ventureworse.top Open in urlscan Pro
161.117.95.101 Public Scan

xx-fbcdn-shv-01-sin11.fbcdn.net

Software

Google Tag Manager /

Resource Hash

ad052f1525fb7b7bc8a6b481e9b181aa5d238ffa5e490c6dc52758b5b5d75c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 14 Dec 2024 04:10:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 04:10:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 14 Dec 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81664
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 352985638959852 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 268ms
267ms Script
application/x-javascript 57.144.144.128
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/352985638959852?v=2.9.179&r=stable&domain=ventureworse.top&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.128 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e9173a77a9ceef6fdffaf76789127be6ce9126f6f082764aa23a5c7970dbd38

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-5lwjiD1r' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 04:10:22 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-5lwjiD1r' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=71, mss=1232, tbw=70538, tp=66, tpl=0, uplat=263, ullat=0
pragma: public
x-fb-debug: niYPfwjqgucwUad4FOabMen/3d0LcsnEN0K7PXzgaQzymrpzgBIWzSjPB5Ixvo4Umo/yjUM8cBgj2zk7GWSUag==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 428 KB
134 KB 28ms
27ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4WCXFEPM8D&l=dataLayer&cx=c&gtm=457e4cc1za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125035566-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9dd9e8809053f3e53b808ee9af6a652097bd6a3c2d1855fdac010196841bdd6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 14 Dec 2024 04:10:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 04:10:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 136891
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 43ms
5ms Script
text/javascript 74.125.24.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125035566-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-encoding: gzip
age: 4908
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 14 Dec 2024 04:48:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 02:48:34 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
91 KB 20ms
18ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10898871192&l=dataLayer&cx=c&gtm=457e4cc1za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125035566-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab4d5a0c37468b85343f49b4536e222d44f8cef9f91dcf10fde99d99399bf9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 14 Dec 2024 04:10:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 04:10:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 14 Dec 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93249
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
93 KB 15ms
13ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11024552970&l=dataLayer&cx=c&gtm=457e4cc1za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125035566-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

607d7963e6a31c9f51f00740f95fab47ca97abb5e0c2f313ec100f5728820948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 14 Dec 2024 04:10:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 04:10:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 14 Dec 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94738
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
98 KB 17ms
17ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11401819748&l=dataLayer&cx=c&gtm=457e4cc1za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125035566-1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39e523a35a19f8a92c014e632a1991290f42cf4aa253f599c856b7951dbd576b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 14 Dec 2024 04:10:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 04:10:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 14 Dec 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100153
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 5.92e67c077ae63d87f11e.js Show response
l3filejson4dvd.josyliving.com/static/js/ 10 KB
4 KB 21ms
20ms Script
application/javascript 35.190.89.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://l3filejson4dvd.josyliving.com/static/js/5.92e67c077ae63d87f11e.js
Requested by: Host: l3filejson4dvd.josyliving.com
URL: https://l3filejson4dvd.josyliving.com/static/js/manifest.90edda3bb9fbc8fb75eb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.89.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.89.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: dad3e9a286f195b15bf1821c7ec273eaab8f89eb130aab97f098cdbd3fb5a2b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,XMLHttpRequest
cache-control: public,max-age=86400
content-encoding: gzip
etag: W/"6758f0c8-2725"
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 04:10:22 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 01:54:16 GMT
server: openresty
vary: Accept-Encoding

GET
H/1.1 200
OK m Show response
ventureworse.top/ 14 KB
6 KB 6ms
5ms XHR
text/html 161.117.95.101
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ventureworse.top/m?event_name=PageView&event_label=&time_stamp=1734149422380&cl=ro_ro&user_ID=&UA=Mozilla%2F5.0+(X11%3B+Linux+x86_64)+AppleWebKit%2F537.36+(KHTML,+like+Gecko)+Chrome%2F131.0.0.0+Safari%2F537.36&campaign_ID=&experiment=&session_ID=702ce086-60ff-7a16-ac44-a767c0a49f58&utm_source=&utm_medium=&ad_id=&url=https:%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1
Requested by: Host: l3filejson4dvd.josyliving.com
URL: https://l3filejson4dvd.josyliving.com/static/js/vendor.8877d4ef963a05fb6923.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 161.117.95.101 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: openresty /
Resource Hash: a07477a88fc816bbf81d09565d2200162b4ac989e69a296250f3afa26961daa3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ventureworse.top/return?cl=ro_ro&track=-1

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"6758f0c8-388c"
Connection: keep-alive
Date: Sat, 14 Dec 2024 04:10:22 GMT
Content-Type: text/html
Last-Modified: Wed, 11 Dec 2024 01:54:16 GMT
Server: openresty
Vary: Accept-Encoding

GET
H3 200 ro_ro.json Show response
l3filejson4dvd.josyliving.com/static/language/ 4 KB
2 KB 12ms
5ms XHR
application/json 35.190.89.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://l3filejson4dvd.josyliving.com/static/language/ro_ro.json?v=1.5.2
Requested by: Host: l3filejson4dvd.josyliving.com
URL: https://l3filejson4dvd.josyliving.com/static/js/vendor.8877d4ef963a05fb6923.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.89.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.89.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 99009baa673a6228821c23b88ee4c3d9a049b6444e679018956c319839abbfcb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ventureworse.top/

Response headers

content-encoding: br
etag: W/"6758f0c8-10c8"
age: 147859
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 11:06:03 GMT
last-modified: Wed, 11 Dec 2024 01:54:16 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,XMLHttpRequest
cache-control: public,max-age=86400
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
content-length: 1578
server: openresty

GET
H/1.1 200
OK config Show response
ventureworse.top/codx/ab/item/ 105 B
805 B 11ms
5ms XHR
application/json 161.117.95.101
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://ventureworse.top/codx/ab/item/config?item=&path=&cl=ro_ro
Requested by: Host: l3filejson4dvd.josyliving.com
URL: https://l3filejson4dvd.josyliving.com/static/js/vendor.8877d4ef963a05fb6923.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 161.117.95.101 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: openresty /
Resource Hash: b44de658af2f5502b6d66e8bc763812b789c275ab0a21e63a4ab8f12a296b319

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ventureworse.top/return?cl=ro_ro&track=-1

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 105
Date: Sat, 14 Dec 2024 04:10:22 GMT
Content-Type: application/json; charset=utf-8
Server: openresty
Access-Control-Allow-Headers: Origin,X-Requested-With,Content-Type,Accept

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
419 B 5ms
4ms XHR
text/plain 74.125.24.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1730189225&t=pageview&_s=1&dl=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&ul=en-sg&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1703606061&gjid=1648912065&cid=591667636.1734149422&tid=UA-125035566-1&_gid=292939236.1734149422&_r=1&gtm=457e4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&jsscut=1&z=597821994

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ventureworse.top/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 04:10:22 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://ventureworse.top
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
345 B 5ms
4ms Image
image/gif 74.125.24.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1730189225&t=event&_s=2&dl=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&ul=en-sg&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&ea=PageView&el=&ev=1734149422170&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=591667636.1734149422&tid=UA-125035566-1&_gid=292939236.1734149422&gtm=457e4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&jsscut=1&z=1416878867

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

age: 31287
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 19:28:55 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

POST
H3 200 collect
www.google.com/ccm/ 0
0 18ms
7ms Ping
text/plain 142.251.175.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fventureworse.top%2Freturn&scrsrc=www.googletagmanager.com&frm=0&rnd=2004151925.1734149423&auid=272809007.1734149423&navt=n&npa=0&gtm=45be4cc1v9166446496za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734149422506&tfd=835&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11024552970&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.175.106 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f106.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11024552970/ 5 KB
2 KB 23ms
14ms Script
text/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11024552970/?random=1734149422499&cv=11&fst=1734149422499&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9166446496za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11024552970&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff435b6bd1f98dc40f205525f57cce7daa9c92be3bd684b4d2c185950ef568b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2224
date: Sat, 14 Dec 2024 04:10:22 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 11024552970
td.doubleclick.net/td/rul/ Frame 23DB 0
0 26ms
13ms Document
text/html 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11024552970?random=1734149422499&cv=11&fst=1734149422499&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9166446496za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11024552970&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ventureworse.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 583
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Dec 2024 04:10:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11024552970/ 5 KB
2 KB 18ms
18ms Script
text/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11024552970/?random=1734149422548&cv=11&fst=1734149422548&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9166446496za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&value=1734149422170&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3DPageView%3Bevent_category%3Dhttps%3A%2F%2Fventureworse.top%2Freturn%3Fcl%5C%3Dro_ro%26track%5C%3D-1%3Bevent_label%3D&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11024552970&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3aab1fb9895b557229d1d2c06ccb3ca3e8cc86d03f723a3e589965d4a320f834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2278
date: Sat, 14 Dec 2024 04:10:22 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 11024552970
td.doubleclick.net/td/rul/ Frame F0AE 0
0 18ms
15ms Document
text/html 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11024552970?random=1734149422548&cv=11&fst=1734149422548&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9166446496za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&value=1734149422170&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3DPageView%3Bevent_category%3Dhttps%3A%2F%2Fventureworse.top%2Freturn%3Fcl%5C%3Dro_ro%26track%5C%3D-1%3Bevent_label%3D

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11024552970&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ventureworse.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 583
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Dec 2024 04:10:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10898871192/ 5 KB
2 KB 15ms
14ms Script
text/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10898871192/?random=1734149422577&cv=11&fst=1734149422577&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10898871192&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd4a75e1905d0318ea0d8bbfc1f5d1ceb6086e5a35e1933e4f670d8faf5ec4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2235
date: Sat, 14 Dec 2024 04:10:22 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 10898871192
td.doubleclick.net/td/rul/ Frame 58D1 0
0 15ms
13ms Document
text/html 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/10898871192?random=1734149422577&cv=11&fst=1734149422577&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10898871192&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ventureworse.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Dec 2024 04:10:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10898871192/ 5 KB
2 KB 15ms
14ms Script
text/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10898871192/?random=1734149422624&cv=11&fst=1734149422624&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&value=1734149422170&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3DPageView%3Bevent_category%3Dhttps%3A%2F%2Fventureworse.top%2Freturn%3Fcl%5C%3Dro_ro%26track%5C%3D-1%3Bevent_label%3D&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10898871192&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0d665503d084ea8cb0075325cda1db269e8790c83a6af7fd8cdd400f15e1fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2267
date: Sat, 14 Dec 2024 04:10:22 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 10898871192
td.doubleclick.net/td/rul/ Frame 258A 0
0 12ms
11ms Document
text/html 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/10898871192?random=1734149422624&cv=11&fst=1734149422624&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&value=1734149422170&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3DPageView%3Bevent_category%3Dhttps%3A%2F%2Fventureworse.top%2Freturn%3Fcl%5C%3Dro_ro%26track%5C%3D-1%3Bevent_label%3D

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10898871192&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ventureworse.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Dec 2024 04:10:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11401819748/ 5 KB
2 KB 17ms
16ms Script
text/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11401819748/?random=1734149422652&cv=11&fst=1734149422652&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9170574439za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11401819748&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96ebd4ddae47e8e5ef7d7b194c3438ff45fa704ffdb05c0e1941ca5f975951a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2244
date: Sat, 14 Dec 2024 04:10:22 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 11401819748
td.doubleclick.net/td/rul/ Frame 6F1D 0
0 16ms
15ms Document
text/html 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11401819748?random=1734149422652&cv=11&fst=1734149422652&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9170574439za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11401819748&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ventureworse.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Dec 2024 04:10:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 11401819748
google.com/ccm/form-data/ 0
20 B 19ms
6ms Ping
text/plain 172.253.118.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/11401819748?gtm=45be4cc1pfv9170574439za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&npa=0&frm=0&pscdl=noapi&auid=272809007.1734149423&ec_mode=a&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11401819748&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.118.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sl-in-f101.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:57:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:57:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ventureworse.top
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 04:10:22 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11401819748/ 5 KB
2 KB 18ms
16ms Script
text/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11401819748/?random=1734149422699&cv=11&fst=1734149422699&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9170574439za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&value=1734149422170&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3DPageView%3Bevent_category%3Dhttps%3A%2F%2Fventureworse.top%2Freturn%3Fcl%5C%3Dro_ro%26track%5C%3D-1%3Bevent_label%3D&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11401819748&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11e8a8c2caf4fb2249c069d62b4582f36417932bd9cede213e4a13e76546ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2276
date: Sat, 14 Dec 2024 04:10:22 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 11401819748
td.doubleclick.net/td/rul/ Frame B5F0 0
0 14ms
13ms Document
text/html 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11401819748?random=1734149422699&cv=11&fst=1734149422699&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9170574439za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&value=1734149422170&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3DPageView%3Bevent_category%3Dhttps%3A%2F%2Fventureworse.top%2Freturn%3Fcl%5C%3Dro_ro%26track%5C%3D-1%3Bevent_label%3D

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11401819748&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ventureworse.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Dec 2024 04:10:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ro_ro.json Show response
l3filejson4dvd.josyliving.com/static/returnPolicy/ 3 KB
1 KB 19ms
18ms XHR
application/json 35.190.89.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://l3filejson4dvd.josyliving.com/static/returnPolicy/ro_ro.json?v=1.3.8
Requested by: Host: l3filejson4dvd.josyliving.com
URL: https://l3filejson4dvd.josyliving.com/static/js/vendor.8877d4ef963a05fb6923.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.89.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.89.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 34f0a8a0c1c5c6b102c2f9756baddb3bf3135864c797105d63300e3ad51f18c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://ventureworse.top/

Response headers

vary: Accept-Encoding
cache-control: public,max-age=86400
content-encoding: br
etag: W/"6758f0c8-ced"
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 04:10:22 GMT
content-type: application/json
last-modified: Wed, 11 Dec 2024 01:54:16 GMT
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,XMLHttpRequest

GET
H3

204

https://analytics.google.com/g/collect?v=2&tid=G-4WCXFEPM8D&gtm=45je4cc1v887490662za200&_p=1734149422170&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~10219817...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=591667636.1734149422&dbk=796876621774797091&dma=0&en=page_view&gtm=45je4cc1v887490662za200&npa=0&tid=G-4WCXFEPM8D&dl=ht...

0
0

10ms
10ms

Fetch
text/plain

74.125.24.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=591667636.1734149422&dbk=796876621774797091&dma=0&en=page_view&gtm=45je4cc1v887490662za200&npa=0&tid=G-4WCXFEPM8D&dl=https%3A%2F%2Fventureworse.top%3F
Requested by: Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1
Protocol: H3
Server: 74.125.24.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Sat, 14 Dec 2024 04:10:23 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=591667636.1734149422&dbk=796876621774797091&dma=0&en=page_view&gtm=45je4cc1v887490662za200&npa=0&tid=G-4WCXFEPM8D&dl=https%3A%2F%2Fventureworse.top%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 04:10:22 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
554 B 17ms
4ms Ping
text/plain 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4WCXFEPM8D&cid=591667636.1734149422&gtm=45je4cc1v887490662za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4WCXFEPM8D&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ventureworse.top
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 04:10:22 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 rul
td.doubleclick.net/td/ga/ Frame 5DD8 0
0 9ms
8ms Document
text/html 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-4WCXFEPM8D&gacid=591667636.1734149422&gtm=45je4cc1v887490662za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1183623942

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4WCXFEPM8D&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ventureworse.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Dec 2024 04:10:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 53ms
15ms Image
image/gif 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4WCXFEPM8D&cid=591667636.1734149422&gtm=45je4cc1v887490662za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1430338118

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 04:10:22 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 9E3A 0
0 11ms
5ms Document
text/html 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fventureworse.top

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11024552970&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

edge-star-mini-shv-01-sin11.facebook.com

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 14 Dec 2024 04:10:22 GMT
expires: Sun, 14 Dec 2025 04:10:22 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 9ms
4ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-4WCXFEPM8D&gtm=45je4cc1v887490662za200&_p=1734149422170&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=591667636.1734149422&ecid=278516427&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AgAI&_s=2&sid=1734149422&sct=1&seg=0&dl=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&dt=&en=PageView&_ee=1&ep.event_category=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&ep.event_label=&epn.value=1734149422170&_et=10&tfd=1230
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4WCXFEPM8D&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ventureworse.top
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 04:10:22 GMT
content-type: text/plain
server: Golfe2

GET
H3

204

https://analytics.google.com/g/collect?v=2&tid=G-4WCXFEPM8D&gtm=45je4cc1v887490662za200&_p=1734149422170&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=5...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=591667636.1734149422&dbk=1939208422266052311&dma=0&en=page_view&gtm=45je4cc1v887490662za200&npa=0&tid=G-4WCXFEPM8D&dl=h...

0
0

29ms
27ms

Fetch
text/plain

74.125.24.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=591667636.1734149422&dbk=1939208422266052311&dma=0&en=page_view&gtm=45je4cc1v887490662za200&npa=0&tid=G-4WCXFEPM8D&dl=https%3A%2F%2Fventureworse.top%3F
Requested by: Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1
Protocol: H3
Server: 74.125.24.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Sat, 14 Dec 2024 04:10:23 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=591667636.1734149422&dbk=1939208422266052311&dma=0&en=page_view&gtm=45je4cc1v887490662za200&npa=0&tid=G-4WCXFEPM8D&dl=https%3A%2F%2Fventureworse.top%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 04:10:22 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 30ms
3ms Image
text/plain 57.144.144.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=352985638959852&ev=PageView&dl=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&rl=&if=false&ts=1734149422977&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734149422972.628498139153471832&ler=empty&cdl=API_unavailable&it=1734149422230&coo=false&dpo=&rqm=GET

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4643, tp=12, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 14 Dec 2024 04:10:23 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
191 B 289ms
262ms Image
image/png 57.144.144.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=352985638959852&ev=PageView&dl=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&rl=&if=false&ts=1734149422977&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734149422972.628498139153471832&ler=empty&cdl=API_unavailable&it=1734149422230&coo=false&dpo=&rqm=FGET

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin11.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7448115058507354370"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 04:10:23 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: m16fmr0hn35SE8aarT5UwhDxZAGp28tr9UUPG0Z9Hdd4WRza0EhDGvDlXGnk33mpfW30euV52r4LOi0mAzzzKA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7448115058507354370", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=5034, tp=16, tpl=0, uplat=258, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.google.com/pagead/1p-user-list/11024552970/ 42 B
64 B 11ms
9ms Image
image/gif 142.251.175.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11024552970/?random=1734149422499&cv=11&fst=1734148800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9166446496za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dgEHh1KunTMX_ivtsbrhiQrbnresQaw&random=641216087&rmt_tld=0&ipr=y

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 04:10:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/11024552970/ 42 B
154 B 16ms
13ms Image
image/gif 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/11024552970/?random=1734149422499&cv=11&fst=1734148800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9166446496za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dgEHh1KunTMX_ivtsbrhiQrbnresQaw&random=641216087&rmt_tld=1&ipr=y

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 04:10:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/11024552970/ 42 B
64 B 16ms
15ms Image
image/gif 142.251.175.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11024552970/?random=1734149422548&cv=11&fst=1734148800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9166446496za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&value=1734149422170&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3DPageView%3Bevent_category%3Dhttps%3A%2F%2Fventureworse.top%2Freturn%3Fcl%5C%3Dro_ro%26track%5C%3D-1%3Bevent_label%3D&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dCs9sxmY5zrXRuoQeE4suIVXBfXi6fSedF18ua0rgVzd3cHA1&random=3295735959&rmt_tld=0&ipr=y

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 04:10:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/11024552970/ 42 B
108 B 55ms
54ms Image
image/gif 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/11024552970/?random=1734149422548&cv=11&fst=1734148800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9166446496za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&value=1734149422170&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3DPageView%3Bevent_category%3Dhttps%3A%2F%2Fventureworse.top%2Freturn%3Fcl%5C%3Dro_ro%26track%5C%3D-1%3Bevent_label%3D&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dCs9sxmY5zrXRuoQeE4suIVXBfXi6fSedF18ua0rgVzd3cHA1&random=3295735959&rmt_tld=1&ipr=y

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 04:10:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/10898871192/ 42 B
64 B 16ms
15ms Image
image/gif 142.251.175.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10898871192/?random=1734149422577&cv=11&fst=1734148800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dfySitTRLJuZHCzRv7c8ZUZk7-PyqM4_l-2jO6hP4bdfGPrcI&random=2590912351&rmt_tld=0&ipr=y

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 04:10:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/10898871192/ 42 B
108 B 56ms
55ms Image
image/gif 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/10898871192/?random=1734149422577&cv=11&fst=1734148800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dfySitTRLJuZHCzRv7c8ZUZk7-PyqM4_l-2jO6hP4bdfGPrcI&random=2590912351&rmt_tld=1&ipr=y

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 04:10:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/10898871192/ 42 B
64 B 20ms
19ms Image
image/gif 142.251.175.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10898871192/?random=1734149422624&cv=11&fst=1734148800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&value=1734149422170&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3DPageView%3Bevent_category%3Dhttps%3A%2F%2Fventureworse.top%2Freturn%3Fcl%5C%3Dro_ro%26track%5C%3D-1%3Bevent_label%3D&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7duz5Oq7hiwK46R1R1jspUGzKibRnqBPgJfgPmpKleaNMbmzuB&random=759695680&rmt_tld=0&ipr=y

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 04:10:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/10898871192/ 42 B
64 B 12ms
11ms Image
image/gif 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/10898871192/?random=1734149422624&cv=11&fst=1734148800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&value=1734149422170&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3DPageView%3Bevent_category%3Dhttps%3A%2F%2Fventureworse.top%2Freturn%3Fcl%5C%3Dro_ro%26track%5C%3D-1%3Bevent_label%3D&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7duz5Oq7hiwK46R1R1jspUGzKibRnqBPgJfgPmpKleaNMbmzuB&random=759695680&rmt_tld=1&ipr=y

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 04:10:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/11401819748/ 42 B
64 B 14ms
13ms Image
image/gif 142.251.175.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11401819748/?random=1734149422652&cv=11&fst=1734148800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9170574439za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dmNbU16RHzJsZXTo7lJPUQJqgJM9o1-YRd-ThmzcpzpfiC8a_&random=1313654765&rmt_tld=0&ipr=y

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 04:10:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/11401819748/ 42 B
64 B 12ms
11ms Image
image/gif 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/11401819748/?random=1734149422652&cv=11&fst=1734148800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9170574439za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dmNbU16RHzJsZXTo7lJPUQJqgJM9o1-YRd-ThmzcpzpfiC8a_&random=1313654765&rmt_tld=1&ipr=y

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 04:10:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/11401819748/ 42 B
64 B 37ms
36ms Image
image/gif 142.251.175.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11401819748/?random=1734149422699&cv=11&fst=1734148800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9170574439za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&value=1734149422170&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3DPageView%3Bevent_category%3Dhttps%3A%2F%2Fventureworse.top%2Freturn%3Fcl%5C%3Dro_ro%26track%5C%3D-1%3Bevent_label%3D&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7d4g4sHcXjoVECBnf8MuLj4_uLS0Rv2G5tOV_T4VD-GbrthQSF&random=3432916178&rmt_tld=0&ipr=y

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ventureworse.top/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 04:10:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/11401819748/ 42 B
64 B 22ms
21ms Image
image/gif 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/11401819748/?random=1734149422699&cv=11&fst=1734148800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9170574439za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fventureworse.top%2Freturn%3Fcl%3Dro_ro%26track%3D-1&hn=www.googleadservices.com&frm=0&value=1734149422170&npa=0&pscdl=noapi&auid=272809007.1734149423&fledge=1&data=event%3DPageView%3Bevent_category%3Dhttps%3A%2F%2Fventureworse.top%2Freturn%3Fcl%5C%3Dro_ro%26track%5C%3D-1%3Bevent_label%3D&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7d4g4sHcXjoVECBnf8MuLj4_uLS0Rv2G5tOV_T4VD-GbrthQSF&random=3432916178&rmt_tld=1&ipr=y

Requested by

Host: ventureworse.top
URL: https://ventureworse.top/return?cl=ro_ro&track=-1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS