_o.jpg?_nc_cat=104&ccb=1-3&_nc_sid=a61e81&_nc_ohc=k2pLxuOMgtoAX_NLIo_&_nc_ht=scontent-ams4-1.xx&tp=6&oh=9704c2f9a36d6575b019a1b8b157a8ce&oe=60898C99
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 627d1b49321d7a8a4a4073f34b3ba1c96738f3f0d1f9c54f3b251bb819975a8e

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2532042100
date: Thu, 01 Apr 2021 06:12:06 GMT
x-fb-trip-id: 664085054
last-modified: Fri, 07 Jun 2013 06:34:14 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1469356964
x-fb-config-version-olb-prod: 1056
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 40365

GET
H2 200 188311_222951111074024_7587693_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t1.18169-1/cp0/c20.16.199.198a/s50x50/ Frame E95C 2 KB
2 KB 15ms
14ms Image
image/jpeg 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t1.18169-1/cp0/c20.16.199.198a/s50x50/188311_222951111074024_7587693_n.jpg?_nc_cat=110&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=1idsHGE_f_UAX9UNY2s&_nc_ht=scontent-ams4-1.xx&tp=28&oh=a4201315b518b2a3e93e086f8e6ee3a9&oe=608C4859
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a515b24a0ddb5985de71e218ff259ce1f92256cea1a61954ccf157649c3fdbeb

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 420387698
date: Thu, 01 Apr 2021 06:12:06 GMT
x-fb-trip-id: 664085054
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3867042620
x-fb-config-version-olb-prod: 1056
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1800

GET
H3-Q050 200 async-ads.js Show response
cse.google.com/adsense/search/ 181 KB
63 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d22e5297fca3c39e57aea125d7fac1be0210d64fd5530f6b100cfc41308fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1698023212646863493"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:06 GMT

GET
H3-Q050 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 15ms
13ms Image
image/png 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 08:54:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 508663
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Sat, 26 Mar 2022 08:54:23 GMT

GET
H3-Q050 204 generate_204
www.googleapis.com/ 0
178 B 38ms
19ms Image
text/plain 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:06 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 15ms
13ms Image
image/png 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:15:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 140173
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Wed, 30 Mar 2022 15:15:53 GMT

GET
H3-Q050 204 generate_204
clients1.google.com/ 0
178 B 38ms
20ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:06 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 rules-p-xNQQ4Ja1ehbNf.js Show response
rules.quantcount.com/ 3 B
356 B 150ms
123ms Script
application/x-javascript 2600:9000:2127:9600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-xNQQ4Ja1ehbNf.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:9600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:09:37 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 151
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
cache-control: max-age=300
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: 8nzPATjAAwX3b-qUZcwRUmyTmX60EEwwl9C4CsTt6038qQenjh2GvA==

GET
H2 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame E95C 573 B
715 B 18ms
17ms Image
image/png 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/l/0,cross/marMItmZNfV.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yM/l/0,cross/marMItmZNfV.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: j94WZdJ6ahz4zR/1BTX01djMrpiTj7d2RkqIbbIjJfPEw4Ay9i2bBCw1RInlnwBRghrmwwhenabYB8308jWjJw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Thu, 18 Mar 2021 19:16:16 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 573
x-fb-rlafr: 0
expires: Fri, 18 Mar 2022 19:16:16 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 43BF 0
0 62ms
61ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbfe4Bg3Vbg3AGjfP2tA4KD4L35OmAaNZdawBKg2WB048d23ovYq_EoM8vEiYGVw-cBO3xzAH1gzO6KmyfJIw6Mh6znOntiotwJaDXew50U5gyV9J_7kVJx_QEvjjoGNhE93Q3CjA-gEq7HI5RAheXhPenkliKCIh2XlBeNtHMqoCQfY603-QK7hBXypEpiGvy8Y3rN8zihbX7ZpSqfA-5yHM-V13148vFgxNrAd3feFs0nQ_NZ7hSwAv87CCjbuUrKqqR9FoZ-LB1kegLMKd6PRaCkmbjO99ryHUTiWqRuoRVacAZezEIwLI&sig=Cg0ArKJSzAkAh3nOLgMeEAE&urlfix=1&adurl=

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 43BF 58 KB
19 KB 34ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

47a0d4982b0bbe31ffc27913ea3b0c0b2720c160300c0d9f055b2a64061895c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "829 / 494 of 1000 / last-modified: 1617228727"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19705
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:06 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 43BF 118 KB
36 KB 35ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:06 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 37ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017733465819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:06 GMT

GET
H3-Q050 200 container.html Show response
5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E38 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 01 Apr 2021 06:12:05 GMT
expires: Fri, 01 Apr 2022 06:12:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5E38 22 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com
URL: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 10:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330204
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Mar 2022 10:28:42 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 5E38 5 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com
URL: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8f13154eb1406bcfb612d0499b161329c95da4c8af2082da52f22b0d7020efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 05:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Mar 2021 16:38:43 GMT
server: sffe
age: 1019
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2587
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:55:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E38 118 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com
URL: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:06 GMT

GET
H2 200 pubads_impl_2021032202.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 43BF 286 KB
100 KB 33ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js?31060600

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

783355ba48d24f37c27cafa383cef88a462f95b7fc65d4fdaf57a0bcca7f371c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 18:01:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102487
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:06 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5E38 0
0 61ms
61ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuA-bgU8TXz_yCp0aLi2_BSQyYSAX7mxMAUlVamUrXqx0nsQMk1XJH0jO4MPu4rmU-1z7IksNH0qIxLGDZcVEuC1WJ6dQh0INLZhV47tS9JWbEBjPLGz-m5-lZumgkbZmGyoWcLfn3ZgFNlco-Mu3wTNt4awhD3RqK787loMBIOPcVw8y151mscM9JszZl05sGyXYqcEO4VVcUAyqM4zpQ1oAaV08-kPIll5a31LRhXqkpUg43qLFjdk82KOARq_YsUGeI1VXwhKKVsFVr_DK5nnnnKQLLj4M090IFr&sig=Cg0ArKJSzFMaZd1RfhGFEAE&urlfix=1&adurl=

Requested by

Host: 5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com
URL: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Apr 2021 06:12:06 GMT

GET
H3-Q050 200 impl_v69.js Show response
www.googletagservices.com/dcm/ Frame 5E38 36 KB
15 KB 26ms
26ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v69.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

8841615a819c2620b366e3fc9bd7189f37ae881e637dad71739c6e56d595e7e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 13:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 14:56:40 GMT
server: sffe
age: 493326
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15221
x-xss-protection: 0
expires: Sat, 26 Mar 2022 13:10:00 GMT

GET
DATA 200
OK truncated
/ Frame 5E38 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc4c57feb5f8d2a26270a33c76ffc53df4a2360531758e3824fda9fd1ad62f5e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5E38 0
0 62ms
61ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstlfISXGTVS0j5XUGHwJtdx-JHQ7PdHHBAcrZuROz7syop-forF4T-3J9Jw7yrDpsozkeO8Nr6j738F_ijQ5QGl9SD993MqLLXkQBz5zAjj8ZPUzyNUbz_wELvyDOpI5pjFnN85s29BIyKI-eN9cb_5Vb06hqDDsfL5-RsLE0kQvY5HImM_pkRGgGI_psbYbLtJsO4IsTnEy1AvFX7FBAdw25NAG18Suo3OBgAQQBTPYQ-vaNM2aC4gCcYyugskGT8N_etBqcPWvDBl6rmZD-lwlyMNn5aghi7oemwqg8&sig=Cg0ArKJSzGYznxNFKpvHEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Apr 2021 06:12:06 GMT

GET
DATA 200
OK truncated
/ Frame 43BF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c4044290ef1cc01f164e574203e35d48a88b8edf836262612d5b29ec6571a80

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 43BF 0
0 62ms
62ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTuBruQmjyQ9mCrXmraw27nmgSVwbraasoq4jxPWydxtQOfoeOnTHo7cdQFZkEZbQX26ZpCP0aa6CJKn15tEQ6n4FF6a5-GuPdsOOgMz8dwyxd9Ndhcj4ajwn9P_FokmfYmcfoj1aaEsl7CvRRwcG3YYnIx3Ia0QY5ML5ljkVJMoq9TRludmSU9ZMMNt8IGHOyKNm-1P_25ee3AauUHcgTw8sb6ugkzXQ43TxpxcDl4iIEcktMUhXem0IyG7qL8d4zfCCjGNUo0SsCDHRToQkG-__L39irq7cXsZzTr-N4&sig=Cg0ArKJSzIeNm9doEHoyEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Apr 2021 06:12:06 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 141F 0
0 64ms
63ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdCWMYAkk87VuSqfonIm5n0Y7KLC5KUxNTLVn1Cfel2TFoWgIPW4OIzxMtOV01UDeRb1izEytaDkhfyyMYNIUwblYoJjIzv7tutf8NHt8-mjXGbo0ct-yzowM4dYL6IuANn3B8ATXdUppa6k5yE2Nd6QICWlVZbMbXd3-KHCJnkn_A1LzR7rIMIOUaAfSO9-BuFr1_ney6Sv-KuQs7zAonAtAQuT1QgqmqNC7S1x2MR--8YFgl7YMdhsxFR7T76eLjRRPOcedVEGhvUA24zQRblGMt5Kbmc-YWO0zm90u9vQ5U_InvKa4MwAcSsP-Y&sig=Cg0ArKJSzOJSp7QLt3DNEAE&urlfix=1&adurl=

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Apr 2021 06:12:06 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 141F 58 KB
19 KB 36ms
35ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

6af9b1a870ee1a99577c80fa1a17d856f09635385296bc19cab8766e90b3001d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "829 / 203 of 1000 / last-modified: 1617228727"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19709
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:06 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 141F 118 KB
36 KB 33ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:06 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 380F 0
0 60ms
60ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubLqOG1wvyjkGzat2xcaXciROP8QompT2REgFT4Xj-j3Wrq9WLflO8NgRcDHqwWhdCLtV-mrKwj3MlK_yB1m7eWo3sMkgUGOBIO5vCm_0CFp5GunisRLE-bz9waIUuvzo2M0hdjD0QP_1qt4pH1zMUac0z4Uy0XAyNya0YqWURwlaMy5eZl7efX0gc78cTLeNrvhZBE-DgpTArKc05CsHZfr2XTwjRbcc4kAbb8GfTkCrUsiTH6v5aI4CKDi5A9gKSb6XPNaHOf4WOJbD3yb4cyHWvlGVEsXxVzstIcWCDZzDe&sig=Cg0ArKJSzJNwjF89mVZTEAE&urlfix=1&adurl=

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Apr 2021 06:12:07 GMT

GET
H2 200 app.js Show response
servedbyadbutler.com/ Frame 380F 52 KB
10 KB 123ms
33ms Script
application/javascript 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/app.js
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.97.6 Paderborn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: d6a1244cf9c466a9be3da7257db1509667c5e75a6dd9f13efecf7d879ebe4b4e

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:07 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 17:19:53 GMT
server: nginx
etag: W/"604a5139-d0d8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
expires: Thu, 01 Apr 2021 06:42:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 380F 118 KB
36 KB 35ms
35ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:07 GMT

GET
H3-Q050 200 pubads_impl_2021033001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 141F 288 KB
101 KB 34ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

990b8aed006156731e08e68ec85706ebcf592462536e4374fa58a57fdee1c055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 08:37:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103184
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:07 GMT

GET
H2 200 B24670551.281396572;dc_ver=69.198;dc_eid=40004001;sz=300x250;u_sd=1;gdpr_consent=tcunavailable;dc_adk=2539895705;ord=punk6m;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOj... Show response
ad.doubleclick.net/ddm/adj/N30602.160827GURU3D/ Frame 064B 25 KB
13 KB 66ms
60ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N30602.160827GURU3D/B24670551.281396572;dc_ver=69.198;dc_eid=40004001;sz=300x250;u_sd=1;gdpr_consent=tcunavailable;dc_adk=2539895705;ord=punk6m;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstBEXKXWByNILsgk_lHl-e0x4AZU_dgYBbR5D672FCf-0IRIyrnIubmZsoEZC0bfBUZXZSrjicumlpTHpRMNGQhUMHEV8u24f28b7MRWYTNg6PlAM2CYtFIBQ9BnqM3mfO07J17ULkDL7P-Odzm_IifieRnyktR4NH3qhEdWXAtvu8DD1_2S8DirGOBimLVmA5LpvR3aaXLMpHNz9apIUqIZnc9d1U7t453QGgca403wKxp_FsHqmXb15Qtx5JwG0elW2TMIEF1xl8ddlXgAy_M-4gVrLDg5Gjn%26sig%3DCg0ArKJSzPPKmE9O-BBsEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.guru3d.com%2F$0;xdt=1;crlt=5'!h.lVC1j;cmpl=8;gcsr=a;osda=2;sttr=542;prcl=s

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

fcc868dfb68ddca90917050e6f3f5059c749d5fa7934c3f935d5ddca2fe1e813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13538
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 380F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 455c3aa9720bb559d261c4b91126cb589442f0ed7191e47c346fb4f6418306ff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 064B 118 KB
36 KB 40ms
36ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N30602.160827GURU3D/B24670551.281396572;dc_ver=69.198;dc_eid=40004001;sz=300x250;u_sd=1;gdpr_consent=tcunavailable;dc_adk=2539895705;ord=punk6m;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstBEXKXWByNILsgk_lHl-e0x4AZU_dgYBbR5D672FCf-0IRIyrnIubmZsoEZC0bfBUZXZSrjicumlpTHpRMNGQhUMHEV8u24f28b7MRWYTNg6PlAM2CYtFIBQ9BnqM3mfO07J17ULkDL7P-Odzm_IifieRnyktR4NH3qhEdWXAtvu8DD1_2S8DirGOBimLVmA5LpvR3aaXLMpHNz9apIUqIZnc9d1U7t453QGgca403wKxp_FsHqmXb15Qtx5JwG0elW2TMIEF1xl8ddlXgAy_M-4gVrLDg5Gjn%26sig%3DCg0ArKJSzPPKmE9O-BBsEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.guru3d.com%2F$0;xdt=1;crlt=5'!h.lVC1j;cmpl=8;gcsr=a;osda=2;sttr=542;prcl=s

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:07 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210329/r20110914/elements/html/ Frame 064B 8 KB
3 KB 29ms
25ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210329/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 06:08:53 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 064B 0
60 B 62ms
61ms Other
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstWLHVxAdq7kYyxhiUz6S96fZ5hnGLnkXch5MPfEBpkx4vKY6TiaKh1CN0dvkk3T6MZ_GkOpXcgMEF1-PMQFBlcUGnVRghqp2ZzcN0KC1AtJUzLGa3E3zQP3ppnaBw0C4_NhbWwOUxc&sig=Cg0ArKJSzO97VMApdAhTEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210329.68761&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 064B 41 KB
15 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 00:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20659
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 00:27:48 GMT

GET
H2 200 game-ready-fornite-standard-bnr-300x250.jpg
s0.2mdn.net/8488484/ Frame 064B 54 KB
54 KB 10ms
7ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8488484/game-ready-fornite-standard-bnr-300x250.jpg

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be398598072995cb4f26363906db68ebe6dded8d3a29c234eb74134c88acf28d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 18:21:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 14:41:33 GMT
server: sffe
age: 42625
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54784
x-xss-protection: 0
expires: Thu, 01 Apr 2021 18:21:42 GMT

GET
DATA 200
OK truncated
/ Frame 141F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 886c9cdfabfe375aafd42c6b4c32999eda92fab1dc319011f07dda1a83a9e1cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 141F 0
0 67ms
62ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIOaJblOmbthtsRdG1F44zmYhB7KMgUq8b6eIaCMmoasdCkhbvIWHdHSt0vko2bWg-xqEpOfkemYN59r80m48gMHVp9podMP03wRoHrBg_4yu0phK3_EX_NArjRbQr1AJ65tlalZ3GWTYGl0378BAsL4MAp_pKGNMwkxuCuFjb7neV_HN7Em2SplUcG4aGfJ3F6467_ewCn065N5PcXQqYGny7yxmhyAXfE0bgvNqdWzCs1rQK4gamNC8nC0fErtbyvSNdfljtALL5nrNtfh9CEYWcd2z4WGhIXpallNC3u6IWyw&sig=Cg0ArKJSzOSyQIm9WKj6EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Apr 2021 06:12:07 GMT

GET
H2 200 ;ID=167608;size=300x250;setID=203376;type=async;domid=placement_203376_0;place=0;pid=314047;sw=1600;sh=1200;spr=1;rnd=314047;click=CLICK_MACRO_PLACEHOLDER Show response
servedbyadbutler.com/adserve/ Frame 380F 1 KB
1 KB 34ms
34ms Script
application/x-javascript 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=167608;size=300x250;setID=203376;type=async;domid=placement_203376_0;place=0;pid=314047;sw=1600;sh=1200;spr=1;rnd=314047;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.97.6 Paderborn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5e05ee3ed933c20e23d5f7b2d911d47e859d525dddd64084f9f4eb2e647af0ce

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:07 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 064B 0
515 B 137ms
62ms Other
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0F63 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 28 Mar 2021 13:47:36 GMT
expires: Mon, 28 Mar 2022 13:47:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 318271
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ;MID=167608;type=eligibleimpression;placementID=1158556;setID=203376;channelID=8974;CID=386523;BID=520338993;TAID=0;place=0;mt=1617257527251701;hc=80832268bf07c372188cb26e2a57f11d8ccefc7e Show response
servedbyadbutler.com/adserve/ Frame 380F 0
314 B 158ms
74ms XHR
text/html 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=167608;type=eligibleimpression;placementID=1158556;setID=203376;channelID=8974;CID=386523;BID=520338993;TAID=0;place=0;mt=1617257527251701;hc=80832268bf07c372188cb26e2a57f11d8ccefc7e
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.97.6 Paderborn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:07 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.guru3d.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;libID=2846934
servedbyadbutler.com/getad.img/ Frame 380F 39 KB
39 KB 30ms
29ms Image
image/jpeg 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=2846934
Requested by: Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.97.6 Paderborn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: bdfff1f05100fc5f8d1149b92f33f1193f20a466689e54406b0d8f244e81caac

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:07 GMT
last-modified: Fri, 26 Feb 2021 17:17:09 GMT
server: nginx
etag: "60392d15-9c50"
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="Corsair-KATAR_PRO_XT-NL-300x250.jpg"
accept-ranges: bytes
content-length: 40016
expires: Thu, 31 Mar 2022 23:12:07 PDT

GET
H3-Q050 200 71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F63 14 KB
6 KB 26ms
26ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 538136
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5693
x-xss-protection: 0
expires: Sat, 26 Mar 2022 00:43:11 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 380F 0
0 65ms
63ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_VyOPYGdaRmbYG00ibD2tKSfuqC2oCjrZ2G_FJjfrGbxj-Bx0IKEWIQbIBqaywqReFVHmgCWieLl1X372p1A37D4T7JQ0bmQZrC-hT55fAJhrVbOHQ2VKDwoKGUvjaOLswGr3OUG_6SEAz9fQZkyqFxu6IYTA9xm_QZNTodp4ix8Gzgu1dsEabFQKdDEV04zpvQckqZJI_ZHhrdK8yfy6c8r3cF3eCdXOeZf_24lSezp-7rgtbq2gfq5XoAmRly-1Nv-EEZDXwqARz9FdGe-foKtxwEoLqs53RR4k4Wk_uJfhNmc&sig=Cg0ArKJSzKnkxIOrCmK1EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Apr 2021 06:12:07 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 76FC 0
0 61ms
61ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2nBE98gtPBnLFI7C1_kZv0CEg0QqzyJGD5FiZ3muUluy9u_mdx4rz1CcleIjvmRSi2fo_DNS2cJNFBCLDrxILOaygUo4h3DqQzOZQV5_39Cq3k-q9X7i2gim6lZsVssicZofJGtDxQ91C8HZrAYEcvxVZ-UGXAA10RxlIolvL7a8uvoyaZSCJKkxtul-FzoBVZ0R-y9pVti-zu53ZYN0ZM4u9XGzT381ld34aRWal2cRHyNyPqQICcMrY_C_vRGT-txIQ2jLs4ah4KpStMDxISW3Uy3MtkHpPjnn-T3bkkFJT_imNLsWDpJoKIxQ&sig=Cg0ArKJSzLZD48-RbeDYEAE&urlfix=1&adurl=

Requested by

Host: www.guru3d.com
URL: https://www.guru3d.com/index.php?ct=files&action=download

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 76FC 58 KB
19 KB 36ms
35ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

734570f762a112d6fd1829fcb2ff2eaa11f908d7ebf6131be5e4dfa4cfb56321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "829 / 142 of 1000 / last-modified: 1617228727"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19709
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76FC 118 KB
36 KB 34ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:07 GMT

GET
H3-Q050 200 pubads_impl_2021032901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 76FC 288 KB
101 KB 35ms
35ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

0862c2487c0665ea2123f42a17adf474adee38aab90c6a1a4288a0124d05294a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 08:36:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103062
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:07 GMT

GET
DATA 200
OK truncated
/ Frame 76FC 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e27ad654087a59e54393e4b94631e6ca47cfd8867d7e29e827184d03992b587c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 76FC 0
0 62ms
62ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYodB3Me0L63ylOX0zyPALqJnqXs2mrgbazWpgwSlOcLWnY_IlDmc-7aNQE0ICmQfsR7PNu44-bqReCm9bBfGv_6XMZVBbeoAOk3OPrBDKZZWzZINYy-eoOhGVO3GXji3yvGu4FkUAml6a1KQjp9I2DD_bFj5lFnAKFWmhW83XKOMHUkhiguz_eEtVElw-g9_vb2e4DpdTpMTZ6XEtow2Qbgsd2JpdTI7sdO-YXkU_aRwU7NV0jG_GTmfY0EpXW067a1pyJOxWf4eHZBKPtozm_cPXEkXmbUQwiIZnY2TxkiEP&sig=Cg0ArKJSzBFpDAss4agsEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Apr 2021 06:12:07 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 39ms
38ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021032901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7013508f72f462defceb38a2c3fd84ba7bd21f912b6686066f0c5474427672d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 06:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6480
x-xss-protection: 0

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5E38 42 B
66 B 49ms
48ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1nCFbLdpQShey1xPxVwPq2StUVMfFVV69_sS0B5B5ap-4CFS27tGusTGZQVN8EUMyQtYWXIDyuH5try4WBuL2XMcVbbIXX36j7tUseAI&sig=Cg0ArKJSzFJQ_JV9sSHVEAE&id=osdim&mcvt=1009&p=188,1127,438,1427&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20210329&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1379754963&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1617257526446&dlt=11&rpt=107&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F63 0
112 B 61ms
60ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BageLN2RlYOPQBOGV9u8P1deBgAEAAAAAOAHgBAI&bg=!4-Cl4KTNAAY56aLOOek7ACkAdvg8WnUEFSxmH4ychN7KPq44PaO0nOVC20--RVRXybsy4rG2jTDeTwIAAACVUgAAADxoAQeZArWUT66IBl5UAcaTt9qxid6sOJSmFOjg6hQDJna-C8L8aFt19zqaFrsCQ7THNVuIJ8jvDBCAU3roW3FRBhkrQflIBzXDxXrOSucfa7UtL3nflm6K6X3fqm235_aLXC7ZpMWgpchfXQhSDU4sYD9RLPvB41o9Xh7vvKKtBOhF_P8S1_YudRq1_h29424yFsFF04tvv6AOYwMhwxlcDPtYPxk9uDeLRAMpySHnddiXj6RMkJYvDoUfn-K_M-Qs6gPQcJcXDTpkjBfay24cM7q4-aUYLyS6z1zRIKa2Nplb4sFSXVRxMdIYEImY0X0DEnaXF9zjFA2dNlyjezqiv3cHu3KrTknsXWytFlZYIlj7b5FaE9AJ2Ytd5USjYChWX3gitvCkszyNxthWDgzoTb2OKE8knIfJavTOGPv03CqNsyF7_yIJrKZNbmehOGXPAv_b5vjqVRlXiDj6MuIgRos_N8-ZfReZKQ5pUPk3gvbJ7aomYiTu23WTPg14H7sAnJCaqzHZxmmXr9L_co_IkuAylDQ-3SfrFArXqblMX10twa67JRiyvR7_D3FirvozKPSgoki5INBlfX4qfzGLZ6WbYWttHU9OhKi_J3-lbEy-ekbTJLzHkjxphz0No5g95qcJhkU8gwV0YIiOVrQozVnl_KAI9FDpUNuFGpJd3KIGQQzlHcW3330CXZjx0a-WoYb1oChq1cD7uEifJUXFWmSrnOPrQchc4_d2_trPfqVVn-kGKwEviQ0aTmf6Py5poi9A_SnoTrHlwHM76Pbe5r8gy8VcaoKSDj5YYFbXIN1eg0r23b8DRpdh0xma9k4g_A2tjRRWMtbuCtH29JZ4GpWB-VCXw969LFR7KiRRodEk9OWJk0FcEL6rxQACpOCd6_VMyhqGUEowwi3SUR8zBoH1djV2-_J7WCg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 01 Apr 2021 06:12:07 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8020 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guru3d.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.guru3d.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 01 Apr 2021 00:27:49 GMT
expires: Fri, 01 Apr 2022 00:27:49 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20658
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 43BF 42 B
66 B 48ms
48ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvULurOQtSn0SbwzY6_W9b4ZrUy-FOgCDp2wOW_czcvI2hD_CVd96vqcQ3tmTRMLeJrqt8MGsILJgFepg97I8fSfxqO3I1Mlr1BhGhkuvU&sig=Cg0ArKJSzHSq0fzNCiWVEAE&id=osdim&mcvt=1000&p=41,699,131,1427&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210329&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1733603311&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1617257526432&dlt=0&rpt=189&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8020 14 KB
6 KB 26ms
26ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 538136
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5693
x-xss-protection: 0
expires: Sat, 26 Mar 2022 00:43:11 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 48ms
48ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021032901&jk=1590353518451642&bg=!4uGl4aXNAAY56aLOOek7ACkAdvg8WrW91vFhdesQaCC45Qu9qzz6IFBenWLS-7TdVDxxe5bcgSe73wIAAAB1UgAAAAxoAQcKAcPobh6WUgE3eSl-kQhaNiHRgUnml0op5luc3C8eZdqx1OfCDCrrm9OYJZDFlWe9UFk9bII--9_fi1lBqyJTbzauYKRwKmGiyQ2xvmrIUHvQ4TWpCT8nBgULtn8kGHFgdYQvBxT3rmlEYB-fKYeni7x9eJMxpk_HIGw3JEGmv_zRuGXgVJ6wmrFOB25vPMfnUF7zVPjscFmZlrVCTwQPVqbhP0VGH7EcRdpem4PrDoPYHVVTNOQ7--p2AB8vLn-EXyy_PPar0DGesemChZEZozmUFxIAJmU2Yu9BmCcMeRrwtaPrATsyfKiVUGHveE-StOqbhieIEAA2fyVFdonN-sQ69Qge6oFkIkkFg7zcYdkvRzH6eh6nA5WY5jTtEvmBSzyGUJgvZx8AA2lUibKIf3s_XOg68QuayScJqDcIcVRFFogBFR1eUrhrY8FRsSHiPz_uhS-d7F2BbOG3B3xAfqRSWzEAcqQ-I8j0Mcfx26qfdw9oJb1opWtrwEkad2lR_YdRuUt_8RMh5mf-6Wt8BnyELa1xao1Dz1nGDMXDR_vGFFkXYKb94oS5YTaq1WdC1DUab_LGyzuxehpoUOVq2rs8JmF_mQHUyIuwDIPybmHiBD7J91YXDIB8zCVj8is8xuMclLIoxOMpPo-IfJ1iXLT_SwlPHPpNlmk3F-SX5LC-JNmiZmKf7dfyd6o1YESU-iNq44SRtf1m6FR6Bs9DVV0ioerrVTM8mCHV4_SxVWdDc4pauXEa971prHOBKoSiPJmZPAGznNdeLAOGIbSyHj1ZHhOpd-4sXZSiuiBatStezgxRERynPDZVFNXxle7_EB57Rqit383lMuP6Aysjgnyl3zgbzfJpjXbCLw4xrMpuBvNQ1Jd2iEbLjjS8OkXIq0LIahmalsNACj5TQFolrgknw6nm9HT_q3mm1kHXeREeZAvEYbT8p2kq8tHTMpYq7YZCjl-Ha1aoUnh8zRlAOsJdXoy40znhB7LQCjGm8zwqUCDBGpn1O7mFHM_WO49zHvWRch4SAAFQPfDkBRbCCsdBjUlaypsqPLCAtNMTf96THPTByNWrCsA8VzBihl6vpqp0DCa9OpsOth4AvkChuCCm_mpdiQ82kAnYKHpeXdJ6oj1vABAMlkf7gOWgu6lXMn9TwgytP6sLiTuDTmwI2gDzy_TptTmwoQ7IZMwLqLAHCg6eWtgaYfub3uIQIiwtN6oh4a83GeOLqHPU

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 064B 42 B
89 B 49ms
48ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQ87MVj0c1sYTXp4UcC7iGn_34oyJ0BTBJq5T_Dqc9Ks3CT5SwebMlRGGM_waEKoHzCoYM4kuYejPYzw9J6rs&sig=Cg0ArKJSzHT2cIFqxRLoEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210329&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=2539895705&rs=6&la=0&cr=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ;MID=167608;type=viewableimpression;placementID=1158556;setID=203376;channelID=8974;CID=386523;BID=520338993;TAID=0;place=0;mt=1617257527251680;hc=00dd347bbc71524fa0273c0aff4d0975a7dc28f7 Show response
servedbyadbutler.com/adserve/ Frame 380F 0
313 B 32ms
31ms XHR
text/html 78.159.97.6
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=167608;type=viewableimpression;placementID=1158556;setID=203376;channelID=8974;CID=386523;BID=520338993;TAID=0;place=0;mt=1617257527251680;hc=00dd347bbc71524fa0273c0aff4d0975a7dc28f7
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.159.97.6 Paderborn, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.guru3d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:12:08 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.guru3d.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg8cjviskpCH4c1RPnxSYmD80RHld4793GhXMFbt5Aume0QrRVwqN_kEN1MQv8lMrSXs1AXflo5A8VERvAQfHZwOsskY0FZqsRzq7l60SL8xDUiEUnc7-PG9Ua1Ar6SqJdj4BA61xHxAoFhW8TKlYLYtZEGJ8c4u19MTw9kXTSAHsDSDfb2aHk3nEqyz9POPc7ghtv7usWFDDU1QWkTs8pKNwZ6HvN5jVv_NazmfW756bwSI5dwFBdNq4SR3jn43wo__wbNscQT4Oj1a6S0kDSR5ijIK4br7RdAjpIB62M9fygQ6U&sig=Cg0ArKJSzCs_ZClCAkqREAE&urlfix=1&adurl=

Domain: track.adform.net
URL: https://track.adform.net/csimpr/?bn=44399510&csi=nMTmZ0VTLxLxjRZIzDFeSV8Oe2W0Zkmx0SI7PJWneLAJDwKV3Zer3HJHeI__sYQE6meZx2QNlmVUrZ3N_DweHWQBbo50IEXs0

Domain: s1.adform.net
URL: https://s1.adform.net/Banners/43836544/43836544.jpg?bv=2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvo4gieYFRg9VC6KaWLgOgqVm1NewPOhwYVivOqqVLHxuuHQP-jHHVNCa76c7rSF103vnwlr5ffnFbhUL6VJZhCwZ4hJJeUGu6XGgPj4TyoZGz5KM2_2Y7euayKcKUwCnLX-L1C0ZuFmuHD7RAQqPcvZZtNMtvdt1N09_3CvoDe07si2s_TkvHyhBskc-MZVWM3YQ9S-vDGhU_esg0IThKIqGK7xDqAsOAVCXRAEzfS1CZzo9AVS1HZfvxb4CEWSniC13OX2Hm8f6zanwzxH8WfLUzAll1hFkqJm5GZ2AZvE4yBhfetQ&sig=Cg0ArKJSzKbnsMVz0FqlEAE&urlfix=1&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvf6-86Mpq_JREMMJmQCp37jM0yA-TMOpAPp11_NJq36-ZcI-_PYeUJ30_gMLbfMYeV9PygohOBleP5g9-cLspCOXe7SdmVbW7f9kPu_DY&sig=Cg0ArKJSzKBlnKCZi-5hEAE&id=osdtos&mcvt=1500&p=41,699,131,1427&mtos=1500,1500,1500,1500,1500&tos=1500,0,0,0,0&v=20210329&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1733603311&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617257523641&dlt=0&rpt=204&isd=0&msd=0&r=u&uup=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvf7RBqvoZKjAcrvbqbiGU3cGtjEytm8o1KAaEvxMRHIyB2Dy8e1Ek1Zttoe62xMGUIv-lBHXtR9Kng9LXq_qmfFgYIqNRqHQ&sig=Cg0ArKJSzAq0y68i57nvEAE&cid=CAASFeRoQw6TI-siuxeDpXdBbRGT8FJq0w&id=osdtos&mcvt=670&p=0,0,90,728&mtos=670,670,670,670,670&tos=670,0,0,0,0&v=20210329&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1056697662&rs=4&met=mue&la=0&cr=0&osd=1&vs=3&rst=1617257524056&dlt=34&rpt=505&isd=0&msd=0&r=u&uup=0

Domain: track.adform.net
URL: https://track.adform.net/serving/unload/?version=15&unload=3068255876971337036@@44480674,5976834531354539833,100|0|0|0|0|0|0|0|0||22|1|1|60656433000e58fc07fd84c67b0c307a_1|||1|0|0|GeaifxD5sTxX7EYoWZQhUQ6Kqd3Xm62VTstOgFd2M05BLCbS3KYwd8kllzAqADQrA7z_uuw_WOM1|||11|

Domain: s1.adform.net
URL: https://s1.adform.net/Banners/43892464/43892464.jpg?bv=2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupAud2ErR-96Hwh8HoNa-6YEj4DsXDVl-tultLTJQaub9h4c529zkePT7SvafoJypKZtv86Z3f5cLGIdJrc0FBKaaBxtJhri0794Vd0rY&sig=Cg0ArKJSzAY9Ye5C31uuEAE&id=osdtos&mcvt=921&p=188,1127,438,1427&mtos=921,921,921,921,921&tos=921,0,0,0,0&v=20210329&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1379754963&rs=4&met=mue&la=0&cr=0&osd=1&vs=3&rst=1617257524271&dlt=0&rpt=167&isd=0&msd=0&r=u&uup=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvC2NwDZa5ITKPmaTno6ktYAsC2iOWRFTRXTthhw7wasLfE1usGQLUyDBvmSuueI9cySg7AG_hvAt9vsVEq9eAE90GAG6tEbw&sig=Cg0ArKJSzOHBe67OtI3MEAE&cid=CAASFeRoodNBSCBHOiwbAux_93ur9lm6PA&id=osdim&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210329&bin=7&avms=ns&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=349619623&rs=4&la=0&cr=0&osd=1&vs=2&rst=1617257524701&dlt=11&rpt=339&isd=0&msd=0&r=u&uup=0

Domain: s1.adform.net
URL: https://s1.adform.net/Banners/43836544/43836544.jpg?bv=2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUPj8W9NbOE4Ke4kG-3qRoG08OOokVTOoZZR2eTLVfbFAYxIvGYcwnYEa2dhlZzcOXNNzgqNi4b0R5pM3dq6XfyJ2C44Gjk7yTxcHFmio&sig=Cg0ArKJSzESySp76I5kxEAE&id=osdtos&mcvt=0&p=1010,1127,1610,1427&mtos=0,0,0,387,387&tos=0,0,0,387,0&v=20210329&bin=7&avms=nio&bs=1600,1200&mc=0.32&app=0&itpl=19&adk=2692230078&rs=4&met=mue&la=0&cr=0&osd=1&vs=3&rst=1617257524745&dlt=0&rpt=226&isd=0&msd=0&r=u&uup=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLDCou25CAxjyOcs46VUhgb777TpDibl5-69_CsWc05bSyJJr9QBxh0Qpa7d9Z4cZKEr2SNvT0YIVvLePPr6GVdMCRDVehFcqGABSK9jo&sig=Cg0ArKJSzB_TeObN-SjwEAE&id=osdtos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210329&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=1466295783&rs=4&met=ce&la=0&cr=0&vs=3&r=u&uup=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjmcMn5aKlpgEqLs5-F6qP7oxD0ou3De6JKeJJBHHvchs6lOtNpllNo5KbT-Ykur8PYHAD2HZQHwXNKxP3_1jr5lhZcZzjUJQTAYMBAIE&sig=Cg0ArKJSzMzxfVnfm7I2EAE&id=osdtos&mcvt=0&p=2138,1127,2388,1427&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210329&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=19&adk=3057682820&rs=4&met=ie&la=0&cr=0&osd=1&vs=3&r=u&uup=0

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js?31060600(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	error	URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.guru3d.com(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js?31060600(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

183c782a58b51559379973a02194e17e.safeframe.googlesyndication.com
5961cf7b7671831ab4c1029b91a23207.safeframe.googlesyndication.com
603422eaf0bde6f5729c1be7df307752.safeframe.googlesyndication.com
6ebcc1e069de6eb6d5d864ffd642862a.safeframe.googlesyndication.com
a.rfihub.com
ad.doubleclick.net
adservice.google.ch
adservice.google.com
adservice.google.de
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
cse.google.com
dsp.adfarm1.adition.com
dsp.adkernel.com
eb2.3lift.com
f6ea059e18ec55d3965fbc1061c05cb4.safeframe.googlesyndication.com
googleads4.g.doubleclick.net
image6.pubmatic.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
quantcast.mgr.consensu.org
rtb.openx.net
rules.quantcount.com
s0.2mdn.net
s1.adform.net
scontent-ams4-1.xx.fbcdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
servedbyadbutler.com
ssbsync.smartadserver.com
stats.g.doubleclick.net
sync.go.sonobi.com
tpc.googlesyndication.com
track.adform.net
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagservices.com
www.guru3d.com
pagead2.googlesyndication.com
s1.adform.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
track.adform.net
142.250.185.130
142.250.185.198
142.250.186.98
144.91.87.188
174.137.133.49
178.162.133.149
18.156.0.31
18.157.239.120
185.64.189.115
185.86.137.107
193.0.160.128
216.58.212.162
2600:9000:2127:9600:6:44e3:f8c0:93a1
2600:9000:214f:1000:9:46dc:4700:93a1
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:801::2002
2a00:1450:4001:803::200e
2a00:1450:4001:808::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2006
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9b
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
35.227.252.103
37.157.2.249
37.157.4.39
69.173.144.165
78.159.97.6
85.114.159.118
027256bec6e9b873ceb4b9d9180beac24e6d0b9024f540d1b4cf0302b91535e9
040cca331d65b92bd45651da329569579ad081ec68afdc8d0180c05aad170324
0446aa675e2f4870526d40a72a1920e03c7d0c63056831fe2da8bc60a8676e26
0862c2487c0665ea2123f42a17adf474adee38aab90c6a1a4288a0124d05294a
0991547678f5bf46df54e55b8faaf7ab871d17c2f28db6df3f81add38eff35d9
0a30aba47445690608c40fe86c7827346570a6f30b7aaea50af0638758b61d9f
0b6bff2c3068d224006fc0f8fe966339c03159fbf2ad269e0b67d26322397469
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c4044290ef1cc01f164e574203e35d48a88b8edf836262612d5b29ec6571a80
0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd
11c5b8b82457a64c7e921cddd29030a85d1f2cc7c4b74cd1be6af42f9997fd72
12749663dc7e15a05d48298ce56668d271c616ce1062602e3f2a43a505e911ab
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ed546354ebdec88fc6065400e2ac050f826cbc9dddb458539506095938cb8d
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
1db078eb878691cec33884aed30f8b263ed71b679a79be700c3a3ed787593ffb
1f1ca8a1b3681d03a2f919d1175e672f1fa42514afcb35318fe565a2ea602c50
20f8268a29c805c82bb9501513e6f6dd2622c620cbebf7608a37daac2da95754
226be6dc7c2ce2519ea2c3d02d056aee3e51212e30f5bcd754942fbe22b8f861
22de8bba2db54997d0944355ab032fc375ece3590515e4d5c26fafb92266360e
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
25075022cea6f81dafbd9e4ba66431f89eeccd6a4bfd434db25b2fdbee0cfda6
277022aef03f6f935072e92f67cacac60de867c2727c26c6ba5f82cc203b37a6
2934ccf5551e53d40a55ec12203eace83896813c0d09f3d558e8f112b04f0e0d
29507fd3a172d0d54a23c53defa95fe78dbf477c5577b7b789abc2946c8a40d8
2bd875a53f49d36737164e14eff58b51328c6643787dd7e0eb5870806ea86462
2c7ffbddf601001e9c81f51306d03788945e59270a949aa700f91c000c347214
2e387ea940da1b59933421290c1112a89a40b7c0da2342ac4c46e4c5eef7f3f2
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
337772d78d062203c5d496bb6e43d88a97769b67e0575f3af4384a12ed3fb6ff
339d4818e48786da7a82d07d6f214e1b35148653d81d80312d028b2e49ae4d84
34c2a6b2fd25bb0b5bda545af77d1a0af494cbe11c65ee2d0c8acdd497a49b96
385fa695850ccaf7910690c9170f01b3b57a9ec2f401592f49b63d480b1d84c2
392a6d7af658818fea4c15fe1aa3f03a344566f9b5ad583aa3a3b80e0a901219
3bd437c5bc4bbddd6787074f169c59fd0c025386f1b898fefc57fc21c9104cc8
3e9fb74061133f9dc6c809fb777bdcdc8e02b6812ad5bf39aad5f6c69f1b96dd
43499314048acc242966effd86ee0073638f179c0ccd3b7d3ffea392f837113d
43cca61ef3583b0cc352dd8b3b76fc670bbb528bf2a2d269d1c91313fb53e9a9
43cf7e453a057fc64a04d5edaa1816045d7f0df36b7275aa2d5333c95134bca8
43db90014dd0e1965a3823d621d47a5a6590cc7ab7046f62e6fdf2061b45e353
455c3aa9720bb559d261c4b91126cb589442f0ed7191e47c346fb4f6418306ff
47a0d4982b0bbe31ffc27913ea3b0c0b2720c160300c0d9f055b2a64061895c4
48495728104d9571432504ed32259ea74d116acf276cf5a81fa72dc0b6890dc5
4c100d2fccf1d170cddf48b79f22c6c34b27d304261d00e0b0517527dd291478
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4e407fbb7b1204fd218aaa05b70eb04e1036f9cc66b9281f81a8406cc2580f9d
4ee6b4b915de8905fc5f94dd96c1cf00d69a9e46acda45d7597a2448c7c7533d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54e0b20f209dad07d6e278d7eb7132eced51033e0fa2f569276ea8d238b62eba
57188db6b78f3bc778063fdc1285fbca0a26e15f23db1e2e22dfa05cce03c06a
589a1d7eedae99cf3dd4bee4219d238cd6f58e97f03c9fb0d1fe65beb90b0c71
5e05ee3ed933c20e23d5f7b2d911d47e859d525dddd64084f9f4eb2e647af0ce
627d1b49321d7a8a4a4073f34b3ba1c96738f3f0d1f9c54f3b251bb819975a8e
62d75a2df7b1fb94be8c1f494e9349ce72e7c26e808301b8a4925e0924dd64a6
6325a6a3117de764f157feceee92cabccbeba6bd5182ec154837a43a4479ffc8
6327b24c6bd01db691bd3a924c43756a93466d100577a4101bdc0d8d8c1f0421
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
64dae794cc38a8fc8d65b4d5645b4bb93619f6a9186903212dcb3be247b197fa
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
686df60545fbf0a0d59457fc410d3f997b5c904afdedb6d1b67a48984d6a2cda
69439656dea473a2b061c934e843071a2d10a889fc74484b0cc5521767d2b1de
6af9b1a870ee1a99577c80fa1a17d856f09635385296bc19cab8766e90b3001d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d69b73a001575ab8b7c0fd790793d949aca7c97e3598004e99829651db9bf35
6f50d1a146d18a576b5982c718b577fa80eef6996cf2e77dcf8d9858f6ec3395
6f87aa1d05dbe6af42e9c7cd226be7d23385194a311959d108d381fba3478985
7013508f72f462defceb38a2c3fd84ba7bd21f912b6686066f0c5474427672d2
719875309a034313c742edfa43b78177ba49971a941b961ca9dd360eab569c8e
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
734570f762a112d6fd1829fcb2ff2eaa11f908d7ebf6131be5e4dfa4cfb56321
783355ba48d24f37c27cafa383cef88a462f95b7fc65d4fdaf57a0bcca7f371c
7a84683ee8a423fa78ecf2b2c4c4fcf0c93bde3586c7b687c801991a41effab4
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
8240098c8d78f4dd63ef17825c7f8c9ab5526fd2a84c34b192523b6062c82654
828d20c8ec459667b12c0d698b9450f2a2d6127394d1dc8ada898362412d21d5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8841615a819c2620b366e3fc9bd7189f37ae881e637dad71739c6e56d595e7e1
886c9cdfabfe375aafd42c6b4c32999eda92fab1dc319011f07dda1a83a9e1cc
887aa90c52c270653d0d1809a07e52124045eb6cf81e8160e71f53adc5166b00
8ba2d52ebdcc24384bf69dc95b710d7418903602b0461e52a9f3f52e6ba3bebb
8be66a7482b742f3c31ba67cc325f1fd8e8b4218ae1e6525d08d3635316b1f69
93ed3d00fb0c638f0144f3448d3f7fec80003d5e4e50598dafd403d8fd232b27
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32
990b8aed006156731e08e68ec85706ebcf592462536e4374fa58a57fdee1c055
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9add47ebb1d0a1a0ce5e9dd93b5bc4cd7854e63173e0465f9e9ae350f1ad1f55
9bb78f632f67780c00b07e1164aec256155ae77de114a65df8dd39f8088cd83c
9ccf5516df407728d0f415c944e340497a0cd8fc7b2a850c74de7523e22b7d60
9e5cc85ec4a144767defc8936434d2a56219d82a06a5839d3c88a7c077910dc7
9e5e5c268fdaa87b5bf12b1b706d7010e604e67910f91802ed51ab7a3b2eb119
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a21c4123f8204557904105848e0e1955a20463a6acd3589bc5bc8e2372853f2f
a2afd20f507ad842b7942ae4b43db417a9cd561dcff60bc16d59dc2dd4d5aa9c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a515b24a0ddb5985de71e218ff259ce1f92256cea1a61954ccf157649c3fdbeb
a5d4a90aeadb89347d68c8f99a98c271ae12a0df66b0683e2f8a0f9bb582ae5b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8f13154eb1406bcfb612d0499b161329c95da4c8af2082da52f22b0d7020efd
a967bdad4b5f9b2a1acdbdea63f35168cae59643c595fe9ef672a4ca207a457a
aec43616adf0ab4f84e3ee1e5820bc48a3f8a4a9bd875cc8853e03e91db14b26
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1d81042d7f39b69fed545d74aa2e60e27534cfaa8460b44d7963fdcd6c18fe4
b351cec47b19e9de0c5b834cd00350033daa03b9b805a82ff05c2775d34f4910
b3d3a5f55f874bf0051eeabc4bf8eb85d216919f41ff137a2024cc7684e5d36f
b472f8eff8af3779b3e0a9e11c438492cde5b55a78407dfb75854ed0c2aa1e42
b8dfcaa28c54fa0398fa53a50f078313a1f33345eee98cd6dd4a08b547a915e2
bb6c533351bc20a28d7d9f09a9dfdb6e70ce724c722071db321e45acf81cd668
bdfff1f05100fc5f8d1149b92f33f1193f20a466689e54406b0d8f244e81caac
be398598072995cb4f26363906db68ebe6dded8d3a29c234eb74134c88acf28d
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9
cac2837aba5655412929c56e39e9debc509bd67fc030875246ff7a493b249fb6
caf1ca9defb27f2ab345cfbdd9148813c45f544ad7ada0a03297990e1ea29e60
cf8014b54a505e4cb24907b253d9a89888ddc5c1e57fb7b973a87f2b2fd50e37
cfe2e1f999b74eeb141c463061facc63dd97d65ee4c66c39c3f14263cc6157b6
d0514ba6ebd8e2760c2531a1ab67a322d3b00b5449bdc59c7649eed18f003ffe
d0fba8c33a18e0e638c9825e0e019e07abe72bb38e28d9a6da1428c84d91375c
d6a1244cf9c466a9be3da7257db1509667c5e75a6dd9f13efecf7d879ebe4b4e
dc4c57feb5f8d2a26270a33c76ffc53df4a2360531758e3824fda9fd1ad62f5e
dca4b8b1d0e8b00ed17c15ac1c76bbf4c956ed20bd7879e8d35706b077943808
e27ad654087a59e54393e4b94631e6ca47cfd8867d7e29e827184d03992b587c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5867ad740bc719bf1309b5f65537b7ba69f2cba5e9a193679859542d1bc7f95
e5d22e5297fca3c39e57aea125d7fac1be0210d64fd5530f6b100cfc41308fc1
e6cae1478dbd477445e5790dd876da9a106a44244577c063b47109fd690b92dc
ed03a9ff209062c2fd431b979b592e93480db9a3bd1ca6367443141e88f4719e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
f0cd24d395e62f8fc94c2eba77cf961a26f8894d95f7b8abc29fc48477dc3d41
f2696ba428936d516c3dd50c2e9726d8c82cbd48e4938a6f04e965185e1ee562
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fa6b2f75bc927f7d7aba7e7d09f3e374226cdad86b180c6601801971b1d81f12
fcc868dfb68ddca90917050e6f3f5059c749d5fa7934c3f935d5ddca2fe1e813
fdeddda6872052e957921cb5ed1ac9f5af08dd6ac35ca43949ae87723b6dd0b5

www.guru3d.com Open in urlscan Pro 144.91.87.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

303 Requests

95 %HTTPS

55 %IPv6

27 Domains

43 Subdomains

31 IPs

7 Countries

3643 kBTransfer

9455 kBSize

0 Cookies

12 Outgoing links

Page URL History

Redirected requests

303 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.guru3d.com Open in urlscan Pro
144.91.87.188 Public Scan

Screenshot
Live screenshot

Full Image

303
Requests

95 %
HTTPS

55 %
IPv6

27
Domains

43
Subdomains

31
IPs

7
Countries

3643 kB
Transfer

9455 kB
Size

0
Cookies

303 HTTP transactions
12 data transactions