rollingpaper.site Open in urlscan Pro
18.173.154.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rollingpaper.site/
Effective URL:
https://rollingpaper.site/
Submission: On March 03 via api (March 3rd 2024, 9:56:48 am UTC) from US — Scanned from DE

Summary HTTP 77 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 15 domains to perform 77 HTTP transactions. The main IP is 18.173.154.68, located in United States and belongs to AMAZON-02, US. The main domain is rollingpaper.site.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 28th 2023. Valid for: a year.

This is the only time rollingpaper.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.173.154.105 18.173.154.105	16509 (AMAZON-02) (AMAZON-02)
5	18.173.154.68 18.173.154.68	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 1	121.53.105.218 121.53.105.218	9457 (DREAMX-AS...) (DREAMX-AS DREAMLINE CO.)
1	2a02:26f0:480... 2a02:26f0:480:e::210:f10d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	13.124.23.65 13.124.23.65	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	3.222.95.210 3.222.95.210	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:26d... 2600:1f18:26d4:7e06:ba46:cf7a:7526:dfbb	14618 (AMAZON-AES) (AMAZON-AES)
3	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
77	24

1 18.173.154.105 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-105.muc50.r.cloudfront.net

rollingpaper.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.173.154.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-68.muc50.r.cloudfront.net

rollingpaper.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 121.53.105.218 (Korea, Republic Of) 1 redirects

ASN9457 (DREAMX-AS DREAMLINE CO., KR)

developers.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:e::210:f10d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

t1.kakaocdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.124.23.65 (Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-124-23-65.ap-northeast-2.compute.amazonaws.com

apilb.rollingpaper.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.95.210 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-95-210.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:26d4:7e06:ba46:cf7a:7526:dfbb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ipds.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	401 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	248 KB
11	criteo.net static.criteo.net — Cisco Umbrella Rank: 677 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10026 csm.eu.criteo.net — Cisco Umbrella Rank: 9677	52 KB
9	rollingpaper.site 1 redirects rollingpaper.site apilb.rollingpaper.site	418 KB
6	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	54 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9660 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15045 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10817	49 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	143 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2089	21 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124
2	adrta.com 1 redirects adrta.com — Cisco Umbrella Rank: 2241 ipds.adrta.com — Cisco Umbrella Rank: 4334	890 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	153 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	kakaocdn.net t1.kakaocdn.net — Cisco Umbrella Rank: 20153	53 KB
1	kakao.com 1 redirects developers.kakao.com — Cisco Umbrella Rank: 72260	137 B
77	15

	Domain	Requested by
14	fonts.gstatic.com	fonts.googleapis.com
12	pagead2.googlesyndication.com	rollingpaper.site pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
8	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
7	static.criteo.net	ads.eu.criteo.com
6	rollingpaper.site	1 redirects rollingpaper.site
5	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
3	imageproxy.eu.criteo.net	ads.eu.criteo.com
3	apilb.rollingpaper.site	rollingpaper.site
3	fonts.googleapis.com	rollingpaper.site googleads.g.doubleclick.net
2	www.googleadservices.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	rollingpaper.site www.googletagmanager.com
2	cdnjs.cloudflare.com	rollingpaper.site
1	www.gstatic.com	googleads.g.doubleclick.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	ipds.adrta.com	ads.eu.criteo.com
1	adrta.com	1 redirects
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	t1.kakaocdn.net	rollingpaper.site
1	developers.kakao.com	1 redirects
77	25

This site contains no links.

Subject Issuer	Validity	Valid
rollingpaper.site Amazon RSA 2048 M03	`2023-12-28` - `2025-01-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
apilb.rollingpaper.site R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-06` - `2024-05-03`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-28` - `2024-05-31`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://rollingpaper.site/
Frame ID: 0D3E2503CAD9C94D24DA848694CDA572
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2497006995280040&output=html&adk=1812271804&adf=3025194257&lmt=1627563869&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Frollingpaper.site%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709459802753&bpp=2&bdt=130&idt=210&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1783132804309&frm=20&pv=2&ga_vid=520370632.1709459803&ga_sid=1709459803&ga_hid=946582374&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322747%2C95325753%2C95325976%2C95322329%2C95324161%2C95326437&oid=2&pvsid=2196582737956918&tmod=1512579107&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=218
Frame ID: AF2AC4A3FAB1934704508783A517C49D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7C3D1D67914A416C83F7F7793CAF951B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9CCABBB445520E637D2C74838A52B2A8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2497006995280040&output=html&h=50&slotname=7831053672&adk=4054047596&adf=713135178&pi=t.ma~as.7831053672&w=300&lmt=1627563869&format=300x50&url=https%3A%2F%2Frollingpaper.site%2F&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709459804921&bpp=1&bdt=2299&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1783132804309&frm=20&pv=1&ga_vid=520370632.1709459803&ga_sid=1709459803&ga_hid=946582374&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=517&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322747%2C95325753%2C95325976%2C95322329%2C95324161%2C95326437&oid=2&pvsid=2196582737956918&tmod=1512579107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=10
Frame ID: BA0DEF66D2B1084CCA38EFFC3EEFF65C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2497006995280040&output=html&h=200&slotname=5615953873&adk=531075655&adf=2534988245&pi=t.ma~as.5615953873&w=300&lmt=1627563869&format=300x200&url=https%3A%2F%2Frollingpaper.site%2F&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709459804921&bpp=1&bdt=2298&idt=1&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x50&nras=1&correlator=1783132804309&frm=20&pv=1&ga_vid=520370632.1709459803&ga_sid=1709459803&ga_hid=946582374&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=517&ady=1075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322747%2C95325753%2C95325976%2C95322329%2C95324161%2C95326437&oid=2&pvsid=2196582737956918&tmod=1512579107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=13
Frame ID: 6858E2AAB4571DA699DF57DC5DD9161B
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeRJXAAOi3EEvwH9AAcInJ4S6NZFjLe0kUXUFw&u=%7CZQ6F0tTu41j4WL97sYKTr8OT5oE7vi1FrDCw9jb4OK8%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdrkT1YrAqPcXTiRMWygOQxh7g-Utgma5PGA7wAd4WaH--GSFCaMtDRI5x8OXrIO-ciiUoAh1ZfdA7tGRc2X_muIqoHnT-7ytoSugxa_N4s7hKzcxvKckdoJ-H7_bhEOojIv9OZl54NKyeebBSg_b1l0fx_0nq-kqai2iDL3CoeG1DdBuuFYB9aD6Txt13ua2a2DGCTH6jQgD7yYEnHDE9VDF71ay7OQFhGUWT-bSG40YwJ0FbSoMKtJs-vWO1e7raCAu_tNHWNzR3xaKmeZHTw_quY-Otfi4lYIdhDs2N1PwA1BS3QU1274iHSSNLudSy3OZm_H3B_oKzdw5DX8tqe3ugOH4qWZDvi6I_0PLUerd09sezIqI1K1NnDJy_Zjpcx1wm0Mm_vAeG3IcZ7bBeEIGh-JR_VM5XkvcOuG011C3woo_C5KC9FfexqZ-G4BA4giNVUvKgnhgG92N_NaJiG1bN6jNnpUBbLiP1xoMMx0q9ofBjzVL2o0H_R_6axF8ZsLBi91ZSukRnnIcvfNDDX4qOoBGklUNSSLKoEJe3H3XaRlSBcirP3VpCg6CdD_75y-imtP4QcPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rKFXEnkZfGWOv2D_NUPnJGc0ALJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNDk3MDA2OTk1MjgwMDQwyAEJqQJH9YGbhy6yPqgDAcgDAqoE6AFP0E9JixBHnrU17eFPr-xcplobf3azx3uq_xiRV3a9NlcxBn5-NmLjpmUeWvOax1TS3996tI50O-JuzFhyDmpbAzwVbREiK2j4YFRfUXs4Xjo7fzfeKwTAdjLsa_92k_Bl-4dZN_JYJzjUBuNZT5hl6ZiRUz5RWuuwdQBF6MFCxEWG2m0uZv2vIrcp37kx8xPBrmZV68molY0_WLXumyGXjekzgeyziR4XI7jPh2sJ0bcn4PEgvTBgzvBrVCPyp1ki0YE6ivkRFY9M0zFgMcP7mb4vMb0V3GvFPE5xWarav7gxarJma3jIgAbhopPgo6bA4ASgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggnCJHhgHAQATIF64uAgCA6CYBAgICAgICUKEi9_cE6WNKZuoPq14QD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1VRaaCCXOuXJX_eti34SVrI0kzKQ%26client%3Dca-pub-2497006995280040%26adurl%3D
Frame ID: 5EFB986343B555D170C988E56317E918
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js
Frame ID: 6F371ACB79B20B31E5CB555BACEA3199
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

롤링페이퍼, 우리가 만들어가는 이야기

Page URL History Show full URLs

http://rollingpaper.site/ HTTP 301
https://rollingpaper.site/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

77
Requests

96 %
HTTPS

73 %
IPv6

15
Domains

25
Subdomains

24
IPs

5
Countries

1595 kB
Transfer

4693 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rollingpaper.site/ HTTP 301
https://rollingpaper.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://developers.kakao.com/sdk/js/kakao.js HTTP 301
https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.js

Request Chain 61

https://adrta.com/i?cb=65e4495c4be1ec1d7ff837219fbf2813&clid=co&paid=co&avid=943&caid=420076&plid=11471888&publisherId=141479&kv1=300X200&kv2=https://googleads.g.doubleclick.net/&kv3=0153f1e6-9f93-443a-8040-a407462aef84&kv4=2001:ac8:20::&kv7=317&kv11=65e4495c4be1ec1d7ff837219fbf2813&kv12=795592&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36&kv24=Windows_Web HTTP 302
https://ipds.adrta.com/i?__x=JJCIKFEIKHCLJBEBOFHJEMPFLKNFNHNGJLMAGLEQKJPPFKLHNBGLNOFLEKNEKIFNEMNLNBIMFNIMPMGMMIK@NLKNLGIFFLPLLHJOGMNBFNHOJJNPGJNKLAE@HBE&cb=65e4495c4be1ec1d7ff837219fbf2813&clid=co&paid=co&avid=943&caid=420076&plid=11471888&publisherId=141479&kv1=300X200&kv2=https://googleads.g.doubleclick.net/&kv3=0153f1e6-9f93-443a-8040-a407462aef84&kv4=2001:ac8:20::&kv7=317&kv11=65e4495c4be1ec1d7ff837219fbf2813&kv12=795592&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36&kv24=Windows_Web

Request Chain 81

https://googleads.g.doubleclick.net/pagead/adview?ai=CTYF7XUnkZeWHAfbUtOUP1cGcKMXG0e91uOblraYS-ISX3UIQASCw9pd8YJXikIKgB6ABwfzC4CjIAQmpAkf1gZuHLrI-qAMByAPLBKoE-AFP0GxRCkmNynKGCShzFdUFa0LWKDkUed9LF9kJWFOLgv9s4X21eMaHmsPnpsyfvxE2dJmeiD8js8HLg1ZJcR_Qevytm0tj4KFXntJiTkxW0xCMQ0R05kvBvmfCQOjSRcYVkkzUheGen3KX8x_LfzJNrhbXXS4kcXO03iYr6iSfBORlWr1BaSV4_KruwAoyesefx64brbEouAwELqLA-6n0rVU-CbrrXnX2bf_RIVF99ZdILX7QJvai-v6kCn86sixyy0KSTDzN79wd1UsNOJlNxBH_VxrN2Oi4s0RIyN5JjzurTHlaKYe_2T7hB8Tx1AB9EcxzjDcRDcAEto-mt70EiAW31OKhTZIFBAgEGAGSBQQIBRgEoAYugAfBtJPAA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcEEKfOAtIIJgiA4YAQEAEYHzICqgI6CYBAgICEgICUKEi9_cE6WISBuoPq14QDmgkWaHR0cHM6Ly9pZ25hbHkuY29tL2RzcoAKAcgLAbgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItMjQ5NzAwNjk5NTI4MDA0MBgA&sigh=KVUUVGDy-pE&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtqZZHPjmXNZdFQyLumb6iza6XyP1cnbKWAdXLIdHJdmw3Z0Gd1RGfS8mVdORzyIbICjcGFOqSn0mUtXxb0TvuCTTMNZlPKrLnVvhgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225882534606566118523%22,%22debug_reporting%22:true,%22destination%22:%22https://ignaly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210939842113%22],%2222%22:[%22true%22],%224%22:[%2203-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215510625135963355233%22}&andc=true

77 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
rollingpaper.site/
Redirect Chain

http://rollingpaper.site/
https://rollingpaper.site/

3 KB
1 KB

1051ms
1017ms

Document
text/html

18.173.154.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rollingpaper.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-68.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 301d5ab03d6037c2e252af8637b28650bce5157eb97c44340ca5dbd1bfceaa92

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Sun, 03 Mar 2024 09:56:43 GMT
etag: W/"8f56305b3c67b1c98b46f31cdcd3e7fe"
last-modified: Thu, 29 Jul 2021 13:04:29 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
x-amz-cf-id: t_cMp-7d2dX0o6dlPXpL2eJXSyQ13XB0fMKuGNz92-PzanrL0wlPQg==
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Sun, 03 Mar 2024 09:56:41 GMT
Location: https://rollingpaper.site/
Server: CloudFront
Via: 1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: WmZdERTamlqbYFP7gbrldIWpgIymPd9DETHHvF7tA5345x4LeJFGyQ==
X-Amz-Cf-Pop: MUC50-P3
X-Cache: Redirect from cloudfront

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 1 KB
693 B 32ms
17ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css

Requested by

Host: rollingpaper.site
URL: https://rollingpaper.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 354673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 382
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-50a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfiZHU5wR00eKyXIVMy1Yybv1v5u75WirtqRT%2Fdv907%2BzHg6cH8ffSwmtmfDPGpZD3DB4ZlnY0zhncnNelqrwOT07mF1l1578rGgfEiWCaigmsVOYmfkp6wrWT1dFivxPooKnc1MeW82t3PMexQ45W3z"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85e8c2168da53661-FRA
expires: Fri, 21 Feb 2025 09:56:42 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 2 KB
1 KB 31ms
16ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css

Requested by

Host: rollingpaper.site
URL: https://rollingpaper.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 318958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 637
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-92d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wa1JTIoK7RcKudax3elQbDxVNWO4X92JElCNz%2BaMt24l%2BxlNy3eQ7Y6qccwcXxSVtVsJOEJU9LoljWdjyZmLlo3P2K3oTuJeKpvbsFgRSt5pwXFbOK0uKDw4yzg9jf%2BKh83jeBCpVvdn2cAtdrQ8PsOq"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85e8c2168da33661-FRA
expires: Fri, 21 Feb 2025 09:56:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 71ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rollingpaper.site
URL: https://rollingpaper.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8de2ec8d34cd1b94a8117018f3f00fea2b2f5ec2277f2a53d15cce137bb7912b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50967
x-xss-protection: 0
server: cafe
etag: 15058178992645999566
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 03 Mar 2024 09:56:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
71 KB 46ms
25ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-173127717-1

Requested by

Host: rollingpaper.site
URL: https://rollingpaper.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

529761be649b2f4a60332f45b9af061ccc4f9126354310b91f366c89bb08b98f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71840
x-xss-protection: 0
last-modified: Sun, 03 Mar 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Mar 2024 09:56:42 GMT

GET
H2

200

kakao.js Show response
t1.kakaocdn.net/kakao_js_sdk/v1/
Redirect Chain

https://developers.kakao.com/sdk/js/kakao.js
https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.js

240 KB
53 KB

114ms
24ms

Script
application/javascript

2a02:26f0:480:e::210:f10d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.js
Requested by: Host: rollingpaper.site
URL: https://rollingpaper.site/
Protocol: H2
Server: 2a02:26f0:480:e::210:f10d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 4f5a6f237ed58effce1e99270f2520190b2c66cf2d3321d49e8d790ea09d91b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:43 GMT
content-encoding: gzip
last-modified: Thu, 22 Feb 2024 02:12:34 GMT
server: openresty
nel: {"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
vary: Accept-Encoding
report-to: {"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3201
x-wcss: dC1jb21tb24wMS1id2NhY2hlMjQ6aGl0OjA=
accept-ranges: bytes
expires: Sun, 03 Mar 2024 10:50:04 GMT

Redirect headers

location: https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.js
date: Sun, 03 Mar 2024 09:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 162
content-type: text/html

GET
H2 200 vendors.1627563830627.bundle.js Show response
rollingpaper.site/ 1023 KB
262 KB 985ms
984ms Script
application/javascript 18.173.154.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rollingpaper.site/vendors.1627563830627.bundle.js
Requested by: Host: rollingpaper.site
URL: https://rollingpaper.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-68.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29afe075dd15ef50216135622f027ac87c023af701ccdd4ca8b62edfd561444c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:44 GMT
content-encoding: br
via: 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 13:04:26 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
etag: W/"26c4aca42f8954bc752c85eb6fbd1771"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-storage-class: STANDARD_IA
cache-control: private,max-age=2592000
x-amz-cf-id: up5LiyC27h2ws3WrR03Bn7t2TD3omaBzb6Jt-6qp7Zn-ltM7dYnFUA==

GET
H2 200 main.1627563830627.bundle.js Show response
rollingpaper.site/ 406 KB
71 KB 1023ms
1023ms Script
application/javascript 18.173.154.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rollingpaper.site/main.1627563830627.bundle.js
Requested by: Host: rollingpaper.site
URL: https://rollingpaper.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-68.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d24ea9cb1afb072eb2e4db1ee0f2ac78f9b70d11a452c63549aa198f3745755

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:44 GMT
content-encoding: br
via: 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 13:04:25 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
etag: W/"fc7ba18165206049768e66f6d6e90993"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-storage-class: STANDARD_IA
cache-control: private,max-age=2592000
x-amz-cf-id: IKNrRn6QOJdlYj87whEbYncIfq7sZucyaJyarRCx04ePRABT8TK_tg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
83 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KZW6YYYVRK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173127717-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e5a52e44d3c7d06f20c2324543cc29138827f97216e2f49c2115570edb6e837b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84759
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Mar 2024 09:56:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 62ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173127717-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Mar 2024 09:32:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1479
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 03 Mar 2024 11:32:03 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 407 KB
138 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2497006995280040&plah=rollingpaper.site&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1f45e03a4c262c4666a68e30fe91c3e7b1ff2bca174def90762b2bef3705b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140927
x-xss-protection: 0
server: cafe
etag: 10756046594324493389
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 09:56:42 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 33ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KZW6YYYVRK&gtm=45je42t1v9134568674za220&_p=1709459802657&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=520370632.1709459803&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1709459802&sct=1&seg=0&dl=https%3A%2F%2Frollingpaper.site%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1289
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KZW6YYYVRK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Mar 2024 09:56:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rollingpaper.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=946582374&t=pageview&_s=1&dl=https%3A%2F%2Frollingpaper.site%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1176117460&gjid=55010554&cid=520370632.1709459803&tid=UA-173127717-1&_gid=372726076.1709459803&_r=1&gtm=457e42t1za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=1171151184

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rollingpaper.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Mar 2024 09:56:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rollingpaper.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-173127717-1&cid=520370632.1709459803&jid=1176117460&gjid=55010554&_gid=372726076.1709459803&_u=YADAAUAAAAAAACAAI~&z=846760942

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rollingpaper.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 03 Mar 2024 09:56:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rollingpaper.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF2A 0
342 B 233ms
213ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2497006995280040&output=html&adk=1812271804&adf=3025194257&lmt=1627563869&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Frollingpaper.site%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709459802753&bpp=2&bdt=130&idt=210&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1783132804309&frm=20&pv=2&ga_vid=520370632.1709459803&ga_sid=1709459803&ga_hid=946582374&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322747%2C95325753%2C95325976%2C95322329%2C95324161%2C95326437&oid=2&pvsid=2196582737956918&tmod=1512579107&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=218

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2497006995280040&plah=rollingpaper.site&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rollingpaper.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Mar 2024 09:56:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ 301 KB
73 KB 42ms
22ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Gamja+Flower&family=Hi+Melody&family=Nanum+Brush+Script&family=Nanum+Gothic&display=swap

Requested by

Host: rollingpaper.site
URL: https://rollingpaper.site/vendors.1627563830627.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fcfc01dafb0ea7eb560f230ff66857a4cb20aef7f5646e79dcd6e6b224dde1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Mar 2024 09:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Mar 2024 09:56:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Mar 2024 09:56:43 GMT

GET
H2 200 css2
fonts.googleapis.com/ 280 KB
69 KB 42ms
23ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@100;400;700&display=swap

Requested by

Host: rollingpaper.site
URL: https://rollingpaper.site/vendors.1627563830627.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

25b97126adec162d505fa2de32fc1cacae91879c1a5166d0ea0bfd2bfb5cafed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Mar 2024 09:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Mar 2024 09:56:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Mar 2024 09:56:43 GMT

GET
H/1.1 200 count Show response
apilb.rollingpaper.site/api/v1/ 106 B
710 B 738ms
237ms XHR
application/json 13.124.23.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apilb.rollingpaper.site/api/v1/count

Requested by

Host: rollingpaper.site
URL: https://rollingpaper.site/vendors.1627563830627.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.124.23.65 , Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-124-23-65.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ef3587ea90d6b87d46aead96133a6cd50007af8add592ce2a6e56c2ca1d12456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://rollingpaper.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Mar 2024 09:56:44 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.18.0 (Ubuntu)
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://rollingpaper.site
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 106
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200 publicRolls Show response
apilb.rollingpaper.site/api/v2/ 535 B
1 KB 994ms
323ms XHR
application/json 13.124.23.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apilb.rollingpaper.site/api/v2/publicRolls

Requested by

Host: rollingpaper.site
URL: https://rollingpaper.site/vendors.1627563830627.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.124.23.65 , Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-124-23-65.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d9dab47da7935ae96b48a4551ed35ce94b89ebf6b6efa37029aca0992e049585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://rollingpaper.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Mar 2024 09:56:44 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.18.0 (Ubuntu)
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://rollingpaper.site
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 535
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 200 PbykFmXiEBPT4ITbgNA5CgmG0X7t.woff2
fonts.gstatic.com/s/notosanskr/v36/ 25 KB
26 KB 29ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5CgmG0X7t.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@100;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b46737ec17d04244eb04c2c164cf604b1d41e5176e524a536eefdda3de056a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rollingpaper.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:11:13 GMT
x-content-type-options: nosniff
age: 434730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25948
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:36:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:11:13 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.119.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 35ms
14ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@100;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90f48a71b4ff0b07308674b4a8d3f73faef08cf0529fe1311b2f2dc95824efae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rollingpaper.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:15:27 GMT
x-content-type-options: nosniff
age: 376876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16700
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:42:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 01:15:27 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.118.woff2
fonts.gstatic.com/s/notosanskr/v36/ 14 KB
14 KB 36ms
16ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@100;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bcc4e96f1cf00230baefd446120c1e0d85d08335ffa8d07dd67da2535b93dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rollingpaper.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:02:15 GMT
x-content-type-options: nosniff
age: 471268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14504
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:19:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Feb 2025 23:02:15 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.117.woff2
fonts.gstatic.com/s/notosanskr/v36/ 14 KB
14 KB 43ms
23ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@100;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d1b96059dc0b80248c1479fd57f467c051afd33cfdd4d1ae925dc2d5adad97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rollingpaper.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:56:33 GMT
x-content-type-options: nosniff
age: 435610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14328
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:22:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:56:33 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.115.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 38ms
18ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@100;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

377b1cab84eff8ab7ae41600307bb1cae178f2dea582d2658133a628cb42b65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rollingpaper.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:14:49 GMT
x-content-type-options: nosniff
age: 434514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16140
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:21:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:14:49 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.112.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 40ms
20ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@100;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f456cdb0762281ddf6d92890b29fb72d953cf75ada51c5edc9e2003a2295172d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rollingpaper.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 03:53:56 GMT
x-content-type-options: nosniff
age: 367367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16336
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:42:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 03:53:56 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.110.woff2
fonts.gstatic.com/s/notosanskr/v36/ 17 KB
17 KB 42ms
22ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@100;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a700634870f9cfa41d9e15d0d3c21e47a73fd902d9a5222e87c09ee3682abc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rollingpaper.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:58:07 GMT
x-content-type-options: nosniff
age: 435516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17456
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:27:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:58:07 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
56ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240228&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ff1154ecbdab4c6dec0dc302be9629486cd9c39fe1c8da0ea8df3168d539bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12453
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 57ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 09:56:44 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7C3D 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rollingpaper.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 72056
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 13:55:48 GMT
expires: Sun, 02 Mar 2025 13:55:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9CCA 829 B
1 KB 36ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

17f6054e7f9979ee492c796adda70fb67d5b1a79916c2e595682abfba66564fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C7-vVL_R2K0pc0hH01jWfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rollingpaper.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-C7-vVL_R2K0pc0hH01jWfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Mar 2024 09:56:44 GMT
expires: Sun, 03 Mar 2024 09:56:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C3D 40 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15753
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Mar 2025 13:32:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9CCA 0
0 37ms
37ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240228&jk=2196582737956918&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7C3D 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LliVTQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 40ms
40ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240228&jk=2196582737956918&bg=!BgWlBUrNAAauXHXJjlw7ADQBe5WfOMS28wosvi-UpxBT664jWIDw5Ikqm8TtTvszRpjCPbs1gqY_OwJPZZU30YT0LliPAgAAAEJSAAAAAmgBB5kC4OFspsF2cEQST-8tRs12v2jrEfrgDHv4MSYfKzmTE1LIl07BXQdKVP5kVb-Fj-HMwMXDK8eOBc1yBYIdlH7b9KHEc-P2tHcs0_RYx-H0OmWnBWbFJL_3L6P2o2AOt6IYnHtVxTSFT3k9glHMZFKkdNzRZ9r3EknJLoMgSeKoeJ7Z_t7pL_BeL3XLYPKo6mRCumQ9RBhBV4EmdyOcp2xyx_pFNZUhlUFFOJcZfB0ObvuwDJhv6SnwUekviBprQAMRZ3h7DGOatC3yfFqNd08pIl8x_v45tR7s_JRwbTG_gHt8Czqc8KpnTDHkG0Mi8OaeYz_TtBbO7nXHVWC158A4DnM_iiXssmapnTnS2w6h97UQUPYN_dCrNsPANpM0tf9JIk8FaNWd6RzWwuw42OpD_kfM2VTxiaTpJawji3qqC2EGGQuzUEaHS9sFzjWfkf79DP6X_VLCY35YuEtixBMZ83_wKCJehCXNJIvPnDn3W5RSOWe92meM3Uzp97CGwEYQnLvrorA_mBuUI8KDm66KI0Eu_kv0n7i4UlJviNIn1FMMeH6D_lemPuDb7NXZ1xZG8h-W_2Z7ld6wTh_tQoRfqLhHd4rtFFN00sdQKCgnAiGAfPncsYgeJ6u2N3aXocAvX-yQ9ObCAbZGCb7HPEwA9d5NqEo0qJybp6lKmSQVVoW2nmTXDAL6QGI1vxfmGaZfB--JRaBLpE41bmpQg9Dth-a1e7v13N8gkIPuU9PwNG5etS5ItIQVpic3xfaHDVzwBScdf01PxkSDDmUmtkMCkFEekpCAzdTntrzUjvtwhHTO_jgEw3JM51cs3_lph9arYQ-B382cquAEKduoGhBhw75oo1oCFUM_IQH5wkAf4XFxuuRE77ISH-wP59-bMnaxF21a3dQddehz3w1F2maT5EWjyO4lNavfSoofabBSCTCdUeT_gHVGKFSslMjYjlWSu3meidFrS_gkJXgT1PnqkWM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f48d895ce1bf98a33b2870d6f6073f0064a4c1d8119f7f71608dcacd18efb8e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.116.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@100;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4274a8517ab6de432e5c268c7be4d3714e4ebf0195304fac838e0a554575afa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rollingpaper.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:03:31 GMT
x-content-type-options: nosniff
age: 435193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15968
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:37:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:03:31 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.111.woff2
fonts.gstatic.com/s/notosanskr/v36/ 17 KB
17 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@100;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

897f11f7ee77a6709c521d1198f7c0e15afc426206da9a052092bb89aafc5592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rollingpaper.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:15:38 GMT
x-content-type-options: nosniff
age: 376866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17332
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:42:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 01:15:38 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.109.woff2
fonts.gstatic.com/s/notosanskr/v36/ 18 KB
18 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@100;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6bb2c230f4eef5cf697e4eb7c758ecc0fe986e0f26ffa1b1e9d0b353fa3766a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rollingpaper.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 16:55:38 GMT
x-content-type-options: nosniff
age: 493266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17932
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:37:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Feb 2025 16:55:38 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.114.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@100;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270d6a130b11f25f8d2423607674f4aa218b0f829b2df3a286d6a1b43c76af75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rollingpaper.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:51:01 GMT
x-content-type-options: nosniff
age: 435943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16072
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:37:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:51:01 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e16266110ba329a64f7b4568f376336b9240df6212780a2c381fbd81b00071f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 335 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b79c2f9beed82f343693b797b2a264e1f4560935dc8c2b37b104894fa9a1a9ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo_default.svg
rollingpaper.site/ 80 KB
30 KB 1048ms
1047ms Image
image/svg+xml 18.173.154.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rollingpaper.site/logo_default.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-68.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35be2b23300e8187b79e66e760363532eeb632feb560a505e0dfcbd59de9c90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:46 GMT
content-encoding: br
via: 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 13:04:25 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
etag: W/"63bf20b6542dc36326e1a6c29fe6f9e4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: private,max-age=2592000
x-amz-cf-id: JdsopJoPRYadCLvv4hEzd8h3qmoqhsVAm4LZm7J-nEnDyspT-mAQKg==

GET
DATA 200
OK truncated
/ 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbfccca7805dc34bfc32073f363c29ca0118777983a833b9144f89e87abc6660

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 292 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5e5966f14bc2123b2454baa3a8f0c5402bf4a63d67a6d23970dc08cb1d8f972

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b86795932681c00c1f3f7a6d7adee197c51306dc3a3ae86d968a6d82e6d04d0d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 twitter.svg
rollingpaper.site/ 76 KB
49 KB 1008ms
1008ms Image
image/svg+xml 18.173.154.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rollingpaper.site/twitter.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-68.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 205dfd63b0ef0066244302a185589afb5cc2abab54f85f36124c0392cfb71ff5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rollingpaper.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:46 GMT
content-encoding: br
via: 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 13:04:26 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
etag: W/"5133c4634cfe9274207b3fccb6e455af"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: private,max-age=2592000
x-amz-cf-id: TC2hKpNaAITTsO-clRV8llvuAWTwLuvNu5ZJ2h8Qmq5BFpobdH5PKQ==

GET
DATA 200
OK truncated
/ 348 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a267cc002379ca17418ebecfce360d6df22c59692bec5516dddeb37e07aa893

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200 publicRolls Show response
apilb.rollingpaper.site/api/v2/ 535 B
1 KB 326ms
325ms XHR
application/json 13.124.23.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apilb.rollingpaper.site/api/v2/publicRolls

Requested by

Host: rollingpaper.site
URL: https://rollingpaper.site/vendors.1627563830627.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.124.23.65 , Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-124-23-65.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d9dab47da7935ae96b48a4551ed35ce94b89ebf6b6efa37029aca0992e049585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://rollingpaper.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Mar 2024 09:56:45 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.18.0 (Ubuntu)
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://rollingpaper.site
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 535
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA0D 112 KB
39 KB 901ms
901ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2497006995280040&output=html&h=50&slotname=7831053672&adk=4054047596&adf=713135178&pi=t.ma~as.7831053672&w=300&lmt=1627563869&format=300x50&url=https%3A%2F%2Frollingpaper.site%2F&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709459804921&bpp=1&bdt=2299&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1783132804309&frm=20&pv=1&ga_vid=520370632.1709459803&ga_sid=1709459803&ga_hid=946582374&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=517&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322747%2C95325753%2C95325976%2C95322329%2C95324161%2C95326437&oid=2&pvsid=2196582737956918&tmod=1512579107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=10

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee79738d7340bf124b54cd586e9f9bc4c74f40500f82f4a891b074ea8fb3a480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rollingpaper.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40204
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Mar 2024 09:56:45 GMT
expires: Sun, 03 Mar 2024 09:56:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6858 35 KB
14 KB 428ms
428ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2497006995280040&output=html&h=200&slotname=5615953873&adk=531075655&adf=2534988245&pi=t.ma~as.5615953873&w=300&lmt=1627563869&format=300x200&url=https%3A%2F%2Frollingpaper.site%2F&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709459804921&bpp=1&bdt=2298&idt=1&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x50&nras=1&correlator=1783132804309&frm=20&pv=1&ga_vid=520370632.1709459803&ga_sid=1709459803&ga_hid=946582374&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=517&ady=1075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322747%2C95325753%2C95325976%2C95322329%2C95324161%2C95326437&oid=2&pvsid=2196582737956918&tmod=1512579107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99ebeaffc3df2316622e74333d63f5a7752b3dff756d01070630e54f110719a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rollingpaper.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14198
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Mar 2024 09:56:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 6858 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2497006995280040&output=html&h=200&slotname=5615953873&adk=531075655&adf=2534988245&pi=t.ma~as.5615953873&w=300&lmt=1627563869&format=300x200&url=https%3A%2F%2Frollingpaper.site%2F&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709459804921&bpp=1&bdt=2298&idt=1&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x50&nras=1&correlator=1783132804309&frm=20&pv=1&ga_vid=520370632.1709459803&ga_sid=1709459803&ga_hid=946582374&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=517&ady=1075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322747%2C95325753%2C95325976%2C95322329%2C95324161%2C95326437&oid=2&pvsid=2196582737956918&tmod=1512579107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 10:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 10:04:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 6858 20 KB
8 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 18:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 18:11:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6858 207 KB
63 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 10:32:24 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5EFB 139 KB
49 KB 104ms
62ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeRJXAAOi3EEvwH9AAcInJ4S6NZFjLe0kUXUFw&u=%7CZQ6F0tTu41j4WL97sYKTr8OT5oE7vi1FrDCw9jb4OK8%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdrkT1YrAqPcXTiRMWygOQxh7g-Utgma5PGA7wAd4WaH--GSFCaMtDRI5x8OXrIO-ciiUoAh1ZfdA7tGRc2X_muIqoHnT-7ytoSugxa_N4s7hKzcxvKckdoJ-H7_bhEOojIv9OZl54NKyeebBSg_b1l0fx_0nq-kqai2iDL3CoeG1DdBuuFYB9aD6Txt13ua2a2DGCTH6jQgD7yYEnHDE9VDF71ay7OQFhGUWT-bSG40YwJ0FbSoMKtJs-vWO1e7raCAu_tNHWNzR3xaKmeZHTw_quY-Otfi4lYIdhDs2N1PwA1BS3QU1274iHSSNLudSy3OZm_H3B_oKzdw5DX8tqe3ugOH4qWZDvi6I_0PLUerd09sezIqI1K1NnDJy_Zjpcx1wm0Mm_vAeG3IcZ7bBeEIGh-JR_VM5XkvcOuG011C3woo_C5KC9FfexqZ-G4BA4giNVUvKgnhgG92N_NaJiG1bN6jNnpUBbLiP1xoMMx0q9ofBjzVL2o0H_R_6axF8ZsLBi91ZSukRnnIcvfNDDX4qOoBGklUNSSLKoEJe3H3XaRlSBcirP3VpCg6CdD_75y-imtP4QcPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rKFXEnkZfGWOv2D_NUPnJGc0ALJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNDk3MDA2OTk1MjgwMDQwyAEJqQJH9YGbhy6yPqgDAcgDAqoE6AFP0E9JixBHnrU17eFPr-xcplobf3azx3uq_xiRV3a9NlcxBn5-NmLjpmUeWvOax1TS3996tI50O-JuzFhyDmpbAzwVbREiK2j4YFRfUXs4Xjo7fzfeKwTAdjLsa_92k_Bl-4dZN_JYJzjUBuNZT5hl6ZiRUz5RWuuwdQBF6MFCxEWG2m0uZv2vIrcp37kx8xPBrmZV68molY0_WLXumyGXjekzgeyziR4XI7jPh2sJ0bcn4PEgvTBgzvBrVCPyp1ki0YE6ivkRFY9M0zFgMcP7mb4vMb0V3GvFPE5xWarav7gxarJma3jIgAbhopPgo6bA4ASgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggnCJHhgHAQATIF64uAgCA6CYBAgICAgICUKEi9_cE6WNKZuoPq14QD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1VRaaCCXOuXJX_eti34SVrI0kzKQ%26client%3Dca-pub-2497006995280040%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

163b97c51a5d529e77c23567f25204ce1f9a7194bab1ea61a988bed629066bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 03 Mar 2024 09:56:44 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Xdm_BB1z6J8azMlrCEz6HceMz198s69hBL4-4q3OQRQDlGfUglP1wPP5vd1-e5EpMAskDu2BaYwO1Nm1npfLhCTDXreapAUgn6xi3VDYU262QiDbEEj0VHxEbKk7U6fJx006nCncfN7j1bxmwLis0OkvPm-GRamH1scQXP7XTYijX4Nk1IjHUyKBcis3KAYQaPO0fp6ywx3IbmyPm1ERRgmGfoPNZaXu_XdS9P9gTuJQOj91dU1HwoGY4DqWCSWr1nFzcA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 43982895
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 6858 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fe8c986fef5bcb5696d1656f07e0072f112379cc73039e0453e5d45286cacbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6858 0
19 B 42ms
41ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C39fJXEnkZfGWOv2D_NUPnJGc0ALJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNDk3MDA2OTk1MjgwMDQwyAEJqQJH9YGbhy6yPqgDAcgDAqoE5QFP0E9JixBHnrU17eFPr-xcplobf3azx3uq_xiRV3a9NlcxBn5-NmLjpmUeWvOax1TS3996tI50O-JuzFhyDmpbAzwVbREiK2j4YFRfUXs4Xjo7fzfeKwTAdjLsa_92k_Bl-4dZN_JYJzjUBuNZT5hl6ZiRUz5RWuuwdQBF6MFCxEWG2m0uZv2vIrcp37kx8xPBrmZV68molY0_WLXumyGXjekzgeyziR4XI7jPh2sJ0bcn4PEgvTBgzvBrVCPypxsg8BO6GSkss19rCb1A2Gf1vrSZO5MNXt8NAeiD5rT2pyD7_pKPgAbhopPgo6bA4ASgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggnCJHhgHAQATIF64uAgCA6CYBAgICAgICUKEi9_cE6WNKZuoPq14QDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI0OTcwMDY5OTUyODAwNDAYAA&sigh=7Ux6r_Harhw&uach_m=%5BUACH%5D&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2497006995280040&output=html&h=200&slotname=5615953873&adk=531075655&adf=2534988245&pi=t.ma~as.5615953873&w=300&lmt=1627563869&format=300x200&url=https%3A%2F%2Frollingpaper.site%2F&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709459804921&bpp=1&bdt=2298&idt=1&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x50&nras=1&correlator=1783132804309&frm=20&pv=1&ga_vid=520370632.1709459803&ga_sid=1709459803&ga_hid=946582374&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=517&ady=1075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322747%2C95325753%2C95325976%2C95322329%2C95324161%2C95326437&oid=2&pvsid=2196582737956918&tmod=1512579107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Mar 2024 09:56:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 6858 0
126 B 60ms
13ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k-zRGcjHMKwCyAGdg2ICAgAAAE6Gh9gpqTiuDdKL8ppGj-UQXEnkZVjCTMYbEXJjBkUAABIAAAoKQVFVQkFRRUJBUQ&wp=ZeRJXAAOi3EEvwH9AAcInJ4S6NZFjLe0kUXUFw&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:44 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 160923
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5EFB 2 KB
1 KB 40ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeRJXAAOi3EEvwH9AAcInJ4S6NZFjLe0kUXUFw&u=%7CZQ6F0tTu41j4WL97sYKTr8OT5oE7vi1FrDCw9jb4OK8%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdrkT1YrAqPcXTiRMWygOQxh7g-Utgma5PGA7wAd4WaH--GSFCaMtDRI5x8OXrIO-ciiUoAh1ZfdA7tGRc2X_muIqoHnT-7ytoSugxa_N4s7hKzcxvKckdoJ-H7_bhEOojIv9OZl54NKyeebBSg_b1l0fx_0nq-kqai2iDL3CoeG1DdBuuFYB9aD6Txt13ua2a2DGCTH6jQgD7yYEnHDE9VDF71ay7OQFhGUWT-bSG40YwJ0FbSoMKtJs-vWO1e7raCAu_tNHWNzR3xaKmeZHTw_quY-Otfi4lYIdhDs2N1PwA1BS3QU1274iHSSNLudSy3OZm_H3B_oKzdw5DX8tqe3ugOH4qWZDvi6I_0PLUerd09sezIqI1K1NnDJy_Zjpcx1wm0Mm_vAeG3IcZ7bBeEIGh-JR_VM5XkvcOuG011C3woo_C5KC9FfexqZ-G4BA4giNVUvKgnhgG92N_NaJiG1bN6jNnpUBbLiP1xoMMx0q9ofBjzVL2o0H_R_6axF8ZsLBi91ZSukRnnIcvfNDDX4qOoBGklUNSSLKoEJe3H3XaRlSBcirP3VpCg6CdD_75y-imtP4QcPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rKFXEnkZfGWOv2D_NUPnJGc0ALJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNDk3MDA2OTk1MjgwMDQwyAEJqQJH9YGbhy6yPqgDAcgDAqoE6AFP0E9JixBHnrU17eFPr-xcplobf3azx3uq_xiRV3a9NlcxBn5-NmLjpmUeWvOax1TS3996tI50O-JuzFhyDmpbAzwVbREiK2j4YFRfUXs4Xjo7fzfeKwTAdjLsa_92k_Bl-4dZN_JYJzjUBuNZT5hl6ZiRUz5RWuuwdQBF6MFCxEWG2m0uZv2vIrcp37kx8xPBrmZV68molY0_WLXumyGXjekzgeyziR4XI7jPh2sJ0bcn4PEgvTBgzvBrVCPyp1ki0YE6ivkRFY9M0zFgMcP7mb4vMb0V3GvFPE5xWarav7gxarJma3jIgAbhopPgo6bA4ASgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggnCJHhgHAQATIF64uAgCA6CYBAgICAgICUKEi9_cE6WNKZuoPq14QD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1VRaaCCXOuXJX_eti34SVrI0kzKQ%26client%3Dca-pub-2497006995280040%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:56:45 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5EFB 2 KB
1 KB 43ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:56:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5EFB 308 B
636 B 41ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 26 Feb 2025 09:56:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5EFB 293 B
621 B 42ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 26 Feb 2025 09:56:45 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5EFB 43 B
348 B 60ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=UTPv7XivlLEB-bIiG_nRUXjVmFhTqeMfPDhPe7XeA-Dducso4-LbNa-hBb0PDBiZuKrfanKJNuXjEf0hxUt36SkkmsrbO4JaSs0GCsOzkfD_4oWi9WTVcyGZ7Of46jVxDSbKgqcNEzOICTkYthnbLdc4iNpvtONAI3WsNfnaDjGToF1KmwyJEVuyp_Vg4VmPv99JzNaItI_BWaP1GB_SCVs0RVK2J2Iv5pPO4kCaet0lRL1e2k-RD3nJRB06FnIej6QnbB_jr_B3uUpEQzNVtLJlGYyCGMncXNDL851d4tO5YhXRjfh_pWqxbe5xzMWKdKJUyl-0ZyCVPdVGy0tbLsc5vEMJLS59gNXbv2YqvkeHiS4NX8qEBUDyEPqBKKpHhILwpZz26g_DT11n1QDpu3obeDq4prCutpTfts9kVuq3_u9d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Mar 2024 09:56:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1597449
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i
ipds.adrta.com/ Frame 5EFB
Redirect Chain

https://adrta.com/i?cb=65e4495c4be1ec1d7ff837219fbf2813&clid=co&paid=co&avid=943&caid=420076&plid=11471888&publisherId=141479&kv1=300X200&kv2=https://googleads.g.doubleclick.net/&kv3=0153f1e6-9f93-...
https://ipds.adrta.com/i?__x=JJCIKFEIKHCLJBEBOFHJEMPFLKNFNHNGJLMAGLEQKJPPFKLHNBGLNOFLEKNEKIFNEMNLNBIMFNIMPMGMMIK@NLKNLGIFFLPLLHJOGMNBFNHOJJNPGJNKLAE@HBE&cb=65e4495c4be1ec1d7ff837219fbf2813&clid=co&...

43 B
184 B

300ms
94ms

Image
image/gif

2600:1f18:26d4:7e06:ba46:cf7a:7526:dfbb
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipds.adrta.com/i?__x=JJCIKFEIKHCLJBEBOFHJEMPFLKNFNHNGJLMAGLEQKJPPFKLHNBGLNOFLEKNEKIFNEMNLNBIMFNIMPMGMMIK@NLKNLGIFFLPLLHJOGMNBFNHOJJNPGJNKLAE@HBE&cb=65e4495c4be1ec1d7ff837219fbf2813&clid=co&paid=co&avid=943&caid=420076&plid=11471888&publisherId=141479&kv1=300X200&kv2=https://googleads.g.doubleclick.net/&kv3=0153f1e6-9f93-443a-8040-a407462aef84&kv4=2001:ac8:20::&kv7=317&kv11=65e4495c4be1ec1d7ff837219fbf2813&kv12=795592&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36&kv24=Windows_Web
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeRJXAAOi3EEvwH9AAcInJ4S6NZFjLe0kUXUFw&u=%7CZQ6F0tTu41j4WL97sYKTr8OT5oE7vi1FrDCw9jb4OK8%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdrkT1YrAqPcXTiRMWygOQxh7g-Utgma5PGA7wAd4WaH--GSFCaMtDRI5x8OXrIO-ciiUoAh1ZfdA7tGRc2X_muIqoHnT-7ytoSugxa_N4s7hKzcxvKckdoJ-H7_bhEOojIv9OZl54NKyeebBSg_b1l0fx_0nq-kqai2iDL3CoeG1DdBuuFYB9aD6Txt13ua2a2DGCTH6jQgD7yYEnHDE9VDF71ay7OQFhGUWT-bSG40YwJ0FbSoMKtJs-vWO1e7raCAu_tNHWNzR3xaKmeZHTw_quY-Otfi4lYIdhDs2N1PwA1BS3QU1274iHSSNLudSy3OZm_H3B_oKzdw5DX8tqe3ugOH4qWZDvi6I_0PLUerd09sezIqI1K1NnDJy_Zjpcx1wm0Mm_vAeG3IcZ7bBeEIGh-JR_VM5XkvcOuG011C3woo_C5KC9FfexqZ-G4BA4giNVUvKgnhgG92N_NaJiG1bN6jNnpUBbLiP1xoMMx0q9ofBjzVL2o0H_R_6axF8ZsLBi91ZSukRnnIcvfNDDX4qOoBGklUNSSLKoEJe3H3XaRlSBcirP3VpCg6CdD_75y-imtP4QcPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rKFXEnkZfGWOv2D_NUPnJGc0ALJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yNDk3MDA2OTk1MjgwMDQwyAEJqQJH9YGbhy6yPqgDAcgDAqoE6AFP0E9JixBHnrU17eFPr-xcplobf3azx3uq_xiRV3a9NlcxBn5-NmLjpmUeWvOax1TS3996tI50O-JuzFhyDmpbAzwVbREiK2j4YFRfUXs4Xjo7fzfeKwTAdjLsa_92k_Bl-4dZN_JYJzjUBuNZT5hl6ZiRUz5RWuuwdQBF6MFCxEWG2m0uZv2vIrcp37kx8xPBrmZV68molY0_WLXumyGXjekzgeyziR4XI7jPh2sJ0bcn4PEgvTBgzvBrVCPyp1ki0YE6ivkRFY9M0zFgMcP7mb4vMb0V3GvFPE5xWarav7gxarJma3jIgAbhopPgo6bA4ASgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggnCJHhgHAQATIF64uAgCA6CYBAgICAgICUKEi9_cE6WNKZuoPq14QD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1VRaaCCXOuXJX_eti34SVrI0kzKQ%26client%3Dca-pub-2497006995280040%26adurl%3D
Protocol: H2
Server: 2600:1f18:26d4:7e06:ba46:cf7a:7526:dfbb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 03 Mar 2024 09:56:46 GMT
cache-control: no-cache
server: nginx
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ipds.adrta.com/i?__x=JJCIKFEIKHCLJBEBOFHJEMPFLKNFNHNGJLMAGLEQKJPPFKLHNBGLNOFLEKNEKIFNEMNLNBIMFNIMPMGMMIK@NLKNLGIFFLPLLHJOGMNBFNHOJJNPGJNKLAE@HBE&cb=65e4495c4be1ec1d7ff837219fbf2813&clid=co&paid=co&avid=943&caid=420076&plid=11471888&publisherId=141479&kv1=300X200&kv2=https://googleads.g.doubleclick.net/&kv3=0153f1e6-9f93-443a-8040-a407462aef84&kv4=2001:ac8:20::&kv7=317&kv11=65e4495c4be1ec1d7ff837219fbf2813&kv12=795592&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36&kv24=Windows_Web
date: Sun, 03 Mar 2024 09:56:45 GMT
server: nginx
content-length: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5EFB 12 KB
6 KB 35ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:56:45 GMT

GET
H2 200 0006tOtUUQdN7k0OHE5Fg11A3XVfqQTW7RDlm9J2Ct4elSZkzPfF1I4H72QubJTYOm84tN85ndUOH0dsttJqsFepgr7Xbtent5Qur34GJ9Uc0JEPNfmi2xcuCKfqKhysDH8Xn9PcwDOor3V660CGzG6wczACDzveW58DB6QhZZpaOMgPRCn3Fq26yeQFD50UJoUcP...
imageproxy.eu.criteo.net/v1/ Frame 5EFB 1 KB
2 KB 64ms
27ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/0006tOtUUQdN7k0OHE5Fg11A3XVfqQTW7RDlm9J2Ct4elSZkzPfF1I4H72QubJTYOm84tN85ndUOH0dsttJqsFepgr7Xbtent5Qur34GJ9Uc0JEPNfmi2xcuCKfqKhysDH8Xn9PcwDOor3V660CGzG6wczACDzveW58DB6QhZZpaOMgPRCn3Fq26yeQFD50UJoUcPPf21Ai2k9b3SELT7JB8g2oEptaR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

28020d2afdd4564c46ffcc88a605fc59ee486bc75ba554c994c0673cb3bb2f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 1380
expires: Fri, 24 Jan 2025 13:37:06 GMT

GET
H2 200 000SSkn7tdyZTxxcF88KnbV2MtFnwg7KBV8Q4nm1I7ocIk330pcTs6iWwU9pMeHUuECeTu1oWacY3GwiakIJbwEXqxzn7JP9Nb3vG6hfaG1LnGrNarKcM4MGxT7p0pa5r97yHJj9Z6ZdygvAk7UVl9msRjro7aXnEhxi80CTOOzX8Dlz04rFwApHxwN8ufaCuLjND...
imageproxy.eu.criteo.net/v1/ Frame 5EFB 15 KB
15 KB 69ms
32ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/000SSkn7tdyZTxxcF88KnbV2MtFnwg7KBV8Q4nm1I7ocIk330pcTs6iWwU9pMeHUuECeTu1oWacY3GwiakIJbwEXqxzn7JP9Nb3vG6hfaG1LnGrNarKcM4MGxT7p0pa5r97yHJj9Z6ZdygvAk7UVl9msRjro7aXnEhxi80CTOOzX8Dlz04rFwApHxwN8ufaCuLjNDKU65BDld22K1iEcA0xXE7CKQoIGE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

45081d69d8dc67a305ce191c510da40014cf313605cf56c671232b67053fde8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 15330
expires: Sat, 25 Jan 2025 12:11:10 GMT

GET
H2 200 000duaveYa5DseZdeQKFcdT5mdFXm1yH5ornb3TtJlsSNFz187dngyDoEYxRF1j7TrmxwnEtRlfPudUEFF0R69YL0b8SF0UkU0SRhOKLEfLgYiZgWxhXFlC9ZkzDVdZsN6uo0gKpUjfMLqCC7ggWbgAidFChhtPb0TzhmoKovG0zlIkOFxod6LT3kzeUVRHDTC3Fd...
imageproxy.eu.criteo.net/v1/ Frame 5EFB 22 KB
22 KB 62ms
24ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/000duaveYa5DseZdeQKFcdT5mdFXm1yH5ornb3TtJlsSNFz187dngyDoEYxRF1j7TrmxwnEtRlfPudUEFF0R69YL0b8SF0UkU0SRhOKLEfLgYiZgWxhXFlC9ZkzDVdZsN6uo0gKpUjfMLqCC7ggWbgAidFChhtPb0TzhmoKovG0zlIkOFxod6LT3kzeUVRHDTC3FdHqUeTh6MRRi8QFoc8WBY8pI6Gs449ycewYsH0Al5QGDt3pzEm4CrugMX2YGB4v5N2LloAViWaGHoImOSFyoPDPPJmCJcNEARAlNhn37OmPxg10C7Lqbthuj9Ao8zuy?b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

506addea39611c7a5b70eea34a514c558c1ea213e554edecf5a06860f6abf8d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 22720
expires: Thu, 20 Feb 2025 15:07:58 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5EFB 0
128 B 39ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Xdm_BB1z6J8azMlrCEz6HceMz198s69hBL4-4q3OQRQDlGfUglP1wPP5vd1-e5EpMAskDu2BaYwO1Nm1npfLhCTDXreapAUgn6xi3VDYU262QiDbEEj0VHxEbKk7U6fJx006nCncfN7j1bxmwLis0OkvPm-GRamH1scQXP7XTYijX4Nk1IjHUyKBcis3KAYQaPO0fp6ywx3IbmyPm1ERRgmGfoPNZaXu_XdS9P9gTuJQOj91dU1HwoGY4DqWCSWr1nFzcA&sds=2&rev=90888.4&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 03 Mar 2024 09:56:44 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5EFB 2 KB
1 KB 22ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:56:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5EFB 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:56:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BA0D 6 KB
935 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2497006995280040&output=html&h=50&slotname=7831053672&adk=4054047596&adf=713135178&pi=t.ma~as.7831053672&w=300&lmt=1627563869&format=300x50&url=https%3A%2F%2Frollingpaper.site%2F&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709459804921&bpp=1&bdt=2299&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1783132804309&frm=20&pv=1&ga_vid=520370632.1709459803&ga_sid=1709459803&ga_hid=946582374&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=517&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322747%2C95325753%2C95325976%2C95322329%2C95324161%2C95326437&oid=2&pvsid=2196582737956918&tmod=1512579107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Mar 2024 09:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Mar 2024 09:35:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Mar 2024 09:56:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame BA0D 2 KB
822 B 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 10:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 10:05:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame BA0D 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 13:32:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame BA0D 3 KB
1 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 13:32:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame BA0D 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 10:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 10:06:30 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BA0D 207 KB
63 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 10:32:24 GMT

GET
H2 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame BA0D 36 KB
15 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 17:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 May 2024 09:01:05 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17326335992967337808/ Frame BA0D 1 KB
1 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17326335992967337808/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90af3a1dcc685e76ae4fa10d6135a1a9897f68de3e8ed1f57470586fc18efbd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 28 Feb 2025 21:57:29 GMT
date: Thu, 29 Feb 2024 21:57:29 GMT
x-content-type-options: nosniff
age: 215956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1035
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 12:13:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame BA0D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0ec25dbd481a96161ebdae5ef129e3603d5f3dffe5fcf9dd236aa8ce3968b19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA0D 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:14:40 GMT
x-content-type-options: nosniff
age: 434525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:14:40 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA0D 15 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:00:36 GMT
x-content-type-options: nosniff
age: 435369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:00:36 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA0D 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:48:58 GMT
x-content-type-options: nosniff
age: 436067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:48:58 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BA0D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CTYF7XUnkZeWHAfbUtOUP1cGcKMXG0e91uOblraYS-ISX3UIQASCw9pd8YJXikIKgB6ABwfzC4CjIAQmpAkf1gZuHLrI-qAMByAPLBKoE-AFP0GxRCkmNynKGCShzFdUFa0LWKDkUed9LF9k...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225882534606566118523%22,%22debug_reporting%22:true,%22destination%22:%22https://ignaly.com%22,%22event_report_window%22:%22...

0
0

53ms
38ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225882534606566118523%22,%22debug_reporting%22:true,%22destination%22:%22https://ignaly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210939842113%22],%2222%22:[%22true%22],%224%22:[%2203-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215510625135963355233%22}&andc=true

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 09:56:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5882534606566118523","debug_reporting":true,"destination":"https://ignaly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10939842113"],"22":["true"],"4":["03-03"],"6":["true"]},"priority":"500","source_event_id":"15510625135963355233"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Mar 2024 09:56:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Mar 2024 09:56:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5882534606566118523","debug_reporting":true,"destination":"https://ignaly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10939842113"],"22":["true"],"4":["03-03"],"6":["true"]},"priority":"500","source_event_id":"15510625135963355233"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F37 51 KB
20 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 09:47:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20103
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Mar 2025 09:47:01 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 72ms
38ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Mar 2024 09:56:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BA0D 42 B
64 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxXPUFNWbA07Yxl3xpGSte7QfYdQ2EETKdfn-0Yeoo2P3NpWLVVT8cHKCpkDk5SCxxUySlyNQQ38DvUEEE2zQIjC1KX9zUhJZVKDjt4OpI0SpJNOCxpPoo_T8jzyFFpBNHXLem5cv6MmXyBYVJtu5h4smlAwOMTpfwXQ&sai=AMfl-YQcXG2RdsmdJwCwrnTNqCUeH3mK26WtK26bqtrkB9z0I36hjglTaUWwNmyLw3QfM8iC0xaXe0ebsEzNWOCkOmVRWfQlPhUZOU3nnJauZ_sKYZaksqWSTfROiJ7OBbxHGXzb9H5ScdULOFfx7JFv&sig=Cg0ArKJSzL8753BAVM25EAE&cid=CAQSTgB7FLtqZZHPjmXNZdFQyLumb6iza6XyP1cnbKWAdXLIdHJdmw3Z0Gd1RGfS8mVdORzyIbICjcGFOqSn0mUtXxb0TvuCTTMNZlPKrLnVvhgB&id=lidar2&mcvt=1000&p=5,30,55,330&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4054047596&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=539260500&rst=1709459804932&rpt=982&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Mar 2024 09:56:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rollingpaper.site/	1970-01-21 04:26:59	Name: _ga Value: GA1.2.520370632.1709459803
.rollingpaper.site/	1970-01-20 18:52:26	Name: _gid Value: GA1.2.372726076.1709459803
.rollingpaper.site/	1970-01-20 18:50:59	Name: _gat_gtag_UA_173127717_1 Value: 1
apilb.rollingpaper.site/	1969-12-31 23:59:59	Name: JSESSIONID Value: 90E8DF3523C1FB122C4F7B5878947505
.rollingpaper.site/	1970-01-20 23:10:11	Name: __eoi Value: ID=4225edfb15c09b5d:T=1709459804:RT=1709459804:S=AA-AfjbbwN7k-N-YuHHiWthplkvE
.criteo.com/	1970-01-21 04:12:35	Name: receive-cookie-deprecation Value: 1
.rollingpaper.site/	1970-01-21 04:12:35	Name: __gads Value: ID=1d4943e21ef3bcef:T=1709459804:RT=1709459804:S=ALNI_MbAWTy7zPhH4sfyW6vWL9nwV7huCQ
.rollingpaper.site/	1970-01-21 04:12:35	Name: __gpi Value: UID=00000d68258aa648:T=1709459804:RT=1709459804:S=ALNI_MaN9YXmYyb1QNSXVucOgUDQ4VlrBA
.rollingpaper.site/	1970-01-21 04:26:59	Name: _ga_KZW6YYYVRK Value: GS1.1.1709459802.1.0.1709459805.0.0.0
.doubleclick.net/	1970-01-21 04:12:35	Name: IDE Value: AHWqTUlzbSAXBhGHPp1GComhwA6kA2ooFXlumGmmGs1yREcpMFPqcI38OXCJbYddadc
.googleadservices.com/	1970-01-20 21:00:35	Name: ar_debug Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2497006995280040&output=html&h=200&slotname=5615953873&adk=531075655&adf=2534988245&pi=t.ma~as.5615953873&w=300&lmt=1627563869&format=300x200&url=https%3A%2F%2Frollingpaper.site%2F&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709459804921&bpp=1&bdt=2298&idt=1&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x50&nras=1&correlator=1783132804309&frm=20&pv=1&ga_vid=520370632.1709459803&ga_sid=1709459803&ga_hid=946582374&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=517&ady=1075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322747%2C95325753%2C95325976%2C95322329%2C95324161%2C95326437&oid=2&pvsid=2196582737956918&tmod=1512579107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=13 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://rollingpaper.site/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rollingpaper.site/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rollingpaper.site/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rollingpaper.site/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rollingpaper.site/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adrta.com
ads.eu.criteo.com
apilb.rollingpaper.site
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
developers.kakao.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
ipds.adrta.com
pagead2.googlesyndication.com
region1.google-analytics.com
rollingpaper.site
rtb.nl3.eu.criteo.com
static.criteo.net
stats.g.doubleclick.net
t1.kakaocdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
121.53.105.218
13.124.23.65
142.250.186.130
178.250.1.6
18.173.154.105
18.173.154.68
2001:4860:4802:32::36
2600:1f18:26d4:7e06:ba46:cf7a:7526:dfbb
2606:4700::6811:180e
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2008
2a00:1450:4001:82b::2001
2a00:1450:400c:c0c::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:26f0:480:e::210:f10d
3.222.95.210
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
163b97c51a5d529e77c23567f25204ce1f9a7194bab1ea61a988bed629066bac
17f6054e7f9979ee492c796adda70fb67d5b1a79916c2e595682abfba66564fe
1a700634870f9cfa41d9e15d0d3c21e47a73fd902d9a5222e87c09ee3682abc9
205dfd63b0ef0066244302a185589afb5cc2abab54f85f36124c0392cfb71ff5
25b97126adec162d505fa2de32fc1cacae91879c1a5166d0ea0bfd2bfb5cafed
270d6a130b11f25f8d2423607674f4aa218b0f829b2df3a286d6a1b43c76af75
28020d2afdd4564c46ffcc88a605fc59ee486bc75ba554c994c0673cb3bb2f43
29afe075dd15ef50216135622f027ac87c023af701ccdd4ca8b62edfd561444c
301d5ab03d6037c2e252af8637b28650bce5157eb97c44340ca5dbd1bfceaa92
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35be2b23300e8187b79e66e760363532eeb632feb560a505e0dfcbd59de9c90d
377b1cab84eff8ab7ae41600307bb1cae178f2dea582d2658133a628cb42b65b
3ff1154ecbdab4c6dec0dc302be9629486cd9c39fe1c8da0ea8df3168d539bf4
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4274a8517ab6de432e5c268c7be4d3714e4ebf0195304fac838e0a554575afa0
45081d69d8dc67a305ce191c510da40014cf313605cf56c671232b67053fde8d
4a267cc002379ca17418ebecfce360d6df22c59692bec5516dddeb37e07aa893
4bcc4e96f1cf00230baefd446120c1e0d85d08335ffa8d07dd67da2535b93dfb
4d24ea9cb1afb072eb2e4db1ee0f2ac78f9b70d11a452c63549aa198f3745755
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5a6f237ed58effce1e99270f2520190b2c66cf2d3321d49e8d790ea09d91b5
506addea39611c7a5b70eea34a514c558c1ea213e554edecf5a06860f6abf8d0
529761be649b2f4a60332f45b9af061ccc4f9126354310b91f366c89bb08b98f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b46737ec17d04244eb04c2c164cf604b1d41e5176e524a536eefdda3de056a5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7fe8c986fef5bcb5696d1656f07e0072f112379cc73039e0453e5d45286cacbc
82d1b96059dc0b80248c1479fd57f467c051afd33cfdd4d1ae925dc2d5adad97
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
897f11f7ee77a6709c521d1198f7c0e15afc426206da9a052092bb89aafc5592
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8de2ec8d34cd1b94a8117018f3f00fea2b2f5ec2277f2a53d15cce137bb7912b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
8fcfc01dafb0ea7eb560f230ff66857a4cb20aef7f5646e79dcd6e6b224dde1c
90af3a1dcc685e76ae4fa10d6135a1a9897f68de3e8ed1f57470586fc18efbd0
90f48a71b4ff0b07308674b4a8d3f73faef08cf0529fe1311b2f2dc95824efae
99ebeaffc3df2316622e74333d63f5a7752b3dff756d01070630e54f110719a0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a6bb2c230f4eef5cf697e4eb7c758ecc0fe986e0f26ffa1b1e9d0b353fa3766a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
b79c2f9beed82f343693b797b2a264e1f4560935dc8c2b37b104894fa9a1a9ed
b86795932681c00c1f3f7a6d7adee197c51306dc3a3ae86d968a6d82e6d04d0d
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
c1f45e03a4c262c4666a68e30fe91c3e7b1ff2bca174def90762b2bef3705b26
cbfccca7805dc34bfc32073f363c29ca0118777983a833b9144f89e87abc6660
d5e5966f14bc2123b2454baa3a8f0c5402bf4a63d67a6d23970dc08cb1d8f972
d9dab47da7935ae96b48a4551ed35ce94b89ebf6b6efa37029aca0992e049585
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774
e0ec25dbd481a96161ebdae5ef129e3603d5f3dffe5fcf9dd236aa8ce3968b19
e16266110ba329a64f7b4568f376336b9240df6212780a2c381fbd81b00071f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a52e44d3c7d06f20c2324543cc29138827f97216e2f49c2115570edb6e837b
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
ee79738d7340bf124b54cd586e9f9bc4c74f40500f82f4a891b074ea8fb3a480
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3587ea90d6b87d46aead96133a6cd50007af8add592ce2a6e56c2ca1d12456
f456cdb0762281ddf6d92890b29fb72d953cf75ada51c5edc9e2003a2295172d
f48d895ce1bf98a33b2870d6f6073f0064a4c1d8119f7f71608dcacd18efb8e4
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

rollingpaper.site Open in urlscan Pro 18.173.154.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

96 %HTTPS

73 %IPv6

15 Domains

25 Subdomains

24 IPs

5 Countries

1595 kBTransfer

4693 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rollingpaper.site Open in urlscan Pro
18.173.154.68 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

96 %
HTTPS

73 %
IPv6

15
Domains

25
Subdomains

24
IPs

5
Countries

1595 kB
Transfer

4693 kB
Size

11
Cookies

77 HTTP transactions
9 data transactions