www.guru3d.com Open in urlscan Pro
144.91.87.188  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 125

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRQEM-uoJSXeKMxGlhYHG0&google_cver=1

Request Chain 126

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtszOCFJYocRJY6slLNX6wAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRQEM-uoJSXeKMxGlhYHG0&google_cver=1

Request Chain 127

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEOf8zmd_ffbJnQBxXS_-cO0&google_cver=1

Request Chain 128

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NDMyODY5NzMyOTQxMTAwNg%3D%3D

Request Chain 135

• https://hal90006.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=c60d484d4e&subid=&uid=556da6426a19e774&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdchpODPbYr_pHZDjgQebmIPwCLXN-YNXzN65q-UM8C4QASCd2oMCYJWylYKkB8gBCakCDr90toAqsT6oAwGqBOoBT9BTbeeM56lAHCz1RytR4-z-WAetfjLNALySeTII7FcO8CU9ObQsXEko4l-2RcVrl6WU6TCKmla6lkL6xeTa1SqHgV-k6E32U3jQAFD3W60Fc5iUdA74522SHX7ZbYmjucS48AlQN4XnATlrEFwboFXvqXbcV6g0xjcsVaBF8VCp8bw-UBYM3Fvge2MN2-WbTnzDGg83mSIewdKKygbRM9k0h5UcMzzOlBAyTI6_Yc58jdmLK3YJKYTWi8PM7eg7YkoKxsXqBMVFuzeTwZ4TqPNIx3QnpPrtoz6LLTi-JTw50uUZABg_X3AjwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoBmAsByAsBgAwBogwIKgYKBM-nsQKwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoa90dr7kdx0McH3qUL7zQ-bE323XLGHTkAS1CeFhRD12zrUkQaA0%26sig%3DAOD64_21CreY6WTnJdgVZ7t_1kmYc4g4Eg%26client%3Dca-pub-6229826550763491%26dbm_c%3DAKAmf-CmwDoi8uA1OpRBjRsqSChisjOJLcP9QlxaSu0jWEkoY84k4uejsMfD8hbSot8QLbXGan3QKjEeepHrsi3WDz0O2MHnsl70GllqAAMFozKiESDVgAPE6DNqaLcVRgeSD1FwF6LOFjVXHIjzwTMOoHMueibhXA%26cry%3D1%26dbm_d%3DAKAmf-A1XhG1jmRsb1XR0jsT2Pqfy-97xqcDumr5ipcAt82vu4u7e7-9QC_QOadIJeGe0mGPdE2ONC5Ih-vMjggirUN-Ulbn_sC-W062qkUP81Yg_L8fOc4l6ojRCtjz3_595Sflw9VyETLFm30AZt8tvVGmbZmAZHXBd_8rhQJ8K8OmIHfer2AX2nnMnY3NE4dm917KOwIMbJLgt_Qx2NR-aKHG12rLB2b0zhOy1XbfyFTu9jm5haEWV43WxImVPpQkSPANUhvn-bc4yAkfDxRPTwDHBkSkCvTWnsip1RzQHfP3dVEd9r8s5IqhwmaKPb3o5nT0CF69zXfpAXYYmaiOHgdVjFMCytQ_Mc8lXl4pPPhRbq0gdgt7sK3sbsVMbSDos5g21j8IN9nk4RMsnjQghthCJVY6RdRlF27H13O5w1GYdk4i-ZDC08zZe1Pxj6muNk77nmqVROddBblNG3Qzmo_Ss6u3o-l7ZBm-SotsUj8qn926HwUX1X7i216k2kWUE_I3vM6ah6CZAVvbbUBgA3kBGXdcCg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.guru3d.com%2F&ancestorOrigins=https%3A%2F%2Fwww.guru3d.com&random=8668115019733&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal90006.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=c60d484d4e&subid=&uid=556da6426a19e774&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdchpODPbYr_pHZDjgQebmIPwCLXN-YNXzN65q-UM8C4QASCd2oMCYJWylYKkB8gBCakCDr90toAqsT6oAwGqBOoBT9BTbeeM56lAHCz1RytR4-z-WAetfjLNALySeTII7FcO8CU9ObQsXEko4l-2RcVrl6WU6TCKmla6lkL6xeTa1SqHgV-k6E32U3jQAFD3W60Fc5iUdA74522SHX7ZbYmjucS48AlQN4XnATlrEFwboFXvqXbcV6g0xjcsVaBF8VCp8bw-UBYM3Fvge2MN2-WbTnzDGg83mSIewdKKygbRM9k0h5UcMzzOlBAyTI6_Yc58jdmLK3YJKYTWi8PM7eg7YkoKxsXqBMVFuzeTwZ4TqPNIx3QnpPrtoz6LLTi-JTw50uUZABg_X3AjwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoBmAsByAsBgAwBogwIKgYKBM-nsQKwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoa90dr7kdx0McH3qUL7zQ-bE323XLGHTkAS1CeFhRD12zrUkQaA0%26sig%3DAOD64_21CreY6WTnJdgVZ7t_1kmYc4g4Eg%26client%3Dca-pub-6229826550763491%26dbm_c%3DAKAmf-CmwDoi8uA1OpRBjRsqSChisjOJLcP9QlxaSu0jWEkoY84k4uejsMfD8hbSot8QLbXGan3QKjEeepHrsi3WDz0O2MHnsl70GllqAAMFozKiESDVgAPE6DNqaLcVRgeSD1FwF6LOFjVXHIjzwTMOoHMueibhXA%26cry%3D1%26dbm_d%3DAKAmf-A1XhG1jmRsb1XR0jsT2Pqfy-97xqcDumr5ipcAt82vu4u7e7-9QC_QOadIJeGe0mGPdE2ONC5Ih-vMjggirUN-Ulbn_sC-W062qkUP81Yg_L8fOc4l6ojRCtjz3_595Sflw9VyETLFm30AZt8tvVGmbZmAZHXBd_8rhQJ8K8OmIHfer2AX2nnMnY3NE4dm917KOwIMbJLgt_Qx2NR-aKHG12rLB2b0zhOy1XbfyFTu9jm5haEWV43WxImVPpQkSPANUhvn-bc4yAkfDxRPTwDHBkSkCvTWnsip1RzQHfP3dVEd9r8s5IqhwmaKPb3o5nT0CF69zXfpAXYYmaiOHgdVjFMCytQ_Mc8lXl4pPPhRbq0gdgt7sK3sbsVMbSDos5g21j8IN9nk4RMsnjQghthCJVY6RdRlF27H13O5w1GYdk4i-ZDC08zZe1Pxj6muNk77nmqVROddBblNG3Qzmo_Ss6u3o-l7ZBm-SotsUj8qn926HwUX1X7i216k2kWUE_I3vM6ah6CZAVvbbUBgA3kBGXdcCg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.guru3d.com%2F&ancestorOrigins=https%3A%2F%2Fwww.guru3d.com&random=8668115019733&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 150

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 151

• https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=98017500004252600710616012029006&t=htlp HTTP 302
• https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=98017500004252600710616012029006&actionid=981741&produktid=&dt_url=

Request Chain 153

• https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=98017500004252600710616012029006 HTTP 302
• https://ad-server.eu/wm/pb/native.png

Request Chain 160

• https://www.awin1.com/cshow.php?s=2588355&v=18692&q=383790&r=296283&pref1=98017500004252600710616012029006&pv=0 HTTP 302
• https://ui2.awin.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg HTTP 301
• https://a1.awin1.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request rtss_rivatuner_statistics_server_download.html Show response www.guru3d.com/files_details/	57 KB 17 KB	184ms 115ms	Document text/html	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40 PleskLin Resource Hash 00d600f19eb6fac65d99ac8a88f80beaa6f140dbd7fe9b4ab20b89376ca09290 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Fri, 22 Jul 2022 23:31:02 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server Apache Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By PHP/5.6.40 PleskLin
GET H/1.1	200 OK	jquery.js Show response www.guru3d.com/core_javaload/	92 KB 33 KB	105ms 43ms	Script text/html	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/core_javaload/jquery.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:02 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	index.php www.guru3d.com/	31 KB 6 KB	85ms 32ms	Stylesheet text/css	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/index.php?ct=core&action=css&id=2 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 7a84683ee8a423fa78ecf2b2c4c4fcf0c93bde3586c7b687c801991a41effab4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:02 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	WnFYg.png www.guru3d.com/gurustuff/	3 KB 3 KB	116ms 31ms	Image image/png	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/gurustuff/WnFYg.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash 828d20c8ec459667b12c0d698b9450f2a2d6127394d1dc8ada898362412d21d5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Last-Modified Sat, 26 Oct 2019 09:33:09 GMT Server Apache X-Powered-By PleskLin ETag "be0-595ccf460bcdc" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 3040
GET H/1.1	200 OK	hoverintent.js Show response www.guru3d.com/core_javaload/	3 KB 1 KB	86ms 32ms	Script text/html	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/core_javaload/hoverintent.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 719875309a034313c742edfa43b78177ba49971a941b961ca9dd360eab569c8e Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	superfish.js Show response www.guru3d.com/core_javaload/	4 KB 2 KB	99ms 35ms	Script text/html	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/core_javaload/superfish.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 3e9fb74061133f9dc6c809fb777bdcdc8e02b6812ad5bf39aad5f6c69f1b96dd Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	animatedcollapse.js Show response www.guru3d.com/core_javaload/	11 KB 4 KB	88ms 32ms	Script text/html	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/core_javaload/animatedcollapse.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash cf8014b54a505e4cb24907b253d9a89888ddc5c1e57fb7b973a87f2b2fd50e37 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	kstar.gif www.guru3d.com/images/	888 B 1 KB	164ms 29ms	Image image/gif	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/images/kstar.gif Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash 385fa695850ccaf7910690c9170f01b3b57a9ec2f401592f49b63d480b1d84c2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Last-Modified Sat, 26 Oct 2019 09:29:42 GMT Server Apache X-Powered-By PleskLin ETag "378-595cce8101eb2" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 888
GET H/1.1	200 OK	225 www.guru3d.com/files_teaserimage/	17 KB 17 KB	171ms 34ms	Image text/html	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/files_teaserimage/225 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 2e387ea940da1b59933421290c1112a89a40b7c0da2342ac4c46e4c5eef7f3f2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Connection close Content-Length 16849
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	82 KB 28 KB	84ms 30ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a7a042ad9bc24164c61eab58ccbb2372e601cf79f1309a9066fed589ae3b02b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28361 x-xss-protection 0 server sffe etag "1281 / 600 of 1000 / last-modified: 1658527563" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 22 Jul 2022 23:31:03 GMT
GET H/1.1	200 OK	lightbox.js Show response www.guru3d.com/core_javaload/	10 KB 3 KB	86ms 33ms	Script text/html	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/core_javaload/lightbox.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash c92a10fe1436e3cb16e8433eba72384ac1e90922cdb10efdb1adae0cca230e90 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	index.php www.guru3d.com/	17 KB 17 KB	182ms 39ms	Image image/png	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/index.php?ct=files&action=thumb&id=303 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 2e387ea940da1b59933421290c1112a89a40b7c0da2342ac4c46e4c5eef7f3f2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Content-Disposition attachment; filename="thumbnail_rtss-v7-guru3d.png" Connection close X-Powered-By PHP/5.6.40, PleskLin Content-Length 17167 Server Apache Content-Type image/png
GET H2	200	all.js Show response connect.facebook.net/en_US/	3 KB 2 KB	77ms 22ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4ddc392b34d47630081ef102f60384fb8443f8e43252ca158b352ddabb8ba8f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 3ovXyS+rLWbKSG7Cltkbyg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 1688 x-fb-rlafr 0 x-fb-debug OS2tv4Ixl2V9rPRIKfz3VaAF/inTYGZHgTSuj6vmhmj6ZUoJbvwDB2lkUDvqrwzzaoiOXREd4WAoB8kzwd9X8w== x-fb-trip-id 686109401 x-fb-content-md5 deb5dda8b084d1282d141aee00bce0aa cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Fri, 22 Jul 2022 23:31:03 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 etag "33e59d64edc5a0e4986cf281e150ceea" timing-allow-origin * expires Fri, 22 Jul 2022 23:35:36 GMT
GET H/1.1	200 OK	index.php www.guru3d.com/	3 KB 3 KB	184ms 31ms	Image image/png	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/index.php?ct=core&action=tasks Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Content-Disposition attachment; filename="index.png" Connection close X-Powered-By PHP/5.6.40, PleskLin Content-Length 2808 Server Apache Content-Type image/png
GET H/1.1	200 OK	index.php www.guru3d.com/	31 KB 6 KB	199ms 34ms	Stylesheet text/css	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.guru3d.com/index.php?ct=core&action=css&id=2&ie=6 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PHP/5.6.40, PleskLin Resource Hash 8be66a7482b742f3c31ba67cc325f1fd8e8b4218ae1e6525d08d3635316b1f69 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.6.40, PleskLin Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Transfer-Encoding chunked Connection close
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	70ms 20ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 1743 date Fri, 22 Jul 2022 23:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sat, 23 Jul 2022 01:02:00 GMT
GET H2	200	pubads_impl_2022072001.js Show response securepubads.g.doubleclick.net/gpt/	377 KB 129 KB	79ms 22ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software sffe / Resource Hash 812bf583b69091bd013eb8d5c24835a187c6e14d722ccc8afdf85d1b2c450cc0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.guru3d.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Fri, 22 Jul 2022 09:01:24 GMT content-encoding gzip x-content-type-options nosniff age 52179 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131699 x-xss-protection 0 last-modified Wed, 20 Jul 2022 08:36:19 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 22 Jul 2023 09:01:24 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	89 B 718 B	87ms 31ms	XHR application/json	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.guru3d.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 4b183602e5d7bc72d77d75fd54c09a1ca56afe56880ca7724dc1657327245f4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers timing-allow-origin * date Fri, 22 Jul 2022 23:31:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 82 x-xss-protection 0 expires Fri, 22 Jul 2022 23:31:03 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	94ms 29ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.guru3d.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers timing-allow-origin * date Fri, 22 Jul 2022 23:31:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	92ms 29ms	Script application/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.guru3d.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers timing-allow-origin * date Fri, 22 Jul 2022 23:31:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	1 KB 883 B	60ms 59ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=190379805239038&correlator=33104158462018&eid=31068159%2C31068586%2C31068591&output=ldjh&gdfp_req=1&vrg=2022072001&ptt=17&impl=fifs&iu_parts=21536815%2Cwrapper&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=1x1%2C1x1&ifi=1&adks=1612380904%2C3918806337&sfv=1-0-38&ecs=20220722&ists=1&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1658532663338&lmt=1658532663&dlt=1658532662888&idt=419&adxs=0%2C-9&adys=30%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&frm=20&vis=1&psz=1600x61%7C0x-1&msz=1x-1%7C0x-1&fws=4%2C2&ohw=1600%2C0&ga_vid=479795692.1658532663&ga_sid=1658532663&ga_hid=1709217152&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash b4849821d68b10ee631e352232313e9e23a9a9039e7b1e016f3da7b738570d51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 367 x-xss-protection 0 google-lineitem-id -2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.guru3d.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BBF9	6 KB 4 KB	127ms 28ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.guru3d.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 22 Jul 2022 23:31:03 GMT expires Sat, 22 Jul 2023 23:31:03 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	d3yoh.jpg www.guru3d.com/gurustuff/	33 KB 33 KB	50ms 33ms	Image image/jpeg	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/gurustuff/d3yoh.jpg Requested by Host: www.guru3d.com URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash 43cca61ef3583b0cc352dd8b3b76fc670bbb528bf2a2d269d1c91313fb53e9a9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/index.php?ct=core&action=css&id=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Last-Modified Sat, 26 Oct 2019 09:33:03 GMT Server Apache X-Powered-By PleskLin ETag "84d0-595ccf400da3a" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 34000
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	20 KB 10 KB	335ms 335ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=190379805239038&correlator=33104158462018&eid=31068159%2C31068586%2C31068591&output=ldjh&gdfp_req=1&vrg=2022072001&ptt=17&impl=fifs&iu_parts=21536815%2Ctop_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=1733603311&sfv=1-0-38&ecs=20220722&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1658532663348&lmt=1658532663&dlt=1658532662888&idt=419&adxs=699&adys=41&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&frm=20&vis=1&psz=1274x110&msz=728x-1&fws=4&ohw=1274&ga_vid=479795692.1658532663&ga_sid=1658532663&ga_hid=1709217152&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 8e30d2f60c6ddfc4ea7c516e68e735ffe7dc36e1e34fb98da1172486d333e04e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9932 x-xss-protection 0 google-lineitem-id 6047715359 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138395568230 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.guru3d.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	Ovdce.png www.guru3d.com/gurustuff/	3 KB 3 KB	48ms 29ms	Image image/png	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/gurustuff/Ovdce.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash 040cca331d65b92bd45651da329569579ad081ec68afdc8d0180c05aad170324 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/index.php?ct=core&action=css&id=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Last-Modified Sat, 26 Oct 2019 09:33:08 GMT Server Apache X-Powered-By PleskLin ETag "b6d-595ccf44b6fc9" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 2925
GET H/1.1	200 OK	6gh4U.png www.guru3d.com/gurustuff/	3 KB 3 KB	43ms 27ms	Image image/png	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/gurustuff/6gh4U.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash b8dfcaa28c54fa0398fa53a50f078313a1f33345eee98cd6dd4a08b547a915e2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/index.php?ct=core&action=css&id=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Last-Modified Sat, 26 Oct 2019 09:33:01 GMT Server Apache X-Powered-By PleskLin ETag "b2b-595ccf3ef36a5" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 2859
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	20 KB 9 KB	711ms 711ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=190379805239038&correlator=33104158462018&eid=31068159%2C31068586%2C31068591&output=ldjh&gdfp_req=1&vrg=2022072001&ptt=17&impl=fifs&iu_parts=21536815%2C300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&adks=1379754963&sfv=1-0-38&ecs=20220722&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1658532663358&lmt=1658532663&dlt=1658532662888&idt=419&adxs=1127&adys=188&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&frm=20&vis=1&psz=295x250&msz=300x-1&fws=4&ohw=1600&ga_vid=479795692.1658532663&ga_sid=1658532663&ga_hid=1709217152&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash e23178b2184b9d72be298847f3146b0bb0d0ade889b121784014faeb453a5bad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:04 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9496 x-xss-protection 0 google-lineitem-id 6046932676 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138395572250 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.guru3d.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	C2upk.png www.guru3d.com/gurustuff/	3 KB 3 KB	36ms 27ms	Image image/png	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/gurustuff/C2upk.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash f2696ba428936d516c3dd50c2e9726d8c82cbd48e4938a6f04e965185e1ee562 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/index.php?ct=core&action=css&id=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Last-Modified Sat, 26 Oct 2019 09:33:02 GMT Server Apache X-Powered-By PleskLin ETag "b52-595ccf3fc947c" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 2898
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	20 KB 9 KB	1140ms 1139ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=190379805239038&correlator=33104158462018&eid=31068159%2C31068586%2C31068591&output=ldjh&gdfp_req=1&vrg=2022072001&ptt=17&impl=fifs&iu_parts=21536815%2C300x600_navbar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=5&adks=2692230078&sfv=1-0-38&ecs=20220722&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1658532663365&lmt=1658532663&dlt=1658532662888&idt=419&adxs=1127&adys=1024&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&frm=20&vis=1&psz=295x600&msz=300x-1&fws=4&ohw=1600&ga_vid=479795692.1658532663&ga_sid=1658532663&ga_hid=1709217152&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 45c53081fb2529f0c8c89f7a105742dfeb76904327eba74183914360e49dd6b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:04 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9070 x-xss-protection 0 google-lineitem-id 129863055 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 48542942415 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.guru3d.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	likebox.php Show response www.facebook.com/plugins/ Frame CDCC	45 KB 16 KB	157ms 106ms	Document text/html	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 458ff5bce89b90bfe7ce57a4bbd8f9b3555743dac1f4e5e2ac7c3ed52f4d6146 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.guru3d.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none date Fri, 22 Jul 2022 23:31:03 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT pragma no-cache report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug xwqRWijhf0TUDAqvmA5CmJx97tR5jYCpxoh1hWJ6CuZ3llYRpjwS1s+K7Wtv6GkLT2t1gA49O4TgxALnamESyQ== x-fb-rlafr 0 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	17 KB 9 KB	1423ms 1422ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=190379805239038&correlator=33104158462018&eid=31068159%2C31068586%2C31068591&output=ldjh&gdfp_req=1&vrg=2022072001&ptt=17&impl=fifs&iu_parts=21536815%2C300x250_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&adks=3057682820&sfv=1-0-38&ecs=20220722&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1658532663372&lmt=1658532663&dlt=1658532662888&idt=419&adxs=1127&adys=2124&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&frm=20&vis=1&psz=315x10&msz=295x0&fws=4&ohw=1600&ga_vid=479795692.1658532663&ga_sid=1658532663&ga_hid=1709217152&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 59e5d777e97b6ca75f245cd876f022236c1ab3e1f72736c3c9b893eede2f1f86 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9026 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.guru3d.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cse.js Show response cse.google.com/	10 KB 4 KB	169ms 77ms	Script text/javascript	2a00:1450:401b:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:401b:802::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash b9cc38ad1292871cd9c5331c1d4a3f43f718757dbc08644a0b65e49dd35c8eaa Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers bfcache-opt-in unload date Fri, 22 Jul 2022 23:31:03 GMT content-encoding br accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64 x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3520 x-xss-protection 0 server gws expires Fri, 22 Jul 2022 23:31:03 GMT
GET H/1.1	200 OK	comment2.png www.guru3d.com/gurustuff/comments/	459 B 715 B	36ms 33ms	Image image/png	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/gurustuff/comments/comment2.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash 1f1ca8a1b3681d03a2f919d1175e672f1fa42514afcb35318fe565a2ea602c50 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/index.php?ct=core&action=css&id=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Last-Modified Sat, 26 Oct 2019 09:33:12 GMT Server Apache X-Powered-By PleskLin ETag "1cb-595ccf48897e2" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 459
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	41 KB 11 KB	1836ms 1836ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=190379805239038&correlator=33104158462018&eid=31068159%2C31068586%2C31068591&output=ldjh&gdfp_req=1&vrg=2022072001&ptt=17&impl=fifs&iu_parts=21536815%2C336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=7&adks=1686487856&sfv=1-0-38&ecs=20220722&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1658532663385&lmt=1658532663&dlt=1658532662888&idt=419&adxs=193&adys=324&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&frm=20&vis=1&psz=894x19&msz=894x0&fws=4&ohw=1600&ga_vid=479795692.1658532663&ga_sid=1658532663&ga_hid=1709217152&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 88e50df5bf65327fa99d222b42f8aa067949b31d7bbec79719634a677f11969c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:05 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11012 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.guru3d.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	oqiHTjyKmt0 Show response www.youtube.com/embed/ Frame 32FC	62 KB 27 KB	124ms 66ms	Document text/html	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/oqiHTjyKmt0 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4372b25069d4e346de7f720ea7f5e3a146ea365240feacb1e4d9a7365830b31e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.guru3d.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 critical-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" date Fri, 22 Jul 2022 23:31:03 GMT expires Mon, 01 Jan 1990 00:00:00 GMT p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H3	200	all.js Show response connect.facebook.net/en_US/	301 KB 85 KB	44ms 20ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js?hash=237677021a990d9bdb078cb919533d90 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5a683c53245570bbe5e1110f2dfd527bc1c7e249b1333f97f038be47cff8c30d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.guru3d.com/ Origin https://www.guru3d.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 +g3KY4HzUYGhwFEYS0LwQw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 87351 x-fb-rlafr 0 x-fb-debug tCCsvCOmz5NQJuAgduMR4weD2bJovJF994y0jy8G/aYjXNvCYHicNE6AvypAebNtDN3cUBXetDUzrA4yrxsEwg== x-fb-content-md5 940a6a788fe6527290aec305383afc25 x-frame-options DENY date Fri, 22 Jul 2022 23:31:03 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "cdbf401381d9e4432288f008fa61898c" timing-allow-origin * priority u=3,i expires Sat, 22 Jul 2023 21:43:07 GMT
GET H/1.1	200 OK	download_button_small.jpg www.guru3d.com/gurustuff/	1 KB 2 KB	82ms 31ms	Image image/jpeg	144.91.87.188 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.guru3d.com/gurustuff/download_button_small.jpg Requested by Host: www.guru3d.com URL: https://www.guru3d.com/index.php?ct=core&action=css&id=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.91.87.188 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS one.guru3d.com Software Apache / PleskLin Resource Hash d08d4cd6485a4083d52e4f2d59bb02c941321e235fb50177daf4ade5f8c1e3f7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/index.php?ct=core&action=css&id=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:03 GMT Last-Modified Sat, 26 Oct 2019 09:33:03 GMT Server Apache X-Powered-By PleskLin ETag "52b-595ccf402be98" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 1323
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	20 KB 9 KB	2200ms 2199ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=190379805239038&correlator=33104158462018&eid=31068159%2C31068586%2C31068591&output=ldjh&gdfp_req=1&vrg=2022072001&ptt=17&impl=fifs&iu_parts=21536815%2C728x90_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&adks=1111642073&sfv=1-0-38&ecs=20220722&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1658532663412&lmt=1658532663&dlt=1658532662888&idt=419&adxs=163&adys=6042&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&frm=20&vis=1&psz=944x0&msz=944x0&fws=4&ohw=944&ga_vid=479795692.1658532663&ga_sid=1658532663&ga_hid=1709217152&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 32417ccd81588ac1792dd1bf9176565a0e505e02f269a2a3c787782d2247cd2d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:05 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9010 x-xss-protection 0 google-lineitem-id 5874681281 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138377421898 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.guru3d.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	choice.js Show response cmp.quantcast.com/choice/xNQQ4Ja1ehbNf/www.guru3d.com/	5 KB 2 KB	91ms 22ms	Script application/javascript	2600:9000:2156:6200:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/choice/xNQQ4Ja1ehbNf/www.guru3d.com/choice.js?tag_version=V2 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:6200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 69439656dea473a2b061c934e843071a2d10a889fc74484b0cc5521767d2b1de Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Fri, 22 Jul 2022 23:31:01 GMT content-encoding gzip last-modified Wed, 10 Feb 2021 23:03:35 GMT server AmazonS3 age 30 etag W/"2dffc2b03414afb57d77b6bd1cdb70c0" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront) cache-control max-age=900 cross-origin-resource-policy cross-origin x-amz-cf-pop FRA50-C1 x-amz-cf-id 7NrNAX4o_CS9aykS8GplDUpJsMFu2OdUDeKiQOV7p2jY89hIgUenhA==
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	73ms 28ms	XHR text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1709217152&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&ul=en-us&de=UTF-8&dt=Guru3D%20RTSS%20Rivatuner%20Statistics%20Server%20Download%207.3.3%20build%2026004&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1442665678&gjid=1665768124&cid=479795692.1658532663&tid=UA-1106208-1&_gid=1644219181.1658532663&_r=1&_slc=1&z=67121709 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.guru3d.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 22 Jul 2022 23:31:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.guru3d.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	quant.js Show response secure.quantserve.com/	24 KB 10 KB	72ms 22ms	Script application/javascript	2620:116:800d:21:7eb1:3826:be7e:d981 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: cmp.quantcast.com URL: https://cmp.quantcast.com/choice/xNQQ4Ja1ehbNf/www.guru3d.com/choice.js?tag_version=V2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding gzip etag "77f5L8LR6ldZZZ+q4Q+xaw==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Fri, 29 Jul 2022 23:31:03 GMT
GET H2	200	cmp2.js Show response quantcast.mgr.consensu.org/tcfv2/	177 KB 43 KB	94ms 27ms	Script text/javascript	2600:9000:2156:2a00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.guru3d.com Requested by Host: cmp.quantcast.com URL: https://cmp.quantcast.com/choice/xNQQ4Ja1ehbNf/www.guru3d.com/choice.js?tag_version=V2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:2a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding br age 43 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 access-control-allow-origin * last-modified Tue, 05 Jul 2022 18:41:01 GMT server AmazonS3 etag W/"9494b70738cd74c9137e65c29c0b1f3e" vary Accept-Encoding access-control-allow-methods GET content-type text/javascript;charset=UTF-8 via 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-meta-qc-ineu True x-amz-cf-pop FRA50-C1 x-amz-cf-id pR-gEoVkAejB6-dJFwBwXL8M7PT55fftrSlzL8X8YZz4X8bSSiyYfA==
GET H3	200	www-player.css www.youtube.com/s/player/afeb58ff/ Frame 32FC	340 KB 47 KB	67ms 22ms	Stylesheet text/css	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/afeb58ff/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fb599e114d2bc2f901597ac2b6cbf99e6e6e7de9501a5c1a600ea2d6bad68d91 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/oqiHTjyKmt0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 21 Jul 2022 15:52:24 GMT content-encoding br x-content-type-options nosniff age 113919 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47800 x-xss-protection 0 last-modified Thu, 21 Jul 2022 00:17:25 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Jul 2023 15:52:24 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 439 B	84ms 27ms	XHR text/plain	2a00:1450:400c:c06::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1106208-1&cid=479795692.1658532663&jid=1442665678&gjid=1665768124&_gid=1644219181.1658532663&_u=IAhAAEAAAAAAAC~&z=988001048 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.guru3d.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 22 Jul 2022 23:31:03 GMT content-type text/plain access-control-allow-origin https://www.guru3d.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 32FC	15 KB 16 KB	70ms 20ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 19 Jul 2022 17:06:41 GMT x-content-type-options nosniff age 282262 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 19 Jul 2023 17:06:41 GMT
GET H2	200	JHXHd6bV9RG.css static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame CDCC	20 KB 5 KB	65ms 21ms	Stylesheet text/css	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/JHXHd6bV9RG.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b53e054cb78399f98f0d08f9d6f643ab381de6214cedb12d2889326a1f04aac3 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding br x-content-type-options nosniff content-md5 Bbpb7NGgac15LqQoedax0g== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 5105 x-fb-rlafr 0 x-fb-debug 8Oui0fqkQLbSV8c2fm7OZ5jo+kTcVD0ykbkHTuzD8gWhOw51hjkwnbr+awCJqUjSnkyAo5XlMEkj3C498ZuD3w== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type text/css; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Sat, 22 Jul 2023 14:15:35 GMT
GET H2	200	FPdNN1TK3wJ.css static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame CDCC	2 KB 1 KB	66ms 22ms	Stylesheet text/css	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash df54910144f36c8adaea680ebf82cd4f3a39147edaa8eb4a2650b2996da8acf1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding br x-content-type-options nosniff content-md5 XpWPuiqLnlvq4xkatdITVw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 831 x-fb-rlafr 0 x-fb-debug VAXCWkaKSmMHPoRagIas+mTqfWUitqX6xWGVsKVfe6MMx/3yCcV42AA817gsHuz6qXeFEmkGvqu83ZQ+jjav0Q== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type text/css; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Thu, 20 Jul 2023 02:28:19 GMT
GET H2	200	ch48lnIyOHK.js Show response static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame CDCC	320 KB 86 KB	66ms 22ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/ch48lnIyOHK.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 84fb7c77dd0c26c67d067b5ab60856ed7f3cb54c828290cb791382f54d3ddac3 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding br x-content-type-options nosniff content-md5 nk52hgdMly+fHVkTyznJPg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 88116 x-fb-rlafr 0 x-fb-debug XpdANFVyykBDEwTXe8ADb4xih9PKMumXgUmHAyd8ByQrOEs6XBfUz2f88sE6XmttYb/b0ZbuJWjhAlpCn5pPAA== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sat, 22 Jul 2023 13:19:24 GMT
GET H2	200	GG1Y0sYc7My.js Show response static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame CDCC	5 KB 2 KB	66ms 23ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding br x-content-type-options nosniff content-md5 FvCDsjtWXbnS8g0a11kzwQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 1657 x-fb-rlafr 0 x-fb-debug ai6G+cQ/lSJfywTzz8AMFe6InwJVCDbKT6MSwVDp+/gFcQj/ztXiYh5ASgcYqBLQdxsCVXat0hvzJu73Ve/6Kw== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Thu, 20 Jul 2023 11:12:39 GMT
GET H2	200	lRP76Ynw0lR.js Show response static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame CDCC	38 KB 12 KB	102ms 59ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/lRP76Ynw0lR.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 593fa553d116f4269a8fc8b7fc11dc49efdb71da04c896b6e5872841c5ffa2d1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding br x-content-type-options nosniff content-md5 gGCr/wNTBczQB/gXHhl0Fg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 12174 x-fb-rlafr 0 x-fb-debug rby8PBlAXNcXYOExDVoP2MMWO1kl7pDbXnHrzGlJ4TVjV5PMt2YgxwdoqLHb9jhq0YwZGH5WFtiH+RTvjcmBCw== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * expires Thu, 20 Jul 2023 13:47:42 GMT
GET H2	200	TGEH2rSHUPH.js Show response static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame CDCC	52 KB 16 KB	102ms 59ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/TGEH2rSHUPH.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d840ef1927c7aad49210faefc97f7005e3862dd4853cded03388216c009f01a2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding br x-content-type-options nosniff content-md5 NzYsclW6SE+LKLuYhprflQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 16330 x-fb-rlafr 0 x-fb-debug nccLNgDOWKibufCjBHzMw50tioWJuDvrjo8L3P8Suu19UbWOSBay/Ca0DD6IddSaX+NGaj0ppbzk/020ZV6qdw== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sat, 22 Jul 2023 13:19:36 GMT
GET H2	200	wk5AXVM50W-.js Show response static.xx.fbcdn.net/rsrc.php/v3iAxA4/yH/l/de_DE/ Frame CDCC	80 KB 22 KB	102ms 59ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yH/l/de_DE/wk5AXVM50W-.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a57e6d659435bf4f98fed073553682066adee9ade1035e2186c10310ec49272d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding br x-content-type-options nosniff content-md5 aLdf/d7YrW7onAQZudzMSg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 22487 x-fb-rlafr 0 x-fb-debug x9U76lGsaiZ5M3K1hqRq3T4qQcqZ3iNiIrze0/M1IKq6rXZp9btgg7kX2B1huucAezqiw9XFMDVkpY3S7qDr/w== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Thu, 20 Jul 2023 15:47:17 GMT
GET H2	200	980015_533586583343807_1764489926_o.jpg scontent.xx.fbcdn.net/v/t31.18172-8/ Frame CDCC	39 KB 40 KB	22ms 21ms	Image image/jpeg	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://scontent.xx.fbcdn.net/v/t31.18172-8/980015_533586583343807_1764489926_o.jpg?stp=dst-jpg_p526x296&_nc_cat=104&ccb=1-7&_nc_sid=dd9801&_nc_ohc=cbl_r_GXC5gAX9pVElb&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AT8xCieKQcp2P_P3EPL9WaT9N8aFilhPBmG4VR6eHDZ6gw&oe=6300D09C Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 627d1b49321d7a8a4a4073f34b3ba1c96738f3f0d1f9c54f3b251bb819975a8e Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-haystack-needlechecksum 2532042100 date Fri, 22 Jul 2022 23:31:03 GMT x-fb-trip-id 686109401 last-modified Fri, 07 Jun 2013 06:34:14 GMT content-type image/jpeg access-control-allow-origin * content-digest adler32=3249731859 cache-control max-age=1209600, no-transform cross-origin-resource-policy cross-origin x-needle-checksum 1469356964 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 40365
GET H2	200	188311_222951111074024_7587693_n.jpg scontent.xx.fbcdn.net/v/t1.18169-1/ Frame CDCC	2 KB 2 KB	40ms 40ms	Image image/jpeg	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://scontent.xx.fbcdn.net/v/t1.18169-1/188311_222951111074024_7587693_n.jpg?stp=c20.16.199.198a_cp0_dst-jpg_s50x50&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=moMdXzZppTgAX-jpgtY&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AT9wjdboe2xDXhgsrT_odmqo5ALtSbSM2Ho0ZIb94NLvIg&oe=6300CC3B Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?id=154427261259743&width=700&connections=5&data-width=300&data-small-header=true&data-border-color=none&border_color=white&data-header=false&stream=false&header=false&height=185 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a515b24a0ddb5985de71e218ff259ce1f92256cea1a61954ccf157649c3fdbeb Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-haystack-needlechecksum 420387698 date Fri, 22 Jul 2022 23:31:03 GMT x-fb-trip-id 686109401 x-content-cdn-origin-ts 1657869069899 content-type image/jpeg access-control-allow-origin * content-digest adler32=1967228578 cache-control max-age=1209600, no-transform cross-origin-resource-policy cross-origin x-needle-checksum 3867042620 timing-allow-origin * alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 1800
GET H3	200	www-embed-player.js Show response www.youtube.com/s/player/afeb58ff/www-embed-player.vflset/ Frame 32FC	307 KB 95 KB	56ms 21ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/afeb58ff/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27423bab6b0ee04853cec7aafd45e79df71704e6480b962515e8d2b3f44ba97f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/oqiHTjyKmt0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 21 Jul 2022 15:52:58 GMT content-encoding br x-content-type-options nosniff age 113885 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 96985 x-xss-protection 0 last-modified Thu, 21 Jul 2022 00:17:25 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Jul 2023 15:52:58 GMT
GET H3	200	base.js Show response www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/ Frame 32FC	2 MB 565 KB	81ms 46ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5bd7731976877131e36c5fabbc778bd3f5cae51aa0865325decad5a1a3ffc90f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/oqiHTjyKmt0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 21 Jul 2022 15:52:24 GMT content-encoding br x-content-type-options nosniff age 113919 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 578155 x-xss-protection 0 last-modified Thu, 21 Jul 2022 00:17:25 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Jul 2023 15:52:24 GMT
GET H3	200	fetch-polyfill.js Show response www.youtube.com/s/player/afeb58ff/fetch-polyfill.vflset/ Frame 32FC	9 KB 3 KB	88ms 53ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/afeb58ff/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/oqiHTjyKmt0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 21 Jul 2022 15:52:58 GMT content-encoding br x-content-type-options nosniff age 113885 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2786 x-xss-protection 0 last-modified Thu, 21 Jul 2022 00:17:25 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Jul 2023 15:52:58 GMT
GET H2	200	cse_element__en.js Show response www.google.com/cse/static/element/3e1664f444e6eb06/	303 KB 100 KB	75ms 26ms	Script text/javascript	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__en.js?usqp=CAI%3D Requested by Host: cse.google.com URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8b03fa714e6e0d7165a21071df73d662cbd68fa94746bbc1b6d2882eec5b5b52 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 20 Jul 2022 14:45:55 GMT content-encoding gzip x-content-type-options nosniff age 204308 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 102672 x-xss-protection 0 last-modified Fri, 18 Mar 2022 17:07:08 GMT server sffe vary Accept-Encoding report-to {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="prose-team" expires Thu, 20 Jul 2023 14:45:55 GMT
GET H2	200	default+en.css www.google.com/cse/static/element/3e1664f444e6eb06/	41 KB 9 KB	70ms 21ms	Stylesheet text/css	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/cse/static/element/3e1664f444e6eb06/default+en.css Requested by Host: cse.google.com URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 20 Jul 2022 14:45:55 GMT content-encoding gzip x-content-type-options nosniff age 204308 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9086 x-xss-protection 0 last-modified Fri, 18 Mar 2022 17:07:08 GMT server sffe vary Accept-Encoding report-to {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="prose-team" expires Thu, 20 Jul 2023 14:45:55 GMT
GET H2	200	minimalist.css www.google.com/cse/static/style/look/v4/	5 KB 5 KB	73ms 24ms	Stylesheet text/css	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/cse/static/style/look/v4/minimalist.css Requested by Host: cse.google.com URL: https://cse.google.com/cse.js?cx=015027531577518686959:WMX1453550865 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5867ad740bc719bf1309b5f65537b7ba69f2cba5e9a193679859542d1bc7f95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:24:06 GMT x-content-type-options nosniff age 417 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5084 x-xss-protection 0 last-modified Mon, 25 May 2020 08:30:00 GMT server sffe vary Accept-Encoding report-to {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-type text/css cache-control public, max-age=3000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="prose-team" expires Sat, 23 Jul 2022 00:14:06 GMT
GET H2	200	rules-p-xNQQ4Ja1ehbNf.js Show response rules.quantcount.com/	2 B 355 B	93ms 24ms	Script application/javascript	2600:9000:225f:d800:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-xNQQ4Ja1ehbNf.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225f:d800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:48:51 GMT via 1.1 b856a1aa27e94fb19383ead3883c0db4.cloudfront.net (CloudFront) server AmazonS3 age 2531 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 cross-origin-resource-policy cross-origin x-cache Hit from cloudfront x-amz-cf-pop TXL50-P2 content-length 2 x-amz-cf-id T6qy-iJXa2ycXZnzw6Vd6h9UMK2rVjyiCyQwXRMkYmH5N5xfn0JK-Q==
GET H2	200	cmp-list.json Show response test.cmp.quantcast.com/GVL-v2/	9 KB 3 KB	84ms 23ms	XHR application/json	2600:9000:224a:3c00:3:a4cd:8380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.cmp.quantcast.com/GVL-v2/cmp-list.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.guru3d.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:3c00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 51eb631a349d9c76ff727c938dbd01c20375c9b3409429f9b41b7ac2da7173e2 Request headers Accept application/json, text/plain, */* Referer https://www.guru3d.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 03:00:38 GMT content-encoding br age 73825 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 access-control-allow-origin * last-modified Mon, 18 Jul 2022 19:52:29 GMT server AmazonS3 etag W/"b309335d928a0182d28c90336dee523b" vary Accept-Encoding access-control-allow-methods GET x-amz-version-id dJIG3yqoKntLiVLzjWU7H2e9gT3ytWjN via 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront) cache-control max-age=172800 x-amz-cf-pop DUS51-P1 content-type application/json x-amz-cf-id WrU2jELggdd0hgfM1G_ElLF0er4OROgGCj5ZdcFFOXgHEobDLjUKyA==
GET H3	200	SQZZiMWhOLh.png static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame CDCC	767 B 822 B	45ms 21ms	Image image/png	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/SQZZiMWhOLh.png Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/JHXHd6bV9RG.css?_nc_x=Ij3Wp8lg5Kz Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/JHXHd6bV9RG.css?_nc_x=Ij3Wp8lg5Kz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT x-content-type-options nosniff content-md5 7Ob9foDk+QbAEt4lrnDs0w== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 767 x-fb-rlafr 0 x-fb-debug j9MJ5pp1TDkLcjN3GdS1ZwxAPZ6raaUkEirTj284pqNnwTwC4jQRORB1EaIfAcPsC4owN0yxsJolsK74l5UbCQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Thu, 20 Jul 2023 00:09:22 GMT
GET H3	200	SZAjJITSQnM.js Show response static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame CDCC	22 KB 7 KB	21ms 20ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/SZAjJITSQnM.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/ch48lnIyOHK.js?_nc_x=Ij3Wp8lg5Kz Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 57bad8607901d7cc20260262a8063a7b88d2b61cab3e6850f73b52cd1c716ab9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding br x-content-type-options nosniff content-md5 BI1R/ngtQikShgzcetofPw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 7199 x-fb-rlafr 0 x-fb-debug tVRT4p7hHsE3FF4QiiuMigXo9HiiPjELtrV3cekG02ZRlS5lML95U9vgnZoQADHleqbp767DqqB2CvlVbaUBUA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Thu, 20 Jul 2023 11:12:39 GMT
GET H3	200	container.html Show response 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B30	6 KB 3 KB	65ms 21ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.guru3d.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 22 Jul 2022 23:31:03 GMT expires Sat, 22 Jul 2023 23:31:03 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	async-ads.js Show response cse.google.com/adsense/search/	140 KB 51 KB	131ms 56ms	Script text/javascript	2a00:1450:401b:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cse.google.com/adsense/search/async-ads.js Requested by Host: www.google.com URL: https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__en.js?usqp=CAI%3D Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:401b:802::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cff33493dc425441c1c5dffb7163a58573e0168f1a263ca95e04a05797639d02 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="ads-afs-ui" etag "2460730438723089785" vary Accept-Encoding report-to {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 accept-ranges bytes expires Fri, 22 Jul 2022 23:31:03 GMT
GET H3	200	clear.png www.google.com/cse/static/css/v2/	1018 B 1 KB	66ms 22ms	Image image/png	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/cse/static/css/v2/clear.png Requested by Host: www.google.com URL: https://www.google.com/cse/static/element/3e1664f444e6eb06/default+en.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/cse/static/element/3e1664f444e6eb06/default+en.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 19 Jul 2022 17:04:14 GMT x-content-type-options nosniff age 282409 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1018 x-xss-protection 0 last-modified Mon, 25 May 2020 08:30:00 GMT server sffe report-to {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="prose-team" expires Wed, 19 Jul 2023 17:04:14 GMT
GET H2	204	generate_204 www.googleapis.com/	0 178 B	80ms 19ms	Image text/plain	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googleapis.com/generate_204 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	branding.png www.google.com/cse/static/images/1x/en/	1 KB 1 KB	57ms 21ms	Image image/png	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/cse/static/images/1x/en/branding.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 21 Jul 2022 07:03:27 GMT x-content-type-options nosniff age 145656 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1372 x-xss-protection 0 last-modified Mon, 25 May 2020 08:30:00 GMT server sffe report-to {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="prose-team" expires Fri, 21 Jul 2023 07:03:27 GMT
GET H2	204	generate_204 clients1.google.com/	0 178 B	80ms 20ms	Image text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://clients1.google.com/generate_204 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H2	200	cmp2ui-en.js Show response cmp.quantcast.com/tcfv2/42/	230 KB 56 KB	25ms 24ms	Script text/javascript	2600:9000:2156:6200:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.guru3d.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:6200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 10:17:15 GMT content-encoding br age 47628 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 cross-origin-resource-policy cross-origin access-control-allow-origin * last-modified Tue, 05 Jul 2022 18:40:26 GMT server AmazonS3 etag W/"24932b3e61742029985961c24d35dbb7" vary Accept-Encoding access-control-allow-methods GET content-type text/javascript;charset=UTF-8 via 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront) cache-control max-age=172800 x-amz-cf-pop FRA50-C1 x-amz-cf-id jkPIabvtKpLg5SdEnJXG09OD8_H8Aevsbmbm1kTXuv7shejENDFSuw==
GET H2	200	vendor-list-trimmed-v1.json Show response cmp.quantcast.com/GVL-v2/	322 KB 39 KB	70ms 25ms	XHR application/json	2600:9000:2156:6200:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.guru3d.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:6200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 792fc64d1014bdb4604cdae2b1194e3736cc68dbfbc6c7946be0217c4b3c5a69 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 03:00:36 GMT content-encoding br vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method age 73828 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-allow-origin * last-modified Fri, 22 Jul 2022 03:00:32 GMT server AmazonS3 etag W/"94b548c29ca28d1cc56b126f1de8958f" access-control-max-age 3000 access-control-allow-methods GET content-type application/json via 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront) cache-control max-age=172800 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 x-amz-cf-id Vtehk1Di_TSpHzcm6gsEv2sVtZr93mKhMoPGeKxYAVf7fIxyQ2Y0Ng==
GET H2	200	google-atp-list.json Show response cmp.quantcast.com/tcfv2/	152 KB 37 KB	90ms 46ms	XHR application/json	2600:9000:2156:6200:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/tcfv2/google-atp-list.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.guru3d.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:6200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7024b42bf11ad3fc46eea1bde9cfe2579e471be7e523991850bc532ba6db5043 Request headers Accept application/json, text/plain, */* Referer https://www.guru3d.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 03:00:29 GMT content-encoding gzip vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method age 73835 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-allow-origin * last-modified Fri, 22 Jul 2022 03:00:26 GMT server AmazonS3 etag W/"bd69a67eff76aed5d778fe7300db698d" access-control-max-age 3000 access-control-allow-methods GET content-type application/json via 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront) cache-control max-age=172800 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 x-amz-cf-id bKO2bPwgz7pS4Ml28FKUgBGvdW4rK_3qIuB8gUAaXh1lBtgn_b4P5Q==
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 32FC Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 146 B	29ms 29ms	XHR application/json	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 93725d693330c32e646a72c9c4e9d817bee51fab6025806c884f540af0e7479f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 22 Jul 2022 23:31:03 GMT x-content-type-options nosniff access-control-allow-origin https://www.youtube.com p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 32FC	29 B 588 B	97ms 22ms	Script text/javascript	2a00:1450:4001:829::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/afeb58ff/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:19:42 GMT x-content-type-options nosniff age 681 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 22 Jul 2022 23:34:42 GMT
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	94ms 27ms	Preflight text/html	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Fri, 22 Jul 2022 23:31:03 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 32FC	64 KB 30 KB	79ms 36ms	XHR application/json+protobuf	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 52a576cc65219b77394c913c7be0c1d46a8806f0e839c93b47a906b3324acab1 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/json+protobuf Response headers date Fri, 22 Jul 2022 23:31:03 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 30238 x-xss-protection 0
GET H3	200	remote.js Show response www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/ Frame 32FC	119 KB 37 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 743b80e33c0a0e4cacba73f888190329145236e615db07abbf2444c22654188e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/oqiHTjyKmt0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 21 Jul 2022 15:52:25 GMT content-encoding br x-content-type-options nosniff age 113918 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37783 x-xss-protection 0 last-modified Thu, 21 Jul 2022 00:17:25 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Jul 2023 15:52:25 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/ Frame 32FC	27 KB 8 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d3a75b5a3c5338e8760ae0c7f541c4a9959ce09d0c86ad56eaee42d91ad05af3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/oqiHTjyKmt0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 21 Jul 2022 15:57:43 GMT content-encoding br x-content-type-options nosniff age 113600 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8115 x-xss-protection 0 last-modified Thu, 21 Jul 2022 00:17:25 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Jul 2023 15:57:43 GMT
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0B30	22 KB 7 KB	77ms 21ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 20 Jul 2022 16:56:52 GMT content-encoding gzip x-content-type-options nosniff age 196451 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7022 x-xss-protection 0 last-modified Tue, 02 Mar 2021 20:17:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 20 Jul 2023 16:56:52 GMT
GET H3	200	dcmads.js Show response www.googletagservices.com/dcm/ Frame 0B30	23 KB 9 KB	63ms 21ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/dcmads.js Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:34:49 GMT content-encoding gzip x-content-type-options nosniff age 3374 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8749 x-xss-protection 0 last-modified Wed, 29 Jun 2022 21:33:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Fri, 22 Jul 2022 23:34:49 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0B30	138 KB 42 KB	433ms 391ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43235 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1658317440141293" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 22 Jul 2022 23:31:04 GMT
GET DATA	200 OK	truncated / Frame 32FC	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png
GET H2	200	AKedOLT4i7kv5cPRhAFZ3a3-vxn3ToyApeO1QTxH-g=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ytc/ Frame 32FC	1 KB 1 KB	75ms 20ms	Image image/jpeg	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/ytc/AKedOLT4i7kv5cPRhAFZ3a3-vxn3ToyApeO1QTxH-g=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 868e8d3b8499ae3d1f5f79c41939f1b823adfda97c29ac9e41bc061751225a50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 21:52:17 GMT x-content-type-options nosniff server fife age 5926 vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1137 x-xss-protection 0 expires Sat, 23 Jul 2022 21:52:17 GMT
GET H2	200	maxresdefault.webp i.ytimg.com/vi_webp/oqiHTjyKmt0/ Frame 32FC	56 KB 57 KB	86ms 21ms	Image image/webp	2a00:1450:4001:80b::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/oqiHTjyKmt0/maxresdefault.webp Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/oqiHTjyKmt0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ea520e1a8543d8b285dc5032e9c7fabc62e4920c90e871dccb2ad4f74354cd5e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:07:02 GMT x-content-type-options nosniff age 1441 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57828 x-xss-protection 0 server sffe etag "1590449304" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 23 Jul 2022 01:07:02 GMT
GET H2	200	/ Show response audit-tcfv2.cmp.quantcast.com/	2 B 101 B	71ms 21ms	XHR text/plain	3.73.234.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22xNQQ4Ja1ehbNf%22%2C%22domain%22%3A%22www.guru3d.com%22%2C%22publisher%22%3A%22Guru3D.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%226iu1UkRO0KJoKaK2Q9zOIw%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1658532663901%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-7igktq4ij47i7ebg6c7p%22%7D Requested by Host: cmp.quantcast.com URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.73.234.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-73-234-22.eu-central-1.compute.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer https://www.guru3d.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers access-control-allow-origin * date Fri, 22 Jul 2022 23:31:03 GMT content-length 2 content-type text/plain; charset=utf-8
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 0B30	0 0	58ms 58ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuW8RYFRlotV5AyKu8fCB-Iba54R2kkesmiYsvx255_9q-gHcCGO4CzI3CddZlw9MDy7j9Un1gQPc_YLjpqLjp_-S7VGOOw-xFP_JqnPGZSeOicspeLuSFj3nGxXKDz_hwMQiCNdvL25UNYFA2Dso59EcM6H5EyJNVs4fydBHkiWlFfmQMEy8Gl2kW7c5iM1gdMz1ddx4f4CylK7xVwZi07ex3v87qUeo0MMaoNFiRhYYrs619kfRlV499q6xrFTGfi3roxzBCC7CLwQ_upvyHuQGVD0aTx-iS2AJkewOTzRd6goibnP24hjnDWsTWJ&sai=AMfl-YSB1jVySl6TYbm5ffHw5gpq2pYZif04Hc6jrWE3uA_gm__dGHCMF2RnNHqh66PCFTKAZYCA3e3z_crW5eoH9zQopA_Z5xLkC0hWaN-pZAzSLj3WT3DotGV1VLJ574M&sig=Cg0ArKJSzJ4EZ3kyhDwZEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers timing-allow-origin * date Fri, 22 Jul 2022 23:31:04 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 22 Jul 2022 23:31:04 GMT
GET H3	200	impl_v90.js Show response www.googletagservices.com/dcm/ Frame 0B30	54 KB 21 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/impl_v90.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/dcmads.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 18 Jul 2022 13:13:13 GMT content-encoding gzip x-content-type-options nosniff age 382670 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21331 x-xss-protection 0 last-modified Mon, 27 Jun 2022 13:07:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Jul 2023 13:13:13 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 32FC	4 KB 3 KB	99ms 42ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 22 Jul 2022 23:31:04 GMT
GET H3	200	container.html Show response 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 30A0	6 KB 3 KB	21ms 21ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.guru3d.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 22 Jul 2022 23:31:03 GMT expires Sat, 22 Jul 2023 23:31:03 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 32FC	98 B 142 B	31ms 31ms	XHR application/json+protobuf	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b477d02f7f40c180afc894f7efc07f48d6d9b88b47c786184cceb6d2fc861406 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/json+protobuf Response headers date Fri, 22 Jul 2022 23:31:04 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 118 x-xss-protection 0
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	28ms 28ms	Preflight text/html	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Fri, 22 Jul 2022 23:31:04 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/103/ Frame 32FC	52 KB 15 KB	61ms 20ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/103/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:00:46 GMT content-encoding gzip x-content-type-options nosniff age 5418 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15123 x-xss-protection 0 last-modified Mon, 02 May 2022 15:04:29 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Sat, 23 Jul 2022 22:00:46 GMT
GET H3	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 30A0	22 KB 7 KB	68ms 21ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 20 Jul 2022 16:56:52 GMT content-encoding gzip x-content-type-options nosniff age 196452 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7022 x-xss-protection 0 last-modified Tue, 02 Mar 2021 20:17:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 20 Jul 2023 16:56:52 GMT
GET H3	200	dcmads.js Show response www.googletagservices.com/dcm/ Frame 30A0	23 KB 9 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/dcmads.js Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:34:49 GMT content-encoding gzip x-content-type-options nosniff age 3375 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8749 x-xss-protection 0 last-modified Wed, 29 Jun 2022 21:33:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Fri, 22 Jul 2022 23:34:49 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 30A0	138 KB 42 KB	188ms 188ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43235 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1658317440141293" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 22 Jul 2022 23:31:04 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 30A0	0 0	59ms 59ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvv7rsjHHPBN5c9kBdIpkE3RUafxRbCd4fFX2Iunqn2hTJlFDhGPcJf9Fr7_gWf2kaenKFLU3pFnyTeKhpwd6eJ5q73kDWpy6NSIcEpWp3X5MjdTC1Khmici7erZXNSHiD07taApLxUrz3NnvXQ6dmYOaGro18MXyVuL1kbSH4_hOBNahhwd_Dbv7zuO8C7w-0MQhfCtI_pQDnvNk-BwfXh6J_ddddnA8K46MCJJdnN1Im9YOtnH_P12rSbExtqRWLtpuLQsU_l3s86QMUhgT0rwG0QmTmxZrYx429hs6ZHKuTDmjoryxQKAjOCfpcgkQ&sai=AMfl-YToXAM3DiKMNoAPoXKwEsb_MlA9pEZGPd_PzXiKfBV4wxwq4woGDptmwgbDlGBtU02Itm4LDObypHsnfyl3lcTETNNHuL6MucBMrpEsKVERtKB3ZqwxIQIvmYaUn3k&sig=Cg0ArKJSzBpplCTsGqU2EAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers timing-allow-origin * date Fri, 22 Jul 2022 23:31:04 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	impl_v90.js Show response www.googletagservices.com/dcm/ Frame 30A0	54 KB 21 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/impl_v90.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/dcmads.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 18 Jul 2022 13:13:13 GMT content-encoding gzip x-content-type-options nosniff age 382671 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21331 x-xss-protection 0 last-modified Mon, 27 Jun 2022 13:07:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Jul 2023 13:13:13 GMT
GET DATA	200 OK	truncated / Frame 0B30	208 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7cf124f3c25d1eb5f8ee96e93e89b4963dc50d7e24b239a4a0fc28af942a6175 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 0B30	0 0	104ms 58ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzHxzP-0Y5iH--jGCyksB3hjQUO_zmIadb_tJdAYL5hZw68ReGNuc6Ba5AwCu4fOwhrlI2mKkMIxam7iVjDe6oO_HFRNE6u7G3-SSRioPagIuiAjJeTjaRUkuaLXYMaDQu8DRi22Df9K7Wx1Ff_9g-2PoHn-pdWSuHtzAlSiidWYILcANZAeSNv_UmcSz4zi3P6IdtKDAH9adLttqx5dw4K3a0DxCYmU4HXTFSQy7xmY6OKEvuHocsnlFxI8L81j8d5oTCBv_kjyj4kJZVJrEhOBiCFqrEAAh_99WphrcQHnz_IIxFYCS2ys1T_Rwzaow&sai=AMfl-YSSGM-Kjc9RDQ8gUkE7yqPPbMCpYlVqTO6Yt0usxjnWzD2WGl54-DtNPxpnD_W2ewKFzelG6eTbpYtYU-U3I0FH3FzE6V31tGaR-REa3K7zOSzbtLeYZydLenmadaM&sig=Cg0ArKJSzJ2wJjeSCKN9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers timing-allow-origin * date Fri, 22 Jul 2022 23:31:04 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 22 Jul 2022 23:31:04 GMT
GET DATA	200 OK	truncated / Frame 30A0	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 86518553260a337df5084e576254ee62632082b01f930ff551dc7da9e30b3253 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 30A0	0 0	90ms 59ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIGtMycgsta-dWJdAq4hfqFOXq_bpe8too0BfgarMLv8lAlnUVSSkoGj-ZmX2zF7tR2FZJSLQqXc7m_NQqIh7_TGhMlj7tJpfO6HGoHV4pUw9nTAI4VumSzZfcw_mZSLSXIvdnKQbeG_Gtxw4DIgVkPsB9GZWL_tbpF1ntiCHZZjIc8T17GJvLnO0NDmWMH9M3tLNJtKDfVbkl8NrrP6iEZsIsqVIkOrziEr1m5A7lVtkg3CAQ6HqEpcyJL31axqgmgd0kCMHyj5aBHp6FvnSqsC24IO25jp8871zlZRb4AJ17ODQ0ULTTxxu4DwAx8jzs&sai=AMfl-YSgH-X4otQy_Nr8Hvc_5dIe9uV5ntw857sx-9K1HFS6DiAG_JkOB0dNhBuuCDhRJAPA3C_OvMv1MUkOj2KohRlWSsWLv2HRtHagDlsc-rgCIwZAEdKhqDNP-pz9ho8&sig=Cg0ArKJSzDTcPwBX5KQMEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers timing-allow-origin * date Fri, 22 Jul 2022 23:31:04 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 22 Jul 2022 23:31:04 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	85ms 35ms	XHR application/json	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022072001&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6b97043cd660703479e6b5873eca70a4ee2ff65aaff1657eb17b571a15e87290 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers timing-allow-origin * date Fri, 22 Jul 2022 23:31:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10759 x-xss-protection 0
GET H3	200	like.php Show response www.facebook.com/plugins/ Frame E72F	0 23 B	64ms 39ms	Document text/html	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30e58e5963c18c%26domain%3Dwww.guru3d.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.guru3d.com%252Ff25ebf1f3c95e6%26relation%3Dparent.parent&container_width=0&font=&href=https%3A%2F%2Fwww.guru3d.com%2Ffiles_details%2Frtss_rivatuner_statistics_server_download.html&locale=en_US&sdk=joey&send=true&show_faces=false&width=450 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js?hash=237677021a990d9bdb078cb919533d90 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.guru3d.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-length 0 content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-type text/html;charset=utf-8 cross-origin-opener-policy same-origin-allow-popups date Fri, 22 Jul 2022 23:31:04 GMT expires Sat, 01 Jan 2000 00:00:00 GMT pragma no-cache priority u=0 report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} x-content-type-options nosniff x-fb-debug 0NSCsnL6/2g4zbI3UJ+AtahkHiNgwRvQKgcniU4RRiR/onmcBN4rSmhUGYaC3V8r2zJPkVvaJK5LoA2TBXhR3w== x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:04 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 22 Jul 2022 23:31:04 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame B15B	13 KB 5 KB	21ms 21ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.guru3d.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 11746 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 22 Jul 2022 20:15:18 GMT expires Sat, 22 Jul 2023 20:15:18 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame E0A4	783 B 533 B	32ms 32ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 8783742540b958a6d903cbfe021980d80f275200387852ed313774ea3205c6f0 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-xARHBHaMKpWWirtwMifwSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.guru3d.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 511 content-security-policy script-src 'report-sample' 'nonce-xARHBHaMKpWWirtwMifwSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 22 Jul 2022 23:31:04 GMT expires Fri, 22 Jul 2022 23:31:04 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 9B57	0 0	58ms 58ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZDKRbe-LPWb4vqiMbkaXW11lTPETqfP7QloXoZIFRVfuZZcGL2PGH5KliJi0CX86rplC-Uo0npAgEQr5iTVRsRr3xY2NZNEMASJB34IGW0JyV6kzMtefHrG72AgJT3MIgBXgG3Ks3GEPJTzQjgcsvk5B8LwbQWq0EjOYhNr8lVAhicbMNAtr3ULxG_uf08usc6k3CRO3Xjxeh3vkX64WS7diQoQGL-ykMrlUUrv7GEyySSuagnoP911ooIzXd56E4LtMroYCbD1ZaWlvPNM23AWbSzigJfSkN3_fUmTC961RWKQE3_s7Am8P-pBuV2myrWWFr5R34wtDCLdYhQ-xl&sai=AMfl-YR_M7DpnbtyhYis96bgbe7G8LSyBMyLsYBLY3ZQvcTfzz6YBdf4JAsW5NbjUZGU3vY0P0KoziKnyx1t5cx0vU2BpWZHpYAGe4exGzdjTq7XKvNbeBn5Oz8y6yuiwfs&sig=Cg0ArKJSzHU5RBcwWGSgEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers timing-allow-origin * date Fri, 22 Jul 2022 23:31:04 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 9B57	82 KB 28 KB	30ms 30ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software sffe / Resource Hash 87d98c58214039d8317f6519c1441b13d920e83988a58cfc51ea5dbcbe7094e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:04 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28358 x-xss-protection 0 server sffe etag "1281 / 112 of 1000 / last-modified: 1658527520" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 22 Jul 2022 23:31:04 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 9B57	138 KB 42 KB	34ms 33ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43235 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1658317440141293" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 22 Jul 2022 23:31:04 GMT
GET H3	200	zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response pagead2.googlesyndication.com/bg/ Frame B15B	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 05:55:05 GMT content-encoding br x-content-type-options nosniff age 63359 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14002 x-xss-protection 0 last-modified Tue, 19 Jul 2022 12:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 22 Jul 2023 05:55:05 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame E0A4	0 0	62ms 62ms	Image text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022072001&jk=190379805239038&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers
GET H3	200	pubads_impl_2022071901.js Show response securepubads.g.doubleclick.net/gpt/ Frame 9B57	376 KB 128 KB	22ms 22ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software sffe / Resource Hash d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:41:07 GMT content-encoding gzip x-content-type-options nosniff age 2997 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131527 x-xss-protection 0 last-modified Tue, 19 Jul 2022 08:34:38 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 22 Jul 2023 22:41:07 GMT
GET DATA	200 OK	truncated / Frame 9B57	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 924d1decf633929cf4cc7e902c0fd824798423d8a27c75d17515089ba075f036 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame B15B	0 9 B	21ms 21ms	Image text/plain	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?bR6hUw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:04 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 9B57	0 0	59ms 59ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkH8SreJ6Z2hKqoVj-Dk80cymNQTD5QW6inGtEfml-gRjpa-tvL7-zDpKGuUKtkSncIMZjBm6NLtErMOCIo54b9p-yxPFJ8q_WE4272Vd4LtVGvE43kJEPqWBwCmDKvGDvZpGE2PFMl8heKbpopdCk0CwA2tGMSQTbUGPvEexcIthW1P8s-Z7W6el-R8gbMwqHIgDZ63J96f5j9pCdS8bThCaFNf9VHVCfJm3HPfhQOfMYkTgda-77czRz9-Ymfde_ci4ZN4fZ59TIeL67SB8m-qxYx7jkNxFkaLlTsN_JSYypMeauu-TBJpGjZG2TxF9PCLQ_&sai=AMfl-YQUqxkA6pmKTSJse_fUKsDazL_f7Su6djwd8mWXKC0MIK5Hv2ZZ2RfUg6H7mLXP9TAPk9yoAxTvkSI3RZusiGdIPdId1YIEKahxBbm3K1VpU4iKaLdQUDcEvoFyw1k&sig=Cg0ArKJSzDQgYB5QuS0OEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers timing-allow-origin * date Fri, 22 Jul 2022 23:31:04 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 22 Jul 2022 23:31:04 GMT
GET H3	200	container.html Show response 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CBF6	6 KB 3 KB	21ms 21ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.guru3d.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 22 Jul 2022 23:31:03 GMT expires Sat, 22 Jul 2023 23:31:03 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	200	get Show response www.youtube.com/youtubei/v1/att/ Frame 32FC	19 KB 14 KB	41ms 41ms	XHR application/json	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/att/get?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash 74ab2d4bd9fa6e0359345a9032a3f203a7849aa41b5d9b6c2f32a986ff1da578 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/oqiHTjyKmt0 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20220720.01.00 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 X-Goog-Visitor-Id CgsxQXctX2FBMVhUZyi35uyWBg%3D%3D Content-Type application/json Response headers date Fri, 22 Jul 2022 23:31:04 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13920 x-xss-protection 0 expires Fri, 22 Jul 2022 23:31:04 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 6A2E	624 B 299 B	32ms 32ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUy1QJ72gZGh4X13qrwvxvfifiRCHq8VPKv9A4Du2TjSPuUu4RVmG1M_ehRrtfMi1Ko9Sg2iXAr1oVS14cFo0JqVYRvI6Wb9tPIlDgKCrn5guVPkeag4snSgPMuaFnckeweRdvJqqQDagUP3pxRB2mE2e0F2y5Zg9-JRQu8ca72BlNfmvk Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding gzip content-length 276 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 22 Jul 2022 23:31:04 GMT expires Fri, 22 Jul 2022 23:31:04 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame CBF6	27 KB 16 KB	51ms 50ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHI8vSL6pLlwvSF_Bl6IsxLzrf3IxKP61f1OkpX-l0HbpVfGMgnVfNDhQ90-qz4ggtR00o3rqICDmDxaeo0sFzlNSJGNh7jsYlp7xPfeyUwPs9hDjgb-jNnvYfpJ_t877lFk0XLQQm4yyI9MJf2sP567LYuA&cry=1&dbm_d=AKAmf-CaH29FMRpo8Fy0eMxJ2Ko1UXTmawU7abxtehZz70sZWaQaJ6UnNt2dPUtZiUVjPvujBg2nO1uW4XYDVnqbSeIl92tb4bnNSeHybwJYfHJo5cYL92g2oOChMTC3K3X4tP5tbOvtjhrV94QGA0oNSShP-M7oNAiWkwr1y_tkdJ85Py3jU5hMNAUjKywLtvS_PNqhBnIWD3hw3NvAYIvvxHsBw5PNfe8ZIuk0WdNV3SFG3viH6_HOKyKqJC-nd109uYizYZ6yMdAFt7QiNlSnAdH7-b5PvM3ODs_gQeG0v8aR-pouPYuZMgqYiQ6_klJ1oRJr-AUnKk-eZJpj09ZY30FXyv6ogMsb6QL76JeeHQmDfbTjuRL7pyW6fSgMP9_JBr8NQRtCEuufJx2SSsFh3lGu7MbT7Jb7jfEUKNHZTYF_BR7hNzoc1Jku8zCcBYBJTYPIwmTEXTXhq9-0gXu6gan2gjrCejFvWwtO2luEqhBjTo6QJhMCLrSKXwamwG0vAOiPoNrkhzU-6V9Jvs8Bs9F7-VF6PHDX9Fqn0Av8knAUOufaPBjZWNbULZab30QRC9bISW8fJGTxIdtitlAUxXtXGwF8vMKycdjoL-qn0Ei4_qNJPxRzDmCjFTj_IVEatwJ-8UkPvBh471YgUCazSmUsWKJR4qkLE2zCEnLYgPooKTjNm4B6uD9Y2QNfYQecYJFeovR7qnNswnciI-7yacIfy4XGyuneWPDAZneCuNIMsQVihkeElm-O5EWn6qMaxckCjvjWcOcASdVmg4E5x-1iuJBnUcszwPSjH0fIBpJHvpW258xGV9oFkTuQFmf3T6gUNQR1vfmLTODGbpnOJH-EnRgIK6Qr903cfXI7EGkRCJYhFjhsBFrxu-0lV2HlnB3TTchA_VhabWc_Wf5kc5tzizgau1N9JJLlmu46ShADv85oa1i38go-TOk6AH0ERwGPlKWyRJ5DHJIV5OXWKpGrPD49kTExGBW9T-VX1DecFKY6z512AHZ1T44g7wCtvbp1dfwYRNdnIxIwpeglUEqlB6gypuWHV3Mss5JAD-vXxQ4RRbZsswgnwI1Pk7MVO6i_OhxNl4N43DxoxnItnVnJU7cgkEzVWE1vkTcM7OHAay8CkvcHDcPAbdM0GLUjDYXehEuYvZsdd1rosakXu5oc055hLd3V71Q4W93UIGj2IDY8xAtAZsQHCfgk7aHijvRYwCS1yRKk9Oav124TyC25XHIVkLrgAWvnYDL0_L-_L7Lum2XJiQf4J8o8NYYUNFXUyADjFUm-arA8dFiPgUsW-i09VYm_M3JHYo_53PCX-GY8wpiY6cJF6f3ZnFgFQItiMpdKWFI5OtebpMfXAwOEh97ghEdKiaZ6mm9j5KD5OyVbxHlo_BpHsaI7vkqLAIklrLfKG_-Hwzk1yuurY0fwgHkGKffjKIB5VK9C4oKyhm65d9ouV7k9pgrAhOkVM1W2h_-5wCbGZ8hZo7dkA4alCknNkMqUlDc0mHiqomaRn1Wwd9Wqjbat5V2d4o4Nl-GeOT0RWVGX8iqZz9_L0sPOehsC3RoTdsjm2Ny90cc9KC3-zjp9pdYn5PsMfnB80CM2qKc42zYl7ZRAATKMw4B_z_aFrTXPIB8v_dDh54LNG1Opkqi4stWbdKKkPZHEKnLU2Bw0wNfq4RkyhLmUjUiZffXC1qhipPxIIkUkhfcNnj_WfAt_C_93U7-fYqbewb9RdPqyhtELoqaBaNZ3_nfnL5GV6AQNY9ermbNAXdEdt9H0C6XxKGwxQwgS03I-vEyOXgYlmqWw_Zo_l_Jf7sRM78L6kfLPLJtpFqcGg5e3gF6cCV41NH44M03sEZr-pVhyl9zU1177r38aQfxYN5FgxsjTHLo9-xkz6XpONQ9haIsRopTYO_d_QjqQp-PfDIYB7HPEtQGfPI1GtaxuXjy56QG2xc0Y8osSqSLE7PUjtouJbqAG3a5VvgwxeWB6Q0aVUxBcRWKzKBMxMys96NGo4_R6SaGpG_fZNXmD9cZblPnY8Z7tUEBPnPg8SILecpyZALO1JsC56Abvv1KnStM-OOjP7wYPeyTF_OwQbgv4bnzyZQp2g7T0ZWI747v4db_UQMEPl2RLFJvZy44O-25Pol0Wz-7pBwbeZIWJJ5fH1N_3QArdnN-I41p-TxGp5mIXdgDSuW1RkIRQKgn_Wq6-Y6F-_02TO8wxREEmXMyw6gdFmcOU_JjJPN7dCa5uhJDoXtJjQKRDEz4V-ccBRELrX67cw4eMd5ll6NpeLhlbpPfBmmNBcKf6A0GSbFKfbtJOOJVFiHVzwGnhIj0RnRM5C4UpLogOxyHw9-QS1seP3tIvorjNWkIa3XWX0JponFHNAn0vpnsLiv9Rg5CaBC-flHH6jlXSDVCem8ibBD3Eyvjukg5gMs3A0WTA3WzOtRpiRfk82dgT4mhlxXrYz3Lc0P34WlRBC6JqsVmQY5dLtDvFxoUQSOtaxGDAPoCA2KXSu25I5heMeeCmSxfwpFWh8EnS__2qrlB2ZYsMnAJbQYqu55fqizm4BV-LXHQptDJeXr4epuYzH4htLZteMqks8xhWHodOqbCWRGB-cK07Ps0oP03q6ia7HMhek3e5mdgNUit-YoIbayIRlpdjEm8bAub4NCCkqQa7G7SEnDtnOJp-qy9neM-qy1jRMN1ieqFqz0Z80_qaAscBqwFD9dBXPkJgoUVwfJG4GVdot3lOPaHYLbZ3m380hNEFFv9Hd2oD5w4EYL4qAfV_BXgaEve3BFYgi2H_ee9ByQ5U4rUCuUw1EfvC0hmStq_KXSkk0LncgKh72gUfP2O67kmhk0wbaZUKbKSWioq_VfWmYNJ3-fr8MRpDDKGOWEwW3a07IKwqN2PIuhjGs1uqbVj6Hd9Q62WgrJbyoGn3ISf7WPE0RXTfK7A7nfSnS5v8L8MB0P3vdhcDpvrTdF_Nl9T9MKinfQBsrljiY_2hLGrUhV6fbULMvRk_WngXA77qBO31ULZ573zm00gJ6hQ_n2DUaoQQ4acs_ONJ04k_gMq7zm6Er8xMGnLxJxTY1CbfdaxJ6SiiTFQO-f382BPqE8bEqaK_QwZnrsk86ZGxoUtkywPc8mCQ3YvACQmkrEjQ58Pg0doJj38jisJRoI-ck59KSt2C2gAr7t3_0L_J39CWkZ5zg60fvSR4L4rzq1KbBaNNubjlvAQkrzIImqyPYwYhrMXDO4yIFn8ZWVxmhaquxg2_TWOkd2V7BzD_7sXwrRUldaF8PHFfoNh9h6XgG0BCWthfa2hn04wvYnh1JIQfI6QKJopiR_MVZbYUopJxyhED8sqpCilWslG5SRsdkRHOUe7PRynU7RYyrU0Gr6vqyaRrIpKVEm2CoW2ZkUEII5GwtP_gAV2g&cid=CAASKORoa90dr7kdx0McH3qUL7zQ-bE323XLGHTkAS1CeFhRD12zrUkQaA0&rfl=1%2Chttps%253A%252F%252Fwww.guru3d.com%252F%240 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 62df12fe951c1d0ba2c06ccdd8317015798abcd6cd251b648192bd23becc32d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Fri, 22 Jul 2022 23:31:04 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16298 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame CBF6	42 B 63 B	55ms 54ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-0SJwkjfk0hV9uuRdzPaT5ZPUJ8xlynaHRFJGdMGHbbCLGqaQqN2JCqEHzwG6kaHF8-3SK4KfYdi80cuKd5b3MHmzTtTB05FYVCRfcTTPyUnRjRY Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Fri, 22 Jul 2022 23:31:04 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame CBF6	3 KB 1 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:50:40 GMT content-encoding gzip x-content-type-options nosniff age 2424 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 05 Aug 2022 22:50:40 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame CBF6	138 KB 42 KB	32ms 31ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43235 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1658317440141293" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 22 Jul 2022 23:31:04 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame CBF6	17 KB 7 KB	23ms 21ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:06:53 GMT content-encoding gzip x-content-type-options nosniff age 1451 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7308 x-xss-protection 0 server cafe etag 13288730413591369063 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 05 Aug 2022 23:06:53 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame CBF6	0 0	28ms 27ms	Image text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDTet39T3dQ1gmz0ALN86Aj0_2xwP3XoXMNw4ZeCTxNSyS3I6nN3zxNufZKhcR1WD6bqAogoaI4tz2-Qowt-mSGOdDYw Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers
GET H3	200	UhhEpI-Ccl32QOx3h6ch0Gg8bzdF_StG9VDyKSAPcBQ.js Show response www.google.com/js/th/ Frame 32FC	36 KB 14 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/UhhEpI-Ccl32QOx3h6ch0Gg8bzdF_StG9VDyKSAPcBQ.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 521844a48f82725df640ec7787a721d0683c6f3745fd2b46f550f229200f7014 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 19 Jul 2022 13:59:57 GMT content-encoding br x-content-type-options nosniff age 293467 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13860 x-xss-protection 0 last-modified Fri, 01 Jul 2022 16:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 19 Jul 2023 13:59:57 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 6A2E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRQEM-uoJSXeKMxGlhYHG0&google_cver=1	43 B 947 B	55ms 38ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRQEM-uoJSXeKMxGlhYHG0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUy1QJ72gZGh4X13qrwvxvfifiRCHq8VPKv9A4Du2TjSPuUu4RVmG1M_ehRrtfMi1Ko9Sg2iXAr1oVS14cFo0JqVYRvI6Wb9tPIlDgKCrn5guVPkeag4snSgPMuaFnckeweRdvJqqQDagUP3pxRB2mE2e0F2y5Zg9-JRQu8ca72BlNfmvk Protocol H3 Server 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers cf-ray 72eff7c44b599bec-FRA pragma no-cache date Fri, 22 Jul 2022 23:31:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HsOEa3QWpkgQzAgKhPxbMfVgcPQEjwyEL7Vae%2BnccPWjyr%2B2u6sXJGAX34MfoAitVqo8HsjV1mlqQuhWBhrIsxoipG1RjWo7EG%2FvZ9sCNGyb46tPsYwe%2FNYmL1wgC%2By3zgo%2BGsDIwaIf8A%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 22 Jul 2022 23:31:04 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRQEM-uoJSXeKMxGlhYHG0&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 6A2E Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtszOCFJYocRJY6slLNX6wAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRQEM-uoJSXeKMxGlhYHG0&google_cver=1	43 B 907 B	34ms 33ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRQEM-uoJSXeKMxGlhYHG0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUy1QJ72gZGh4X13qrwvxvfifiRCHq8VPKv9A4Du2TjSPuUu4RVmG1M_ehRrtfMi1Ko9Sg2iXAr1oVS14cFo0JqVYRvI6Wb9tPIlDgKCrn5guVPkeag4snSgPMuaFnckeweRdvJqqQDagUP3pxRB2mE2e0F2y5Zg9-JRQu8ca72BlNfmvk Protocol H3 Server 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers cf-ray 72eff7c4cbd39bec-FRA pragma no-cache date Fri, 22 Jul 2022 23:31:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBKGES6ow%2FsIgzgSQyHxYa5RnrLoXGQKBw8uDcGNMKxrSWyOJfY7bSSw1FsNT6FpJGPd6KXRJmftvLv0lp1seLZembznfjJj2QHAbe%2BJopW0OoJFHqx8AdyEQLAdVnwkIuDc2e8Hp4O5Ig%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 22 Jul 2022 23:31:05 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRQEM-uoJSXeKMxGlhYHG0&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 6A2E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEOf8zmd_ffbJnQBxXS_-cO0&google_cver=1	43 B 1018 B	22ms 20ms	Image image/gif	37.252.173.38 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEOf8zmd_ffbJnQBxXS_-cO0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUy1QJ72gZGh4X13qrwvxvfifiRCHq8VPKv9A4Du2TjSPuUu4RVmG1M_ehRrtfMi1Ko9Sg2iXAr1oVS14cFo0JqVYRvI6Wb9tPIlDgKCrn5guVPkeag4snSgPMuaFnckeweRdvJqqQDagUP3pxRB2mE2e0F2y5Zg9-JRQu8ca72BlNfmvk Protocol HTTP/1.1 Server 37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Pragma no-cache Date Fri, 22 Jul 2022 23:31:04 GMT X-Proxy-Origin 217.114.218.23; 217.114.218.23; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 358cc8a8-bb49-4b9a-9c47-296f67a7121a Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 22 Jul 2022 23:31:04 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEOf8zmd_ffbJnQBxXS_-cO0&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6A2E Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NDMyODY5NzMyOTQxMTAwNg%3D%3D	170 B 188 B	79ms 32ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NDMyODY5NzMyOTQxMTAwNg%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUy1QJ72gZGh4X13qrwvxvfifiRCHq8VPKv9A4Du2TjSPuUu4RVmG1M_ehRrtfMi1Ko9Sg2iXAr1oVS14cFo0JqVYRvI6Wb9tPIlDgKCrn5guVPkeag4snSgPMuaFnckeweRdvJqqQDagUP3pxRB2mE2e0F2y5Zg9-JRQu8ca72BlNfmvk Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Fri, 22 Jul 2022 23:31:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 22 Jul 2022 23:31:04 GMT X-Proxy-Origin 217.114.218.23; 217.114.218.23; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid d6c4943a-bd19-46dd-b561-cfd825bb8b31 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NDMyODY5NzMyOTQxMTAwNg%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame CBF6	27 KB 10 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHI8vSL6pLlwvSF_Bl6IsxLzrf3IxKP61f1OkpX-l0HbpVfGMgnVfNDhQ90-qz4ggtR00o3rqICDmDxaeo0sFzlNSJGNh7jsYlp7xPfeyUwPs9hDjgb-jNnvYfpJ_t877lFk0XLQQm4yyI9MJf2sP567LYuA&cry=1&dbm_d=AKAmf-CaH29FMRpo8Fy0eMxJ2Ko1UXTmawU7abxtehZz70sZWaQaJ6UnNt2dPUtZiUVjPvujBg2nO1uW4XYDVnqbSeIl92tb4bnNSeHybwJYfHJo5cYL92g2oOChMTC3K3X4tP5tbOvtjhrV94QGA0oNSShP-M7oNAiWkwr1y_tkdJ85Py3jU5hMNAUjKywLtvS_PNqhBnIWD3hw3NvAYIvvxHsBw5PNfe8ZIuk0WdNV3SFG3viH6_HOKyKqJC-nd109uYizYZ6yMdAFt7QiNlSnAdH7-b5PvM3ODs_gQeG0v8aR-pouPYuZMgqYiQ6_klJ1oRJr-AUnKk-eZJpj09ZY30FXyv6ogMsb6QL76JeeHQmDfbTjuRL7pyW6fSgMP9_JBr8NQRtCEuufJx2SSsFh3lGu7MbT7Jb7jfEUKNHZTYF_BR7hNzoc1Jku8zCcBYBJTYPIwmTEXTXhq9-0gXu6gan2gjrCejFvWwtO2luEqhBjTo6QJhMCLrSKXwamwG0vAOiPoNrkhzU-6V9Jvs8Bs9F7-VF6PHDX9Fqn0Av8knAUOufaPBjZWNbULZab30QRC9bISW8fJGTxIdtitlAUxXtXGwF8vMKycdjoL-qn0Ei4_qNJPxRzDmCjFTj_IVEatwJ-8UkPvBh471YgUCazSmUsWKJR4qkLE2zCEnLYgPooKTjNm4B6uD9Y2QNfYQecYJFeovR7qnNswnciI-7yacIfy4XGyuneWPDAZneCuNIMsQVihkeElm-O5EWn6qMaxckCjvjWcOcASdVmg4E5x-1iuJBnUcszwPSjH0fIBpJHvpW258xGV9oFkTuQFmf3T6gUNQR1vfmLTODGbpnOJH-EnRgIK6Qr903cfXI7EGkRCJYhFjhsBFrxu-0lV2HlnB3TTchA_VhabWc_Wf5kc5tzizgau1N9JJLlmu46ShADv85oa1i38go-TOk6AH0ERwGPlKWyRJ5DHJIV5OXWKpGrPD49kTExGBW9T-VX1DecFKY6z512AHZ1T44g7wCtvbp1dfwYRNdnIxIwpeglUEqlB6gypuWHV3Mss5JAD-vXxQ4RRbZsswgnwI1Pk7MVO6i_OhxNl4N43DxoxnItnVnJU7cgkEzVWE1vkTcM7OHAay8CkvcHDcPAbdM0GLUjDYXehEuYvZsdd1rosakXu5oc055hLd3V71Q4W93UIGj2IDY8xAtAZsQHCfgk7aHijvRYwCS1yRKk9Oav124TyC25XHIVkLrgAWvnYDL0_L-_L7Lum2XJiQf4J8o8NYYUNFXUyADjFUm-arA8dFiPgUsW-i09VYm_M3JHYo_53PCX-GY8wpiY6cJF6f3ZnFgFQItiMpdKWFI5OtebpMfXAwOEh97ghEdKiaZ6mm9j5KD5OyVbxHlo_BpHsaI7vkqLAIklrLfKG_-Hwzk1yuurY0fwgHkGKffjKIB5VK9C4oKyhm65d9ouV7k9pgrAhOkVM1W2h_-5wCbGZ8hZo7dkA4alCknNkMqUlDc0mHiqomaRn1Wwd9Wqjbat5V2d4o4Nl-GeOT0RWVGX8iqZz9_L0sPOehsC3RoTdsjm2Ny90cc9KC3-zjp9pdYn5PsMfnB80CM2qKc42zYl7ZRAATKMw4B_z_aFrTXPIB8v_dDh54LNG1Opkqi4stWbdKKkPZHEKnLU2Bw0wNfq4RkyhLmUjUiZffXC1qhipPxIIkUkhfcNnj_WfAt_C_93U7-fYqbewb9RdPqyhtELoqaBaNZ3_nfnL5GV6AQNY9ermbNAXdEdt9H0C6XxKGwxQwgS03I-vEyOXgYlmqWw_Zo_l_Jf7sRM78L6kfLPLJtpFqcGg5e3gF6cCV41NH44M03sEZr-pVhyl9zU1177r38aQfxYN5FgxsjTHLo9-xkz6XpONQ9haIsRopTYO_d_QjqQp-PfDIYB7HPEtQGfPI1GtaxuXjy56QG2xc0Y8osSqSLE7PUjtouJbqAG3a5VvgwxeWB6Q0aVUxBcRWKzKBMxMys96NGo4_R6SaGpG_fZNXmD9cZblPnY8Z7tUEBPnPg8SILecpyZALO1JsC56Abvv1KnStM-OOjP7wYPeyTF_OwQbgv4bnzyZQp2g7T0ZWI747v4db_UQMEPl2RLFJvZy44O-25Pol0Wz-7pBwbeZIWJJ5fH1N_3QArdnN-I41p-TxGp5mIXdgDSuW1RkIRQKgn_Wq6-Y6F-_02TO8wxREEmXMyw6gdFmcOU_JjJPN7dCa5uhJDoXtJjQKRDEz4V-ccBRELrX67cw4eMd5ll6NpeLhlbpPfBmmNBcKf6A0GSbFKfbtJOOJVFiHVzwGnhIj0RnRM5C4UpLogOxyHw9-QS1seP3tIvorjNWkIa3XWX0JponFHNAn0vpnsLiv9Rg5CaBC-flHH6jlXSDVCem8ibBD3Eyvjukg5gMs3A0WTA3WzOtRpiRfk82dgT4mhlxXrYz3Lc0P34WlRBC6JqsVmQY5dLtDvFxoUQSOtaxGDAPoCA2KXSu25I5heMeeCmSxfwpFWh8EnS__2qrlB2ZYsMnAJbQYqu55fqizm4BV-LXHQptDJeXr4epuYzH4htLZteMqks8xhWHodOqbCWRGB-cK07Ps0oP03q6ia7HMhek3e5mdgNUit-YoIbayIRlpdjEm8bAub4NCCkqQa7G7SEnDtnOJp-qy9neM-qy1jRMN1ieqFqz0Z80_qaAscBqwFD9dBXPkJgoUVwfJG4GVdot3lOPaHYLbZ3m380hNEFFv9Hd2oD5w4EYL4qAfV_BXgaEve3BFYgi2H_ee9ByQ5U4rUCuUw1EfvC0hmStq_KXSkk0LncgKh72gUfP2O67kmhk0wbaZUKbKSWioq_VfWmYNJ3-fr8MRpDDKGOWEwW3a07IKwqN2PIuhjGs1uqbVj6Hd9Q62WgrJbyoGn3ISf7WPE0RXTfK7A7nfSnS5v8L8MB0P3vdhcDpvrTdF_Nl9T9MKinfQBsrljiY_2hLGrUhV6fbULMvRk_WngXA77qBO31ULZ573zm00gJ6hQ_n2DUaoQQ4acs_ONJ04k_gMq7zm6Er8xMGnLxJxTY1CbfdaxJ6SiiTFQO-f382BPqE8bEqaK_QwZnrsk86ZGxoUtkywPc8mCQ3YvACQmkrEjQ58Pg0doJj38jisJRoI-ck59KSt2C2gAr7t3_0L_J39CWkZ5zg60fvSR4L4rzq1KbBaNNubjlvAQkrzIImqyPYwYhrMXDO4yIFn8ZWVxmhaquxg2_TWOkd2V7BzD_7sXwrRUldaF8PHFfoNh9h6XgG0BCWthfa2hn04wvYnh1JIQfI6QKJopiR_MVZbYUopJxyhED8sqpCilWslG5SRsdkRHOUe7PRynU7RYyrU0Gr6vqyaRrIpKVEm2CoW2ZkUEII5GwtP_gAV2g&cid=CAASKORoa90dr7kdx0McH3qUL7zQ-bE323XLGHTkAS1CeFhRD12zrUkQaA0&rfl=1%2Chttps%253A%252F%252Fwww.guru3d.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:25:49 GMT content-encoding gzip x-content-type-options nosniff age 315 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10526 x-xss-protection 0 server cafe etag 4815257668744283084 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 05 Aug 2022 23:25:49 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame CBF6	41 KB 15 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHI8vSL6pLlwvSF_Bl6IsxLzrf3IxKP61f1OkpX-l0HbpVfGMgnVfNDhQ90-qz4ggtR00o3rqICDmDxaeo0sFzlNSJGNh7jsYlp7xPfeyUwPs9hDjgb-jNnvYfpJ_t877lFk0XLQQm4yyI9MJf2sP567LYuA&cry=1&dbm_d=AKAmf-CaH29FMRpo8Fy0eMxJ2Ko1UXTmawU7abxtehZz70sZWaQaJ6UnNt2dPUtZiUVjPvujBg2nO1uW4XYDVnqbSeIl92tb4bnNSeHybwJYfHJo5cYL92g2oOChMTC3K3X4tP5tbOvtjhrV94QGA0oNSShP-M7oNAiWkwr1y_tkdJ85Py3jU5hMNAUjKywLtvS_PNqhBnIWD3hw3NvAYIvvxHsBw5PNfe8ZIuk0WdNV3SFG3viH6_HOKyKqJC-nd109uYizYZ6yMdAFt7QiNlSnAdH7-b5PvM3ODs_gQeG0v8aR-pouPYuZMgqYiQ6_klJ1oRJr-AUnKk-eZJpj09ZY30FXyv6ogMsb6QL76JeeHQmDfbTjuRL7pyW6fSgMP9_JBr8NQRtCEuufJx2SSsFh3lGu7MbT7Jb7jfEUKNHZTYF_BR7hNzoc1Jku8zCcBYBJTYPIwmTEXTXhq9-0gXu6gan2gjrCejFvWwtO2luEqhBjTo6QJhMCLrSKXwamwG0vAOiPoNrkhzU-6V9Jvs8Bs9F7-VF6PHDX9Fqn0Av8knAUOufaPBjZWNbULZab30QRC9bISW8fJGTxIdtitlAUxXtXGwF8vMKycdjoL-qn0Ei4_qNJPxRzDmCjFTj_IVEatwJ-8UkPvBh471YgUCazSmUsWKJR4qkLE2zCEnLYgPooKTjNm4B6uD9Y2QNfYQecYJFeovR7qnNswnciI-7yacIfy4XGyuneWPDAZneCuNIMsQVihkeElm-O5EWn6qMaxckCjvjWcOcASdVmg4E5x-1iuJBnUcszwPSjH0fIBpJHvpW258xGV9oFkTuQFmf3T6gUNQR1vfmLTODGbpnOJH-EnRgIK6Qr903cfXI7EGkRCJYhFjhsBFrxu-0lV2HlnB3TTchA_VhabWc_Wf5kc5tzizgau1N9JJLlmu46ShADv85oa1i38go-TOk6AH0ERwGPlKWyRJ5DHJIV5OXWKpGrPD49kTExGBW9T-VX1DecFKY6z512AHZ1T44g7wCtvbp1dfwYRNdnIxIwpeglUEqlB6gypuWHV3Mss5JAD-vXxQ4RRbZsswgnwI1Pk7MVO6i_OhxNl4N43DxoxnItnVnJU7cgkEzVWE1vkTcM7OHAay8CkvcHDcPAbdM0GLUjDYXehEuYvZsdd1rosakXu5oc055hLd3V71Q4W93UIGj2IDY8xAtAZsQHCfgk7aHijvRYwCS1yRKk9Oav124TyC25XHIVkLrgAWvnYDL0_L-_L7Lum2XJiQf4J8o8NYYUNFXUyADjFUm-arA8dFiPgUsW-i09VYm_M3JHYo_53PCX-GY8wpiY6cJF6f3ZnFgFQItiMpdKWFI5OtebpMfXAwOEh97ghEdKiaZ6mm9j5KD5OyVbxHlo_BpHsaI7vkqLAIklrLfKG_-Hwzk1yuurY0fwgHkGKffjKIB5VK9C4oKyhm65d9ouV7k9pgrAhOkVM1W2h_-5wCbGZ8hZo7dkA4alCknNkMqUlDc0mHiqomaRn1Wwd9Wqjbat5V2d4o4Nl-GeOT0RWVGX8iqZz9_L0sPOehsC3RoTdsjm2Ny90cc9KC3-zjp9pdYn5PsMfnB80CM2qKc42zYl7ZRAATKMw4B_z_aFrTXPIB8v_dDh54LNG1Opkqi4stWbdKKkPZHEKnLU2Bw0wNfq4RkyhLmUjUiZffXC1qhipPxIIkUkhfcNnj_WfAt_C_93U7-fYqbewb9RdPqyhtELoqaBaNZ3_nfnL5GV6AQNY9ermbNAXdEdt9H0C6XxKGwxQwgS03I-vEyOXgYlmqWw_Zo_l_Jf7sRM78L6kfLPLJtpFqcGg5e3gF6cCV41NH44M03sEZr-pVhyl9zU1177r38aQfxYN5FgxsjTHLo9-xkz6XpONQ9haIsRopTYO_d_QjqQp-PfDIYB7HPEtQGfPI1GtaxuXjy56QG2xc0Y8osSqSLE7PUjtouJbqAG3a5VvgwxeWB6Q0aVUxBcRWKzKBMxMys96NGo4_R6SaGpG_fZNXmD9cZblPnY8Z7tUEBPnPg8SILecpyZALO1JsC56Abvv1KnStM-OOjP7wYPeyTF_OwQbgv4bnzyZQp2g7T0ZWI747v4db_UQMEPl2RLFJvZy44O-25Pol0Wz-7pBwbeZIWJJ5fH1N_3QArdnN-I41p-TxGp5mIXdgDSuW1RkIRQKgn_Wq6-Y6F-_02TO8wxREEmXMyw6gdFmcOU_JjJPN7dCa5uhJDoXtJjQKRDEz4V-ccBRELrX67cw4eMd5ll6NpeLhlbpPfBmmNBcKf6A0GSbFKfbtJOOJVFiHVzwGnhIj0RnRM5C4UpLogOxyHw9-QS1seP3tIvorjNWkIa3XWX0JponFHNAn0vpnsLiv9Rg5CaBC-flHH6jlXSDVCem8ibBD3Eyvjukg5gMs3A0WTA3WzOtRpiRfk82dgT4mhlxXrYz3Lc0P34WlRBC6JqsVmQY5dLtDvFxoUQSOtaxGDAPoCA2KXSu25I5heMeeCmSxfwpFWh8EnS__2qrlB2ZYsMnAJbQYqu55fqizm4BV-LXHQptDJeXr4epuYzH4htLZteMqks8xhWHodOqbCWRGB-cK07Ps0oP03q6ia7HMhek3e5mdgNUit-YoIbayIRlpdjEm8bAub4NCCkqQa7G7SEnDtnOJp-qy9neM-qy1jRMN1ieqFqz0Z80_qaAscBqwFD9dBXPkJgoUVwfJG4GVdot3lOPaHYLbZ3m380hNEFFv9Hd2oD5w4EYL4qAfV_BXgaEve3BFYgi2H_ee9ByQ5U4rUCuUw1EfvC0hmStq_KXSkk0LncgKh72gUfP2O67kmhk0wbaZUKbKSWioq_VfWmYNJ3-fr8MRpDDKGOWEwW3a07IKwqN2PIuhjGs1uqbVj6Hd9Q62WgrJbyoGn3ISf7WPE0RXTfK7A7nfSnS5v8L8MB0P3vdhcDpvrTdF_Nl9T9MKinfQBsrljiY_2hLGrUhV6fbULMvRk_WngXA77qBO31ULZ573zm00gJ6hQ_n2DUaoQQ4acs_ONJ04k_gMq7zm6Er8xMGnLxJxTY1CbfdaxJ6SiiTFQO-f382BPqE8bEqaK_QwZnrsk86ZGxoUtkywPc8mCQ3YvACQmkrEjQ58Pg0doJj38jisJRoI-ck59KSt2C2gAr7t3_0L_J39CWkZ5zg60fvSR4L4rzq1KbBaNNubjlvAQkrzIImqyPYwYhrMXDO4yIFn8ZWVxmhaquxg2_TWOkd2V7BzD_7sXwrRUldaF8PHFfoNh9h6XgG0BCWthfa2hn04wvYnh1JIQfI6QKJopiR_MVZbYUopJxyhED8sqpCilWslG5SRsdkRHOUe7PRynU7RYyrU0Gr6vqyaRrIpKVEm2CoW2ZkUEII5GwtP_gAV2g&cid=CAASKORoa90dr7kdx0McH3qUL7zQ-bE323XLGHTkAS1CeFhRD12zrUkQaA0&rfl=1%2Chttps%253A%252F%252Fwww.guru3d.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 21 Jul 2022 16:10:17 GMT content-encoding gzip x-content-type-options nosniff age 112847 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Jul 2023 16:10:17 GMT
GET H3	204	generate_204 www.youtube.com/ Frame 32FC	0 9 B	21ms 21ms	Image text/plain	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?28C7bQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/oqiHTjyKmt0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:04 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H/1.1	200 OK	npoee1nv94vs Show response hal9000.redintelligence.net/zone/ Frame CBF6	11 KB 4 KB	96ms 28ms	Script text/html	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdchpODPbYr_pHZDjgQebmIPwCLXN-YNXzN65q-UM8C4QASCd2oMCYJWylYKkB8gBCakCDr90toAqsT6oAwGqBOoBT9BTbeeM56lAHCz1RytR4-z-WAetfjLNALySeTII7FcO8CU9ObQsXEko4l-2RcVrl6WU6TCKmla6lkL6xeTa1SqHgV-k6E32U3jQAFD3W60Fc5iUdA74522SHX7ZbYmjucS48AlQN4XnATlrEFwboFXvqXbcV6g0xjcsVaBF8VCp8bw-UBYM3Fvge2MN2-WbTnzDGg83mSIewdKKygbRM9k0h5UcMzzOlBAyTI6_Yc58jdmLK3YJKYTWi8PM7eg7YkoKxsXqBMVFuzeTwZ4TqPNIx3QnpPrtoz6LLTi-JTw50uUZABg_X3AjwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoBmAsByAsBgAwBogwIKgYKBM-nsQKwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoa90dr7kdx0McH3qUL7zQ-bE323XLGHTkAS1CeFhRD12zrUkQaA0%26sig%3DAOD64_21CreY6WTnJdgVZ7t_1kmYc4g4Eg%26client%3Dca-pub-6229826550763491%26dbm_c%3DAKAmf-CmwDoi8uA1OpRBjRsqSChisjOJLcP9QlxaSu0jWEkoY84k4uejsMfD8hbSot8QLbXGan3QKjEeepHrsi3WDz0O2MHnsl70GllqAAMFozKiESDVgAPE6DNqaLcVRgeSD1FwF6LOFjVXHIjzwTMOoHMueibhXA%26cry%3D1%26dbm_d%3DAKAmf-A1XhG1jmRsb1XR0jsT2Pqfy-97xqcDumr5ipcAt82vu4u7e7-9QC_QOadIJeGe0mGPdE2ONC5Ih-vMjggirUN-Ulbn_sC-W062qkUP81Yg_L8fOc4l6ojRCtjz3_595Sflw9VyETLFm30AZt8tvVGmbZmAZHXBd_8rhQJ8K8OmIHfer2AX2nnMnY3NE4dm917KOwIMbJLgt_Qx2NR-aKHG12rLB2b0zhOy1XbfyFTu9jm5haEWV43WxImVPpQkSPANUhvn-bc4yAkfDxRPTwDHBkSkCvTWnsip1RzQHfP3dVEd9r8s5IqhwmaKPb3o5nT0CF69zXfpAXYYmaiOHgdVjFMCytQ_Mc8lXl4pPPhRbq0gdgt7sK3sbsVMbSDos5g21j8IN9nk4RMsnjQghthCJVY6RdRlF27H13O5w1GYdk4i-ZDC08zZe1Pxj6muNk77nmqVROddBblNG3Qzmo_Ss6u3o-l7ZBm-SotsUj8qn926HwUX1X7i216k2kWUE_I3vM6ah6CZAVvbbUBgA3kBGXdcCg%26adurl%3D Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash 39b4c231f4fe5b11f2c2cf9d9e21fd07a13a1fc84a36ab2fd772fdda1cfe111e Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:05 GMT Content-Encoding gzip Server Apache Connection close Content-Length 4013 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 7303	22 KB 8 KB	21ms 21ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 161577 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 21 Jul 2022 02:38:07 GMT expires Fri, 21 Jul 2023 02:38:07 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js Show response pagead2.googlesyndication.com/bg/ Frame 7303	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 19:56:44 GMT content-encoding br x-content-type-options nosniff age 12861 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13903 x-xss-protection 0 last-modified Tue, 19 Jul 2022 12:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 22 Jul 2023 19:56:44 GMT
GET H/1.1	200 OK	request.php Show response hal90006.redintelligence.net/ Frame CBF6 Redirect Chain https://hal90006.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=c60d484d4e&subid=&uid=556da6426a19e774&screenSize=1600x1200&screenSizeAvail=1600x1200&cli... https://hal90006.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=c60d484d4e&subid=&uid=556da6426a19e774&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...	2 KB 1 KB	243ms 193ms	Script application/x-javascript	138.201.63.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90006.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=c60d484d4e&subid=&uid=556da6426a19e774&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdchpODPbYr_pHZDjgQebmIPwCLXN-YNXzN65q-UM8C4QASCd2oMCYJWylYKkB8gBCakCDr90toAqsT6oAwGqBOoBT9BTbeeM56lAHCz1RytR4-z-WAetfjLNALySeTII7FcO8CU9ObQsXEko4l-2RcVrl6WU6TCKmla6lkL6xeTa1SqHgV-k6E32U3jQAFD3W60Fc5iUdA74522SHX7ZbYmjucS48AlQN4XnATlrEFwboFXvqXbcV6g0xjcsVaBF8VCp8bw-UBYM3Fvge2MN2-WbTnzDGg83mSIewdKKygbRM9k0h5UcMzzOlBAyTI6_Yc58jdmLK3YJKYTWi8PM7eg7YkoKxsXqBMVFuzeTwZ4TqPNIx3QnpPrtoz6LLTi-JTw50uUZABg_X3AjwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoBmAsByAsBgAwBogwIKgYKBM-nsQKwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoa90dr7kdx0McH3qUL7zQ-bE323XLGHTkAS1CeFhRD12zrUkQaA0%26sig%3DAOD64_21CreY6WTnJdgVZ7t_1kmYc4g4Eg%26client%3Dca-pub-6229826550763491%26dbm_c%3DAKAmf-CmwDoi8uA1OpRBjRsqSChisjOJLcP9QlxaSu0jWEkoY84k4uejsMfD8hbSot8QLbXGan3QKjEeepHrsi3WDz0O2MHnsl70GllqAAMFozKiESDVgAPE6DNqaLcVRgeSD1FwF6LOFjVXHIjzwTMOoHMueibhXA%26cry%3D1%26dbm_d%3DAKAmf-A1XhG1jmRsb1XR0jsT2Pqfy-97xqcDumr5ipcAt82vu4u7e7-9QC_QOadIJeGe0mGPdE2ONC5Ih-vMjggirUN-Ulbn_sC-W062qkUP81Yg_L8fOc4l6ojRCtjz3_595Sflw9VyETLFm30AZt8tvVGmbZmAZHXBd_8rhQJ8K8OmIHfer2AX2nnMnY3NE4dm917KOwIMbJLgt_Qx2NR-aKHG12rLB2b0zhOy1XbfyFTu9jm5haEWV43WxImVPpQkSPANUhvn-bc4yAkfDxRPTwDHBkSkCvTWnsip1RzQHfP3dVEd9r8s5IqhwmaKPb3o5nT0CF69zXfpAXYYmaiOHgdVjFMCytQ_Mc8lXl4pPPhRbq0gdgt7sK3sbsVMbSDos5g21j8IN9nk4RMsnjQghthCJVY6RdRlF27H13O5w1GYdk4i-ZDC08zZe1Pxj6muNk77nmqVROddBblNG3Qzmo_Ss6u3o-l7ZBm-SotsUj8qn926HwUX1X7i216k2kWUE_I3vM6ah6CZAVvbbUBgA3kBGXdcCg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.guru3d.com%2F&ancestorOrigins=https%3A%2F%2Fwww.guru3d.com&random=8668115019733&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Server 138.201.63.164 Nagold, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.63.201.138.clients.your-server.de Software Apache / Resource Hash 7894c3a4553d1f6599bb9cdee6b61a4a066cf418c392f166eef56f6c4609ee79 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Pragma no-cache Date Fri, 22 Jul 2022 23:31:05 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 98017500004252600710616012029006 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 863 Expires Sat, 23 Jul 2022 00:31:05 +0200 Redirect headers Pragma no-cache Date Fri, 22 Jul 2022 23:31:05 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=c60d484d4e&subid=&uid=556da6426a19e774&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdchpODPbYr_pHZDjgQebmIPwCLXN-YNXzN65q-UM8C4QASCd2oMCYJWylYKkB8gBCakCDr90toAqsT6oAwGqBOoBT9BTbeeM56lAHCz1RytR4-z-WAetfjLNALySeTII7FcO8CU9ObQsXEko4l-2RcVrl6WU6TCKmla6lkL6xeTa1SqHgV-k6E32U3jQAFD3W60Fc5iUdA74522SHX7ZbYmjucS48AlQN4XnATlrEFwboFXvqXbcV6g0xjcsVaBF8VCp8bw-UBYM3Fvge2MN2-WbTnzDGg83mSIewdKKygbRM9k0h5UcMzzOlBAyTI6_Yc58jdmLK3YJKYTWi8PM7eg7YkoKxsXqBMVFuzeTwZ4TqPNIx3QnpPrtoz6LLTi-JTw50uUZABg_X3AjwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoBmAsByAsBgAwBogwIKgYKBM-nsQKwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoa90dr7kdx0McH3qUL7zQ-bE323XLGHTkAS1CeFhRD12zrUkQaA0%26sig%3DAOD64_21CreY6WTnJdgVZ7t_1kmYc4g4Eg%26client%3Dca-pub-6229826550763491%26dbm_c%3DAKAmf-CmwDoi8uA1OpRBjRsqSChisjOJLcP9QlxaSu0jWEkoY84k4uejsMfD8hbSot8QLbXGan3QKjEeepHrsi3WDz0O2MHnsl70GllqAAMFozKiESDVgAPE6DNqaLcVRgeSD1FwF6LOFjVXHIjzwTMOoHMueibhXA%26cry%3D1%26dbm_d%3DAKAmf-A1XhG1jmRsb1XR0jsT2Pqfy-97xqcDumr5ipcAt82vu4u7e7-9QC_QOadIJeGe0mGPdE2ONC5Ih-vMjggirUN-Ulbn_sC-W062qkUP81Yg_L8fOc4l6ojRCtjz3_595Sflw9VyETLFm30AZt8tvVGmbZmAZHXBd_8rhQJ8K8OmIHfer2AX2nnMnY3NE4dm917KOwIMbJLgt_Qx2NR-aKHG12rLB2b0zhOy1XbfyFTu9jm5haEWV43WxImVPpQkSPANUhvn-bc4yAkfDxRPTwDHBkSkCvTWnsip1RzQHfP3dVEd9r8s5IqhwmaKPb3o5nT0CF69zXfpAXYYmaiOHgdVjFMCytQ_Mc8lXl4pPPhRbq0gdgt7sK3sbsVMbSDos5g21j8IN9nk4RMsnjQghthCJVY6RdRlF27H13O5w1GYdk4i-ZDC08zZe1Pxj6muNk77nmqVROddBblNG3Qzmo_Ss6u3o-l7ZBm-SotsUj8qn926HwUX1X7i216k2kWUE_I3vM6ah6CZAVvbbUBgA3kBGXdcCg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.guru3d.com%2F&ancestorOrigins=https%3A%2F%2Fwww.guru3d.com&random=8668115019733&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Sat, 23 Jul 2022 00:31:05 +0200
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7303	0 20 B	56ms 56ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQNlUODPbYrT9NJOn7gPVvZKwDAAAAAA4AeAEAg&bg=!ODulO3_NAAacadVKvGk7ACkAdvg8WkZyBRNWnY8U5zLnGHLXUA34RN4PPLPA3AW0FTJwPIoOSkpEzgIAAABhUgAAAAJoAQeZAuWZdTa5KwZZwBwj8NOpJVhDMfEmn3RpFKdXi7tXs8MsdJo9xV8ScLy2JAduVH5FExxjRsk9Cobt7ory194xJact431ZEu6SCeDxkkFatQwpboSGIm2v9v28REzL7PQsR1EgdOBuWco28XvqtStXF28nUqzJTUuWWzeZaYZnEdqs3L7Rrqm498Z8FArKG3AzKFk5XmnZgv37orhk5dIIYAYCc6v4IfEOcg_kUa5pIiIIk-gM7iLDV1UCKvmZMh5uqckAdqmSSMKjExxfktqfv_4baI7EzpFAYomRP-Rd09xvcMOGKUlln9B0C6FaCy4_WfS6JHrruWoVyTv8Ok9K1iQK3pHbU6rUz5FqGzhoblOVEpmn5t3s0jvLLUNR4AYWkYR7o5flxB4h8AmLUtOYE4yupAlsLrepLUIh7VRdI6_cmGynlaghpmfmHLXrzGcjN15vVmC_4mpC3fsCe29zlphaxSpuMMl_RPIF8UsOvYBl0XwtY-hP6aXZ08D-qgj1UNcJAT6GUsjfaIPa12PVp6AFsPkexQE176rQ78siFt10oBRxK2slyw9N8YgJjGGSCWGhuYHNOt4gM0wEWbVG_48QwUXhgsN-5kbfI0AZZSSIux60M9ntAqh7li4y95vpsgFZiaERix5wZnm6F-1j19TX3YK4D3kEK98-aqdO-IfRwMg19WW9pq4hD2qhcLanhk0jPHxI2Vo4Crgz4sFPoemGItk-JAv4yz5WIz_mL9BXUGlGHQMcYJ0qNctMSinW2SYOp05eOvr-SOoLEUWhtU4nTog0nriCCPf5tkVwoyVsffjXlH6Vf-T5ZFSPBiKdwAp4XcyQwt8JDhYrKruZcQ6qNoMYOr725vl7CpaQVDmO1jGzgyunb-copV-KbftSkVNGyy8GbugCZ6g-C1jUj_7aa3xWJmWRQ6OS04rzW9F6t7Oh4B2MKQ1jkRBVukW8qazyV-QcndgxucqCIobNGw8bX9NTSCA Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Fri, 22 Jul 2022 23:31:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	60ms 60ms	Image text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022072001&jk=190379805239038&bg=!g4ClgMTNAAacadVKvGk7ACkAdvg8Wt3p5fNPEHivw7YlyZp_GYDNeEc5OBoRtC59lsE_i5Pb8DVGJwIAAABuUgAAAANoAQcKAKHL-cMU6vFg2_qCBD14cDmVGUG9u0sJU5gAPk_0PCze80qsobLTE9xK5dMfYAfoeYdSDQohKFQod5jETuztulEuGyCrTnpOX-n9oxH1da-CbUs78xE4U_bPv6tot3wzqhkR4VEXVcRFWu6cIdN-VGrWpGVq4PlxiRS2gzXLYuUnaIg2MWzeq9fopa1yiBgOmXVJPWXja9sO7Rh__pI15suDvpkCoLgXS9zt6ybYtYTP3Be70xt8_a353gbowyMLzbM_fHQhAAjsT8eSay_2BiWRiNVNwNMlXLrCmVk_wpT6-sMw8g0MaYn0UukvhZDOu6Br2p1bP4DDoW2_vXm13SQskgAuvYzKsbkUCxiVoStVKM1QCqIUtzDtolWANmPumWKjFExys7aeYbNP2AiymQyRp7yfItNjXZTbP8kS2GO6cVEp0F7ofr94vkrGTLH5h_V6U0njVGXJKGp02qO0crrpg2eVlhcT9TQmXALtNtsUsXyhc7qoN-0nmmlsXLJwRLc-I3WUE7ZCWIktsHfIGqIkiZM31p0oENYvVM7F5daworol838gcnIsh1KeuYroDihqqyM7KStgP8Cybs44cY-jSbUqrSGdbk2fCOxzcaw_bRlJBqaIX9UmG8YtvCy4fJ4Ox8wW0mIaSwSAPekqx8iW_10FLJ2OnE-BZuB_ub9PQuEyE2CUTMg8PnN2m5AJEjVX_z5B1pUdOh5lHFavMOw5PpxSLvK5QxPKyNyS3BlGYwtSqAdjyDOlZjrf2-odJGn60GrAGNsb8fiX5DAcYaUQ20UE-_NoTGcYm7cj0SmDhnZViwYiP6uZXCFfss3_oTTLbnsYCUZjNCWhle3AKxZtOxiVh1DXNxTjhdm5pDk2-DjIEMUT0Ds1LCvD65ongGxtO2Qxb5VSpLxM0cg94hxJ-498W8unxc8OG86tsfSnJZ2ss5AYuW_Ij9diNGZ9Z_d_kVulUwWS8J_A9adBmwjqjiz6WumBw3JmcZUBAkC6eha0LhUsYdg4S1xHkx8lsXwctt4IJWiGIGK5M9vFt_OfjeIDPkIEPtszGJfcki6FN1WLrwdCNrg7LpCz3W9mhfqGS7BOPlMZdvJJJ89StuZ87afO6A Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012207071723000/ Frame C750	220 KB 61 KB	103ms 22ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012207071723000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fa4ea8e54139dd16f73e5a3aca1e036ae5699fd2a2da1fe7bb6c5b59caca7674 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 217655 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61513 x-xss-protection 0 server sffe date Wed, 20 Jul 2022 11:03:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "a40ea3ab2445e497" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 20 Jul 2023 11:03:30 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012207071723000/v0/ Frame C750	14 KB 5 KB	139ms 58ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012207071723000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 574d9c501654d592fb31796d8269e48880618cc7d4b55d424286b50fe6b7aacc Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 217655 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5205 x-xss-protection 0 server sffe date Wed, 20 Jul 2022 11:03:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "ecf6d7700179f984" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 20 Jul 2023 11:03:30 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012207071723000/v0/ Frame C750	94 KB 28 KB	141ms 60ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012207071723000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aa497572a264f0a35be76178b2ef71de981199be53af1c4608d592947f5c2e97 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 217655 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28819 x-xss-protection 0 server sffe date Wed, 20 Jul 2022 11:03:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "9ca8eecb6dce4cd9" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 20 Jul 2023 11:03:30 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012207071723000/v0/ Frame C750	5 KB 2 KB	150ms 69ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012207071723000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4d3eafaf26912ddf3fcbda012c6ab84ee03420313f73324e14edf73382766cf Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 217655 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1910 x-xss-protection 0 server sffe date Wed, 20 Jul 2022 11:03:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "4aeabff663ac872e" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 20 Jul 2023 11:03:30 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012207071723000/v0/ Frame C750	40 KB 13 KB	150ms 70ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012207071723000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3bd651a75b41ffd685e205862db2da8e5e758f8a34141738ec0450b60b8d861a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 217655 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12946 x-xss-protection 0 server sffe date Wed, 20 Jul 2022 11:03:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "10eeb975567515a5" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 20 Jul 2023 11:03:30 GMT
GET DATA	200 OK	truncated / Frame C750	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 487c347913705e45d2399c792eb757462171dff74f46088a423cf8032d7105a5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png
GET H3	200	16445162802186304785 tpc.googlesyndication.com/simgad/ Frame C750	8 KB 9 KB	22ms 22ms	Image image/png	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/16445162802186304785?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qldnhSJ9NZ4CTaN8-PQ_VG59Dk5zw Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 62ef18f4c87bf659e058771c2526f62a4827ce991618d6eba7ade0437ae5abcf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 19 Jul 2022 06:26:03 GMT x-content-type-options nosniff age 320702 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8696 x-xss-protection 0 last-modified Sat, 20 Feb 2021 15:28:29 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 19 Jul 2023 06:26:03 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame C750	2 KB 2 KB	23ms 22ms	Image image/png	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 09:48:35 GMT x-content-type-options nosniff server cafe age 49350 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 14819457070020093239 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2502 x-xss-protection 0 expires Sat, 23 Jul 2022 09:48:35 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame C750	295 B 319 B	21ms 21ms	Image image/png	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 09:55:02 GMT x-content-type-options nosniff server cafe age 48963 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 426692510519060060 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Sat, 23 Jul 2022 09:55:02 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame C750	0 0	66ms 65ms	Image text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CTq5rODPbYtC_L8PigAfNgbPACMnf1e9qsaSYm48Q_ZrmuJYdEAEgndqDAmCVspWCpAegAfGaoNAByAEC4AIAqAMByAMIqgSeAk_Q-JTLC4BD7jmAoWtOj5h11YCRxMZ59_7zJ3h7b7TIF-KM1aQ5SSmqCZLjzqtCSKzYDXEzjo7JHJp7IDP9HOPwOr0UU6e2X05NSNm2bcJmuYnjyK0hBKEjOgq-NxrTh3gOHmANLUVg4tnKC8qM7-kNeOS2VC2uslUZ0PFIap5pEO9F0a9Zze6QSLmrX3KfSZj_p2AV4B4FBZ2g2nFodlvQCSrXuWS5NNxWcckvkgsBQu7tvtifa7qU7f8MqeJG3_EYh-sehnUVRH_8TS7WGPPE6p1ZjBmXr88JjKbXDBZ0n1y23esuF6MzHYFqXjL9dfCeEJPLEU4_mI_dOOycfOOLw14VydDu_gprQy9bclqejXAs4kOXfPGVAy6GARzABJOi2uuTBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAf35N-vAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEM35jwHSCBEIgOGAEBABGB0yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi02MjI5ODI2NTUwNzYzNDkxGM_fEw&sigh=6o9mtMU8nOw&uach_m=[UACH] Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 0B30	42 B 64 B	96ms 55ms	Fetch image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsul1Dkcal_RHAXPSHms2zh98ryGU5D8eLiRUjY_JxvGUgMx0ZStBHtsp927mJJy8PYNFvV87bUlNU2F4AhJJjZdAhfd1V7xWE6ZicGL6i-wJJ5CdjnB&sig=Cg0ArKJSzPOloIzTlMk4EAE&id=lidar2&mcvt=1000&p=41,699,131,1427&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1733603311&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658532663705&rpt=618&isd=0&lsd=0&met=ie&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Fri, 22 Jul 2022 23:31:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 30A0	42 B 64 B	79ms 56ms	Fetch image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWp6pp-pr12kVp1HI_V0VC8wNXKG8G-mmsZm2ojnYEDRViqAp9FBzdoMYwlxjrv3e5NV7My9kqbsjb89iB2qoQ1vAAX1cbvw7GoyzUNaq6b4U4Wgdy&sig=Cg0ArKJSzHncsj3K1XQHEAE&id=lidar2&mcvt=1001&p=188,1127,438,1427&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1379754963&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658532664082&rpt=258&isd=0&lsd=0&met=ie&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Fri, 22 Jul 2022 23:31:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	si googleads.g.doubleclick.net/pagead/drt/ Frame C750 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	31ms 31ms	Image text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Redirect headers date Fri, 22 Jul 2022 23:31:05 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	view.aspx Show response pb.media01.eu/ Frame 1C41 Redirect Chain https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=98017500004252600710616012029006&t=htlp https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=98017500004252600710616012029006&actionid=981741&produktid=&dt_url=	0 607 B	98ms 36ms	Document text/html	88.198.250.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=98017500004252600710616012029006&actionid=981741&produktid=&dt_url= Requested by Host: hal90006.redintelligence.net URL: https://hal90006.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=c60d484d4e&subid=&uid=556da6426a19e774&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdchpODPbYr_pHZDjgQebmIPwCLXN-YNXzN65q-UM8C4QASCd2oMCYJWylYKkB8gBCakCDr90toAqsT6oAwGqBOoBT9BTbeeM56lAHCz1RytR4-z-WAetfjLNALySeTII7FcO8CU9ObQsXEko4l-2RcVrl6WU6TCKmla6lkL6xeTa1SqHgV-k6E32U3jQAFD3W60Fc5iUdA74522SHX7ZbYmjucS48AlQN4XnATlrEFwboFXvqXbcV6g0xjcsVaBF8VCp8bw-UBYM3Fvge2MN2-WbTnzDGg83mSIewdKKygbRM9k0h5UcMzzOlBAyTI6_Yc58jdmLK3YJKYTWi8PM7eg7YkoKxsXqBMVFuzeTwZ4TqPNIx3QnpPrtoz6LLTi-JTw50uUZABg_X3AjwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoBmAsByAsBgAwBogwIKgYKBM-nsQKwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoa90dr7kdx0McH3qUL7zQ-bE323XLGHTkAS1CeFhRD12zrUkQaA0%26sig%3DAOD64_21CreY6WTnJdgVZ7t_1kmYc4g4Eg%26client%3Dca-pub-6229826550763491%26dbm_c%3DAKAmf-CmwDoi8uA1OpRBjRsqSChisjOJLcP9QlxaSu0jWEkoY84k4uejsMfD8hbSot8QLbXGan3QKjEeepHrsi3WDz0O2MHnsl70GllqAAMFozKiESDVgAPE6DNqaLcVRgeSD1FwF6LOFjVXHIjzwTMOoHMueibhXA%26cry%3D1%26dbm_d%3DAKAmf-A1XhG1jmRsb1XR0jsT2Pqfy-97xqcDumr5ipcAt82vu4u7e7-9QC_QOadIJeGe0mGPdE2ONC5Ih-vMjggirUN-Ulbn_sC-W062qkUP81Yg_L8fOc4l6ojRCtjz3_595Sflw9VyETLFm30AZt8tvVGmbZmAZHXBd_8rhQJ8K8OmIHfer2AX2nnMnY3NE4dm917KOwIMbJLgt_Qx2NR-aKHG12rLB2b0zhOy1XbfyFTu9jm5haEWV43WxImVPpQkSPANUhvn-bc4yAkfDxRPTwDHBkSkCvTWnsip1RzQHfP3dVEd9r8s5IqhwmaKPb3o5nT0CF69zXfpAXYYmaiOHgdVjFMCytQ_Mc8lXl4pPPhRbq0gdgt7sK3sbsVMbSDos5g21j8IN9nk4RMsnjQghthCJVY6RdRlF27H13O5w1GYdk4i-ZDC08zZe1Pxj6muNk77nmqVROddBblNG3Qzmo_Ss6u3o-l7ZBm-SotsUj8qn926HwUX1X7i216k2kWUE_I3vM6ah6CZAVvbbUBgA3kBGXdcCg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.guru3d.com%2F&ancestorOrigins=https%3A%2F%2Fwww.guru3d.com&random=8668115019733&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-250-30.clients.your-server.de Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location access-control-allow-methods GET,POST access-control-allow-origin * cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Fri, 22 Jul 2022 23:31:05 GMT expires Mon, 26 Jul 1997 05:00:00 GMT last-modified Sat, 23 Jul 2022 01:31:05 GMT p3p policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA" pragma no-cache server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET x-xss-protection 1; mode=block Redirect headers Content-Length 0 Content-Type application/javascript Date Fri, 22 Jul 2022 23:31:05 GMT Host pv.medialead.de Keep-Alive timeout=20 Location https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=98017500004252600710616012029006&actionid=981741&produktid=&dt_url= Proxy-Host pv.medialead.de Server nginx/1.17.5 Strict-Transport-Security max-age=15768000 X-IPLB-Instance 40027 X-IPLB-Request-ID D972DA17:D15E_91EFC182:01BB_62DB3339_F99E2DA:2C842
GET H/1.1	200 OK	request_content.php Show response hal90006.redintelligence.net/ Frame 5351	7 KB 2 KB	78ms 26ms	Document text/html	138.201.63.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90006.redintelligence.net/request_content.php?s=98017500004252600710616012029006&a=53166e92 Requested by Host: hal90006.redintelligence.net URL: https://hal90006.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=c60d484d4e&subid=&uid=556da6426a19e774&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdchpODPbYr_pHZDjgQebmIPwCLXN-YNXzN65q-UM8C4QASCd2oMCYJWylYKkB8gBCakCDr90toAqsT6oAwGqBOoBT9BTbeeM56lAHCz1RytR4-z-WAetfjLNALySeTII7FcO8CU9ObQsXEko4l-2RcVrl6WU6TCKmla6lkL6xeTa1SqHgV-k6E32U3jQAFD3W60Fc5iUdA74522SHX7ZbYmjucS48AlQN4XnATlrEFwboFXvqXbcV6g0xjcsVaBF8VCp8bw-UBYM3Fvge2MN2-WbTnzDGg83mSIewdKKygbRM9k0h5UcMzzOlBAyTI6_Yc58jdmLK3YJKYTWi8PM7eg7YkoKxsXqBMVFuzeTwZ4TqPNIx3QnpPrtoz6LLTi-JTw50uUZABg_X3AjwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoBmAsByAsBgAwBogwIKgYKBM-nsQKwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoa90dr7kdx0McH3qUL7zQ-bE323XLGHTkAS1CeFhRD12zrUkQaA0%26sig%3DAOD64_21CreY6WTnJdgVZ7t_1kmYc4g4Eg%26client%3Dca-pub-6229826550763491%26dbm_c%3DAKAmf-CmwDoi8uA1OpRBjRsqSChisjOJLcP9QlxaSu0jWEkoY84k4uejsMfD8hbSot8QLbXGan3QKjEeepHrsi3WDz0O2MHnsl70GllqAAMFozKiESDVgAPE6DNqaLcVRgeSD1FwF6LOFjVXHIjzwTMOoHMueibhXA%26cry%3D1%26dbm_d%3DAKAmf-A1XhG1jmRsb1XR0jsT2Pqfy-97xqcDumr5ipcAt82vu4u7e7-9QC_QOadIJeGe0mGPdE2ONC5Ih-vMjggirUN-Ulbn_sC-W062qkUP81Yg_L8fOc4l6ojRCtjz3_595Sflw9VyETLFm30AZt8tvVGmbZmAZHXBd_8rhQJ8K8OmIHfer2AX2nnMnY3NE4dm917KOwIMbJLgt_Qx2NR-aKHG12rLB2b0zhOy1XbfyFTu9jm5haEWV43WxImVPpQkSPANUhvn-bc4yAkfDxRPTwDHBkSkCvTWnsip1RzQHfP3dVEd9r8s5IqhwmaKPb3o5nT0CF69zXfpAXYYmaiOHgdVjFMCytQ_Mc8lXl4pPPhRbq0gdgt7sK3sbsVMbSDos5g21j8IN9nk4RMsnjQghthCJVY6RdRlF27H13O5w1GYdk4i-ZDC08zZe1Pxj6muNk77nmqVROddBblNG3Qzmo_Ss6u3o-l7ZBm-SotsUj8qn926HwUX1X7i216k2kWUE_I3vM6ah6CZAVvbbUBgA3kBGXdcCg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.guru3d.com%2F&ancestorOrigins=https%3A%2F%2Fwww.guru3d.com&random=8668115019733&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.164 Nagold, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.63.201.138.clients.your-server.de Software Apache / Resource Hash d4d8bd7318805f9c63f551034091d0ab47b26a2bacb336d22baf78b40d037fd4 Request headers Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Length 2129 Content-Type text/html; charset=utf-8 Date Fri, 22 Jul 2022 23:31:05 GMT Expires Sat, 23 Jul 2022 00:31:05 +0200 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET H/1.1	200 OK	native.png ad-server.eu/wm/pb/ Frame CBF6 Redirect Chain https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=98017500004252600710616012029006 https://ad-server.eu/wm/pb/native.png	68 B 312 B	210ms 40ms	Image image/png	54.76.176.197 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ad-server.eu/wm/pb/native.png Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Server 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-176-197.eu-west-1.compute.amazonaws.com Software nginx/1.4.6 (Ubuntu) / Resource Hash 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:35:36 GMT Last-Modified Sat, 21 Dec 2019 23:06:59 GMT Server nginx/1.4.6 (Ubuntu) ETag "5dfea593-44" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 68 Redirect headers Date Fri, 22 Jul 2022 23:31:05 GMT Server nginx/1.17.5 Host pv.medialead.de X-IPLB-Request-ID D972DA17:D160_91EFC182:01BB_62DB3339_FA4E9EA:20C1B X-IPLB-Instance 40028 Strict-Transport-Security max-age=15768000 Content-Type application/go Location https://ad-server.eu/wm/pb/native.png Keep-Alive timeout=20 Content-Length 0 Proxy-Host pv.medialead.de
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame CBF6	43 B 702 B	89ms 31ms	Image image/gif	23.205.253.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=98017500004252600710616012029006&pv=1 Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-253-64.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Pragma no-cache Date Fri, 22 Jul 2022 23:31:05 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame CBF6	43 B 702 B	89ms 32ms	Image image/gif	23.205.253.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2588355&v=18692&q=383790&r=296283&pref1=98017500004252600710616012029006&pv=1 Requested by Host: 198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com URL: https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-253-64.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://198a959cdf5859dc3293f104dbbcade5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Pragma no-cache Date Fri, 22 Jul 2022 23:31:05 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET DATA	200 OK	truncated / Frame CBF6	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b02c387bd2feb6633196d790703b05f212256e6db555d1496a36a1f8ebcb4956 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png
GET H2	200	css fonts.googleapis.com/ Frame 5351	4 KB 1 KB	79ms 30ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Requested by Host: hal90006.redintelligence.net URL: https://hal90006.redintelligence.net/request_content.php?s=98017500004252600710616012029006&a=53166e92 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hal90006.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 22 Jul 2022 22:36:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 22 Jul 2022 23:31:05 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 22 Jul 2022 23:31:05 GMT
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 5351	16 KB 16 KB	86ms 32ms	Image image/png	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg Requested by Host: hal90006.redintelligence.net URL: https://hal90006.redintelligence.net/request_content.php?s=98017500004252600710616012029006&a=53166e92 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash e582c5d6305d1058b07f7244013bee2b903d2b330596e13d2389504a51a6f3dc Request headers accept-language de-DE,de;q=0.9 Referer https://hal90006.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:05 GMT Content-Encoding gzip Server Apache Connection close Content-Length 16464 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 5351	17 KB 17 KB	160ms 106ms	Image image/png	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg Requested by Host: hal90006.redintelligence.net URL: https://hal90006.redintelligence.net/request_content.php?s=98017500004252600710616012029006&a=53166e92 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash 62f0f02e2ce4b86b339a9742d0f1502b80531738eb97537291945827a1f8542b Request headers accept-language de-DE,de;q=0.9 Referer https://hal90006.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:05 GMT Content-Encoding gzip Server Apache Connection close Content-Length 16857 Vary Accept-Encoding Content-Type image/png
GET H2	200	imgawinbanner_120x60_122019-1578486349125.jpg a1.awin1.com/ads/awin/18692/ Frame 5351 Redirect Chain https://www.awin1.com/cshow.php?s=2588355&v=18692&q=383790&r=296283&pref1=98017500004252600710616012029006&pv=0 https://ui2.awin.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg https://a1.awin1.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg	25 KB 25 KB	83ms 21ms	Image image/jpeg	151.101.2.110 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://a1.awin1.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg Requested by Host: hal90006.redintelligence.net URL: https://hal90006.redintelligence.net/request_content.php?s=98017500004252600710616012029006&a=53166e92 Protocol H2 Server 151.101.2.110 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Apache / Resource Hash fad88df6f78eca6556822fb4a8d589ac6b8e89a95434f05cc13a452d2f63b6ac Request headers accept-language de-DE,de;q=0.9 Referer https://hal90006.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:05 GMT via 1.1 varnish, 1.1 varnish server Apache age 41638 x-cache HIT, HIT content-type image/jpeg expires Fri, 22 Jul 2022 23:57:08 GMT cache-control max-age=43200 x-cache-hits 1, 1686 accept-ranges bytes x-timer S1658532666.795236,VS0,VE0 content-length 25150 x-served-by cache-fra19169-FRA, cache-hhn4027-HHN Redirect headers location https://a1.awin1.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg date Fri, 22 Jul 2022 23:31:05 GMT content-length 0
GET H/1.1	200 OK	viewability Show response hal90006.redintelligence.net/ Frame 5351	0 150 B	88ms 36ms	Script text/html	138.201.63.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90006.redintelligence.net/viewability?s=98017500004252600710616012029006&a=0a73f02a&vb=m Requested by Host: hal90006.redintelligence.net URL: https://hal90006.redintelligence.net/request_content.php?s=98017500004252600710616012029006&a=53166e92 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.164 Nagold, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.63.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hal90006.redintelligence.net/request_content.php?s=98017500004252600710616012029006&a=53166e92 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 23:31:05 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H3	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v21/ Frame 5351	13 KB 13 KB	63ms 21ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hal90006.redintelligence.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 19 Jul 2022 08:45:42 GMT x-content-type-options nosniff age 312323 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13052 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:09:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 19 Jul 2023 08:45:42 GMT
GET H3	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v21/ Frame 5351	13 KB 13 KB	67ms 26ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hal90006.redintelligence.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 20 Jul 2022 19:26:22 GMT x-content-type-options nosniff age 187483 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13036 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:04:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 20 Jul 2023 19:26:22 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 6748	0 0	60ms 59ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcunQDLnn7yrMbh9auA9sWsghiy-lb1FX3NA16k5ezptElhVdr0cNVvAKt764pyQ6vzQbpIxm6dKWdx1Ak5bcp8SH4Q54uNVo-_w9_DG77Fvd9JWBqzk-LKeKJwhLKflhLmdfgBrfGTbszqtMKnQ0kRPhobtQIsu6mCNBzOqD0DEKWLbkela5f09gSFhlLTFNyOclx3IWvqaHCg28gLfVmboegDcmVZmkj_a61zRhYKrEfaUxCzU6yJKXu1xI9HaW1n7N8grlJ2CCTl9gX9oqv4HvmtoHeoVJJlSl2fEwTGKyF_pTXsEjC5RyoJcT2pvk&sig=Cg0ArKJSzL6ffb0wn1fREAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers timing-allow-origin * date Fri, 22 Jul 2022 23:31:05 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	app.js Show response servedbyadbutler.com/ Frame 6748	58 KB 11 KB	123ms 23ms	Script application/javascript	116.202.46.88 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://servedbyadbutler.com/app.js Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88.46.202.116.clients.your-server.de Software nginx / Resource Hash 08eb3915e0c90fcc41525d5b717fc4f208c5b425fb04e745947802097fdab4b5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:05 GMT content-encoding gzip last-modified Thu, 07 Jul 2022 01:00:58 GMT server nginx etag W/"62c6304a-e919" vary Accept-Encoding content-type application/javascript cache-control max-age=1800 expires Sat, 23 Jul 2022 00:01:05 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6748	138 KB 42 KB	1752ms 1751ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:07 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43235 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1658317440141293" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 22 Jul 2022 23:31:07 GMT
GET H2	200	;ID=167608;size=728x90;setID=203375;type=async;domid=placement_203375_0;place=0;pid=4091618;sw=1600;sh=1200;spr=1;rnd=4091618;atf=1;click=CLICK_MACRO_PLACEHOLDER Show response servedbyadbutler.com/adserve/ Frame 6748	1 KB 2 KB	34ms 33ms	Script application/x-javascript	116.202.46.88 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://servedbyadbutler.com/adserve/;ID=167608;size=728x90;setID=203375;type=async;domid=placement_203375_0;place=0;pid=4091618;sw=1600;sh=1200;spr=1;rnd=4091618;atf=1;click=CLICK_MACRO_PLACEHOLDER Requested by Host: servedbyadbutler.com URL: https://servedbyadbutler.com/app.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88.46.202.116.clients.your-server.de Software nginx / Resource Hash 12b86f422b1fa42668641da4c5e45827462b905fe0f0329d2b6bb47acc2b0236 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Fri, 22 Jul 2022 23:31:05 GMT server nginx p3p CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE" access-control-allow-origin * cache-control post-check=0, pre-check=0 access-control-allow-credentials true content-type application/x-javascript expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	;MID=167608;type=eligibleimpression;placementID=1158556;setID=203375;channelID=8974;CID=386523;BID=520730573;TAID=0;place=0;referrer=https%3A%2F%2Fwww.guru3d.com%2F;mt=1658532665782759;hc=caa1a0034... Show response servedbyadbutler.com/adserve/ Frame 6748	0 314 B	106ms 28ms	XHR text/html	116.202.46.88 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://servedbyadbutler.com/adserve/;MID=167608;type=eligibleimpression;placementID=1158556;setID=203375;channelID=8974;CID=386523;BID=520730573;TAID=0;place=0;referrer=https%3A%2F%2Fwww.guru3d.com%2F;mt=1658532665782759;hc=caa1a0034efe512052847c0b0a4f4a00fb760648 Requested by Host: servedbyadbutler.com URL: https://servedbyadbutler.com/app.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88.46.202.116.clients.your-server.de Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Fri, 22 Jul 2022 23:31:05 GMT content-encoding gzip server nginx vary Accept-Encoding p3p CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE" access-control-allow-origin https://www.guru3d.com cache-control post-check=0, pre-check=0 access-control-allow-credentials true content-type text/html; charset=UTF-8 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	;libID=3554079 servedbyadbutler.com/getad.img/ Frame 6748	61 KB 61 KB	26ms 26ms	Image image/jpeg	116.202.46.88 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://servedbyadbutler.com/getad.img/;libID=3554079 Requested by Host: www.guru3d.com URL: https://www.guru3d.com/files_details/rtss_rivatuner_statistics_server_download.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88.46.202.116.clients.your-server.de Software nginx / Resource Hash d213a0a0600575c198b22dac127f05a4631c20880e86e61ee7ec57b6a0f04b7d Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 23:31:05 GMT last-modified Tue, 19 Jul 2022 12:17:06 GMT server nginx etag "62d6a0c2-f41e" content-type image/jpeg access-control-allow-origin https://www.guru3d.com cache-control max-age=31536000 access-control-allow-credentials true content-disposition inline; filename="K70-Pro-Mini-Wireless-BLACK-728x90.jpg" accept-ranges bytes content-length 62494 expires Sat, 22 Jul 2023 16:31:05 PDT
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 32FC	28 B 54 B	35ms 34ms	XHR application/json	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/oqiHTjyKmt0 X-YouTube-Client-Version 1.20220720.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgsxQXctX2FBMVhUZyi35uyWBg%3D%3D X-YouTube-Ad-Signals dt=1658532663763&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C725%2C410&vis=1&wgl=true&ca_type=image Response headers date Fri, 22 Jul 2022 23:31:05 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0 expires Fri, 22 Jul 2022 23:31:05 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame C750	42 B 64 B	55ms 55ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstw3HTUZ6SfYwaHkZiZHHzImX5nuZFgUrXjN6LkZgwxC81IAATL0J3xyIa5QGC0-zEAwmS3O2QtTuJDWsXfHwhpXovQ9MxEkmYpXdffmC8iL88CBX4ArqNKMHdO3U3c6yGJsFHjAHaV7BIw&sai=AMfl-YSYSK2-Y_c34XsvnmEfsOfvlsQQh0sbq7KybwWdRgogV_YsSYyJ8vVLjgqXJNQKrNJkIRC4I14ZqJY7JPyEqJE41XiyxQWzwNe19Zvu&sig=Cg0ArKJSzNRs4X7gceiGEAE&cid=CAQSLQCNIrLMN0walYKpUe_wVLR2NUlCDEvVNPq1ZeROtlAiPNjcI04v9zcA1-a_xg&id=ampim&o=565,324&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=229&tls=1229&g=100&h=100&tt=1229&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1686487856 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Fri, 22 Jul 2022 23:31:06 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 6748	0 0	61ms 61ms	Fetch image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstJ7G3ti47Vp2OAA3yHBseWTtgYFneKfHgyL1PLn2Cdr5mwv2qotU8T6kOEmQOFdrT39A4cSikuqjJ0IMnMUrDNvUZTzVlyZY8ZYbLvD7k7pF4S1qwWKA-1YLJ7bwZG2e8HbN5UbT60XQX_FmDyG1QFHbgNaUq8vf3wR8ilKPCFdaKVdDyh6mUVX363QE4UGW8DiO4xnIyTIadWpnDDfl8gb8fWvD6h3hpD2BHtFNRsXydle2_0joyLtDZsaGMZbBY__18A0iBLyrA2TzICVVDaBANuNR6wbVtTNgJbNJcMQBVxDZaaluY9u37yvfBLbMOwg&sig=Cg0ArKJSzNuVxFgEsFASEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guru3d.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers timing-allow-origin * date Fri, 22 Jul 2022 23:31:07 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 22 Jul 2022 23:31:07 GMT
GET DATA	200 OK	truncated / Frame 6748	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9340cd6f828196965a022ca638839eef34283570e2827c4bf8d68ddfb363ddce Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png