Submitted URL: http://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Effective URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Submission: On April 01 via api from US — Scanned from US

Summary

This website contacted 16 IPs in 4 countries across 8 domains to perform 45 HTTP transactions. The main IP is 2606:4700:3037::ac43:d781, located in United States and belongs to CLOUDFLARENET, US. The main domain is rollsfirst.com.
TLS certificate: Issued by GTS CA 1P5 on April 1st 2024. Valid for: 3 months.
This is the only time rollsfirst.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
7 172.67.215.129 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
22 22 188.166.185.110 14061 (DIGITALOC...)
10 143.198.201.173 14061 (DIGITALOC...)
2 2607:f8b0:400... 15169 (GOOGLE)
8 143.198.198.194 14061 (DIGITALOC...)
4 165.232.165.130 14061 (DIGITALOC...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 149.56.240.27 16276 (OVH)
2 2607:f8b0:400... 15169 (GOOGLE)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 149.56.240.129 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
45 16
Apex Domain
Subdomains
Transfer
8 rollsfirst.com
rollsfirst.com
70 KB
4 histats.com
sstatic1.histats.com — Cisco Umbrella Rank: 51634
s10.histats.com — Cisco Umbrella Rank: 15493
5 KB
2 gstatic.com
fonts.gstatic.com
70 KB
2 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 15176
14 KB
2 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 11416
343 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 357
32 KB
2 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 389
71 KB
1 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3130
20 KB
45 8
Domain Requested by
8 rollsfirst.com rollsfirst.com
cdn.ampproject.org
3 sstatic1.histats.com rollsfirst.com
2 fonts.gstatic.com fonts.googleapis.com
2 1.bp.blogspot.com rollsfirst.com
2 blogger.googleusercontent.com rollsfirst.com
2 cdn.ampproject.org rollsfirst.com
1 s10.histats.com rollsfirst.com
1 ajax.googleapis.com rollsfirst.com
1 netdna.bootstrapcdn.com rollsfirst.com
1 fonts.googleapis.com rollsfirst.com
45 10

This site contains links to these domains. Also see Links.

Domain
188.166.181.224
play.google.com
ronangelo.com
Subject Issuer Validity Valid
rollsfirst.com
GTS CA 1P5
2024-04-01 -
2024-06-30
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
histats.com
R3
2024-02-16 -
2024-05-16
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
bootstrapcdn.com
GTS CA 1P5
2024-03-27 -
2024-06-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-13 -
2024-05-11
a year crt.sh

This page contains 3 frames:

Primary Page: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Frame ID: 17C11E4A6897676B79A6B68F48A226B0
Requests: 39 HTTP requests in this frame

Frame: https://rollsfirst.com/latest-result-hk/
Frame ID: 5DC782379B4135D9ADC148DB235B3630
Requests: 3 HTTP requests in this frame

Frame: https://rollsfirst.com/live-draw-hk/
Frame ID: 2A3344BC754A6F38B8D0FF98808346C2
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Live Draw Hongkong Pools – New Live Draw HK 6d Tercepat

Page URL History Show full URLs

  1. http://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv HTTP 307
    https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

51 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

16
IPs

4
Countries

10986 kB
Transfer

11431 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv HTTP 307
    https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://188.166.185.110/plustogel/728x90.php HTTP 302
  • https://143.198.201.173/plustogel/728x90.gif
Request Chain 7
  • https://188.166.185.110/luxtogel/728x90.php HTTP 302
  • https://143.198.201.173/luxtogel/728x90.gif
Request Chain 9
  • https://188.166.185.110/slotzeus/960x200.php HTTP 302
  • https://143.198.201.173/slotzeus/960x200.gif
Request Chain 10
  • https://188.166.185.110/hokitoto/960x200.php HTTP 302
  • https://143.198.201.173/hokitoto/960x200.gif
Request Chain 11
  • https://188.166.185.110/kingtogel/960x200.php HTTP 302
  • https://143.198.198.194/kingtogel/960x200.gif
Request Chain 12
  • https://188.166.185.110/royaltogel/960x200.php HTTP 302
  • https://165.232.165.130/royaltogel/960x200.gif
Request Chain 13
  • https://188.166.185.110/dotatogel/960x200.php HTTP 302
  • https://143.198.201.173/dotatogel/960x200.gif
Request Chain 14
  • https://188.166.185.110/bosstoto/960x200.php HTTP 302
  • https://143.198.198.194/bosstoto/960x200.gif
Request Chain 15
  • https://188.166.185.110/crown/728x90.php HTTP 302
  • https://143.198.198.194/crowntogel/728x90.gif
Request Chain 16
  • https://188.166.185.110/platinumslot/728x90.php HTTP 302
  • https://165.232.165.130/platinumslot/728x90.gif
Request Chain 17
  • https://188.166.185.110/oscar/728x90.php HTTP 302
  • https://143.198.198.194/oscartogel/728x90.gif
Request Chain 18
  • https://188.166.185.110/maxtoto/728x90.php HTTP 302
  • https://165.232.165.130/maxtoto/728x90.gif
Request Chain 19
  • https://188.166.185.110/mvptogel/728x90.php HTTP 302
  • https://143.198.201.173/mvptogel/728x90.gif
Request Chain 20
  • https://188.166.185.110/platinumtoto/728x90.php HTTP 302
  • https://143.198.198.194/platinumtoto/728x90.gif
Request Chain 21
  • https://188.166.185.110/viptoto/728x90.php HTTP 302
  • https://143.198.201.173/viptoto/728x90.gif
Request Chain 22
  • https://188.166.185.110/elitetogel/728x90.php HTTP 302
  • https://143.198.198.194/elitetogel/728x90.gif
Request Chain 23
  • https://188.166.185.110/djtogel/728x90.php HTTP 302
  • https://143.198.198.194/djtogel/728x90.gif
Request Chain 24
  • https://188.166.185.110/dotatogel/728x90.php HTTP 302
  • https://143.198.201.173/dotatogel/728x90.gif
Request Chain 25
  • https://188.166.185.110/autotogel/728x90.php HTTP 302
  • https://143.198.198.194/autotogel/728x90.gif
Request Chain 26
  • https://188.166.185.110/ktvtogel/728x90.php HTTP 302
  • https://143.198.201.173/ktvtogel/728x90.gif
Request Chain 31
  • https://188.166.185.110/bingotogel/728x90.php HTTP 302
  • https://165.232.165.130/bingotogel/728x90.gif
Request Chain 32
  • https://188.166.185.110/alitoto/728x90.php HTTP 302
  • https://143.198.201.173/alitoto/728x90.gif

45 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rollsfirst.com/
Redirect Chain
  • http://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
  • https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
57 KB
12 KB
Document
General
Full URL
https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.27
Resource Hash
55a020c703be548266f4da94ccb92e5fae6ebbd28624122dfea61a8bbe2c700d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86dc18d19caf09ce-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 01 Apr 2024 22:43:16 GMT
link
<https://rollsfirst.com/wp-json/>; rel="https://api.w.org/" <https://rollsfirst.com/wp-json/wp/v2/pages/25>; rel="alternate"; type="application/json" <https://rollsfirst.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tqkH4ZM9npOnrPDHbsM5CqihPe5o93h4Xa2sG0DD288iPg1sVJfxDHnUrNUSIOs0dCaoMQ68oqnKYI4tf4cx8NSsh8pFwA5vMGcMbIxRysGH3%2FTdfhj8klGCIwZ9T8gN8i082UgOIcvvY1zVxA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
amp_sanitizer;dur="161.5",amp_style_sanitizer;dur="72.2",amp_tag_and_attribute_sanitizer;dur="73.1",amp_optimizer;dur="41.1"
vary
Accept-Encoding
x-powered-by
PHP/8.1.27

Redirect headers

Location
https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Non-Authoritative-Reason
HttpsUpgrades
Genericons.eot
rollsfirst.com/wp-content/themes/frontier/includes/genericons/
0
0
Font
General
Full URL
https://rollsfirst.com/wp-content/themes/frontier/includes/genericons/Genericons.eot
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.27
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Origin
https://rollsfirst.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 22:43:18 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/8.1.27
server-timing
amp_sanitizer;dur="203.6",amp_style_sanitizer;dur="74.9",amp_tag_and_attribute_sanitizer;dur="115.2",amp_optimizer;dur="40.6"
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSWlr8nDegtteRM9o%2BcCXwnkiyfkT8mpTN%2B1Y3uXSGqQECv2A8WA7dFLe35AH7x6JSbsH89m%2FtLSH%2FEo4nZYyEZtHCnX6aA6rKIDdaxa%2FQPeDy5XB7qPGGMmSjCGq4BO8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://rollsfirst.com
cache-control
max-age=14400, must-revalidate
access-control-allow-credentials
true
cf-ray
86dc18db0cbe67ea-MIA
link
<https://rollsfirst.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
Genericons.woff
rollsfirst.com/wp-content/themes/frontier/includes/genericons/
14 KB
14 KB
Font
General
Full URL
https://rollsfirst.com/wp-content/themes/frontier/includes/genericons/Genericons.woff
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Origin
https://rollsfirst.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 22:43:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16910
alt-svc
h3=":443"; ma=86400
content-length
13988
last-modified
Mon, 23 Oct 2023 01:28:18 GMT
server
cloudflare
etag
"6535cc32-36a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a7HYvR44GFpVCThIkKbCbD9iYCuS9BU0nlWhLGaCoIqB1VdkSWQOgzG%2FVAR8sKDoclbn3xXDTo41J2zrFL5dXKKmHV9fnGk9m6BaFvjba7Tb6oWGs8ZnV8mko2i1XZbOKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
86dc18db1cc767ea-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Genericons.svg
rollsfirst.com/wp-content/themes/frontier/includes/genericons/
75 KB
23 KB
Font
General
Full URL
https://rollsfirst.com/wp-content/themes/frontier/includes/genericons/Genericons.svg
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306eb5338cdfb6df6b243aa37a8236bd291ec546c57bd8a439c0fc7aedc00534

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Origin
https://rollsfirst.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 22:43:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 01:54:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16910
etag
W/"6535d24c-12cb4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SsETbvh4TnElWtxnNOD9OGoU27dxBzgQWg6Uc5wxNMaQiGuI1JLZoNUNFy1Can1PTGfafFjeyrzwtHRXy5%2FY2akP%2FzeIFsEEHXzWXmwDmyu0YvCaPAEFAskEzT8L4cIKJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
86dc18db1cc967ea-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
v0.mjs
cdn.ampproject.org/
223 KB
63 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.mjs
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e426170a73bb21e384e0f268462a566bc6a20ab8b237a10724dbee57eaa00eb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rollsfirst.com/
Origin
https://rollsfirst.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 01 Apr 2024 22:43:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63668
x-xss-protection
0
server
sffe
etag
"2eb68c0ea1ae5ef9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 01 Apr 2024 22:43:16 GMT
amp-iframe-0.1.mjs
cdn.ampproject.org/v0/
20 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1059cbd436569b4d6e2a56ca21b1bbad4e5797ef7ea0a0b5d6e2beb07c52f91
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rollsfirst.com/
Origin
https://rollsfirst.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 01 Apr 2024 22:43:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7385
x-xss-protection
0
server
sffe
etag
"97bc6cf0619854ed"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 01 Apr 2024 22:43:16 GMT
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.3
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
273b46a6c993072c6580fe2e338fb7a70bd89900fd02ab8614c818757a77f71e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rollsfirst.com/
Origin
https://rollsfirst.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Apr 2024 22:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Apr 2024 22:41:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Apr 2024 22:43:16 GMT
728x90.gif
143.198.201.173/plustogel/
Redirect Chain
  • https://188.166.185.110/plustogel/728x90.php
  • https://143.198.201.173/plustogel/728x90.gif
454 KB
454 KB
Image
General
Full URL
https://143.198.201.173/plustogel/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.201.173 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6ed4f7b1c51869dcd0a3c0fe0babdf9312acded348d688463cdc9cbdef64258f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:18 GMT
Last-Modified
Fri, 08 Mar 2024 05:48:33 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65eaa6b1-7189d"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
465053

Redirect headers

location
https://143.198.201.173/plustogel/728x90.gif
Date
Mon, 01 Apr 2024 22:43:17 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
143.198.201.173/luxtogel/
Redirect Chain
  • https://188.166.185.110/luxtogel/728x90.php
  • https://143.198.201.173/luxtogel/728x90.gif
207 KB
208 KB
Image
General
Full URL
https://143.198.201.173/luxtogel/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.201.173 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bc2840f8ecb9645b22e4cc9cd8b19fc2701c32c9e357f8ed146a265f781ba27c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:18 GMT
Last-Modified
Sun, 03 Mar 2024 05:44:13 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65e40e2d-33db5"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
212405

Redirect headers

location
https://143.198.201.173/luxtogel/728x90.gif
Date
Mon, 01 Apr 2024 22:43:17 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
newlivedrawhk.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiObhjv9i99lzHpyxxYJTiIpmiutWbM9_XGiOxRdGqaJsRVWkL4UvweAooWAJh5AlAsByqPCB8jOP_vDgsH3X7JHjivyYtXaed9hwktGd6qxnytjGJDWGBBe4gBNL22lT9QpjHJQXK4jqI_BLQ...
24 KB
24 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiObhjv9i99lzHpyxxYJTiIpmiutWbM9_XGiOxRdGqaJsRVWkL4UvweAooWAJh5AlAsByqPCB8jOP_vDgsH3X7JHjivyYtXaed9hwktGd6qxnytjGJDWGBBe4gBNL22lT9QpjHJQXK4jqI_BLQ_p37Qd36TaQV39CDKb757wuBScaNR_S50Z3Bv-9aQA/w162-h41/newlivedrawhk.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1c21f1750ab5e3eafa66ae57a0ee66a319b856dbea2a5a7d9f157a9fee9cb2fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rollsfirst.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 22:43:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v365"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="newlivedrawhk.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24754
x-xss-protection
0
expires
Tue, 02 Apr 2024 22:43:16 GMT
960x200.gif
143.198.201.173/slotzeus/
Redirect Chain
  • https://188.166.185.110/slotzeus/960x200.php
  • https://143.198.201.173/slotzeus/960x200.gif
468 KB
469 KB
Image
General
Full URL
https://143.198.201.173/slotzeus/960x200.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.201.173 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
002ee979994eed4808d60d0eb59a1c039771f5274232ff2e8d342c8167755702

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:18 GMT
Last-Modified
Wed, 11 Oct 2023 12:07:55 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6526901b-751cb"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
479691

Redirect headers

location
https://143.198.201.173/slotzeus/960x200.gif
Date
Mon, 01 Apr 2024 22:43:17 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
960x200.gif
143.198.201.173/hokitoto/
Redirect Chain
  • https://188.166.185.110/hokitoto/960x200.php
  • https://143.198.201.173/hokitoto/960x200.gif
627 KB
627 KB
Image
General
Full URL
https://143.198.201.173/hokitoto/960x200.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.201.173 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4aa15e766b7fa1e3d46be963674b0adbe28e35d8dfa93f7ae77da055f7a38804

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:18 GMT
Last-Modified
Wed, 11 Oct 2023 12:07:56 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6526901c-9cb33"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
641843

Redirect headers

location
https://143.198.201.173/hokitoto/960x200.gif
Date
Mon, 01 Apr 2024 22:43:17 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
960x200.gif
143.198.198.194/kingtogel/
Redirect Chain
  • https://188.166.185.110/kingtogel/960x200.php
  • https://143.198.198.194/kingtogel/960x200.gif
496 KB
496 KB
Image
General
Full URL
https://143.198.198.194/kingtogel/960x200.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.198.194 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
286d59031e4950ffc7948f98fee211756dce8b9c69818d9d741ba7f1fb893c50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:18 GMT
Last-Modified
Mon, 25 Mar 2024 11:26:07 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66015f4f-7c0a7"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
508071

Redirect headers

location
https://143.198.198.194/kingtogel/960x200.gif
Date
Mon, 01 Apr 2024 22:43:17 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
960x200.gif
165.232.165.130/royaltogel/
Redirect Chain
  • https://188.166.185.110/royaltogel/960x200.php
  • https://165.232.165.130/royaltogel/960x200.gif
606 KB
606 KB
Image
General
Full URL
https://165.232.165.130/royaltogel/960x200.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
165.232.165.130 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0a8c95e12ebf8c075d81744ad4e7f35edffb9c60adaf87fe2cf5832e053c2b42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:18 GMT
Last-Modified
Tue, 05 Mar 2024 08:47:05 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65e6dc09-9777a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
620410

Redirect headers

location
https://165.232.165.130/royaltogel/960x200.gif
Date
Mon, 01 Apr 2024 22:43:17 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
960x200.gif
143.198.201.173/dotatogel/
Redirect Chain
  • https://188.166.185.110/dotatogel/960x200.php
  • https://143.198.201.173/dotatogel/960x200.gif
1 MB
1 MB
Image
General
Full URL
https://143.198.201.173/dotatogel/960x200.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.201.173 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
865c62c85f09c1c842e82eb666b744c713d7dda77be1f1352172302c08f1f638

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:17 GMT
Last-Modified
Tue, 13 Feb 2024 05:33:46 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65caff3a-103426"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
1061926

Redirect headers

location
https://143.198.201.173/dotatogel/960x200.gif
Date
Mon, 01 Apr 2024 22:43:17 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
960x200.gif
143.198.198.194/bosstoto/
Redirect Chain
  • https://188.166.185.110/bosstoto/960x200.php
  • https://143.198.198.194/bosstoto/960x200.gif
730 KB
730 KB
Image
General
Full URL
https://143.198.198.194/bosstoto/960x200.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.198.194 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fe25cf4b9135766e530e8d36a50cce840408750ec4f91a57081e2e64f4470520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:17 GMT
Last-Modified
Thu, 07 Mar 2024 06:41:31 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65e9619b-b67af"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
747439

Redirect headers

location
https://143.198.198.194/bosstoto/960x200.gif
Date
Mon, 01 Apr 2024 22:43:17 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
143.198.198.194/crowntogel/
Redirect Chain
  • https://188.166.185.110/crown/728x90.php
  • https://143.198.198.194/crowntogel/728x90.gif
360 KB
360 KB
Image
General
Full URL
https://143.198.198.194/crowntogel/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.198.194 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6eac9f1db05fa4236b14eb1934cf4e26fff96a250e0ac356c19bb8ec66859223

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:17 GMT
Last-Modified
Tue, 13 Feb 2024 05:34:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65caff7b-59e84"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
368260

Redirect headers

location
https://143.198.198.194/crowntogel/728x90.gif
Date
Mon, 01 Apr 2024 22:43:17 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
165.232.165.130/platinumslot/
Redirect Chain
  • https://188.166.185.110/platinumslot/728x90.php
  • https://165.232.165.130/platinumslot/728x90.gif
451 KB
451 KB
Image
General
Full URL
https://165.232.165.130/platinumslot/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
165.232.165.130 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
50d29ba3ebb6bae4d501e5a0af3cc553bc578623d7e0a747f1e909ba6bb7e801

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:17 GMT
Last-Modified
Sat, 23 Mar 2024 08:29:18 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65fe92de-70c9f"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
461983

Redirect headers

location
https://165.232.165.130/platinumslot/728x90.gif
Date
Mon, 01 Apr 2024 22:43:17 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
143.198.198.194/oscartogel/
Redirect Chain
  • https://188.166.185.110/oscar/728x90.php
  • https://143.198.198.194/oscartogel/728x90.gif
550 KB
551 KB
Image
General
Full URL
https://143.198.198.194/oscartogel/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.198.194 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
77820aa5efbc0bfae88770390d9d708b17743f8e3c0947b843748b712611e55a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:20 GMT
Last-Modified
Sun, 03 Mar 2024 08:21:10 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65e432f6-89906"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
563462

Redirect headers

location
https://143.198.198.194/oscartogel/728x90.gif
Date
Mon, 01 Apr 2024 22:43:19 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
165.232.165.130/maxtoto/
Redirect Chain
  • https://188.166.185.110/maxtoto/728x90.php
  • https://165.232.165.130/maxtoto/728x90.gif
513 KB
513 KB
Image
General
Full URL
https://165.232.165.130/maxtoto/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
165.232.165.130 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e851c5c1109c2134e911ace2ca667d77c67b9f90c70e2ab065753bcba793dc0b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:20 GMT
Last-Modified
Thu, 07 Mar 2024 08:29:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65e97b05-80319"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
525081

Redirect headers

location
https://165.232.165.130/maxtoto/728x90.gif
Date
Mon, 01 Apr 2024 22:43:19 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
143.198.201.173/mvptogel/
Redirect Chain
  • https://188.166.185.110/mvptogel/728x90.php
  • https://143.198.201.173/mvptogel/728x90.gif
355 KB
355 KB
Image
General
Full URL
https://143.198.201.173/mvptogel/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.201.173 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1d066bf7e84b1b71aeae271ed641770f2195859910bbaa4c8f9db76f7aab6094

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:20 GMT
Last-Modified
Sat, 02 Mar 2024 07:37:36 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65e2d740-58ca6"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
363686

Redirect headers

location
https://143.198.201.173/mvptogel/728x90.gif
Date
Mon, 01 Apr 2024 22:43:19 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
143.198.198.194/platinumtoto/
Redirect Chain
  • https://188.166.185.110/platinumtoto/728x90.php
  • https://143.198.198.194/platinumtoto/728x90.gif
242 KB
242 KB
Image
General
Full URL
https://143.198.198.194/platinumtoto/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.198.194 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
174ad8ac7fffc47867615677408862a2b609ad2dd95225c60fdbf008325849a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:20 GMT
Last-Modified
Mon, 04 Mar 2024 06:01:35 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65e563bf-3c83b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
247867

Redirect headers

location
https://143.198.198.194/platinumtoto/728x90.gif
Date
Mon, 01 Apr 2024 22:43:20 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
143.198.201.173/viptoto/
Redirect Chain
  • https://188.166.185.110/viptoto/728x90.php
  • https://143.198.201.173/viptoto/728x90.gif
458 KB
458 KB
Image
General
Full URL
https://143.198.201.173/viptoto/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.201.173 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2382d94d4c927525249139fd445b28967d2c2fb2643dda966af1979effdacf22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:20 GMT
Last-Modified
Thu, 07 Mar 2024 06:45:31 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65e9628b-7261b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
468507

Redirect headers

location
https://143.198.201.173/viptoto/728x90.gif
Date
Mon, 01 Apr 2024 22:43:20 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
143.198.198.194/elitetogel/
Redirect Chain
  • https://188.166.185.110/elitetogel/728x90.php
  • https://143.198.198.194/elitetogel/728x90.gif
386 KB
386 KB
Image
General
Full URL
https://143.198.198.194/elitetogel/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.198.194 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4c34c977fb2d60d249d7b10eeffaabf634645a72e23698a56cb909a91db37c8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:20 GMT
Last-Modified
Tue, 13 Feb 2024 07:34:39 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65cb1b8f-608cc"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
395468

Redirect headers

location
https://143.198.198.194/elitetogel/728x90.gif
Date
Mon, 01 Apr 2024 22:43:20 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
143.198.198.194/djtogel/
Redirect Chain
  • https://188.166.185.110/djtogel/728x90.php
  • https://143.198.198.194/djtogel/728x90.gif
217 KB
218 KB
Image
General
Full URL
https://143.198.198.194/djtogel/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.198.194 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
275aad6a6ad5202dd2b59d4b5362ec70a6386b919de742ccda56a2d3815f122d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:21 GMT
Last-Modified
Tue, 13 Feb 2024 05:34:38 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65caff6e-36521"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
222497

Redirect headers

location
https://143.198.198.194/djtogel/728x90.gif
Date
Mon, 01 Apr 2024 22:43:20 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
143.198.201.173/dotatogel/
Redirect Chain
  • https://188.166.185.110/dotatogel/728x90.php
  • https://143.198.201.173/dotatogel/728x90.gif
553 KB
553 KB
Image
General
Full URL
https://143.198.201.173/dotatogel/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.201.173 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
34f1377e386716222f0f6e89ad293fd3dc983dd79b8c9fd988966a190726990d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:21 GMT
Last-Modified
Tue, 13 Feb 2024 05:33:46 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65caff3a-8a43a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
566330

Redirect headers

location
https://143.198.201.173/dotatogel/728x90.gif
Date
Mon, 01 Apr 2024 22:43:21 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
143.198.198.194/autotogel/
Redirect Chain
  • https://188.166.185.110/autotogel/728x90.php
  • https://143.198.198.194/autotogel/728x90.gif
270 KB
270 KB
Image
General
Full URL
https://143.198.198.194/autotogel/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.198.194 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0e04b21c39e540b1d6c62592cef48758099123a81c37c2351f9f054e8a8b984e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:21 GMT
Last-Modified
Tue, 13 Feb 2024 05:35:19 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65caff97-4371c"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
276252

Redirect headers

location
https://143.198.198.194/autotogel/728x90.gif
Date
Mon, 01 Apr 2024 22:43:21 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
143.198.201.173/ktvtogel/
Redirect Chain
  • https://188.166.185.110/ktvtogel/728x90.php
  • https://143.198.201.173/ktvtogel/728x90.gif
500 KB
500 KB
Image
General
Full URL
https://143.198.201.173/ktvtogel/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.201.173 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ef5286c0c92b940af7c4097ad3356ab37f7e60bcf68aa1be6adf873deeef9287

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:21 GMT
Last-Modified
Wed, 14 Feb 2024 09:10:14 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65cc8376-7cf17"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
511767

Redirect headers

location
https://143.198.201.173/ktvtogel/728x90.gif
Date
Mon, 01 Apr 2024 22:43:21 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
playstore.png
1.bp.blogspot.com/-cNL5WM9ilLw/YUNLghL2hQI/AAAAAAAAAp4/JUUBVSVk8AEk0vFa7NCnGNfFyPt2M3sqgCLcBGAsYHQ/s320/
13 KB
14 KB
Image
General
Full URL
https://1.bp.blogspot.com/-cNL5WM9ilLw/YUNLghL2hQI/AAAAAAAAAp4/JUUBVSVk8AEk0vFa7NCnGNfFyPt2M3sqgCLcBGAsYHQ/s320/playstore.png
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5bdcd78c57dd2c961e411fc4b55a213744ebf5d2bd27e3c3f631bc1c9aa72315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rollsfirst.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 20:07:32 GMT
x-content-type-options
nosniff
age
9344
content-disposition
inline;filename="playstore.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13673
x-xss-protection
0
server
fife
etag
"v2a0"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 02 Apr 2024 20:07:32 GMT
Bosstoto%20(1).gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTSFz82rwmyrPwVZQLr6TZeAKYqHLRWH2g9Af6gl73rO7RLD929VFRxJlXmJXY2_ai6Pcl875j3jY7R3UiCcJmupjDPgsxaO-eki0J4xZw9UJ9FgrNbXtRgeP1HZNWo5l2YYJK-Ro5N-2kyBRV...
318 KB
318 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTSFz82rwmyrPwVZQLr6TZeAKYqHLRWH2g9Af6gl73rO7RLD929VFRxJlXmJXY2_ai6Pcl875j3jY7R3UiCcJmupjDPgsxaO-eki0J4xZw9UJ9FgrNbXtRgeP1HZNWo5l2YYJK-Ro5N-2kyBRVaAefWmSGC3mGeO-xrEow1jR3AfqxIoxzR-b559j8Tw/w151-h151/Bosstoto%20(1).gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
45b87214db43a1216e582225e1bf828548e602c9a9a40aa25cee88375753899f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rollsfirst.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 22:43:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v349"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Bosstoto (1).gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
325462
x-xss-protection
0
expires
Tue, 02 Apr 2024 22:43:16 GMT
0.gif
sstatic1.histats.com/
43 B
163 B
Image
General
Full URL
https://sstatic1.histats.com/0.gif?4209788&101
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.27 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534106.ip-149-56-240.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rollsfirst.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Apr 2024 22:43:16 GMT
Connection
close
Content-Length
43
Content-Type
image/gif
btn_close.gif
1.bp.blogspot.com/-r9QzeqmnXNs/YBPSDHyPfmI/AAAAAAAAAVo/Qz3Tb0_9VaQSx21ULTkeHUwtr5NVBy7lwCLcBGAsYHQ/s0/
354 B
483 B
Image
General
Full URL
https://1.bp.blogspot.com/-r9QzeqmnXNs/YBPSDHyPfmI/AAAAAAAAAVo/Qz3Tb0_9VaQSx21ULTkeHUwtr5NVBy7lwCLcBGAsYHQ/s0/btn_close.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
61a00380733557bdf076f52f44f08f036131d7529ea14c53580388324e8756e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rollsfirst.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 20:06:20 GMT
x-content-type-options
nosniff
age
9416
content-disposition
inline;filename="btn_close.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
354
x-xss-protection
0
server
fife
etag
"v15f"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 02 Apr 2024 20:06:20 GMT
728x90.gif
165.232.165.130/bingotogel/
Redirect Chain
  • https://188.166.185.110/bingotogel/728x90.php
  • https://165.232.165.130/bingotogel/728x90.gif
570 KB
570 KB
Image
General
Full URL
https://165.232.165.130/bingotogel/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
165.232.165.130 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bc47e6dfac8a5667c47df15d6a3c99262d16b431d4723f6a47ec2721dc132dad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:17 GMT
Last-Modified
Tue, 13 Feb 2024 04:40:34 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65caf2c2-8e648"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
583240

Redirect headers

location
https://165.232.165.130/bingotogel/728x90.gif
Date
Mon, 01 Apr 2024 22:43:17 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
143.198.201.173/alitoto/
Redirect Chain
  • https://188.166.185.110/alitoto/728x90.php
  • https://143.198.201.173/alitoto/728x90.gif
304 KB
304 KB
Image
General
Full URL
https://143.198.201.173/alitoto/728x90.gif
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Server
143.198.201.173 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9f0daaff8f0ca758fe58121a8ca3c413c4cdea539d9e9fa142121fba18133d95

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rollsfirst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 22:43:17 GMT
Last-Modified
Sat, 23 Mar 2024 06:53:44 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65fe7c78-4c041"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
311361

Redirect headers

location
https://143.198.201.173/alitoto/728x90.gif
Date
Mon, 01 Apr 2024 22:43:17 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
0.gif
sstatic1.histats.com/
43 B
163 B
Image
General
Full URL
https://sstatic1.histats.com/0.gif?4230022&101
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.27 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534106.ip-149-56-240.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rollsfirst.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Apr 2024 22:43:16 GMT
Connection
close
Content-Length
43
Content-Type
image/gif
truncated
/
80 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
812310563718d7b071ab17eb94aa4daee0bf2e6c986357b8cf5b898319c57536

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://rollsfirst.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:32:46 GMT
x-content-type-options
nosniff
age
429030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Mar 2025 23:32:46 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://rollsfirst.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 22:37:09 GMT
x-content-type-options
nosniff
age
367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20040
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Apr 2025 22:37:09 GMT
/
rollsfirst.com/latest-result-hk/ Frame 5DC7
9 KB
1 KB
Document
General
Full URL
https://rollsfirst.com/latest-result-hk/
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.27
Resource Hash
ec6e997bdade1e5e8836ccf3827eda0de86d27c6b09f4594cd78fbeb55080292

Request headers

Referer
https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86dc18debb5967ea-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 01 Apr 2024 22:43:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3B5vqnANyyGOpUxzt1bf%2FZubNMSBKy4beAwRqUyjE0SMPp0QVrCmuygxAKTeSFKMqSvR4%2FjrhE76BrSfzgNb6H0lX2GGUKPGKgwGavBKvhTS9Avlb%2Bhj0SJegFKwWq3P9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.1.27
/
rollsfirst.com/live-draw-hk/ Frame 2A33
8 KB
2 KB
Document
General
Full URL
https://rollsfirst.com/live-draw-hk/
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.27
Resource Hash
569a8a3183dcfbd63567e52142f392c249dc49c3f7577b155b36e9ed9291633d

Request headers

Referer
https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86dc18decb7c67ea-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 01 Apr 2024 22:43:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lHERVXdlpOmtE4e9r45XKdrCMVvZ91Lg%2B%2Bg4iCezZFw3pyLw2fKy73jPBCLPnYIaOUFpCtvC%2F4gAGxaXt%2FTHLvm6Q%2FY7FnxrLg7K6AzZyggOSeIUof1TkkAa1SDJbS0j9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.1.27
bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame 5DC7
118 KB
20 KB
Stylesheet
General
Full URL
https://netdna.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/latest-result-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 22:43:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
976
age
2944737
cdn-cachedat
10/31/2023 19:08:20
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1cd380a8386f1d0811478448dacbc13e
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
86dc18e3ab619acb-MIA
cdn-requestpullsuccess
True
0.gif
sstatic1.histats.com/ Frame 5DC7
43 B
163 B
Image
General
Full URL
https://sstatic1.histats.com/0.gif?4230022&101
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/latest-result-hk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534297.ip-149-56-240.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Apr 2024 22:43:17 GMT
Connection
close
Content-Length
43
Content-Type
image/gif
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 2A33
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/live-draw-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 14:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 14:13:54 GMT
logo.webp
rollsfirst.com/live-draw-hk/ Frame 2A33
14 KB
15 KB
Image
General
Full URL
https://rollsfirst.com/live-draw-hk/logo.webp
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/live-draw-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23caa962804309a8cb3b8ed3a96cf965d1954de24640df7cc61b309ad6396009

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 22:43:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3467
alt-svc
h3=":443"; ma=86400
content-length
14790
last-modified
Mon, 01 Apr 2024 17:55:32 GMT
server
cloudflare
etag
"660af514-39c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ka%2Fmqhdt%2FT8SL1gPvmBpgZ12s4XwPIYmtaN6JQdhM0RuVZjjbMO6vTgPE72aAi5UeV8j3SgvlnmMjC2kozY6AXETzB6oPwipVoDWJnB%2BZHdte3CLAIvaUacBjMb6lE%2BS%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
86dc18e44e82498c-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
js15_as.js
s10.histats.com/ Frame 2A33
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: rollsfirst.com
URL: https://rollsfirst.com/live-draw-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4273 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 22:43:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
57826
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
86dc18e66fce747b-MIA
content-length
4547
favicon.ico
rollsfirst.com/
4 KB
2 KB
Other
General
Full URL
https://rollsfirst.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4818348958f810400e17aae275aed2c9d8d5e3e617cf6a3bdb722013e3bb4286

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 22:43:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 02:04:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8478
etag
W/"6537263e-10be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0MOosQK2c070Gcxxy7%2BFHhyjxrz0fzYenxnDTUBhk6amx6PvaU9YlGLy8aOfvOchPpvYfv%2Bg%2Bw9y%2B3N%2FOCuybJM2WX8gtmKVAmpqVe7E%2BybKFMrl4wRk6oNEZNwAjG41g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=315360000
cf-ray
86dc190d5e8b67ea-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onpagereveal object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_MODE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| listeningFors

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://rollsfirst.com/wp-content/themes/frontier/includes/genericons/Genericons.eot
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Message:
The resource https://rollsfirst.com/wp-content/themes/frontier/includes/genericons/Genericons.eot was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://rollsfirst.com/?s1=abl1&s5=yk78rdx54ycg103jideadn56kh30pv
Message:
The resource https://rollsfirst.com/wp-content/themes/frontier/includes/genericons/Genericons.svg#Genericons was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ajax.googleapis.com
blogger.googleusercontent.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
netdna.bootstrapcdn.com
rollsfirst.com
s10.histats.com
sstatic1.histats.com
104.18.11.207
143.198.198.194
143.198.201.173
149.56.240.129
149.56.240.27
165.232.165.130
172.67.215.129
188.166.185.110
2606:4700:10::6814:4273
2606:4700:3037::ac43:d781
2607:f8b0:4006:806::2001
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81f::2001
2607:f8b0:4006:820::2003
2607:f8b0:4006:822::200a
002ee979994eed4808d60d0eb59a1c039771f5274232ff2e8d342c8167755702
0a8c95e12ebf8c075d81744ad4e7f35edffb9c60adaf87fe2cf5832e053c2b42
0e04b21c39e540b1d6c62592cef48758099123a81c37c2351f9f054e8a8b984e
174ad8ac7fffc47867615677408862a2b609ad2dd95225c60fdbf008325849a7
1c21f1750ab5e3eafa66ae57a0ee66a319b856dbea2a5a7d9f157a9fee9cb2fd
1d066bf7e84b1b71aeae271ed641770f2195859910bbaa4c8f9db76f7aab6094
2382d94d4c927525249139fd445b28967d2c2fb2643dda966af1979effdacf22
23caa962804309a8cb3b8ed3a96cf965d1954de24640df7cc61b309ad6396009
273b46a6c993072c6580fe2e338fb7a70bd89900fd02ab8614c818757a77f71e
275aad6a6ad5202dd2b59d4b5362ec70a6386b919de742ccda56a2d3815f122d
286d59031e4950ffc7948f98fee211756dce8b9c69818d9d741ba7f1fb893c50
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e426170a73bb21e384e0f268462a566bc6a20ab8b237a10724dbee57eaa00eb
306eb5338cdfb6df6b243aa37a8236bd291ec546c57bd8a439c0fc7aedc00534
34f1377e386716222f0f6e89ad293fd3dc983dd79b8c9fd988966a190726990d
45b87214db43a1216e582225e1bf828548e602c9a9a40aa25cee88375753899f
4818348958f810400e17aae275aed2c9d8d5e3e617cf6a3bdb722013e3bb4286
4aa15e766b7fa1e3d46be963674b0adbe28e35d8dfa93f7ae77da055f7a38804
4c34c977fb2d60d249d7b10eeffaabf634645a72e23698a56cb909a91db37c8a
50d29ba3ebb6bae4d501e5a0af3cc553bc578623d7e0a747f1e909ba6bb7e801
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
55a020c703be548266f4da94ccb92e5fae6ebbd28624122dfea61a8bbe2c700d
569a8a3183dcfbd63567e52142f392c249dc49c3f7577b155b36e9ed9291633d
5bdcd78c57dd2c961e411fc4b55a213744ebf5d2bd27e3c3f631bc1c9aa72315
61a00380733557bdf076f52f44f08f036131d7529ea14c53580388324e8756e0
6eac9f1db05fa4236b14eb1934cf4e26fff96a250e0ac356c19bb8ec66859223
6ed4f7b1c51869dcd0a3c0fe0babdf9312acded348d688463cdc9cbdef64258f
77820aa5efbc0bfae88770390d9d708b17743f8e3c0947b843748b712611e55a
812310563718d7b071ab17eb94aa4daee0bf2e6c986357b8cf5b898319c57536
865c62c85f09c1c842e82eb666b744c713d7dda77be1f1352172302c08f1f638
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
9f0daaff8f0ca758fe58121a8ca3c413c4cdea539d9e9fa142121fba18133d95
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
bc2840f8ecb9645b22e4cc9cd8b19fc2701c32c9e357f8ed146a265f781ba27c
bc47e6dfac8a5667c47df15d6a3c99262d16b431d4723f6a47ec2721dc132dad
e1059cbd436569b4d6e2a56ca21b1bbad4e5797ef7ea0a0b5d6e2beb07c52f91
e851c5c1109c2134e911ace2ca667d77c67b9f90c70e2ab065753bcba793dc0b
ec6e997bdade1e5e8836ccf3827eda0de86d27c6b09f4594cd78fbeb55080292
ef5286c0c92b940af7c4097ad3356ab37f7e60bcf68aa1be6adf873deeef9287
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe25cf4b9135766e530e8d36a50cce840408750ec4f91a57081e2e64f4470520