URL: https://www.rollfi.xyz/
Submission: On April 18 via manual from US — Scanned from DE

Summary

This website contacted 14 IPs in 3 countries across 12 domains to perform 38 HTTP transactions. The main IP is 52.17.119.105, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.rollfi.xyz.
TLS certificate: Issued by R3 on February 11th 2024. Valid for: 3 months.
This is the only time www.rollfi.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
23 website-files.com
assets-global.website-files.com — Cisco Umbrella Rank: 6176
assets.website-files.com — Cisco Umbrella Rank: 11754
1 MB
4 rollfi.xyz
www.rollfi.xyz
app.rollfi.xyz
developer.rollfi.xyz
8 KB
3 gstatic.com
fonts.gstatic.com
97 KB
2 cloudfront.net
d3e54v103j8qbb.cloudfront.net
33 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 363
fonts.googleapis.com — Cisco Umbrella Rank: 33
7 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7278
64 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
24 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 36
24 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 123
2 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404
254 B
1 cal.com
app.cal.com — Cisco Umbrella Rank: 408604
9 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
110 KB
38 12
Domain Requested by
19 assets-global.website-files.com www.rollfi.xyz
assets-global.website-files.com
4 assets.website-files.com assets-global.website-files.com
3 fonts.gstatic.com fonts.googleapis.com
2 developer.rollfi.xyz 1 redirects www.rollfi.xyz
2 d3e54v103j8qbb.cloudfront.net www.rollfi.xyz
assets-global.website-files.com
1 www.google.de www.rollfi.xyz
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 app.cal.com www.rollfi.xyz
1 app.rollfi.xyz www.rollfi.xyz
1 fonts.googleapis.com ajax.googleapis.com
1 www.googletagmanager.com www.rollfi.xyz
1 ajax.googleapis.com www.rollfi.xyz
1 www.rollfi.xyz
38 16

This site contains links to these domains. Also see Links.

Domain
app.rollfi.xyz
developer.rollfi.xyz
webflow.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
www.rollfi.xyz
R3
2024-02-11 -
2024-05-11
3 months crt.sh
*.website-files.com
Amazon RSA 2048 M03
2023-09-11 -
2024-10-08
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.rollfi.xyz
Amazon RSA 2048 M02
2023-08-05 -
2024-09-03
a year crt.sh
cal.com
GTS CA 1P5
2024-03-16 -
2024-06-14
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.rollfi.xyz/
Frame ID: 3BB15DF7C01BB0568A0C7D3A35791E9B
Requests: 38 HTTP requests in this frame

Screenshot

Page Title

Embedded Payroll & Benefits

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

95 %
HTTPS

56 %
IPv6

12
Domains

16
Subdomains

14
IPs

3
Countries

1549 kB
Transfer

4273 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://developer.rollfi.xyz/ HTTP 308
  • https://developer.rollfi.xyz/docs/PayrollAPIDocumentation
Request Chain 35
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11145320498/?random=178038809&cv=11&fst=1713467317080&bg=ffffff&guid=ON&async=1&gtm=45je44f0v9110175253za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rollfi.xyz%2F&label=WKoeCOnk5_wDELKwwMIp&hn=www.googleadservices.com&frm=0&tiba=Embedded%20Payroll%20%26%20Benefits&did=dZGVlNj&gdid=dZGVlNj&npa=1&pscdl=noapi&auid=838577238.1713467317&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMI7eeYlrvMhQMVY2QeAh1AOASoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnJvbGxmaS54eXov HTTP 302
  • https://www.google.com/pagead/1p-conversion/11145320498/?random=178038809&cv=11&fst=1713467317080&bg=ffffff&guid=ON&async=1&gtm=45je44f0v9110175253za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rollfi.xyz%2F&label=WKoeCOnk5_wDELKwwMIp&hn=www.googleadservices.com&frm=0&tiba=Embedded%20Payroll%20%26%20Benefits&did=dZGVlNj&gdid=dZGVlNj&npa=1&pscdl=noapi&auid=838577238.1713467317&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMI7eeYlrvMhQMVY2QeAh1AOASoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnJvbGxmaS54eXov&is_vtc=1&cid=CAQSGwB7FLtqT4tqxXVjgwfISyYq_KOtdWDnI_gurg&random=3531370011 HTTP 302
  • https://www.google.de/pagead/1p-conversion/11145320498/?random=178038809&cv=11&fst=1713467317080&bg=ffffff&guid=ON&async=1&gtm=45je44f0v9110175253za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rollfi.xyz%2F&label=WKoeCOnk5_wDELKwwMIp&hn=www.googleadservices.com&frm=0&tiba=Embedded%20Payroll%20%26%20Benefits&did=dZGVlNj&gdid=dZGVlNj&npa=1&pscdl=noapi&auid=838577238.1713467317&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMI7eeYlrvMhQMVY2QeAh1AOASoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnJvbGxmaS54eXov&is_vtc=1&cid=CAQSGwB7FLtqT4tqxXVjgwfISyYq_KOtdWDnI_gurg&random=3531370011&ipr=y

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.rollfi.xyz/
30 KB
8 KB
Document
General
Full URL
https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.17.119.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-119-105.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
711ba32ce659c289edbac0787970c3aa3c61f455fc4463c652302d6222fbffcc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-length
7976
content-type
text/html
date
Thu, 18 Apr 2024 19:08:36 GMT
vary
x-wf-forwarded-proto, Accept-Encoding
x-cache
MISS
x-cache-hits
0
x-cluster-name
eu-west-1-prod-hosting-red
x-lambda-id
fb1c86c1-4f47-4a88-98a0-0e30de6266a8
x-served-by
cache-dub4362-DUB
x-timer
S1713467316.693928,VS0,VE630
rollfi.ca7819efb.css
assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/
209 KB
32 KB
Stylesheet
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6860d60bcad5c49c245e4ffbb517c784f48868f2077f393d5b44b28d3015d876

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Hct9MBhkTNQ1zESqaZOK9oUjUJGYjK_l
content-encoding
gzip
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
date
Thu, 18 Apr 2024 19:08:36 GMT
age
14055
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31787
last-modified
Mon, 15 Apr 2024 21:12:26 GMT
server
AmazonS3
etag
"baf69aaa9a6d72816f3c675ddbe8b2df"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
OeDxbwcnF6nBo1_q6pPTm1qNuxmvQkVwzUIDkvW34BlK-FximVAyug==
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 11:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 11:16:52 GMT
js
www.googletagmanager.com/gtag/
334 KB
110 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TCJ8E0FBC3
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae95ef4c5fc02588817ac90b86aec5184f64defd0dcc4e6896db6605583ec030
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 19:08:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
112222
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Apr 2024 19:08:36 GMT
61c0cecd338f57399389e998_rollfi-logo-black.svg
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
2 KB
1 KB
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/61c0cecd338f57399389e998_rollfi-logo-black.svg
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ffc449a3bfe91b4266ba054e266ddce25cfb4bf5025e52dfe9a7112d540f260

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 01:59:47 GMT
x-amz-version-id
bQfl.gLmkUO_hwMJE_x1rcdXLmk75zKC
content-encoding
br
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
493730
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 Dec 2021 18:43:26 GMT
server
AmazonS3
etag
W/"448d120a303fae6bfb61ecb812901d9e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
GtLYH99IrAb6mHYVI7_bBebgW30d62Mfx0QpAUZ5uFAsnkDxlShLhw==
65aad34aad72f9b6099dae38_Group%20173-p-1600.png
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
36 KB
36 KB
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/65aad34aad72f9b6099dae38_Group%20173-p-1600.png
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
127d4bcfe3fb84feb8194d9cb982b1d60e945940023a85158d63e3d006a7ba14

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 16:57:38 GMT
x-amz-version-id
97JF5YE2jzZSs2NG1ZgBf_Yn_F.NTQ9E
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
353459
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
36805
last-modified
Fri, 19 Jan 2024 19:53:50 GMT
server
AmazonS3
etag
"8b03678482eb5f4445c73726f5850c0d"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
LORjZPuSQighjzGTnFN5KCEkXQKoViMJ_k3DzQxQeLrYrqAVrfk-9g==
65aad357acaf911ca0cbd56b_Group%201523-p-1600.png
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
31 KB
32 KB
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/65aad357acaf911ca0cbd56b_Group%201523-p-1600.png
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8920aada31da38cb9ca028d7dd7da2a947bd7526441722187bbd54d296336bd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 16:57:38 GMT
x-amz-version-id
Ij2ZYYZURA_NOHNtTKdZ2S1QEOoz8SUR
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
353459
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31874
last-modified
Fri, 19 Jan 2024 19:54:02 GMT
server
AmazonS3
etag
"f151236d50d99599aa65ce07368233e2"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
JcbbSIJX3c0RcQr5B6hc2AEMsccpDQAI9rg_68muUa_epdWRkx5WKQ==
65aad36395c25278563485a2_Group%201534-p-1600.png
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
200 KB
201 KB
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/65aad36395c25278563485a2_Group%201534-p-1600.png
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
219cf58a927fc5cb5459444e2e1ed1e2022cb3e6c720f75096f71177b37ccfbb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 16:57:39 GMT
x-amz-version-id
bQIaSeFAsND7RlyWu4Ab8VJOPyYQzvJj
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
353458
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-length
204649
last-modified
Fri, 19 Jan 2024 19:54:15 GMT
server
AmazonS3
etag
"b21951d1127b1565b8f5429b2d5e0835"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
-KbRpo8tDZluhel5yn1BXKaBvS-kQxvjPzFeB6UKbbDFCyHlJLjljw==
65aad6d24488b8d4c1a3d544_code-snippet.png
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
71 KB
72 KB
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/65aad6d24488b8d4c1a3d544_code-snippet.png
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
967e38eab559257f8ca77e1831d22e7f21a72423d7aa65fe99c6fbac00601338

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 01:59:48 GMT
x-amz-version-id
d2KIPjAKaxI7K.Wz60rcucO16S38me.j
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
493729
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
72815
last-modified
Fri, 19 Jan 2024 20:08:51 GMT
server
AmazonS3
etag
"6291b9b7f2f8db2a40006a7733939c43"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
hYh1C6vdZssmsZCmcCJZz5FPmN9lF-K4rYJHtBqmIN987aDnMl0RFQ==
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/
87 KB
30 KB
Script
General
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=61c0cc064935ee139ea1ca98
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Origin
https://www.rollfi.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:55:07 GMT
content-encoding
br
via
1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
age
47609
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
U4vzMJWKVM09RVwg4L8_ynU2-Fa0J9gauijW_mJrlBt704MtqQTPmw==
rollfi.2f3ae9786.js
assets-global.website-files.com/61c0cc064935ee139ea1ca98/js/
2 MB
414 KB
Script
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/js/rollfi.2f3ae9786.js
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
580c54a7d8092a63d28b1a8a97af96c00c3c6694a0836d0890a0e18a0c733410

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:14:23 GMT
content-encoding
gzip
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
x-amz-version-id
7901sUwCb_uS5rwttM_0gkaVExO.hCE6
age
14054
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
423030
last-modified
Wed, 17 Apr 2024 21:25:23 GMT
server
AmazonS3
etag
"dbdf9f2ae04aba093111d2bae48a1b4c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
tecJkeCAyBS5x3XSnrwWrqsLqaA3zCf8oMUo4enl28-MZ9Ew7wOEaQ==
css
fonts.googleapis.com/
29 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Inter:100,200,300,regular,500,600,700,800,900%7CPlayfair+Display:regular,500,600,700,800,900%7CArchitects+Daughter:regular
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96aef3b229c83891e6a71107cd6d6da93c8f3283197fdb418526560d439b3295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 19:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 19:08:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 19:08:36 GMT
/
app.rollfi.xyz/
0
0
Other
General
Full URL
https://app.rollfi.xyz/
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:4400:e:773f:9880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

PayrollAPIDocumentation
developer.rollfi.xyz/docs/
Redirect Chain
  • https://developer.rollfi.xyz/
  • https://developer.rollfi.xyz/docs/PayrollAPIDocumentation
0
0
Other
General
Full URL
https://developer.rollfi.xyz/docs/PayrollAPIDocumentation
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.rollfi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Redirect headers

date
Thu, 18 Apr 2024 05:15:58 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::iad1::r6npr-1713467316770-c53a65104cfa
age
49958
x-matched-path
/_sites/[subdomain]/[[...slug]]
x-vercel-cache
HIT
x-frame-options
DENY
location
/docs/PayrollAPIDocumentation
cache-control
public, max-age=0, must-revalidate
refresh
0;url=/docs/PayrollAPIDocumentation
content-length
29
embed.js
app.cal.com/embed/
30 KB
9 KB
Script
General
Full URL
https://app.cal.com/embed/embed.js
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4768ce87c2ff204d0b4143e5e88b277433650fa653623112d7875e2e34a3dcaf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 19:08:36 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
gzip
cf-polished
origSize=31119
content-disposition
inline; filename="embed.js"
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
x-vercel-id
fra1::g2tj9-1713302718645-71987d3ab440
server
cloudflare
x-matched-path
/embed/embed.js
etag
W/"aa5c8d2ea95cac65be0a4e4dcbb81739"
x-vercel-cache
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8766f1c98cf218c3-FRA
65a85639d9e0f6341ebae873_clock.svg
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
324 B
781 B
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/65a85639d9e0f6341ebae873_clock.svg
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f04b19153a6d3b4117c39602bc79aee5807af0d6c13e3681d896d824a93b4b93

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 01:59:49 GMT
x-amz-version-id
JwUT0FJqrT4ktt21XCJQncVpxxKZVaGM
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
493728
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
324
last-modified
Wed, 17 Jan 2024 22:35:39 GMT
server
AmazonS3
etag
"6aa27d0ce9f16462224aa33472453d42"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
WKhgn8sWIgh5dZvPZi-JMJ1eK2tQ9Q_iAv9tOMoh9KzNwqQC5w_ZvQ==
65a856c8e36b44e3d41ba55d_brush-01.svg
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
851 B
1 KB
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/65a856c8e36b44e3d41ba55d_brush-01.svg
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea09224e9973d57ec37a093d0646ee2ca588551c0b6379bb7c0719c61ebe8108

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 01:59:49 GMT
x-amz-version-id
TFgKn10mv3jUj5p9eMfnEprYkrbmyzcc
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
493728
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
851
last-modified
Wed, 17 Jan 2024 22:38:01 GMT
server
AmazonS3
etag
"e7f47a7f72115e4115130558b13a8b94"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
ROTUjy8hvmzyL4xKE_JMpPdLINbQ95f04-BEw-rrJw69wRhF0Lk5cQ==
background-image.svg
d3e54v103j8qbb.cloudfront.net/img/
11 KB
3 KB
Image
General
Full URL
https://d3e54v103j8qbb.cloudfront.net/img/background-image.svg
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23fb3e4363a68cdfd74ca173a6f9f23417c57d027c3489844d3bf1e32b4e0000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://assets-global.website-files.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 02:37:03 GMT
content-encoding
br
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
last-modified
Fri, 31 Jul 2020 01:43:31 GMT
server
AmazonS3
age
59513
x-amz-cf-pop
FRA56-P4
etag
W/"96edb61c19a0b7d81492ffc8c2a76816"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
x-amz-cf-id
lMNKc5Lmb1UlqssA-Cwa4lLNTU9L-D4YhHDZKRD4kQpqKIN7NsNCHA==
61c0cc064935ee5408a1cb3a_verified_black_24dp%20(1).svg
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
658 B
1 KB
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/61c0cc064935ee5408a1cb3a_verified_black_24dp%20(1).svg
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cb682ab1a62377e7599f06f435cc0f3702b6bb3f2db5fde43272195c87d2d97

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 01:59:49 GMT
x-amz-version-id
xAABeRmE4aLB7M0Ka.rhkFdvvUSjFveV
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
493728
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
658
last-modified
Mon, 20 Dec 2021 18:31:38 GMT
server
AmazonS3
etag
"3bb564aef6468c5971a5f3317f205925"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
fCAAFRIC1j4yIe9v59Qh4dj7pF0JCNbTHmJlwNV2cZ-nK4f9GL1quw==
61c0f6b8093e3f722405e851_wire-bg.png
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
193 KB
194 KB
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/61c0f6b8093e3f722405e851_wire-bg.png
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec39a27661dcca24f66acb2c3f194b6bca802aeb7878d3a1b8ac1a729fb148e2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 16:40:32 GMT
x-amz-version-id
Oz34k6ko8mXMDZ8k7FOpJruOHBZvjQjs
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
1304885
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-length
197483
last-modified
Mon, 20 Dec 2021 21:33:45 GMT
server
AmazonS3
etag
"07048fefcb888ebf8391b99bbd59f66c"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
eYMzfU0c0r8o94xQjsMG-u_R-ptbN8DEL49378NlxWOzOKWhX_oudQ==
61c0f7e93d6ff9e035b5cacb_Asset%203.svg
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
35 KB
16 KB
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/61c0f7e93d6ff9e035b5cacb_Asset%203.svg
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ce1797afd9c087a79bc1db6d71281089bfb1bf1082dc23a248f95ae6f1cf32d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 01:59:48 GMT
x-amz-version-id
lc.HiiUuu.mq.F.ooMRoL44eauWN9umg
content-encoding
br
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
493729
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 Dec 2021 21:38:50 GMT
server
AmazonS3
etag
W/"3cb737c02a836c3f5677897fa6aae994"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
A20vOVGlE0vOEa6p1vCeIh_k1KdftWFK3bUsqVy5agysPs_kT9AaqQ==
61c0cd59f854d842cde7dae3_Balto-Bold.ttf
assets.website-files.com/61c0cc064935ee139ea1ca98/
99 KB
34 KB
Font
General
Full URL
https://assets.website-files.com/61c0cc064935ee139ea1ca98/61c0cd59f854d842cde7dae3_Balto-Bold.ttf
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d13e76970cc5c49be0ef22802cd0f42d1f81c818cfbe20832973b805dec0c4c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://assets-global.website-files.com/
Origin
https://www.rollfi.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 00:26:05 GMT
x-amz-version-id
tVxQoWVvx6wFZIkYlnF_yGvzEfAZr7uv
content-encoding
br
via
1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
age
5683352
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 Dec 2021 18:37:14 GMT
server
AmazonS3
etag
W/"a432789d8632fb41cec4876c772cd74f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
uPshvPfEixZkta1Gl2wTfKIEF4rx130BqN0NnxBdJyS2r4Lok28LOw==
61c0cd59a5b2e03481cabf36_Balto-Super.ttf
assets.website-files.com/61c0cc064935ee139ea1ca98/
100 KB
34 KB
Font
General
Full URL
https://assets.website-files.com/61c0cc064935ee139ea1ca98/61c0cd59a5b2e03481cabf36_Balto-Super.ttf
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a0293d01aaab936d7487882ca1cf2ac902f7d1d9e4191e3ab12e2d5c17c95d2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://assets-global.website-files.com/
Origin
https://www.rollfi.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 08:39:11 GMT
x-amz-version-id
ZGjfw9tWgJmH6CRqb.IDNErMvzbo5Q.l
content-encoding
br
via
1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
age
1938566
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 Dec 2021 18:37:15 GMT
server
AmazonS3
etag
W/"b5a4402a082554af7f52c08679515226"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
frtNxFJWVpZjPsOGayPWPLjVq3U6SV4rbRnjB8r_H-UKIbHt7vDBeA==
61c0cd59e927456a399bf8c4_Balto-Medium.ttf
assets.website-files.com/61c0cc064935ee139ea1ca98/
100 KB
34 KB
Font
General
Full URL
https://assets.website-files.com/61c0cc064935ee139ea1ca98/61c0cd59e927456a399bf8c4_Balto-Medium.ttf
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ddf4fb4ea84b693c3b0bc93327c5053d9401abe2629e0d06d236312015631867

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://assets-global.website-files.com/
Origin
https://www.rollfi.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 08:39:12 GMT
x-amz-version-id
S1RlGtQdLEcoI6pe7qXg949Yc9nkSOkM
content-encoding
br
via
1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
age
1938565
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 Dec 2021 18:37:15 GMT
server
AmazonS3
etag
W/"930f13595b53bd64c3a50577340c5cba"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
z5m8tQwTwPk7HC2ekxnBrNezM28SRUALgQHyBeps9A-4LaSS933HCA==
61c0cc064935ee093ba1caf7_ClashGrotesk-Regular.ttf
assets.website-files.com/61c0cc064935ee139ea1ca98/
60 KB
26 KB
Font
General
Full URL
https://assets.website-files.com/61c0cc064935ee139ea1ca98/61c0cc064935ee093ba1caf7_ClashGrotesk-Regular.ttf
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/css/rollfi.ca7819efb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c66c57fe9dd5308e3618b12a340de74ea1b25ef246e2c8c4b42a47f1e07bfdb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://assets-global.website-files.com/
Origin
https://www.rollfi.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 00:26:05 GMT
x-amz-version-id
COh81BBDRI4VOJROn.EEvQgEdS0G99rp
content-encoding
br
via
1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront)
age
5683352
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 Dec 2021 18:31:36 GMT
server
AmazonS3
etag
W/"3b72d0148a613e8ca6937289f9b78ec9"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
ofQLXWp5ozWul8Uvd8ZDY4-b5dU8G_ETxSIfqgdV2vJhCSORYcmTAA==
65bd64b0a87bf2213b3314e4_Group%20296-p-800.png
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
117 KB
117 KB
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/65bd64b0a87bf2213b3314e4_Group%20296-p-800.png
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d342db619b3d76719cdfc70388d41284833286abec1f882908c1add53eaefc4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 16:57:39 GMT
x-amz-version-id
YTQEkEpNfxbD3blqF.HoOpHlknm4WRyA
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
353458
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
119558
last-modified
Fri, 02 Feb 2024 21:55:01 GMT
server
AmazonS3
etag
"f3525a1847ae94ef010a364448f3a8ef"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
VEbqptsfQ9fknGxbrz55_B8K_0yB3dnoa_gXJ7n_Hi5VohkwJVLFUw==
65a8586e340ab03818cd998b_browser.svg
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
671 B
1 KB
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/65a8586e340ab03818cd998b_browser.svg
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5a47e6f4936926f2f7564bb6cd6341831fe8808eeebf4c5a4452974bb4f0fb2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 01:59:49 GMT
x-amz-version-id
esq.N3Czon3LNIY4sfq4A50j38JPEq_9
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
493728
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
671
last-modified
Wed, 17 Jan 2024 22:45:04 GMT
server
AmazonS3
etag
"0e548912c38799838ef61ac184b150e3"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
OcXkO-o8NZ_9cdqjfSdys7HZomIiZ9DvLGuB4I3Gv5qrAHEqDNyvOQ==
65a858794a70d1ae6f0b44c2_code-browser.svg
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
718 B
1 KB
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/65a858794a70d1ae6f0b44c2_code-browser.svg
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
860a96cf1f1eb74cedf44bd27d36a504405aa70c96129ea86b5220fa394f76b6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 01:59:49 GMT
x-amz-version-id
9FqhKaF5.tjN7eveePQLRKn16z0NyrnG
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
493728
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
718
last-modified
Wed, 17 Jan 2024 22:45:15 GMT
server
AmazonS3
etag
"67d09558b57d819f08553b8e0d8bce54"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
FtCVXGFBHVWQvrEsx7MHO5U9VPgA31zmoc984SBLaay6bXDUD25zvg==
65a858821ad4c20bb36c120b_code-square-01.svg
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
704 B
1 KB
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/65a858821ad4c20bb36c120b_code-square-01.svg
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
018d1af569fd7f3bd55bc092457fead51d4afdf0637fa9dd61fc97305290a902

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 01:59:49 GMT
x-amz-version-id
10iK8NIvaiAi7sirUg8uGGjl9BHkGbUn
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
493728
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
704
last-modified
Wed, 17 Jan 2024 22:45:23 GMT
server
AmazonS3
etag
"edc042fbcb841bf301dc8f4895f1a69f"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
L_13WV7fxCGAbnUG-3mYVmGauPGTJ1OOhA2Yyfdutn4ohYPtcGXC2g==
65aad6ef7dbb469e6372f68c_product-snippet-p-500.png
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
24 KB
24 KB
Image
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/65aad6ef7dbb469e6372f68c_product-snippet-p-500.png
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c546881979cb99553332c5bc1a926969b4ff1a6325c5e4c1daefa9b8dec83839

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 16:57:40 GMT
x-amz-version-id
D9RvxRJFMpcNYzR7TZw2tefIKaU8RONQ
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
353456
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24170
last-modified
Fri, 19 Jan 2024 20:09:21 GMT
server
AmazonS3
etag
"d7eb15f80ea6ad96823bda1f12bae15a"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
O2PlA30NS6g1m7c7o9psEnEiZfxbvDASV84_0zP-1qMkAzfrskE34A==
64b02335e9d52dd2a480e2be_Blue%20Blur.webp
assets-global.website-files.com/64b02335e9d52dd2a480e295/
8 KB
9 KB
Image
General
Full URL
https://assets-global.website-files.com/64b02335e9d52dd2a480e295/64b02335e9d52dd2a480e2be_Blue%20Blur.webp
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d8c4f040e08c8696d61d283beb329c05e6ab06f2debd1748c70d27c670dca5f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:14:23 GMT
x-amz-version-id
r1ZBld9O_7m1t7XbffqmdcV2M9RPNcvh
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
14054
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8678
last-modified
Thu, 13 Jul 2023 16:15:52 GMT
server
AmazonS3
etag
"c6daf941bd1e42d4e54b7a4ae7bef26c"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
IlDhK1EwUWH-DhC3MPV7XYq4UlivtL2M-bSSUpDcXkawRi_G19dcyw==
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:100,200,300,regular,500,600,700,800,900%7CPlayfair+Display:regular,500,600,700,800,900%7CArchitects+Daughter:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.rollfi.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 15:53:06 GMT
x-content-type-options
nosniff
age
443730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 15:53:06 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v37/
37 KB
38 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:100,200,300,regular,500,600,700,800,900%7CPlayfair+Display:regular,500,600,700,800,900%7CArchitects+Daughter:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.rollfi.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 09:09:55 GMT
x-content-type-options
nosniff
age
208721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38372
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:15:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 09:09:55 GMT
KtkxAKiDZI_td1Lkx62xHZHDtgO_Y-bvTYlg4w.woff2
fonts.gstatic.com/s/architectsdaughter/v18/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/architectsdaughter/v18/KtkxAKiDZI_td1Lkx62xHZHDtgO_Y-bvTYlg4w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:100,200,300,regular,500,600,700,800,900%7CPlayfair+Display:regular,500,600,700,800,900%7CArchitects+Daughter:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
284a3c1856b253a681c180bf5328cae3b94d4aaab702f6385490ec4e1b449df3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.rollfi.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:56:48 GMT
x-content-type-options
nosniff
age
486708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13156
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 03:56:48 GMT
collect
region1.google-analytics.com/g/
0
254 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TCJ8E0FBC3&gtm=45je44f0v9110175253za200&_p=1713467316606&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&gdid=dZGVlNj&cid=128980059.1713467317&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713467317&sct=1&seg=0&dl=https%3A%2F%2Fwww.rollfi.xyz%2F&dt=Embedded%20Payroll%20%26%20Benefits&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1632
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TCJ8E0FBC3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 19:08:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rollfi.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/11145320498/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/11145320498/?random=1713467317080&cv=11&fst=1713467317080&bg=ffffff&guid=ON&async=1&gtm=45je44f0v9110175253za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rollfi.xyz%2F&label=WKoeCOnk5_wDELKwwMIp&hn=www.googleadservices.com&frm=0&tiba=Embedded%20Payroll%20%26%20Benefits&did=dZGVlNj&gdid=dZGVlNj&npa=1&pscdl=noapi&auid=838577238.1713467317&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TCJ8E0FBC3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
aa9cb460b4dd7fc35975e3610f9a31c8c46a21931e1992984b684c66374ef004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 19:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1561
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/11145320498/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11145320498/?random=178038809&cv=11&fst=1713467317080&bg=ffffff&guid=ON&async=1&gtm=45je44f0v9110175253za200&gcd=13l3l3l2l1&dma_cps=...
  • https://www.google.com/pagead/1p-conversion/11145320498/?random=178038809&cv=11&fst=1713467317080&bg=ffffff&guid=ON&async=1&gtm=45je44f0v9110175253za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600...
  • https://www.google.de/pagead/1p-conversion/11145320498/?random=178038809&cv=11&fst=1713467317080&bg=ffffff&guid=ON&async=1&gtm=45je44f0v9110175253za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/11145320498/?random=178038809&cv=11&fst=1713467317080&bg=ffffff&guid=ON&async=1&gtm=45je44f0v9110175253za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rollfi.xyz%2F&label=WKoeCOnk5_wDELKwwMIp&hn=www.googleadservices.com&frm=0&tiba=Embedded%20Payroll%20%26%20Benefits&did=dZGVlNj&gdid=dZGVlNj&npa=1&pscdl=noapi&auid=838577238.1713467317&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMI7eeYlrvMhQMVY2QeAh1AOASoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnJvbGxmaS54eXov&is_vtc=1&cid=CAQSGwB7FLtqT4tqxXVjgwfISyYq_KOtdWDnI_gurg&random=3531370011&ipr=y
Requested by
Host: www.rollfi.xyz
URL: https://www.rollfi.xyz/
Protocol
H3
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.rollfi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 19:08:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Apr 2024 19:08:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/11145320498/?random=178038809&cv=11&fst=1713467317080&bg=ffffff&guid=ON&async=1&gtm=45je44f0v9110175253za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rollfi.xyz%2F&label=WKoeCOnk5_wDELKwwMIp&hn=www.googleadservices.com&frm=0&tiba=Embedded%20Payroll%20%26%20Benefits&did=dZGVlNj&gdid=dZGVlNj&npa=1&pscdl=noapi&auid=838577238.1713467317&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMI7eeYlrvMhQMVY2QeAh1AOASoMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnJvbGxmaS54eXov&is_vtc=1&cid=CAQSGwB7FLtqT4tqxXVjgwfISyYq_KOtdWDnI_gurg&random=3531370011&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
61c1f15bccc4e45d6229935a_favicon.png
assets-global.website-files.com/61c0cc064935ee139ea1ca98/
401 B
854 B
Other
General
Full URL
https://assets-global.website-files.com/61c0cc064935ee139ea1ca98/61c1f15bccc4e45d6229935a_favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1437f04e7f68018c41daf9808d2ad751128c8d7c72d3bdbd35329f5af878ee0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.rollfi.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 23:46:54 GMT
x-amz-version-id
PkNULq3jnsF77czK4fpi1i6y1kik7czi
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
age
501704
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
401
last-modified
Tue, 21 Dec 2021 15:23:08 GMT
server
AmazonS3
etag
"379b2b4dfcf6b830529263cba9fa2f1a"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
mm3SajR6HDJbfHY2E4ol-TH0DpxcvJwXwVTZt0T3f_EHvcvGONZb2g==

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| WebFont function| gtag object| dataLayer object| __WEBFLOW_CURRENCY_SETTINGS function| Cal function| $ function| jQuery function| tram object| Webflow object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO

4 Cookies

Domain/Path Name / Value
.rollfi.xyz/ Name: _ga_TCJ8E0FBC3
Value: GS1.1.1713467317.1.0.1713467317.0.0.0
.rollfi.xyz/ Name: _ga
Value: GA1.1.128980059.1713467317
.rollfi.xyz/ Name: _gcl_au
Value: 1.1.838577238.1713467317
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
other warning URL: https://www.rollfi.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.cal.com
app.rollfi.xyz
assets-global.website-files.com
assets.website-files.com
d3e54v103j8qbb.cloudfront.net
developer.rollfi.xyz
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
region1.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.rollfi.xyz
142.250.184.227
142.250.185.162
142.250.185.196
142.250.186.162
2001:4860:4802:34::36
2600:9000:21f3:9800:12:9e5f:cac0:93a1
2600:9000:235a:f600:11:3b84:d200:93a1
2600:9000:26e8:4400:e:773f:9880:93a1
2606:4700:10::6816:4776
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
52.17.119.105
52.222.232.39
76.76.21.61
018d1af569fd7f3bd55bc092457fead51d4afdf0637fa9dd61fc97305290a902
0d8c4f040e08c8696d61d283beb329c05e6ab06f2debd1748c70d27c670dca5f
127d4bcfe3fb84feb8194d9cb982b1d60e945940023a85158d63e3d006a7ba14
1d13e76970cc5c49be0ef22802cd0f42d1f81c818cfbe20832973b805dec0c4c
219cf58a927fc5cb5459444e2e1ed1e2022cb3e6c720f75096f71177b37ccfbb
23fb3e4363a68cdfd74ca173a6f9f23417c57d027c3489844d3bf1e32b4e0000
284a3c1856b253a681c180bf5328cae3b94d4aaab702f6385490ec4e1b449df3
2d342db619b3d76719cdfc70388d41284833286abec1f882908c1add53eaefc4
4768ce87c2ff204d0b4143e5e88b277433650fa653623112d7875e2e34a3dcaf
580c54a7d8092a63d28b1a8a97af96c00c3c6694a0836d0890a0e18a0c733410
5c66c57fe9dd5308e3618b12a340de74ea1b25ef246e2c8c4b42a47f1e07bfdb
5ce1797afd9c087a79bc1db6d71281089bfb1bf1082dc23a248f95ae6f1cf32d
6860d60bcad5c49c245e4ffbb517c784f48868f2077f393d5b44b28d3015d876
711ba32ce659c289edbac0787970c3aa3c61f455fc4463c652302d6222fbffcc
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
860a96cf1f1eb74cedf44bd27d36a504405aa70c96129ea86b5220fa394f76b6
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8cb682ab1a62377e7599f06f435cc0f3702b6bb3f2db5fde43272195c87d2d97
8ffc449a3bfe91b4266ba054e266ddce25cfb4bf5025e52dfe9a7112d540f260
967e38eab559257f8ca77e1831d22e7f21a72423d7aa65fe99c6fbac00601338
96aef3b229c83891e6a71107cd6d6da93c8f3283197fdb418526560d439b3295
9a0293d01aaab936d7487882ca1cf2ac902f7d1d9e4191e3ab12e2d5c17c95d2
a1437f04e7f68018c41daf9808d2ad751128c8d7c72d3bdbd35329f5af878ee0
a5a47e6f4936926f2f7564bb6cd6341831fe8808eeebf4c5a4452974bb4f0fb2
aa9cb460b4dd7fc35975e3610f9a31c8c46a21931e1992984b684c66374ef004
ae95ef4c5fc02588817ac90b86aec5184f64defd0dcc4e6896db6605583ec030
c546881979cb99553332c5bc1a926969b4ff1a6325c5e4c1daefa9b8dec83839
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
ddf4fb4ea84b693c3b0bc93327c5053d9401abe2629e0d06d236312015631867
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8920aada31da38cb9ca028d7dd7da2a947bd7526441722187bbd54d296336bd
ea09224e9973d57ec37a093d0646ee2ca588551c0b6379bb7c0719c61ebe8108
ec39a27661dcca24f66acb2c3f194b6bca802aeb7878d3a1b8ac1a729fb148e2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b19153a6d3b4117c39602bc79aee5807af0d6c13e3681d896d824a93b4b93
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d