urlscan.io logo urlscan.io
SecurityTrails logo

xrp.ofrealfaucetnotimer.com Open in urlscan Pro
2a02:4780:3:602:0:383f:86ca:5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xrp.ofrealfaucetnotimer.com/
Effective URL: https://xrp.ofrealfaucetnotimer.com/
Submission: On November 05 via api from US — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 9 domains to perform 84 HTTP transactions. The main IP is 2a02:4780:3:602:0:383f:86ca:5, located in Singapore, Singapore and belongs to AS-HOSTINGER, CY. The main domain is xrp.ofrealfaucetnotimer.com.
TLS certificate: Issued by R3 on October 6th 2023. Valid for: 3 months.
This is the only time xrp.ofrealfaucetnotimer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    2a02:4780:3:602:0:383f:86ca:5 (Singapore, Singapore)

ASN47583 (AS-HOSTINGER, CY)
xrp.ofrealfaucetnotimer.com
16    2404:6800:4003:c1c::9c (Singapore, Singapore)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2606:4700:3035::6815:17da (United States)

ASN13335 (CLOUDFLARENET, US)
cryptocoinsad.com
9    2404:6800:4003:c04::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
14    2404:6800:4003:c00::66 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
7    2404:6800:4003:c0f::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2404:6800:4003:c05::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2404:6800:4003:c0f::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    2404:6800:4005:811::2003 (Hong Kong)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2404:6800:4003:c01::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    64.233.170.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f154.1e100.net
bid.g.doubleclick.net
1    2404:6800:4003:c04::65 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2404:6800:4003:14::a (Singapore, Singapore)

ASN15169 (GOOGLE, US)
r5---sn-npoldne7.c.2mdn.net
1    2404:6800:4003:c1a::6a (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.google.com
3    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
ade.googlesyndication.com
1    142.251.175.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f155.1e100.net
googleads4.g.doubleclick.net
3    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
cm.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
26 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
ade.googlesyndication.com — Cisco Umbrella Rank: 301
333 KB
18 ofrealfaucetnotimer.com
xrp.ofrealfaucetnotimer.com
651 KB
15 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359
www.google.com — Cisco Umbrella Rank: 2
65 KB
12 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
bid.g.doubleclick.net — Cisco Umbrella Rank: 802
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
57 KB
7 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
3 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
2 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1173
r5---sn-npoldne7.c.2mdn.net — Cisco Umbrella Rank: 419958
7 MB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
134 KB
3 cryptocoinsad.com
cryptocoinsad.com — Cisco Umbrella Rank: 375055
604 KB
84 9
Domain Requested by
18 xrp.ofrealfaucetnotimer.com 1 redirects xrp.ofrealfaucetnotimer.com
16 pagead2.googlesyndication.com xrp.ofrealfaucetnotimer.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
9 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 csi.gstatic.com imasdk.googleapis.com
3 dsum-sec.casalemedia.com 2 redirects
3 ade.googlesyndication.com
3 cryptocoinsad.com xrp.ofrealfaucetnotimer.com
cryptocoinsad.com
2 r5---sn-npoldne7.c.2mdn.net
2 fonts.gstatic.com fonts.googleapis.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
1 cm.g.doubleclick.net 1 redirects
1 googleads4.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 fonts.googleapis.com googleads.g.doubleclick.net
84 18

This site contains links to these domains. Also see Links.

Domain
tribuncrypto.com
Subject Issuer Validity Valid
xrp.ofrealfaucetnotimer.com
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
cryptocoinsad.com
GTS CA 1P5		 2023-10-30 -
2024-01-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-10-10 -
2023-12-19		 2 months crt.sh

This page contains 8 frames:

Primary Page: https://xrp.ofrealfaucetnotimer.com/
Frame ID: FA7D4F94F92CAB4953B4CBFF824E072B
Requests: 40 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show.php?a=255980&b=396685
Frame ID: 13BDB9122D8EB9E05397550A0DFA05AF
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: 29B3C28325721010DCDA668F1A742590
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&adk=1812271804&adf=3025194257&lmt=1699183501&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501552&bpp=6&bdt=234&idt=108&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2550799360365&frm=20&pv=2&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=134
Frame ID: 9B33CC278B21E8A043F1EFDA96A7617F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&h=280&slotname=6480709254&adk=2592847289&adf=706112516&pi=t.ma~as.6480709254&w=475&fwrn=4&fwrnh=100&lmt=1699183501&rafmt=1&format=475x280&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501558&bpp=1&bdt=240&idt=144&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2550799360365&frm=20&pv=1&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=895&ady=31&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=FdeQVdqWRT&p=https%3A//xrp.ofrealfaucetnotimer.com&dtd=149
Frame ID: DD614E3546C782D84807ACA86CB5484C
Requests: 32 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: ECAE910B0F21CA95C791CF3D0A922412
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1B74485ED2CDFFC902775A2EADA5008E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6F3D3C4E0347AF6B97EF1413BD690879
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | XRP MINING

Page URL History Show full URLs

  1. http://xrp.ofrealfaucetnotimer.com/ HTTP 301
    https://xrp.ofrealfaucetnotimer.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

98 %
HTTPS

72 %
IPv6

9
Domains

18
Subdomains

17
IPs

3
Countries

9066 kB
Transfer

11245 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xrp.ofrealfaucetnotimer.com/ HTTP 301
    https://xrp.ofrealfaucetnotimer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://gcdn.2mdn.net/videoplayback/id/21ab5e4feddc9522/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730719502/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/83C2A03F3A7F0EF32884406C6578E4FA5BF08E81.052A5CC8E32802958D72F1C0A93C99C28C70BEBF/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-npoldne7.c.2mdn.net/videoplayback/id/21ab5e4feddc9522/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730719502/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/672C894C0F44B24F7AEC5C0A787B85119FF84D7E.506BC3DF355146BCCF5BC852016BAD97A31096FD/key/cms1/cms_redirect/yes/mh/gL/mip/2001:df1:800:a00a:12::9/mm/42/mn/sn-npoldne7/ms/onc/mt/1699182960/mv/u/mvi/5/pl/62/file/file.mp4
Request Chain 59
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-znAIQluisAhjHiKr8ASABMAE&v=APEucNVpQZ5i4IR3I7yktUdQmi3wuS1FPyrUZKVvacKp3iy2xeNcvRNSzWL8YWWzk0mFs2HHyJtVRs9K3ca63dsA9YqwAGdc-pUZ2UP8TxwQFueBv0C30PA HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUd7jnprpxK5rrNvOP-M8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxJ8JzUi8dy82ms7oPF7Kw&google_cver=1

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xrp.ofrealfaucetnotimer.com/
Redirect Chain
  • http://xrp.ofrealfaucetnotimer.com/
  • https://xrp.ofrealfaucetnotimer.com/
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.3.33
Resource Hash
07829d07ca1b2956bba554902f1250be73686eda59d57bf16bdfd6b65996c341
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
4788
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 11:25:01 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
platform
hostinger
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.3.33

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Sun, 05 Nov 2023 11:25:01 GMT
location
https://xrp.ofrealfaucetnotimer.com/
platform
hostinger
server
LiteSpeed
custom.css
xrp.ofrealfaucetnotimer.com/BSassets/css/ 		311 B
287 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/BSassets/css/custom.css
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2a600c66ad314ec87a79aa8be19103b39e68d856870161c69d3a160df24f0b6a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:39 GMT
server
LiteSpeed
etag
"137-64817ab7-e1d62172c7cb983e;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
148
expires
Sun, 12 Nov 2023 11:25:01 GMT
sweetalert.min.js
xrp.ofrealfaucetnotimer.com/assets/js/webjs/ 		71 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/assets/js/webjs/sweetalert.min.js
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
26c6b253d74f84feade601e3155b6dea6655e6838dfdd9f0499f9a1387c5bf46
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:38 GMT
server
LiteSpeed
etag
"11c9a-64817ab6-a393c9a60dc58846;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
18313
expires
Sun, 12 Nov 2023 11:25:01 GMT
vendor.bundle.css
xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/ 		329 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/vendor.bundle.css
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2058565d4e59b504a62266f8b8d604154f6a27f0a6791e58fafd9e15d114ca80
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:38 GMT
server
LiteSpeed
etag
"523c8-64817ab6-e97a995c599fc09;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
44462
expires
Sun, 12 Nov 2023 11:25:01 GMT
style-muscari.css
xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/ 		295 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/style-muscari.css
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
77c4b18091b677aeef1d2e5d85751d17d1de1b25525aad309f9e3e10de9e319e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:38 GMT
server
LiteSpeed
etag
"49a3e-64817ab6-cdeb45e9151974f5;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
45301
expires
Sun, 12 Nov 2023 11:25:01 GMT
theme.css
xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/ 		138 B
199 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/theme.css
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8dc5d3d6bbc50a39adaed1b262687b67edea706d5fc1d325a83c82eeb912ec18
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:38 GMT
server
LiteSpeed
etag
"8a-64817ab6-caa4d90c51fbd23d;;;"
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
138
expires
Sun, 12 Nov 2023 11:25:01 GMT
xrp.jpg
xrp.ofrealfaucetnotimer.com/assets/main/home/images/header/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xrp.ofrealfaucetnotimer.com/assets/main/home/images/header/xrp.jpg
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2f242a47c99e0761739b345d8273a8495be753e03cc752e36becf94dde14b8f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:39 GMT
server
LiteSpeed
etag
"2fb4-64817ab7-a581a766ed3d9acb;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
12212
expires
Sun, 12 Nov 2023 11:25:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9049134742212857
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ddf9d25df26f33a100ca8e7fbaa09333880317121d8b9dc6948dc1ae6443c85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/
Origin
https://xrp.ofrealfaucetnotimer.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52509
x-xss-protection
0
server
cafe
etag
2215914256244717343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 11:25:01 GMT
xrp.png
xrp.ofrealfaucetnotimer.com/BSassets/images/currencies/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xrp.ofrealfaucetnotimer.com/BSassets/images/currencies/xrp.png
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f22061853568d37b9b8f4775622b90ad1a559a4fbbfb22491226f883c1b7fad7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:39 GMT
server
LiteSpeed
etag
"1a5d-64817ab7-6a9385892a76d5df;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
6749
expires
Sun, 12 Nov 2023 11:25:01 GMT
jquery.bundle.js
xrp.ofrealfaucetnotimer.com/assets/main/home/assets/js/ 		666 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/js/jquery.bundle.js
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0146164ef9d75d2b1605651c094b6e8e39274cdc04bca3c5f614235e17293e8e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:38 GMT
server
LiteSpeed
etag
"a6736-64817ab6-444f83b7516796ae;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
198018
expires
Sun, 12 Nov 2023 11:25:01 GMT
scripts.js
xrp.ofrealfaucetnotimer.com/assets/main/home/assets/js/ 		39 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/js/scripts.js
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6a55715c479acd62ce9cfa67335c3726cf837e3df24e166b0784748b18e28a3d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:38 GMT
server
LiteSpeed
etag
"9cf7-64817ab6-868ed5cdd3681306;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
8087
expires
Sun, 12 Nov 2023 11:25:01 GMT
charts.js
xrp.ofrealfaucetnotimer.com/assets/main/home/assets/js/ 		16 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/js/charts.js
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4dd3a302bb4a562fdd5084efd135f27f50e5a89c63deac81d34ff1cfaf10399a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:38 GMT
server
LiteSpeed
etag
"3e6f-64817ab6-489e9c7745b714c4;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1904
expires
Sun, 12 Nov 2023 11:25:01 GMT
show.php
cryptocoinsad.com/ads/ Frame 13BD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cryptocoinsad.com/ads/show.php?a=255980&b=396685
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:17da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.24-0ubuntu0.18.04.17
Resource Hash
19e99abb0b2420000fd85ee7e6959d5a96f51e43970e41bebe1530248e0bc799

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8214bbd428415f60-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 11:25:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jjqVeBpr7UiqtdjJvO1juZRmNUd9srlug8ndohpw%2FJnIQYaqlbgbYrXNuVVBEvnQTgnlY9gL5CbjwbNkqYqixm%2By0GF9J6eJ4saDzvF%2FX%2FvLEpo1uFYiv8v7yvupPUm73Ne7pdJwf3xPP2MSkq%2FVg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.2.24-0ubuntu0.18.04.17
Poppins-Medium.woff2
xrp.ofrealfaucetnotimer.com/assets/main/home/assets/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/fonts/Poppins-Medium.woff2
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/style-muscari.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ac5bf0ec2dc9d22e8d1f68387d6ff759c013b66b402d56e379e1e3209293e13a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/style-muscari.css
Origin
https://xrp.ofrealfaucetnotimer.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:38 GMT
server
LiteSpeed
etag
"c0d8-64817ab6-235de8e5ffdb698f;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
49368
expires
Sun, 12 Nov 2023 11:25:01 GMT
Poppins-SemiBold.woff2
xrp.ofrealfaucetnotimer.com/assets/main/home/assets/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/fonts/Poppins-SemiBold.woff2
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/style-muscari.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3b4a3185d9490f0f5c2b05c4d881bcc6cd33706cf0eee7079c883792456979df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/style-muscari.css
Origin
https://xrp.ofrealfaucetnotimer.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:38 GMT
server
LiteSpeed
etag
"bf1c-64817ab6-7461fb0164767c4f;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
48924
expires
Sun, 12 Nov 2023 11:25:01 GMT
Poppins-Regular.woff2
xrp.ofrealfaucetnotimer.com/assets/main/home/assets/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/fonts/Poppins-Regular.woff2
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/style-muscari.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6793abf92943d13b77b76fdf300ce8b6514464fa2bf2c1479e600c709dbed74a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/style-muscari.css
Origin
https://xrp.ofrealfaucetnotimer.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:38 GMT
server
LiteSpeed
etag
"c16c-64817ab6-b1883126ccef2a09;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
49516
expires
Sun, 12 Nov 2023 11:25:01 GMT
fa-solid-900.woff2
xrp.ofrealfaucetnotimer.com/assets/main/home/assets/fonts/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/fonts/fa-solid-900.woff2
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/vendor.bundle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/vendor.bundle.css
Origin
https://xrp.ofrealfaucetnotimer.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:38 GMT
server
LiteSpeed
etag
"13174-64817ab6-734801d29049750f;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
78196
expires
Sun, 12 Nov 2023 11:25:01 GMT
Poppins-Light.woff2
xrp.ofrealfaucetnotimer.com/assets/main/home/assets/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/fonts/Poppins-Light.woff2
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/style-muscari.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0aadfb39cd42b417e91e913a6a8fcbe8b4038d0bcf0efdb669312e6114f3adb0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/style-muscari.css
Origin
https://xrp.ofrealfaucetnotimer.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:38 GMT
server
LiteSpeed
etag
"c074-64817ab6-c7b53e3dbbf6bb43;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
49268
expires
Sun, 12 Nov 2023 11:25:01 GMT
Poppins-Bold.woff2
xrp.ofrealfaucetnotimer.com/assets/main/home/assets/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/fonts/Poppins-Bold.woff2
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/style-muscari.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:602:0:383f:86ca:5 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ad24649b3b8ddfa72af99ed37813a77d9abfb15de3969576716ce238fa1d7f14
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/assets/main/home/assets/css/style-muscari.css
Origin
https://xrp.ofrealfaucetnotimer.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 08 Jun 2023 06:52:38 GMT
server
LiteSpeed
etag
"bfec-64817ab6-95dc7be0c681317e;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
49132
expires
Sun, 12 Nov 2023 11:25:01 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079423
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9049134742212857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b55ca6588ca330465c4ab1e64a5f29f81562516f335c9e940c573a0782faf241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138538
x-xss-protection
0
server
cafe
etag
5071486714745882269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 11:25:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame 29B3 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9049134742212857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
21800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 05:21:41 GMT
etag
251720774729838433
expires
Sun, 19 Nov 2023 05:21:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9B33 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&adk=1812271804&adf=3025194257&lmt=1699183501&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501552&bpp=6&bdt=234&idt=108&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2550799360365&frm=20&pv=2&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=134
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
700b8ec7174cbee39c043292643ec96fa0a034cf11caae2f9372384ef943ea17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5199
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 11:25:01 GMT
expires
Sun, 05 Nov 2023 11:25:01 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=preloader&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=preloader&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame DD61 		88 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&h=280&slotname=6480709254&adk=2592847289&adf=706112516&pi=t.ma~as.6480709254&w=475&fwrn=4&fwrnh=100&lmt=1699183501&rafmt=1&format=475x280&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501558&bpp=1&bdt=240&idt=144&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2550799360365&frm=20&pv=1&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=895&ady=31&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=FdeQVdqWRT&p=https%3A//xrp.ofrealfaucetnotimer.com&dtd=149
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84a68f58213865ca71e412ab2ea39b279d7cd4836d15273f6fc98ad4ee9b28da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
28323
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 11:25:02 GMT
expires
Sun, 05 Nov 2023 11:25:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
27098.gif
cryptocoinsad.com/banner/ads_banner/ Frame 13BD 		598 KB
599 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptocoinsad.com/banner/ads_banner/27098.gif
Requested by
Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=255980&b=396685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:17da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19f7d2a46d8e304379022578be5e2459a7d097ed03e46b739659a4d03ccb7a80

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cryptocoinsad.com/ads/show.php?a=255980&b=396685
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Nov 2023 22:56:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1611
etag
"6546cc1d-95746"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikaipudpe%2BX6Ujn96lStPOcESMQOve9BfosIxUo6IIU0dEayA6Ir1DW%2B7yQEnZBYsfpCYcGIIs%2BRv1PK8SR8ruExZIkaq2jiSAM%2BWWAzaEBVZHPBsFSsBC%2FrRHsVoO3KeI5OV%2BldKqf1C%2FIqTTvIeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=10800
accept-ranges
bytes
cf-ray
8214bbd61a935f60-SIN
alt-svc
h3=":443"; ma=86400
content-length
612166
icon.png
cryptocoinsad.com/ads/show/img/ Frame 13BD 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptocoinsad.com/ads/show/img/icon.png
Requested by
Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=255980&b=396685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:17da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cryptocoinsad.com/ads/show.php?a=255980&b=396685
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:01 GMT
cf-cache-status
HIT
last-modified
Sat, 29 Jan 2022 11:54:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6439
etag
"61f52b0c-ced"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLcKew%2FieClCexF7QWGiktsHy5MZxnY41KHfgeeBQlZUxflcYKchwfOOgn0rgMG4OIySDDfE4GeJvEPhqHJagiusufYmEMe1pqlUIKq8L3eamFZNqT5sgq826Cteuh5wzSf%2B83HEFcaf6oNAqI2YLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=10800
accept-ranges
bytes
cf-ray
8214bbd61a955f60-SIN
alt-svc
h3=":443"; ma=86400
content-length
3309
ca-pub-9049134742212857
fundingchoicesmessages.google.com/i/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9049134742212857?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a4231a5ac3c8b6ee079f1d82dedc74564fcb86d4b6801905f6e52250e636fa95
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-j146izt0laYAO0_Lp5Da8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-j146izt0laYAO0_Lp5Da8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&hl=en&pvc=2769359814576497
Requested by
Host: xrp.ofrealfaucetnotimer.com
URL: https://xrp.ofrealfaucetnotimer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUjD4wS7vti-yQJUH5JdIgRBJqZAOgVnc5KvsridPTF7RXWYGWylgeHOXuo5yWBQPgLwnoX6FkQ2lJe4HWM4gA2tpcu1LYpQOd_jyOxzPsUzhvS_rAyKrLt46RpkViyB7O8qzWr-A==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUjD4wS7vti-yQJUH5JdIgRBJqZAOgVnc5KvsridPTF7RXWYGWylgeHOXuo5yWBQPgLwnoX6FkQ2lJe4HWM4gA2tpcu1LYpQOd_jyOxzPsUzhvS_rAyKrLt46RpkViyB7O8qzWr-A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5MTgzNTAyLDEwMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly94cnAub2ZyZWFsZmF1Y2V0bm90aW1lci5jb20vIixudWxsLFtbOCwiRzhmdXl5SGdtWUEiXSxbOSwiemgtQ04iXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMzWBhkVWrmApHsamtZMS5qmej-Chg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2bbe73f28914c78a941cd6cec30d36f95c4fd303c444906527b337748dc1166f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4NTfeY25iSYzdKNJRy7ufQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-4NTfeY25iSYzdKNJRy7ufQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame DD61 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&h=280&slotname=6480709254&adk=2592847289&adf=706112516&pi=t.ma~as.6480709254&w=475&fwrn=4&fwrnh=100&lmt=1699183501&rafmt=1&format=475x280&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501558&bpp=1&bdt=240&idt=144&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2550799360365&frm=20&pv=1&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=895&ady=31&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=FdeQVdqWRT&p=https%3A//xrp.ofrealfaucetnotimer.com&dtd=149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
55582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:58:40 GMT
css
fonts.googleapis.com/ Frame DD61 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&h=280&slotname=6480709254&adk=2592847289&adf=706112516&pi=t.ma~as.6480709254&w=475&fwrn=4&fwrnh=100&lmt=1699183501&rafmt=1&format=475x280&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501558&bpp=1&bdt=240&idt=144&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2550799360365&frm=20&pv=1&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=895&ady=31&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=FdeQVdqWRT&p=https%3A//xrp.ofrealfaucetnotimer.com&dtd=149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Nov 2023 11:25:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Nov 2023 10:31:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Nov 2023 11:25:02 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/ Frame DD61 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&h=280&slotname=6480709254&adk=2592847289&adf=706112516&pi=t.ma~as.6480709254&w=475&fwrn=4&fwrnh=100&lmt=1699183501&rafmt=1&format=475x280&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501558&bpp=1&bdt=240&idt=144&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2550799360365&frm=20&pv=1&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=895&ady=31&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=FdeQVdqWRT&p=https%3A//xrp.ofrealfaucetnotimer.com&dtd=149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 12:50:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 10:40:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 12:50:07 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/ Frame DD61 		374 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&h=280&slotname=6480709254&adk=2592847289&adf=706112516&pi=t.ma~as.6480709254&w=475&fwrn=4&fwrnh=100&lmt=1699183501&rafmt=1&format=475x280&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501558&bpp=1&bdt=240&idt=144&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2550799360365&frm=20&pv=1&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=895&ady=31&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=FdeQVdqWRT&p=https%3A//xrp.ofrealfaucetnotimer.com&dtd=149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d59317c36ebdad1f2a6a32ac70c3d8d633192c15a961b668f6321997c15720b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 14:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335549
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132916
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 10:40:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 14:12:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame DD61 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&h=280&slotname=6480709254&adk=2592847289&adf=706112516&pi=t.ma~as.6480709254&w=475&fwrn=4&fwrnh=100&lmt=1699183501&rafmt=1&format=475x280&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501558&bpp=1&bdt=240&idt=144&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2550799360365&frm=20&pv=1&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=895&ady=31&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=FdeQVdqWRT&p=https%3A//xrp.ofrealfaucetnotimer.com&dtd=149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
55582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:58:40 GMT
AGSKWxUf5UYozuOyVFOqMobdz-bu3yYd21Yt9xALVEPWWZKxjv1hwR-wiFMcBdEMB2sC1hJyQyEaTxNW8cNN69lkU5f1D9V_l-QwlCzD1eEW5a8C4CIHEN9eOxFnHxEbBLGT1-YGUjgcDg==
fundingchoicesmessages.google.com/f/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUf5UYozuOyVFOqMobdz-bu3yYd21Yt9xALVEPWWZKxjv1hwR-wiFMcBdEMB2sC1hJyQyEaTxNW8cNN69lkU5f1D9V_l-QwlCzD1eEW5a8C4CIHEN9eOxFnHxEbBLGT1-YGUjgcDg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5MTgzNTAyLDE3NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8veHJwLm9mcmVhbGZhdWNldG5vdGltZXIuY29tLyIsbnVsbCxbWzgsIkc4ZnV5eUhnbVlBIl0sWzksInpoLUNOIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMzWBhkVWrmApHsamtZMS5qmej-Chg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ec341dbce749096e5755f6d1accebfd6ea7972f0c08982cc783bb2e20e350666
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-QTgfu7tJOUeaHjaZWQ8pxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-QTgfu7tJOUeaHjaZWQ8pxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame DD61 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~loldzhci&c=838266707320&slotId=419133353660&qqid=CPfUnujfrIIDFalRDwId7v8M2g&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:811::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DD61 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 06:03:13 GMT
x-content-type-options
nosniff
age
364909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 06:03:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DD61 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 06:14:48 GMT
x-content-type-options
nosniff
age
364214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 06:14:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DD61 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CmPT0jXtHZbfaLamjvcAP7v-z0A2Cpubnc4ifu7GzEvuG97upGhABIKXP2HRgwQWgAZu13NYCyAEFqAMByAObBKoEhQJP0Nd7Ch9VTpDWcp5ksLgY7XeU3N2rn7DbE2c8Qwbl8adxyrEBa6yH1SD4qZXA51WNjMRvGQVUeNTe73ovla4QBewQ4htJKzMazWQv7vyhUOX6shp-bT0jINjVV4ks1XzP7UxwAKPMNrL-fIC7tTyeNin-tn7q_MlW6_gqQ0TmgnABk1ynQH97nDaaGi-YoYUHVjyb_sAjoZ4DowOWH0OR1WvDFeYy1KVEYSdv5uHpUgvgkBz4TYDHkp57U4MXiE5mXgXguw2rRY3O67WyspabixwP4iES_CxQ3fZxI3dL5WG96T0O7sO3fFYyPQunH6F9DC9LMDOfJNVm9WiCiZ5msnlFEGzABMG9wsbLBOAEA4gF-eCdj02QBgGgBnaAB83Ko6kBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CVk6wE6HPnxXIE6K-4-MD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1699183502249&ai=CmPT0jXtHZbfaLamjvcAP7v-z0A2Cpubnc4ifu7GzEvuG97upGhABIKXP2HRgwQWgAZu13NYCyAEFqAMByAObBKoEhQJP0Nd7Ch9VTpDWcp5ksLgY7XeU3N2rn7DbE2c8Qwbl8adxyrEBa6yH1SD4qZXA51WNjMRvGQVUeNTe73ovla4QBewQ4htJKzMazWQv7vyhUOX6shp-bT0jINjVV4ks1XzP7UxwAKPMNrL-fIC7tTyeNin-tn7q_MlW6_gqQ0TmgnABk1ynQH97nDaaGi-YoYUHVjyb_sAjoZ4DowOWH0OR1WvDFeYy1KVEYSdv5uHpUgvgkBz4TYDHkp57U4MXiE5mXgXguw2rRY3O67WyspabixwP4iES_CxQ3fZxI3dL5WG96T0O7sO3fFYyPQunH6F9DC9LMDOfJNVm9WiCiZ5msnlFEGzABMG9wsbLBOAEA4gF-eCdj02QBgGgBnaAB83Ko6kBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CVk6wE6HPnxXIE6K-4-MD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&h=280&slotname=6480709254&adk=2592847289&adf=706112516&pi=t.ma~as.6480709254&w=475&fwrn=4&fwrnh=100&lmt=1699183501&rafmt=1&format=475x280&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501558&bpp=1&bdt=240&idt=144&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2550799360365&frm=20&pv=1&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=895&ady=31&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=FdeQVdqWRT&p=https%3A//xrp.ofrealfaucetnotimer.com&dtd=149
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame DD61 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~loldzhd6&c=838266707320&slotId=419133353660&qqid=CPfUnujfrIIDFalRDwId7v8M2g&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.fg&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:811::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame DD61 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DdWjt6xyUXYTcCXjYQWJNp8dcAwQ_zUR4IVlXsprLtXPr3-GozdXLJyEBBbwndd_3f5Mmyku6qMto0jwWEnU_Imyc8xw&cry=1&dbm_d=AKAmf-Andl_GbqoCnLaFnKTpkplxRq-RqpGMutrF3iuaJhcdZdXgupWyXQ6xTWF_NuBIeKw97e4ul0aAOtz19F-EyftMsjG4CG-8MJ-_HmqbqUA5MdHtkf0TEunzYq1RSD8mAPi5MCQsNou2XOdJ01V40nsQR-oTc5zlaJyNav3A7TbDTCotzMEDajG8kpLdeTc4hrV4QPKCQ0UawD1HEEILnZuNnZzxoTgeWgduSyuxf4dhr3kXbIdpHI_wXQvsIfMmeB88crIF6hS0Q-2T0gLVeADn1OjvSGQJPb7YGr-eBFYbnFo9QJSXPa55Nip41rV36Lb0akq7IkJdsb5ZlYV5YadVnCXxKKjFCpPDGeaD8-aJVXyIP3qHpt8LwzBYqx0rrbVWfo56YdFObIzY5yvasHM0sRiByK_ruwMIT-Zlq8EoykVdIwwU-NcF_EhIXYC9zrTFJN_iV_P5Xx5_ZhWl16WvHC6Sr2XRcpLo4ZdcPlA-tHP1nP1ugx2UaAboIhslq6QWmOKygTh41vBgbNpoLsw3FdP4pWqfyGtuZP7MZugsDs_OJO4ZnedLNfGI-rEw4SQe-NJv5mtwG16JBXkBaU9hvNW4o3pTLCeVLd2lLbr1JCFIXAwHLAYi7x91A166kbs__U9YOXHxjLM67mmNnd9QsRvwu7NInasZ66I5aNOsDADi9i7zFuXeWGTP6nijiSjAklG4On06h5_rrWtEPedh7_7zqY4vP_8p-q3wrQslAqFE7pKx8JDA8hx1lHDhQ7KL3HpBN8VCJ0_KF5qBEeh5p2UCZBNaXYp1gcqgzVv6ZiNyO5zDesmfVbJBBKTRAG8yErByZe6GjsvP0H_P4E1iuWhXFivvvySmDqrpD-ZvrW9AUcoO1SB6lOnrSn2bs6RXRrxS9yo0BY_Hc-Kc9C6NDczzzed7JN6mOaaCNyaJ2CrZVikXgi-5iyc3OwtCitcp2O-nCt9Hzk2J_U3WftaVGFVjjaXXNuZeztDP1QdE6V_dmLngSxmzIQXl0eYXYw0zRZ0nZZ19Qv325KCIg2gy-a3BMS74JgiGmWZJV8HGJDT6nem_yQhtz8ReiYuwv5aCpPvjRzvUX5gFWb_FIZZKE9Nlks6UGes_vvF7Uqh5yLokYFkkxADnTNytp7Xe8QmoHB_XPlLCKIyjGYwJpXz8J1v6mQixan5ki9v783rpLloY794fK0G-qjEaAbha3DMtTGyBOvfaZyPEQJoJDjsmk3YCPVB7gBplDBZ0AXmg_yBfmlzB0Ljj7xC7L3yXLhHmGpbEI5JTEIZRH0T1RHkxx12PVEnBBqtC-bZQlNjDZeMKv8aWJ-TuEh6rxCrBEt6dgxjBBIt1sq1LlgtmUF8QRaOtrtsvmIbRyF2aFd4-sk0DCEDwbv14Vf-Fjhq2tXnXVW4aTxeW-9zJwTaNdgcIh84e_O2ny4qSI09o2UiLuAAska98vJPMnXkxkSt4X0HpuVI_7To2dvwx7zoEpjFyOKiZ49_B2RzA1IVyU7NbsIJm68_vZxxO5QF-sCgnugQsMR5ezJ_yVFgCJOX332_FTtxaqZWldpaXzSaURjakqQ2h24KvTHEbS-p021J9Njt0XgOMfuOfFOf_9zFmX7DYWE4xo4Wq8e6oCf6DAx4_bOQvl2svms9DFlgeCuK7ZuClx0k_q6nlKhqXHW_SN2leQqtGBfXmNLPKUF_M6uDY7nxMkZB80WcCQyhVBNCAXAxjFQDktuRlMhkLvxKcNwxICZuKGJGEdlpnx3ZlYMEGOTnFSflZ6-Qv4QgtR_TcAWTwzDTkB4hS04UNno1apTwqgl0K7cLd6mN7yQf_wQ5Lc5UuPCRQjhWlmFvNrvY0dqLQt3xNS7hI5iYMu3mgOzIFfZ15SH7dLNPHcIBd1zSNyUmn9qVCb1UQ-qM2QfgM6u4puHi2Fq26OP3f8-3TV7wQRmtpkCrlbOpZD3ht1L89TcAO4-Qhib4qMDMvHlkwCk5MkqH1uculWtSa9w3mgZYk3G6HJuxwZ7bc0Rhu3YZIC7SmoDLqbThD32CniVG-nFOA9jOlzUQO4VBBqNqseIucmff0BlHhpyZVx0ryL8Yxm0ih2bXpUH7QJ5es3hkBFc5WQX_1VrqCxlhEx1szmXmCmRPyD2E_pRNfaOhUbaSWRDX7JjNoVT4ZAD6eB8jOjz7yFE09dbi5fe89L6dDrJQja5BkoLBOYVWTDsqoeWyzSkhqcdsHy8RMGyVwvrAWGJyV6JT6UK3yd1s8Q_8no191NBEw5uGDxHjmXnxPWbZxO3HItqeYbtRFiHppDnRQGc133gd_VZN7OMATV_QeGBQCGN07hGlcEqAqLnQMiOlDNUaPmDqGTQviKhSyp4hQ8_GCzBIU58FFg-cZoSZ2zB4lHwiJGUaBo0RjGZaslK2QrR3x-LN3qpW2dYmmLYTT0h6KuoOQFO-0VfloJGaFSnLvKJ-QA72cUruVdygbke-7ICE_socS_rLTe-BU81ebTPRI2G4FvfOoidkv4xUTvuh2TiGmjtg3cKOgC9UcItE4BKGYKRDQgTkU2b1IMiKF2EdPhexkTyf0xDfqY5Sma9pwq8XiqteLtudEVWLrcHzGxU4rokjnFj88jP-C_Plxle_nkSnlisdMkeQAjcQ0HPb0rUh6lM8b92rPK0-_sTtSyZaBItxjs6UqYOlzBGNWlhReYkxX7KD7kBw0RiYJVN7kz6TAt5dNImFDd0WIc5rG6-XMi638Ne_ecU4xggyVA-FLipVUec2JDDni_WejeLtxNDhsF7oZeS_qsmu8uHtVt-Pv5Kr-AKM7tB6JDM2JtgrKVNgbo5O2pZ_NqzpClkmn7-d9AgCeAx6qlR54_8P-cNQvuQ6lXdGqWoVxfZcQ8MnkQ3eI_is98fdt9pX7B1Pg53A3WVChQOTFw5msRMfBx6MyXmeyQpAaC19CZe20Dvpi47DpHisqjI9tQft6_RFVa1h98xQNnff7PFdeIYKjkB-IhK9Xrazgm00qOthbTky9MFqawwjQkKD2Kx0bK-s2B_tgLBSuP4WojgXbSb8mfI7mxzTwJjNGJUPigW-ES3plIsyWWMF8ImoZ64lQHWKxthUKVImBVzQgRy2ymammURx7ElRqc6gpJHmtxf86gbjp2aBZX9tT-081rz5yv4x6ynKo67AXWDKf5fsbOXETh7qvX9JpBmQYvpvITmNltZABB_F4X6BhTu5vTv93jq-8lSeMBaFVacDxeY6cf8T-BUKUGOIwqJDxAqEj1nK99qGTq0Xdyegj39YQDtnsmavDWLvnaWvbvWnXfRzNjk9WXUlV21oc7GIG6aH8srEdcbH16MFGieU3Rp4dx0J0vP5PRHHJzR-sCfaRDb7nazT_M99NxwkORF1yJWqiAYXbR50XrLojdEe9Z5Vaw2EtYMtV-pENcVxusGvtFweg00G7WYqJqgreQcppSPjUcWjvDiftNm_qO1r6WM5QiqV_XrQFWYSbDu9e9QJhGkXTPxb-n89_BTU7UerNu0j65tt1ge-loj5JAvlfF1fLEdnlU5ODWhUhXUm5JcG8wbIeJV13dxk_CDxBMjd_0zZEvf21dtGwPgwOJuN6ZBL-lSRf0RnzRWA8lJm6mXkftLPyoZxjrxmifFxakbartShLCDubMaVYxTO-W5q18DbPxNXoKOnmzJTMt9UyeyG7v_wZVVkqznmk_pkH1B_ntCbjGOA99_fAGw6-yoYi4qISsfYoCJu_OZQdrbWdLYEcxZX9oXW63gKrQt0ZIFYyE03hphMY8mA-SURFmzJo8KKZ0t9lHiOi12aaPs-O4IsWXATyJtZnk-rRDw6xYoWAhcAP7RGBVIl4JNUPPK5yfm-X-9HwdEQseYS-ig&cid=CAQSTADICaaNnihbpHEAmWcqEeakZXQ1pUKVL4t2I3gbFHAPYIca6uGRhAd8FVfO6rWN5FafDG0XdcUP1TYIZf0yDHfvi7uQHUyggYh_oyIYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
cafe /
Resource Hash
0976bfecf24b8e682ff60e788dd7b520dffd664cadca77c534166ec8a70e2cae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17411
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame DD61 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f660a57b5c6062f6cc6341a59a67c1ed8008e4523275866256ed971efea50e9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame DD61 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CbqI_jXtHZbfaLamjvcAP7v-z0A2Cpubnc4ifu7GzEvuG97upGhABIKXP2HRgwQWgAZu13NYCyAEFqAMBqgSCAk_Q13sKH1VOkNZynmSwuBjtd5Tc3aufsNsTZzxDBuXxp3HKsQFrrIfVIPiplcDnVY2MxG8ZBVR41N7vei-VrhAF7BDiG0krMxrNZC_u_KFQ5fqyGn5tPSMg2NVXiSzVfM_tTHAAo8w2sv58gLu1PJ42Kf62fur8yVbr-CpDROaCcAGTXKdAf3ucNpoaL5ihhQdWPJv-wCOhngOjA5YfQ5HVa8MV5jLUpURhJ2_m4elSC-CQHPhNgMeSnntTgxeITmZeXeEh-DjXy1xFVTPjVhrrkrjvmqXdqK38cqRjUEE1aJTxoJBBzgzpxhwTExa5RFyI8NseH4eIAP-kqPZrmrWxVMAEwb3CxssE4AQDiAX54J2PTZIFBggDEAEYAZIFBggbEAIYApIFCwgiEAIYAkjdw5ICkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfNyqOpAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKELaEChjHiKr8AdIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2gwRCgsQwIiV4MPz_Zv9ARICAQOwE6HPnxXIE6K-4-MD0BMA2BMKiBQG2BQB0BUBgBcBshccChoIABIUcHViLTkwNDkxMzQ3NDIyMTI4NTcYAOgXBQ&sigh=lI6aMcVtOjI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTADICaaNnihbpHEAmWcqEeakZXQ1pUKVL4t2I3gbFHAPYIca6uGRhAd8FVfO6rWN5FafDG0XdcUP1TYIZf0yDHfvi7uQHUyggYh_oyIYAQ&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&h=280&slotname=6480709254&adk=2592847289&adf=706112516&pi=t.ma~as.6480709254&w=475&fwrn=4&fwrnh=100&lmt=1699183501&rafmt=1&format=475x280&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501558&bpp=1&bdt=240&idt=144&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2550799360365&frm=20&pv=1&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=895&ady=31&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=FdeQVdqWRT&p=https%3A//xrp.ofrealfaucetnotimer.com&dtd=149
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&h=280&slotname=6480709254&adk=2592847289&adf=706112516&pi=t.ma~as.6480709254&w=475&fwrn=4&fwrnh=100&lmt=1699183501&rafmt=1&format=475x280&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501558&bpp=1&bdt=240&idt=144&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2550799360365&frm=20&pv=1&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=895&ady=31&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=FdeQVdqWRT&p=https%3A//xrp.ofrealfaucetnotimer.com&dtd=149
Attribution-Reporting-Eligible
event-source
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 05 Nov 2023 11:25:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
821604f45df4c4b9cdb480dfe777edb75aac8b2db45fa6c08f1944b2a293b4e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12000
x-xss-protection
0
csi
csi.gstatic.com/ Frame DD61 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~loldzhdn&c=838266707320&slotId=419133353660&qqid=CPfUnujfrIIDFalRDwId7v8M2g&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:811::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame DD61 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 21:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 21:42:42 GMT
file.mp4
r5---sn-npoldne7.c.2mdn.net/videoplayback/id/21ab5e4feddc9522/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730719502/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame DD61
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/21ab5e4feddc9522/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730719502/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r5---sn-npoldne7.c.2mdn.net/videoplayback/id/21ab5e4feddc9522/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730719502/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r5---sn-npoldne7.c.2mdn.net/videoplayback/id/21ab5e4feddc9522/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730719502/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/672C894C0F44B24F7AEC5C0A787B85119FF84D7E.506BC3DF355146BCCF5BC852016BAD97A31096FD/key/cms1/cms_redirect/yes/mh/gL/mip/2001:df1:800:a00a:12::9/mm/42/mn/sn-npoldne7/ms/onc/mt/1699182960/mv/u/mvi/5/pl/62/file/file.mp4
Protocol
HTTP/1.1
Server
2404:6800:4003:14::a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sun, 05 Nov 2023 11:25:02 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
7363129
Last-Modified
Mon, 30 Oct 2023 09:09:26 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sun, 05 Nov 2023 11:25:02 GMT

Redirect headers

date
Sun, 05 Nov 2023 11:25:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
653
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r5---sn-npoldne7.c.2mdn.net/videoplayback/id/21ab5e4feddc9522/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730719502/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/672C894C0F44B24F7AEC5C0A787B85119FF84D7E.506BC3DF355146BCCF5BC852016BAD97A31096FD/key/cms1/cms_redirect/yes/mh/gL/mip/2001:df1:800:a00a:12::9/mm/42/mn/sn-npoldne7/ms/onc/mt/1699182960/mv/u/mvi/5/pl/62/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame DD61 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~loldzhfv&c=838266707320&slotId=419133353660&qqid=CPfUnujfrIIDFalRDwId7v8M2g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=3721&mt=video%2Fmp4&vs=1024x1024&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.hu~videopreviewvisible.i1&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:811::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Nov 2023 11:25:02 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame ECAE 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
357735
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 08:02:47 GMT
expires
Thu, 31 Oct 2024 08:02:47 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1B74 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
440897
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 08:56:45 GMT
expires
Wed, 30 Oct 2024 08:56:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6F3D 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::6a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ea3de4433d50765345964791851e23f287ae41798be6de55487e3470eee77461
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AhIN0hFjizXq0hy8PiPueg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-AhIN0hFjizXq0hy8PiPueg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 11:25:02 GMT
expires
Sun, 05 Nov 2023 11:25:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame ECAE 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 09:32:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
179527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 09:32:55 GMT
file.mp4
r5---sn-npoldne7.c.2mdn.net/videoplayback/id/21ab5e4feddc9522/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730719502/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame DD61 		7 MB
7 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-npoldne7.c.2mdn.net/videoplayback/id/21ab5e4feddc9522/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730719502/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/672C894C0F44B24F7AEC5C0A787B85119FF84D7E.506BC3DF355146BCCF5BC852016BAD97A31096FD/key/cms1/cms_redirect/yes/mh/gL/mip/2001:df1:800:a00a:12::9/mm/42/mn/sn-npoldne7/ms/onc/mt/1699182960/mv/u/mvi/5/pl/62/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:14::a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
57ebff467f3090d6f77aa804ada5b9642fada1e88f89e12a0c1047120daae777
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

expires
Sun, 05 Nov 2023 11:25:02 GMT
date
Sun, 05 Nov 2023 11:25:02 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-7363128/7363129
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
7363129
last-modified
Mon, 30 Oct 2023 09:09:26 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 1B74 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 09:32:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
179527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 09:32:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6F3D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=2769359814576497&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
dc_oe=ChMIzLHA6N-sggMVrSCDAx2GWw18EAAYACDKqqlhOhoI0c7AqQEQwb3CxssEGKK-4-MDIIifu7GzEkITCPfUnujfrIIDFalRDwId7v8M2g;dc_rmcid=CAQSTADICaaNnihbpHEAmWcqEeakZXQ1pUKVL4t2I3gbFHAPYIca6uGRhAd8FVfO6rWN5FafDG0...
ade.googlesyndication.com/ddm/activity/ Frame DD61 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzLHA6N-sggMVrSCDAx2GWw18EAAYACDKqqlhOhoI0c7AqQEQwb3CxssEGKK-4-MDIIifu7GzEkITCPfUnujfrIIDFalRDwId7v8M2g;dc_rmcid=CAQSTADICaaNnihbpHEAmWcqEeakZXQ1pUKVL4t2I3gbFHAPYIca6uGRhAd8FVfO6rWN5FafDG0XdcUP1TYIZf0yDHfvi7uQHUyggYh_oyIYAQ;eps=CIBhEAEYHzICigI6AoBASL39wTo;met=1;acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D11%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D526369412%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699183502676;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DD61 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CmPT0jXtHZbfaLamjvcAP7v-z0A2Cpubnc4ifu7GzEvuG97upGhABIKXP2HRgwQWgAZu13NYCyAEFqAMByAObBKoEhQJP0Nd7Ch9VTpDWcp5ksLgY7XeU3N2rn7DbE2c8Qwbl8adxyrEBa6yH1SD4qZXA51WNjMRvGQVUeNTe73ovla4QBewQ4htJKzMazWQv7vyhUOX6shp-bT0jINjVV4ks1XzP7UxwAKPMNrL-fIC7tTyeNin-tn7q_MlW6_gqQ0TmgnABk1ynQH97nDaaGi-YoYUHVjyb_sAjoZ4DowOWH0OR1WvDFeYy1KVEYSdv5uHpUgvgkBz4TYDHkp57U4MXiE5mXgXguw2rRY3O67WyspabixwP4iES_CxQ3fZxI3dL5WG96T0O7sO3fFYyPQunH6F9DC9LMDOfJNVm9WiCiZ5msnlFEGzABMG9wsbLBOAEA4gF-eCdj02QBgGgBnaAB83Ko6kBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CVk6wE6HPnxXIE6K-4-MD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=5b7SWQ0kgOw&label=part2viewed&ad_mt=12&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D11%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D526369412%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699183502676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&h=280&slotname=6480709254&adk=2592847289&adf=706112516&pi=t.ma~as.6480709254&w=475&fwrn=4&fwrnh=100&lmt=1699183501&rafmt=1&format=475x280&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501558&bpp=1&bdt=240&idt=144&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2550799360365&frm=20&pv=1&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=895&ady=31&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=FdeQVdqWRT&p=https%3A//xrp.ofrealfaucetnotimer.com&dtd=149
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DD61 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstaoT1ezVxX8a3Dme_7xf5tyfKSXmjrvjOM55U_IXNS-L84qldKp0ILLfaENQgilqdfdEx-7Hv23v5tFM1Vl4-z_yv6uuaEGV7LFIlOtwJqzzRzeh8QjtXv1zEvq_tnsUUABbMtEsNLTApUOpR7Bn6VShWnXNyjqAHy5GmDy9KDKzgg8bRgA34LDULqAIhPMH1uDMTkHSbYLqq0VT7ZPSM-Nt_JJwzao3qla_NBTPFurmEDTrhJsA6gzxPss0wIfoNK-fkLYNXqhvWsLFUpUUq6mpQH6wKNCLhfKj1N_ROebyA6TV3qOThvxYcjrSzcywIJFfIJi4-57q4ddM2nns1vwPPMSuyJJlAOVuGpCoKJqs8V9XpgryL1BJYx2ypoAC2Ff5hkIf70F82LC2ID0nE1yVXoXDnrTiQzmJCOOJ_-vA2qZGdHfNM0a-la-1lGEhvTWGHbhZDHo2wdMqOKYiW4qHbqVQm2z6VVoUl83SDiwXM4HYvS0sX2Q5reoxUTY3m54qc9an5BpaXMs7_pIDF0d75TPp8Iz-VOXqx7HOKiOyMua_O-VNg-0qWihjXIkssrUC9GKGgGJdGAe-p_19e1_H2L-qQVAE13U-bghVl8MjMMETnmQT2wSsKuiMGuAP4H9xn2xn66CjIWoynAzG4RwFNGhFoPs6EJBSEeItxrZ53MvgEmt3daJzJzQ-8fTnyPUkvqqR5I_OSjfu5oNu3r0g4hjE7DLuPnLjx5SU4-RyVTBt4uwvxqRjJiUEOC1io07iKcczAaOYiw6u4fJKbm2egQtEavkILzvW2hRlbJAauN7DMY-OBx4loJJfejISfvSCAotpD3QCJw8BSfctFXsO_BvD8oVMGqL4llFW_81MXcXNkIY9tKR5nBjr9w3OVU2b7ExMJw5KrH9oQzAzw9-k3DlYB2BtuUZoKA5lGFMPr7NZF3zgyWZdzXQkK7HjxqGGKxXnswbkLdGTA5Xm5SZSRHeH0rwTAY5uGSKMiU44u2vTWj3_UxC3Hn44A7o4JZStyvb2Irlu_tcx-Mb3gb8BepDMeZ7gom6ACUIDP2bFFiQ_yZYbJfoXFEBK_XZvABJ34DXIaY55h-f1CkSylB79NSr3JT5ez_RW3dqVQf1w56RnODhu-fhsUshdvlLjOYMnCuvGV-dI7dWCEdS8Rn5B34jgV-7l-TKvsYKMtDWjH2ueRe_eC5ayfnAmgBFsvFKIvJ37unZdCNV9VH-WpKkhr4x3ASXS-Y3aNp8Utqh8C8pKXx-TQvwWa5ibiy7ym1kStRWh_4Y5W3W-o4GdtbKxFMDEFiyRkpollzYijMFcgJVvM5GAnrymx6BVtzFV1QsG_mLZ7ohbwv8jg&sai=AMfl-YRxWL8ovZ_Q9-t5PB1plpMJl5ukJS5nH8pPeLniixptUl6BLOswTNW4hZyWOn89DYLllER0dAEjSTd5_JqtMYg0TuVe2slJkkJxU3ylytAQYuBor6Hunssa3y-EtbsLVzNjeKvlDIGVNqGw-0FIwzISGAlQwzxXP07k6Rb5iDc3eHtW8PS9tSbV2RWqpMDJBv0TI9H-XPs16ThtUOngT_M2dmK1dbWvwnW3-xrq581QHfd8xG1thaoD3UGoRa9KE9glHPvFmFvMrgmFpw5FlTRlZaLCOgWf61pZAmnw5E28Guju90__gP1ay4FemA&sig=Cg0ArKJSzF9rknXF1VuJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 05 Nov 2023 11:25:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame DD61
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-znAIQluisAhjHiKr8ASABMAE&v=APEucNVpQZ5i4IR3I7yktUdQmi3wuS1FPyrUZKVvacKp3iy2xeNcvRNSzWL8YWWzk0mFs2HHyJtVRs9K3ca63dsA9YqwAGdc-pUZ2UP8TxwQFueBv0C30PA
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUd7jnprpxK5rrNvOP-M8QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxJ8JzUi8dy82ms7oPF7Kw&google_cver=1
43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxJ8JzUi8dy82ms7oPF7Kw&google_cver=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9%2BXltFYbkwf1vwyxScXfRbsE4RyNmHNMqldxCyOuBxthTzORlEjE%2BzyGuIMMLpQUBRMwSKHpZnIaGX5ynCjnatZww2qQUke%2BXGmfsCLfjfz6Kgw8gsUHdKIYx8N3y85bHS5H6JxK%2FOMQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8214bbdd2a91562c-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELxJ8JzUi8dy82ms7oPF7Kw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DD61 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DD61 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5zpmA7uevoJ9f8ugaf19olFQtarexSieuWTe8POpiKy9P7poKW7P-_zIwrchj0uPBUZ74f13GW3RfZ1tQ3n38E5xcWsgHIM2ZSSEYV7iK6UAQ5yU9Zyl3mV7J5M1CZ_QaruH2nL6zCg&sai=AMfl-YRXyUGFz4AP76iHJ6mF0AbB7sc6FHdsNvWj-QyzqIXAxayVhHO1ZR6X3_pZtXfOCeYPANgdFy5xu2kbctAtoQHZi0ucv3ny4_p_z3XQIsdMxSo6M9XHFqbvwuIOsdUyPIPasDgOQlLMPgTNMA&sig=Cg0ArKJSzAxhYVgPvIHOEAE&cid=CAQSTADICaaNnihbpHEAmWcqEeakZXQ1pUKVL4t2I3gbFHAPYIca6uGRhAd8FVfO6rWN5FafDG0XdcUP1TYIZf0yDHfvi7uQHUyggYh_oyIYAQ&id=lidarv&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D11%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D526369412%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699183502676&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DD61 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CmPT0jXtHZbfaLamjvcAP7v-z0A2Cpubnc4ifu7GzEvuG97upGhABIKXP2HRgwQWgAZu13NYCyAEFqAMByAObBKoEhQJP0Nd7Ch9VTpDWcp5ksLgY7XeU3N2rn7DbE2c8Qwbl8adxyrEBa6yH1SD4qZXA51WNjMRvGQVUeNTe73ovla4QBewQ4htJKzMazWQv7vyhUOX6shp-bT0jINjVV4ks1XzP7UxwAKPMNrL-fIC7tTyeNin-tn7q_MlW6_gqQ0TmgnABk1ynQH97nDaaGi-YoYUHVjyb_sAjoZ4DowOWH0OR1WvDFeYy1KVEYSdv5uHpUgvgkBz4TYDHkp57U4MXiE5mXgXguw2rRY3O67WyspabixwP4iES_CxQ3fZxI3dL5WG96T0O7sO3fFYyPQunH6F9DC9LMDOfJNVm9WiCiZ5msnlFEGzABMG9wsbLBOAEA4gF-eCdj02QBgGgBnaAB83Ko6kBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CVk6wE6HPnxXIE6K-4-MD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=5b7SWQ0kgOw&label=vast_creativeview&ad_mt=12&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D11%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D526369412%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1699183502676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&h=280&slotname=6480709254&adk=2592847289&adf=706112516&pi=t.ma~as.6480709254&w=475&fwrn=4&fwrnh=100&lmt=1699183501&rafmt=1&format=475x280&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501558&bpp=1&bdt=240&idt=144&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2550799360365&frm=20&pv=1&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=895&ady=31&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=FdeQVdqWRT&p=https%3A//xrp.ofrealfaucetnotimer.com&dtd=149
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame DD61 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~loldzhg5&c=838266707320&slotId=419133353660&qqid=CPfUnujfrIIDFalRDwId7v8M2g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=3721&mt=video%2Fmp4&vs=1024x1024&dm=15000&ple=0&umsem=0&event_name=first_play&asset_bytes=197830&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.qw~ff.rb~videopreviewstarted.rd
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:811::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 1B74 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0niymQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame ECAE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BJ_ECjntHZcyyEq3BjMwPhre14AcAAAAAOAHgBAI&bg=!wMOlw4zNAAb4oU7C2KE7ADQBe5WfOM9K6xp12F9ZJFsDb6tFltKQLEg9N86fcS-afPBuvcfXQptSwvF3na5CvN6JaFV4AgAAAUBSAAAAC2gBB5kDIj3HmVf3h1ndRmc5kHke_QynCAX2vKaTbPz6GO0MANqX38wzDgD4xYq8vw94hCJ_53iuLcA6-SDwvCTFAuMzkr8KxEHJ5nO_TIw64fStw-FC79katlCV4TqngcVGxMkGCDENiUkM-17UaUxXtCEkbAcr3xSBMnkhQLSJn65JyibLIBzM-zn4Aq0K9aD5r9XWmwTb0e8C9pjycS49BTZ_TXFSIstTcUD1JHKHVtPg02LcgjroWJJSz-8LAUHZx3C2GT_b89vQSAkLIZcQddljckoevaOtraLTrYVULnWRpZ8URd9GPnqQIMjFr70KbIVht50RdPic-xJbSDHdaC6vQ5tyDwFKbNU-vU8D0VtcADF-Ag5zen0GbtYW-ioQjx3T8e4AG-bEQEz6k3kBRkIsjz7eyqEAVYv9XFQi4SX2z4Rr_CzcvP-EcCdan6Y7XWmPF5F_IW0qmJJTyufkRv2oymBjPbe6_BNAojpQsYRvgMsmY91W3C3MCSm-tyaCQjOYrKprW5jRkHvaHtG5Gc3yKHxH_jtOrgiGZJ2qELqwAOe7EVkxZPrvvSF3__GWr6QY15a4X_AcWaE6xqSa46x7bnd6vXldYDvt_naUBad6ZUoQO_4Y4OXhhsAICrDl--yW_G78smHPGNX91_ZGkaoLLARsMesCnePat25-Zrk4vcn_ttz-btS-BTqLMnaWhXXj6oijdW8fkgBoSZV4uz1s66tu-Er7qKPfsyxaMid3Uf-aGuBFQVw-j_0qN-74yjxURf5aFZmP7oyKkTC7Kn9BrKYe5yA4r6IsQTJn16Nn5mCIY2ktV2DREhLWXsSUyIsYPYcepVv7YuHa-aeKrNVBvJuGwxSMghIEBGd1AFCofyp5HZbfax-pxBGEuYmNl5K3yvx36kefPWMtsrFLpV4E0EiIWBt63MEHqqNMvpiXz6HOMf5mfu4_cEbIyVioqI3fAZKO3TuMavroEg_s0aLCohfi1V9c2NPkw8TVt6F2sscQTsBxrQrjrx-dbqp30U_yAbbFQ4fkf1HyuggZNzoOEKS2GQbeCr4J6zDH7uM_juaRqHA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.141995243671436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-NEjrdZ9pVNlLCcnw-LJz3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-NEjrdZ9pVNlLCcnw-LJz3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.690037760547499
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-0JkHAaKpws_uQlr55TWBiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-0JkHAaKpws_uQlr55TWBiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUUG-aBhrPspqaeZxMRlR5CvQFgR8StrHemyv-3VuqX0HMF-wP1UCqkLYUyoSuBw9EP3RApeOfBtg7FZ098sbbJlvCtm_U_Sa-Eh6jhPSt4cwcyHaa-effzq-TjTtrSw1MQWh1iGQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUUG-aBhrPspqaeZxMRlR5CvQFgR8StrHemyv-3VuqX0HMF-wP1UCqkLYUyoSuBw9EP3RApeOfBtg7FZ098sbbJlvCtm_U_Sa-Eh6jhPSt4cwcyHaa-effzq-TjTtrSw1MQWh1iGQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMzWBhkVWrmApHsamtZMS5qmej-Chg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YE_JIMm6_Fx60UIgCin7mA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 11:25:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-YE_JIMm6_Fx60UIgCin7mA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://xrp.ofrealfaucetnotimer.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=2769359814576497&bg=!3d6l3pHNAAb4oU7C2KE7ADQBe5WfOKnByN3gY4KD8f42FbEJMGULw3Pw-UeUO9FOElQpWELWDZkTwwGwP3UkTrgZFqOQAgAAATtSAAAACGgBB5kC5gmqV0HacbDuUdPnXO6heldQxErPRWX19QqhGX9Nc22UEEKuUhhV6g9R_qPXfeO_5pZ1JBw61KFvM9o36JhSXKFPLZViW4MOVeyCv0KSoSt8yrLipmaWdTe3XveO8Kdr2KKddtDOnVstQA8Zyp6XqYjj2P9EekzRgbvAcVi730QK6jQRMGreTl5_PZFbbBL_VWPiZlkFWee98SVHjQnQv5BhSQdiyVAdynxhvgYFtPKiI0gUBSgYwv2Sr73yMNLoUGSVk0FdOpzjQxIxOzYIRMWPn79DZreNJpyL_9FH_mmxDX_79GIBN9Xy4ip0OA37y-agLtMudCkjGpe0xe0mI5Mgy1fmAKyGI2ejoQ6r0cN538fYJq7eAjaa9-uI-cx0r4o3pEVonJcqkj5zrtb8CiV8o7y3842BfmnuVsELIR7os851RtrOzP4u9la-O_lyrhJvthBnElGAiycgMyR_MeblRIvZyZefbn95OeOtL6XErhugrletn1hbNJnEKYStVyhZlkZSxBH56YhuguoOOkP33N54Kwg9bE42-k9DpscIXlJbKE2xZhFaqHjvAibOU2km6Y-d2Plp0OqDqCODcHM4UJbfSF1RoFhMKBrJKwatbGutQ6_E4Z4yvq2uv_3ijkz10f-XIAisW6_44N3hlTP0pREwxsDSP7PAwEJDpV2Wus0shwTWLntybYqFrBJahQy31u54OvSdyLnBzhD79QpVzloIDpclF8WU8eSVvc49Cm0UJTpYv7B_FUa7DnxO2BMYQtXL8B6ZjgGyss8Rqdeu4u1HAqxa86LQea1EvwXvrQmQVAz4xYs_Y1v3ucdStN4Kz4xi6z2DWxl-yCG-NJh-YRnKGBWmJGB56iXIh8e4PZH4QoPkM5lGzajGvsRHTEtPgPospA2mM_geHCLXGaxUklSY0T5ubAqmEB-dyzP82TEm_E_SVbAcrPVcaVsvdIKaDdDcsTYMzv-2aywg182IGzTSwSc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
a.ads.
fundingchoicesmessages.google.com/f/AGSKWxUhk89c1anSFXcEO1jmZC9kC9h-mhLwWHS36FiFv84_9huuseKKxJegAJeDsUR-s8SNrIiuxhZlaqCcLp_bo7f1CnvrJBugi3b2FcgzUg8qykgq6-VmnOV4cCjBzZq6mpG2PRnKQdDaHKEWTC63XSytd1rSo... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUhk89c1anSFXcEO1jmZC9kC9h-mhLwWHS36FiFv84_9huuseKKxJegAJeDsUR-s8SNrIiuxhZlaqCcLp_bo7f1CnvrJBugi3b2FcgzUg8qykgq6-VmnOV4cCjBzZq6mpG2PRnKQdDaHKEWTC63XSytd1rSonTN9UPWoJFrhpC4orVkQV8H4hOKbNEF/_=ad-leaderboard-/videojs.ads./ad/load._120x600.://a.ads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.G8fuyyHgmYA.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxKNxX20Dtv_dBfN84EHuo7MN_JYw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e72b0e91d228246367b732239b02baa3d652010876cc199c5eb606d8d3e5b48e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fEHQAZDTwK0OM9_i_czupQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fEHQAZDTwK0OM9_i_czupQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.G8fuyyHgmYA.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxKNxX20Dtv_dBfN84EHuo7MN_JYw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3aec1742eb4656482a7392647a0a4a73c9cc7c520e68d4671df6059f641eedb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52264
x-xss-protection
0
server
cafe
etag
7103703549378533413
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 11:25:04 GMT
AGSKWxUUG-aBhrPspqaeZxMRlR5CvQFgR8StrHemyv-3VuqX0HMF-wP1UCqkLYUyoSuBw9EP3RApeOfBtg7FZ098sbbJlvCtm_U_Sa-Eh6jhPSt4cwcyHaa-effzq-TjTtrSw1MQWh1iGQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUUG-aBhrPspqaeZxMRlR5CvQFgR8StrHemyv-3VuqX0HMF-wP1UCqkLYUyoSuBw9EP3RApeOfBtg7FZ098sbbJlvCtm_U_Sa-Eh6jhPSt4cwcyHaa-effzq-TjTtrSw1MQWh1iGQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMzWBhkVWrmApHsamtZMS5qmej-Chg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_PyAmqbu-JgQCGHtZ_VdwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 11:25:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_PyAmqbu-JgQCGHtZ_VdwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://xrp.ofrealfaucetnotimer.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUUG-aBhrPspqaeZxMRlR5CvQFgR8StrHemyv-3VuqX0HMF-wP1UCqkLYUyoSuBw9EP3RApeOfBtg7FZ098sbbJlvCtm_U_Sa-Eh6jhPSt4cwcyHaa-effzq-TjTtrSw1MQWh1iGQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUUG-aBhrPspqaeZxMRlR5CvQFgR8StrHemyv-3VuqX0HMF-wP1UCqkLYUyoSuBw9EP3RApeOfBtg7FZ098sbbJlvCtm_U_Sa-Eh6jhPSt4cwcyHaa-effzq-TjTtrSw1MQWh1iGQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMzWBhkVWrmApHsamtZMS5qmej-Chg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FLnAshtn9BNtcH6claGfYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 11:25:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FLnAshtn9BNtcH6claGfYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://xrp.ofrealfaucetnotimer.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUUG-aBhrPspqaeZxMRlR5CvQFgR8StrHemyv-3VuqX0HMF-wP1UCqkLYUyoSuBw9EP3RApeOfBtg7FZ098sbbJlvCtm_U_Sa-Eh6jhPSt4cwcyHaa-effzq-TjTtrSw1MQWh1iGQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUUG-aBhrPspqaeZxMRlR5CvQFgR8StrHemyv-3VuqX0HMF-wP1UCqkLYUyoSuBw9EP3RApeOfBtg7FZ098sbbJlvCtm_U_Sa-Eh6jhPSt4cwcyHaa-effzq-TjTtrSw1MQWh1iGQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMzWBhkVWrmApHsamtZMS5qmej-Chg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-v_DE-dcSN0V6_sCs8hBg6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 11:25:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-v_DE-dcSN0V6_sCs8hBg6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://xrp.ofrealfaucetnotimer.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUUG-aBhrPspqaeZxMRlR5CvQFgR8StrHemyv-3VuqX0HMF-wP1UCqkLYUyoSuBw9EP3RApeOfBtg7FZ098sbbJlvCtm_U_Sa-Eh6jhPSt4cwcyHaa-effzq-TjTtrSw1MQWh1iGQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUUG-aBhrPspqaeZxMRlR5CvQFgR8StrHemyv-3VuqX0HMF-wP1UCqkLYUyoSuBw9EP3RApeOfBtg7FZ098sbbJlvCtm_U_Sa-Eh6jhPSt4cwcyHaa-effzq-TjTtrSw1MQWh1iGQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMzWBhkVWrmApHsamtZMS5qmej-Chg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i3v4BL3qL2OEYYNyllOPFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 11:25:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-i3v4BL3qL2OEYYNyllOPFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://xrp.ofrealfaucetnotimer.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVPx7_vdTq11dOtSBaMQcEWD3ghNOjn1Wy7TtAPeJMIFF6NL7MJnisPh4hGnknELUoQdIWIy1l7Wx2aXezZ7X5W10tXcM0ahiipdlDbhG5qdRdR91bvvYf9IzqWKw2smXB0Gau92w==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVPx7_vdTq11dOtSBaMQcEWD3ghNOjn1Wy7TtAPeJMIFF6NL7MJnisPh4hGnknELUoQdIWIy1l7Wx2aXezZ7X5W10tXcM0ahiipdlDbhG5qdRdR91bvvYf9IzqWKw2smXB0Gau92w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5MTgzNTA0LDQzODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly94cnAub2ZyZWFsZmF1Y2V0bm90aW1lci5jb20vIixudWxsLFtbOCwiRzhmdXl5SGdtWUEiXSxbOSwiemgtQ04iXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMzWBhkVWrmApHsamtZMS5qmej-Chg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52681abfe9bc7c54684dada53d511a70cf46bbc5c3de1bb41d43b991e43f5c93
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ww0-6CkJObhXAbyc7OO8rQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xrp.ofrealfaucetnotimer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:25:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ww0-6CkJObhXAbyc7OO8rQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXxMhLyjwCp3Bz6GXqIOdl8havRa30FiolPujwnCc-RX2DpMq2svjaJN8B5l4H90VfYPaO1V1PG--b1IC56Mqbh_4yUm2EMmiwz4vzTUbBPo3rwQmeU9x_M6ShKvsYgL86imdKIww==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXxMhLyjwCp3Bz6GXqIOdl8havRa30FiolPujwnCc-RX2DpMq2svjaJN8B5l4H90VfYPaO1V1PG--b1IC56Mqbh_4yUm2EMmiwz4vzTUbBPo3rwQmeU9x_M6ShKvsYgL86imdKIww==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMzWBhkVWrmApHsamtZMS5qmej-Chg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Dh_XF1KcwgywFmMdjJqdEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 11:25:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-Dh_XF1KcwgywFmMdjJqdEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://xrp.ofrealfaucetnotimer.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUUG-aBhrPspqaeZxMRlR5CvQFgR8StrHemyv-3VuqX0HMF-wP1UCqkLYUyoSuBw9EP3RApeOfBtg7FZ098sbbJlvCtm_U_Sa-Eh6jhPSt4cwcyHaa-effzq-TjTtrSw1MQWh1iGQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUUG-aBhrPspqaeZxMRlR5CvQFgR8StrHemyv-3VuqX0HMF-wP1UCqkLYUyoSuBw9EP3RApeOfBtg7FZ098sbbJlvCtm_U_Sa-Eh6jhPSt4cwcyHaa-effzq-TjTtrSw1MQWh1iGQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMzWBhkVWrmApHsamtZMS5qmej-Chg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8yCEsAwLPxbw_WNUVBirRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xrp.ofrealfaucetnotimer.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 11:25:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-8yCEsAwLPxbw_WNUVBirRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://xrp.ofrealfaucetnotimer.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DD61 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5zpmA7uevoJ9f8ugaf19olFQtarexSieuWTe8POpiKy9P7poKW7P-_zIwrchj0uPBUZ74f13GW3RfZ1tQ3n38E5xcWsgHIM2ZSSEYV7iK6UAQ5yU9Zyl3mV7J5M1CZ_QaruH2nL6zCg&sai=AMfl-YRXyUGFz4AP76iHJ6mF0AbB7sc6FHdsNvWj-QyzqIXAxayVhHO1ZR6X3_pZtXfOCeYPANgdFy5xu2kbctAtoQHZi0ucv3ny4_p_z3XQIsdMxSo6M9XHFqbvwuIOsdUyPIPasDgOQlLMPgTNMA&sig=Cg0ArKJSzAxhYVgPvIHOEAE&cid=CAQSTADICaaNnihbpHEAmWcqEeakZXQ1pUKVL4t2I3gbFHAPYIca6uGRhAd8FVfO6rWN5FafDG0XdcUP1TYIZf0yDHfvi7uQHUyggYh_oyIYAQ&id=lidarv&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,105,273,371%26tos%3D0,2132,0,0,0%26mtos%3D0,2132,2132,2132,2132%26amtos%3D0,0,0,0,0%26mcvt%3D2132%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2326%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D25%26pst%3D216%26dur%3D15018%26vmtime%3D2340%26dtos%3D2132%26dtoss%3D1%26dvs%3D2132%26dfvs%3D0%26dvpt%3D2326%26is%3D33554707%26i0%3D33554450%26ic%3D257%26cs%3D33554707%26c%3D0.88%26mc%3D0.88%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D526369412%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2132&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1699183502676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIzLHA6N-sggMVrSCDAx2GWw18EAAYACDKqqlhOhoI0c7AqQEQwb3CxssEGKK-4-MDIIifu7GzEkITCPfUnujfrIIDFalRDwId7v8M2g;dc_rmcid=CAQSTADICaaNnihbpHEAmWcqEeakZXQ1pUKVL4t2I3gbFHAPYIca6uGRhAd8FVfO6rWN5FafDG0...
ade.googlesyndication.com/ddm/activity/ Frame DD61 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzLHA6N-sggMVrSCDAx2GWw18EAAYACDKqqlhOhoI0c7AqQEQwb3CxssEGKK-4-MDIIifu7GzEkITCPfUnujfrIIDFalRDwId7v8M2g;dc_rmcid=CAQSTADICaaNnihbpHEAmWcqEeakZXQ1pUKVL4t2I3gbFHAPYIca6uGRhAd8FVfO6rWN5FafDG0XdcUP1TYIZf0yDHfvi7uQHUyggYh_oyIYAQ;eps=CIBhEAEYHzICigI6AoBASL39wTo;met=1;acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,105,273,371%26tos%3D0,3576,0,0,0%26mtos%3D0,3576,3576,3576,3576%26amtos%3D0,0,0,0,0%26mcvt%3D3576%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3770%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D27%26pst%3D216%26dur%3D15018%26vmtime%3D3785%26dtos%3D1444%26dtoss%3D2%26dvs%3D1444%26dfvs%3D0%26dvpt%3D1444%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D33554707%26c%3D0.88%26mc%3D0.88%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,3576,3576,3576,3576%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D526369412%26psm%3D15%26psv%3D14%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3576;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1699183502676;ecn1=1;etm1=0;eid1=960584;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DD61 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CmPT0jXtHZbfaLamjvcAP7v-z0A2Cpubnc4ifu7GzEvuG97upGhABIKXP2HRgwQWgAZu13NYCyAEFqAMByAObBKoEhQJP0Nd7Ch9VTpDWcp5ksLgY7XeU3N2rn7DbE2c8Qwbl8adxyrEBa6yH1SD4qZXA51WNjMRvGQVUeNTe73ovla4QBewQ4htJKzMazWQv7vyhUOX6shp-bT0jINjVV4ks1XzP7UxwAKPMNrL-fIC7tTyeNin-tn7q_MlW6_gqQ0TmgnABk1ynQH97nDaaGi-YoYUHVjyb_sAjoZ4DowOWH0OR1WvDFeYy1KVEYSdv5uHpUgvgkBz4TYDHkp57U4MXiE5mXgXguw2rRY3O67WyspabixwP4iES_CxQ3fZxI3dL5WG96T0O7sO3fFYyPQunH6F9DC9LMDOfJNVm9WiCiZ5msnlFEGzABMG9wsbLBOAEA4gF-eCdj02QBgGgBnaAB83Ko6kBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CVk6wE6HPnxXIE6K-4-MD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=5b7SWQ0kgOw&label=videoplaytime25&ad_mt=3785&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,105,273,371%26tos%3D0,3576,0,0,0%26mtos%3D0,3576,3576,3576,3576%26amtos%3D0,0,0,0,0%26mcvt%3D3576%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3770%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D27%26pst%3D216%26dur%3D15018%26vmtime%3D3785%26dtos%3D1444%26dtoss%3D2%26dvs%3D1444%26dfvs%3D0%26dvpt%3D1444%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D33554707%26c%3D0.88%26mc%3D0.88%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,3576,3576,3576,3576%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D526369412%26psm%3D15%26psv%3D14%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3576&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1699183502676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&h=280&slotname=6480709254&adk=2592847289&adf=706112516&pi=t.ma~as.6480709254&w=475&fwrn=4&fwrnh=100&lmt=1699183501&rafmt=1&format=475x280&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501558&bpp=1&bdt=240&idt=144&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2550799360365&frm=20&pv=1&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=895&ady=31&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=FdeQVdqWRT&p=https%3A//xrp.ofrealfaucetnotimer.com&dtd=149
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIzLHA6N-sggMVrSCDAx2GWw18EAAYACDKqqlhOhoI0c7AqQEQwb3CxssEGKK-4-MDIIifu7GzEkITCPfUnujfrIIDFalRDwId7v8M2g;dc_rmcid=CAQSTADICaaNnihbpHEAmWcqEeakZXQ1pUKVL4t2I3gbFHAPYIca6uGRhAd8FVfO6rWN5FafDG0...
ade.googlesyndication.com/ddm/activity/ Frame DD61 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzLHA6N-sggMVrSCDAx2GWw18EAAYACDKqqlhOhoI0c7AqQEQwb3CxssEGKK-4-MDIIifu7GzEkITCPfUnujfrIIDFalRDwId7v8M2g;dc_rmcid=CAQSTADICaaNnihbpHEAmWcqEeakZXQ1pUKVL4t2I3gbFHAPYIca6uGRhAd8FVfO6rWN5FafDG0XdcUP1TYIZf0yDHfvi7uQHUyggYh_oyIYAQ;eps=CIBhEAEYHzICigI6AoBASL39wTo;met=1;acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,105,273,371%26tos%3D0,7286,0,0,0%26mtos%3D0,7286,7286,7286,7286%26amtos%3D0,0,0,0,0%26mcvt%3D7286%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7480%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D34%26pst%3D216%26dur%3D15018%26vmtime%3D7500%26dtos%3D3710%26dtoss%3D3%26dvs%3D3710%26dfvs%3D0%26dvpt%3D3710%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D33555219%26c%3D0.88%26mc%3D0.88%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,3710,3710,3710,3710%26qnc%3D0.88%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D526369412%26psm%3D255%26psv%3D254%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7286;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1699183502676;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DD61 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CmPT0jXtHZbfaLamjvcAP7v-z0A2Cpubnc4ifu7GzEvuG97upGhABIKXP2HRgwQWgAZu13NYCyAEFqAMByAObBKoEhQJP0Nd7Ch9VTpDWcp5ksLgY7XeU3N2rn7DbE2c8Qwbl8adxyrEBa6yH1SD4qZXA51WNjMRvGQVUeNTe73ovla4QBewQ4htJKzMazWQv7vyhUOX6shp-bT0jINjVV4ks1XzP7UxwAKPMNrL-fIC7tTyeNin-tn7q_MlW6_gqQ0TmgnABk1ynQH97nDaaGi-YoYUHVjyb_sAjoZ4DowOWH0OR1WvDFeYy1KVEYSdv5uHpUgvgkBz4TYDHkp57U4MXiE5mXgXguw2rRY3O67WyspabixwP4iES_CxQ3fZxI3dL5WG96T0O7sO3fFYyPQunH6F9DC9LMDOfJNVm9WiCiZ5msnlFEGzABMG9wsbLBOAEA4gF-eCdj02QBgGgBnaAB83Ko6kBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CVk6wE6HPnxXIE6K-4-MD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=5b7SWQ0kgOw&label=videoplaytime50&ad_mt=7501&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,105,273,371%26tos%3D0,7286,0,0,0%26mtos%3D0,7286,7286,7286,7286%26amtos%3D0,0,0,0,0%26mcvt%3D7286%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7480%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D34%26pst%3D216%26dur%3D15018%26vmtime%3D7500%26dtos%3D3710%26dtoss%3D3%26dvs%3D3710%26dfvs%3D0%26dvpt%3D3710%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D33555219%26c%3D0.88%26mc%3D0.88%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,3710,3710,3710,3710%26qnc%3D0.88%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D526369412%26psm%3D255%26psv%3D254%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7286&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1699183502676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9049134742212857&output=html&h=280&slotname=6480709254&adk=2592847289&adf=706112516&pi=t.ma~as.6480709254&w=475&fwrn=4&fwrnh=100&lmt=1699183501&rafmt=1&format=475x280&url=https%3A%2F%2Fxrp.ofrealfaucetnotimer.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699183501558&bpp=1&bdt=240&idt=144&shv=r20231101&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2550799360365&frm=20&pv=1&ga_vid=297323126.1699183502&ga_sid=1699183502&ga_hid=2122102667&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=895&ady=31&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079080%2C31079232%2C42531706%2C44807048%2C44807334%2C44807454%2C44807464%2C31078301%2C31079423%2C31079384&oid=2&pvsid=2769359814576497&tmod=580626632&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=FdeQVdqWRT&p=https%3A//xrp.ofrealfaucetnotimer.com&dtd=149
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 11:25:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| adsbygoogle function| pJS function| hexToRgb function| clamp function| isInArray object| $jscomp function| $jscomp$lookupPolyfilledValue function| $ function| jQuery number| uidEvent object| bootstrap function| Waypoint function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS function| Color function| Chart object| toastr object| YTPlayer function| DataTable object| NioApp object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googTempStyleOverrideInfo object| googNavStack object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YzZmNTBkM2EzOTcyMTQ3NGxvYWRlcl9qcw== string| YzZmNTBkM2EzOTcyMTQ3NGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag string| waypointContextKey object| GoogleGcLKhOms boolean| 5a4c0755-67ef-478a-9a6a-fc0497327744

10 Cookies

Domain/Path Name / Value
xrp.ofrealfaucetnotimer.com/ Name: csrf_cookie_name
Value: 40c6f50b38cec71ad35ca9886ec65bf3
xrp.ofrealfaucetnotimer.com/ Name: ci_session
Value: 46042b68dd2464117b00b2dda5b221a91792bfb7
.ofrealfaucetnotimer.com/ Name: __gads
Value: ID=8cecad07ad505721:T=1699183501:RT=1699183501:S=ALNI_MZ7tFqP31ogIMwfqM11XvGDdasxJQ
.ofrealfaucetnotimer.com/ Name: __gpi
Value: UID=00000c8049677127:T=1699183501:RT=1699183501:S=ALNI_MZZg0_h4ZC-jEVRH5JIihJ-WFyeqQ
.doubleclick.net/ Name: IDE
Value: AHWqTUlhlFB7MSLSnXHWbc5X-BeYxZn-izQGgfZrL4z-igPNQyHNvBHm3QrWt3wqkE4
.doubleclick.net/ Name: APC
Value: AfxxVi7DngWxST112PGme1EaT2TKt8BzP42g4ybwFj7JXqLnQ-r7yQ
.casalemedia.com/ Name: CMID
Value: ZUd7jnprpxK5rrNvOP-M8QAA
.casalemedia.com/ Name: CMPS
Value: 5039
.casalemedia.com/ Name: CMPRO
Value: 5039
.ofrealfaucetnotimer.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_1ybcwmwXMoMUE1NMU7VtELVYxOPK5Zp2hd6x5oZ_W8vKAiEGGZDpdnl7WOJ589TaKqMuNaJw0y7p75Dom1KBEkey9Y-NAZlUO9XH1DMshk5yWEjaEpPYxLIeaCgRy2YhE-h4JdNRFL8b6atNCkD4kd0RXAQ%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
bid.g.doubleclick.net
cm.g.doubleclick.net
cryptocoinsad.com
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
r5---sn-npoldne7.c.2mdn.net
tpc.googlesyndication.com
www.google.com
xrp.ofrealfaucetnotimer.com
142.251.175.155
172.217.194.156
172.64.151.101
2404:6800:4003:14::a
2404:6800:4003:c00::66
2404:6800:4003:c01::5e
2404:6800:4003:c04::65
2404:6800:4003:c04::9b
2404:6800:4003:c05::5f
2404:6800:4003:c0f::5f
2404:6800:4003:c0f::84
2404:6800:4003:c1a::6a
2404:6800:4003:c1c::9c
2404:6800:4005:811::2003
2606:4700:3035::6815:17da
2a02:4780:3:602:0:383f:86ca:5
64.233.170.154
74.125.24.154
0146164ef9d75d2b1605651c094b6e8e39274cdc04bca3c5f614235e17293e8e
07829d07ca1b2956bba554902f1250be73686eda59d57bf16bdfd6b65996c341
0976bfecf24b8e682ff60e788dd7b520dffd664cadca77c534166ec8a70e2cae
0aadfb39cd42b417e91e913a6a8fcbe8b4038d0bcf0efdb669312e6114f3adb0
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
19e99abb0b2420000fd85ee7e6959d5a96f51e43970e41bebe1530248e0bc799
19f7d2a46d8e304379022578be5e2459a7d097ed03e46b739659a4d03ccb7a80
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2058565d4e59b504a62266f8b8d604154f6a27f0a6791e58fafd9e15d114ca80
26c6b253d74f84feade601e3155b6dea6655e6838dfdd9f0499f9a1387c5bf46
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a600c66ad314ec87a79aa8be19103b39e68d856870161c69d3a160df24f0b6a
2bbe73f28914c78a941cd6cec30d36f95c4fd303c444906527b337748dc1166f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f242a47c99e0761739b345d8273a8495be753e03cc752e36becf94dde14b8f8
3aec1742eb4656482a7392647a0a4a73c9cc7c520e68d4671df6059f641eedb4
3b4a3185d9490f0f5c2b05c4d881bcc6cd33706cf0eee7079c883792456979df
3ddf9d25df26f33a100ca8e7fbaa09333880317121d8b9dc6948dc1ae6443c85
4d59317c36ebdad1f2a6a32ac70c3d8d633192c15a961b668f6321997c15720b
4dd3a302bb4a562fdd5084efd135f27f50e5a89c63deac81d34ff1cfaf10399a
52681abfe9bc7c54684dada53d511a70cf46bbc5c3de1bb41d43b991e43f5c93
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ebff467f3090d6f77aa804ada5b9642fada1e88f89e12a0c1047120daae777
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
6793abf92943d13b77b76fdf300ce8b6514464fa2bf2c1479e600c709dbed74a
6a55715c479acd62ce9cfa67335c3726cf837e3df24e166b0784748b18e28a3d
6f660a57b5c6062f6cc6341a59a67c1ed8008e4523275866256ed971efea50e9
700b8ec7174cbee39c043292643ec96fa0a034cf11caae2f9372384ef943ea17
77c4b18091b677aeef1d2e5d85751d17d1de1b25525aad309f9e3e10de9e319e
821604f45df4c4b9cdb480dfe777edb75aac8b2db45fa6c08f1944b2a293b4e2
84a68f58213865ca71e412ab2ea39b279d7cd4836d15273f6fc98ad4ee9b28da
8dc5d3d6bbc50a39adaed1b262687b67edea706d5fc1d325a83c82eeb912ec18
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
a4231a5ac3c8b6ee079f1d82dedc74564fcb86d4b6801905f6e52250e636fa95
ac5bf0ec2dc9d22e8d1f68387d6ff759c013b66b402d56e379e1e3209293e13a
ad24649b3b8ddfa72af99ed37813a77d9abfb15de3969576716ce238fa1d7f14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828
b55ca6588ca330465c4ab1e64a5f29f81562516f335c9e940c573a0782faf241
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72b0e91d228246367b732239b02baa3d652010876cc199c5eb606d8d3e5b48e
ea3de4433d50765345964791851e23f287ae41798be6de55487e3470eee77461
ec341dbce749096e5755f6d1accebfd6ea7972f0c08982cc783bb2e20e350666
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22061853568d37b9b8f4775622b90ad1a559a4fbbfb22491226f883c1b7fad7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615