urlscan.io logo urlscan.io
SecurityTrails logo

workupload.com Open in urlscan Pro
193.111.198.24  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://f73.workupload.com/download/3xSs2a8cNLq
Effective URL: https://workupload.com/file/3xSs2a8cNLq
Submission: On December 04 via manual from CL — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 74 HTTP transactions. The main IP is 193.111.198.24, located in Germany and belongs to MYLOC-AS WIIT AG, DE. The main domain is workupload.com. The Cisco Umbrella rank of the primary domain is 547956.
TLS certificate: Issued by R10 on October 20th 2024. Valid for: 3 months.
This is the only time workupload.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.88.73.37 24940 (HETZNER-A...)
19 193.111.198.24 24961 (MYLOC-AS ...)
4 49.13.126.162 24940 (HETZNER-A...)
10 142.251.16.156 15169 (GOOGLE)
1 5 142.251.16.157 15169 (GOOGLE)
12 142.251.179.102 15169 (GOOGLE)
5 142.251.163.154 15169 (GOOGLE)
11 142.251.167.132 15169 (GOOGLE)
1 142.251.111.95 15169 (GOOGLE)
1 172.253.122.156 15169 (GOOGLE)
2 172.253.63.94 15169 (GOOGLE)
2 64.233.180.132 15169 (GOOGLE)
1 142.251.167.105 15169 (GOOGLE)
74 13
1    23.88.73.37 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.37.73.88.23.clients.your-server.de
f73.workupload.com
19    193.111.198.24 (Germany)

ASN24961 (MYLOC-AS WIIT AG, DE)
PTR: d6b22h04.dedi.server-hosting.expert
workupload.com
4    49.13.126.162 (Berlin, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.162.126.13.49.clients.your-server.de
t.workupload.com
10    142.251.16.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5    142.251.16.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
securepubads.g.doubleclick.net
12    142.251.179.102 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f102.1e100.net
fundingchoicesmessages.google.com
5    142.251.163.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
googleads.g.doubleclick.net
ep1.adtrafficquality.google
11    142.251.167.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f132.1e100.net
504e4d59f2d23bed43c31848ea6e5104.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
1    142.251.111.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f95.1e100.net
fonts.googleapis.com
1    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
www.googleadservices.com
2    172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net
fonts.gstatic.com
2    64.233.180.132 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f132.1e100.net
ep2.adtrafficquality.google
1    142.251.167.105 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f105.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
24 workupload.com
f73.workupload.com
workupload.com — Cisco Umbrella Rank: 547956
t.workupload.com — Cisco Umbrella Rank: 802106
427 KB
15 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
504e4d59f2d23bed43c31848ea6e5104.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
397 KB
13 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
www.google.com — Cisco Umbrella Rank: 3
139 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
227 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 527
104 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
19 KB
2 gstatic.com
fonts.gstatic.com
36 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
20 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
74 9
Domain Requested by
19 workupload.com workupload.com
12 fundingchoicesmessages.google.com workupload.com
securepubads.g.doubleclick.net
9 pagead2.googlesyndication.com workupload.com
pagead2.googlesyndication.com
6 securepubads.g.doubleclick.net 1 redirects workupload.com
securepubads.g.doubleclick.net
5 tpc.googlesyndication.com workupload.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 t.workupload.com workupload.com
t.workupload.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 www.googleadservices.com workupload.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 504e4d59f2d23bed43c31848ea6e5104.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 f73.workupload.com 1 redirects
74 16

This site contains no links.

Subject Issuer Validity Valid
workupload.com
R10		 2024-10-20 -
2025-01-18		 3 months crt.sh
t.workupload.com
E6		 2024-11-04 -
2025-02-02		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
misc-sni.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://workupload.com/file/3xSs2a8cNLq
Frame ID: 7CE252DA337E15054D017040353D7E6D
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: B4687DC556DCF82E622D6EE929160121
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-8961155381801811&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1733341931&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fworkupload.com%2Ffile%2F3xSs2a8cNLq&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733341931616&bpp=4&bdt=191&idt=215&shv=r20241120&mjsv=m202411190101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2346309817965&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95344791%2C95345966&oid=2&pvsid=1062286514720022&tmod=1832175530&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fworkupload.com%2Ffile%2F3xSs2a8cNLq&fc=1920&brdim=340%2C340%2C340%2C340%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=236
Frame ID: B1EEE00D4DBDFB95DCD134CEEB543F11
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 6C0A952D9A194CC3E7C56A83AD2DB432
Requests: 1 HTTP requests in this frame

Frame: https://504e4d59f2d23bed43c31848ea6e5104.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 34346F7BEEACFA303C5796F3220A9654
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012406252034000/amp4ads-v0.mjs
Frame ID: 56FEEABCA98878A7F57A7581F8BB5866
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: FD55F305AFB16AD346AEC15E5F22BDF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: 2A37BA7E6A6683D206A431CD349E7B3A
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 9137B8059871E2913A0FC05066D27114
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E81869C674AF814B0C4845242AB3C8E8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MonsterTutor-0.1.4-pc.zip

Page URL History Show full URLs

  1. https://f73.workupload.com/download/3xSs2a8cNLq HTTP 302
    https://workupload.com/file/3xSs2a8cNLq Page URL
  2. https://workupload.com/file/3xSs2a8cNLq Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

74
Requests

96 %
HTTPS

0 %
IPv6

9
Domains

16
Subdomains

13
IPs

2
Countries

1351 kB
Transfer

4420 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://f73.workupload.com/download/3xSs2a8cNLq HTTP 302
    https://workupload.com/file/3xSs2a8cNLq Page URL
  2. https://workupload.com/file/3xSs2a8cNLq Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://f73.workupload.com/download/3xSs2a8cNLq HTTP 302
  • https://workupload.com/file/3xSs2a8cNLq
Request Chain 50
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C_V5o7LJQZ66JArrK0_wPgK-r2QXF_K3Me_aRi8_NEoiWrJ74ExABIKKwqR5g_aCZgegDoAGqs_LSKcgBCeACAKgDAcgDCqoEggJP0CAH31ZUMzn7XLNczKTIUMB3GZmBGLGaUN1XdzpntrYamp6f5P5P1hEWcmubvsSTC8A8mw4QOsl49Y9q5TcQijSzLTvDFclTS4bfgbFn7uqA609lNdrlwlYcBNd91KhfTZlOHT0ivz42EcTit7-hOPztulzmtadY3kqWvekAG3gTNnQbRwQMM7yGyN8W-dCpjHSrBcydaUDbtbBx4cNMJwEMmIzqLpCJqR3hrnxwFHDDoCykFO33CouuNfdMyo50toXjudSt9bkVgeHTYhYd0ksj7IGnHB6RQN2L3g2lm4n6asLmRkjkognznk3EaJqp2_YtuL7fi5STR47ituBAb8XABIOertjjBOAEAYgFvb-V20-SBQQIBBgBkgUECAUYBKAGLoAHquvCsgSoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcEEI_TCNIIJgiAYRABGB0yAooCOguAQIDAgICAoKiAAki9_cE6WPeihvHxjooDmgmpAmh0dHBzOi8vY2VyZWJydW0taXEuY29tL3N0YXJ0LW5ldz9QPTUyRkhBUU9QJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1XVy1FTi1EaXNwbGF5JnV0bV9jYW1wYWlnbl9pZD0yMTM5NzU5NDA0NSZ1dG1fYWRncm91cD0mdXRtX2FkZ3JvdXBfaWQ9MTY0MTk5MzcwNDk5JnV0bV90ZXJtPSZ1dG1fY29udGVudD03MDUxMjU0NDgxNTEmdXRtX2Z1bm5lbD0mcGFydG5lcj1XTSZ1cmw9aHR0cHM6Ly9jZXJlYnJ1bS1pcS5jb20vc3RhcnQtbmV3JTNGUCUzRDUyRkhBUU9QJmdhZF9zb3VyY2U9NYAKAcgLAdoMEAoKEJCF652l9OSLYRICAQPiDRMIy9GG8fGOigMVOuWUCR2A1ypb6g0TCP63h_HxjooDFTrllAkdgNcqW9gTDIgUA9AVAZgWAYAXAbIXIAocCAASFHB1Yi04OTYxMTU1MzgxODAxODExGIKaIRgBuhcCOAGyGAkSArFpGC4iAQDQGAE&sigh=Dp-112Ds3js&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTgCa7L7d7KvkwDnb6Nq6oEjXKGa5V6JwH5klXDDOtH29HKUfkSFpfFAo3AHTmLY4OgZK6iC93jl8TiVLi-rXjISACPT-DinXRa3U4aplPhgB&template_id=5000&ebtr=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1c7eca3628c272260000000000000000%22,%222%22:%220x545c7a8e604418880000000000000000%22,%223%22:%220x14827c4c3483e20d0000000000000000%22,%224%22:%220xbc749576a2fa5f150000000000000000%22,%225%22:%220x32dcfabe22ed40b50000000000000000%22},%22debug_key%22:%2211206914521841965673%22,%22debug_reporting%22:true,%22destination%22:%22https://cerebrum-iq.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211179694506%22],%2222%22:[%22true%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213692067406659601889%22}&andc=true

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
3xSs2a8cNLq
workupload.com/file/
Redirect Chain
  • https://f73.workupload.com/download/3xSs2a8cNLq
  • https://workupload.com/file/3xSs2a8cNLq
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://workupload.com/file/3xSs2a8cNLq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
8a8f9efe2e3257843cb8e0d8ddc60a33086b53e8e405531b5f639c6e54cf22eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1542
Content-Type
text/html; charset=UTF-8
Date
Wed, 04 Dec 2024 19:52:09 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding

Redirect headers

Cache-Control
max-age=0, private, must-revalidate, no-cache, private
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 04 Dec 2024 19:52:09 GMT
Keep-Alive
timeout=5, max=100
Location
https://workupload.com/file/3xSs2a8cNLq
Server
Apache
Transfer-Encoding
chunked
39b9ad5.js
workupload.com/js/ 		358 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://workupload.com/js/39b9ad5.js?v=KUUBLZ75
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
2451747b0d4bdd57f0e185612c58a9a3a9eb1f353184922a4fa8cc5345c6b112

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/file/3xSs2a8cNLq

Response headers

Transfer-Encoding
chunked
Cache-control
public, max-age=3600
Content-Encoding
gzip
ETag
"596c5-619c42f8f68e0-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Date
Wed, 04 Dec 2024 19:52:10 GMT
Last-Modified
Fri, 31 May 2024 18:31:02 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
application/javascript
4280ebd.css
workupload.com/css/ 		222 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
ae261a290d0266af21d27563204ad3131d38abd9e416548e2247573b6df579b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/file/3xSs2a8cNLq

Response headers

Cache-control
public, max-age=3600
Content-Encoding
gzip
ETag
"37764-619a92bc51680-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
38148
Keep-Alive
timeout=5, max=100
Date
Wed, 04 Dec 2024 19:52:10 GMT
Last-Modified
Thu, 30 May 2024 10:17:14 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
text/css
workupload_logo_medium.svg
workupload.com/bundles/app/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://workupload.com/bundles/app/img/workupload_logo_medium.svg
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
1e3cf85263ac38036e6d058b800b54c56246185e0517af21309a0e983390f4f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/file/3xSs2a8cNLq

Response headers

Cache-control
public, max-age=3600
Content-Encoding
gzip
ETag
"1936-60104d57f5342-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2965
Keep-Alive
timeout=5, max=100
Date
Wed, 04 Dec 2024 19:52:10 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
image/svg+xml
matomo.js
t.workupload.com/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.workupload.com/matomo.js
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
49.13.126.162 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.162.126.13.49.clients.your-server.de
Software
Apache/2.4.57 (Debian) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

Content-Encoding
gzip
ETag
"1042f-6131a8902bf40-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
21709
Keep-Alive
timeout=5, max=100
Date
Wed, 04 Dec 2024 19:52:11 GMT
Last-Modified
Thu, 07 Mar 2024 23:35:49 GMT
Vary
Accept-Encoding
Server
Apache/2.4.57 (Debian)
Content-Type
text/javascript
roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
workupload.com/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://workupload.com/fonts/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
Requested by
Host: workupload.com
URL: https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
ad885c9ecffe5091fae72b5ea3842772f1f3101ef5a34257125c432c7b32c1e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://workupload.com
Referer
https://workupload.com/css/4280ebd.css?v=KUUBLZ75

Response headers

ETag
"c3a4-60104d57f62e2"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
50084
Keep-Alive
timeout=5, max=99
Date
Wed, 04 Dec 2024 19:52:10 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Content-Type
font/woff2
Server
Apache
puzzle
workupload.com/ 		289 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://workupload.com/puzzle
Requested by
Host: workupload.com
URL: https://workupload.com/js/39b9ad5.js?v=KUUBLZ75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash

Request headers

Referer
https://workupload.com/file/3xSs2a8cNLq
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
220
Keep-Alive
timeout=5, max=98
Date
Wed, 04 Dec 2024 19:52:10 GMT
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Server
Apache
captcha
workupload.com/ 		0
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://workupload.com/captcha
Requested by
Host: workupload.com
URL: https://workupload.com/js/39b9ad5.js?v=KUUBLZ75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash

Request headers

Referer
https://workupload.com/file/3xSs2a8cNLq
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Keep-Alive
timeout=5, max=97
Content-Length
0
Date
Wed, 04 Dec 2024 19:52:11 GMT
Content-Type
text/html; charset=UTF-8
Server
Apache
Connection
Keep-Alive
Primary Request 3xSs2a8cNLq
workupload.com/file/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://workupload.com/file/3xSs2a8cNLq
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
876588d9c38d40679e6cbb698d08e6938789b2628b7b04785525b9805de7fbbf

Request headers

Referer
https://workupload.com/file/3xSs2a8cNLq
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, private, must-revalidate, no-cache, private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
4379
Content-Type
text/html; charset=UTF-8
Date
Wed, 04 Dec 2024 19:52:11 GMT
Keep-Alive
timeout=5, max=96
Server
Apache
Vary
Accept-Encoding
matomo.php
t.workupload.com/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.workupload.com/matomo.php?action_name=workupload%20-%20Are%20you%20a%20human%3F&idsite=1&rec=1&r=367475&h=11&m=52&s=11&url=https%3A%2F%2Fworkupload.com%2Ffile%2F3xSs2a8cNLq&_id=&_idn=1&send_image=0&_refts=0&pv_id=acctFP&pf_net=266&pf_srv=112&pf_tfr=2&pf_dm1=579&pf_dm2=509&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: t.workupload.com
URL: https://t.workupload.com/matomo.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
49.13.126.162 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.162.126.13.49.clients.your-server.de
Software
Apache/2.4.57 (Debian) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://workupload.com/

Response headers

Connection
Keep-Alive
Access-Control-Allow-Origin
https://workupload.com
Keep-Alive
timeout=5, max=99
Date
Wed, 04 Dec 2024 19:52:11 GMT
Server
Apache/2.4.57 (Debian)
Access-Control-Allow-Credentials
true
translations.js
workupload.com/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://workupload.com/translations.js?en
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
6d40635a24497320a8278f088be04645bbc15a7462408d0c485a5d7f97e1f28c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/file/3xSs2a8cNLq

Response headers

Cache-Control
max-age=3600
Content-Encoding
gzip
Pragma
cache
Connection
Keep-Alive
Expires
Wed, 04 Dec 2024 20:52:11 GMT
Content-Length
19431
Keep-Alive
timeout=5, max=100
Date
Wed, 04 Dec 2024 19:52:11 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Server
Apache
39b9ad5.js
workupload.com/js/ 		358 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://workupload.com/js/39b9ad5.js?v=KUUBLZ75
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
2451747b0d4bdd57f0e185612c58a9a3a9eb1f353184922a4fa8cc5345c6b112

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/file/3xSs2a8cNLq

Response headers

Transfer-Encoding
chunked
Cache-control
public, max-age=3600
Content-Encoding
gzip
ETag
"596c5-619c42f8f68e0-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Date
Wed, 04 Dec 2024 19:52:10 GMT
Last-Modified
Fri, 31 May 2024 18:31:02 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
application/javascript
4280ebd.css
workupload.com/css/ 		222 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
ae261a290d0266af21d27563204ad3131d38abd9e416548e2247573b6df579b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/file/3xSs2a8cNLq

Response headers

Cache-control
public, max-age=3600
Content-Encoding
gzip
ETag
"37764-619a92bc51680-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
38148
Keep-Alive
timeout=5, max=100
Date
Wed, 04 Dec 2024 19:52:10 GMT
Last-Modified
Thu, 30 May 2024 10:17:14 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
text/css
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8961155381801811
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
e2e45f4af4990ee04b81a361ae33f029af23def56c83ddb6ca441cbe421bdbdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://workupload.com
Referer
https://workupload.com/

Response headers

content-encoding
br
etag
2433732997195186660
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 19:52:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 04 Dec 2024 19:52:11 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53335
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
660cd6c68d355dce5f1b504b9b1320f999d59bcb0bbc2cd47b11de53f74ad4e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
br
etag
587 / 20061 / m202411180101 / config-hash: 8585618307950436450
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 19:52:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 04 Dec 2024 19:52:11 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33058
x-xss-protection
0
server
cafe
matomo.js
t.workupload.com/ 		65 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://t.workupload.com/matomo.js
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
49.13.126.162 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.162.126.13.49.clients.your-server.de
Software
Apache/2.4.57 (Debian) /
Resource Hash
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

Content-Encoding
gzip
ETag
"1042f-6131a8902bf40-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
21709
Keep-Alive
timeout=5, max=100
Date
Wed, 04 Dec 2024 19:52:11 GMT
Last-Modified
Thu, 07 Mar 2024 23:35:49 GMT
Vary
Accept-Encoding
Server
Apache/2.4.57 (Debian)
Content-Type
text/javascript
pub-8961155381801811
fundingchoicesmessages.google.com/i/ 		196 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-8961155381801811?ers=1
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
ESF /
Resource Hash
a85a329e87bb82115a40c6a7b4a313078e19ac603daca3531140f8a1769afca8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-v5pN9Vpv3F0A78L2jQgauA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 19:52:11 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfj9dNDu9gEHnxZsphJSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTQyMBYz8AsvsAAAArzPkA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-v5pN9Vpv3F0A78L2jQgauA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
workupload_logo_medium.svg
workupload.com/bundles/app/img/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://workupload.com/bundles/app/img/workupload_logo_medium.svg
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
1e3cf85263ac38036e6d058b800b54c56246185e0517af21309a0e983390f4f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/file/3xSs2a8cNLq

Response headers

Cache-control
public, max-age=3600
Content-Encoding
gzip
ETag
"1936-60104d57f5342-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2965
Keep-Alive
timeout=5, max=100
Date
Wed, 04 Dec 2024 19:52:10 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
image/svg+xml
3xSs2a8cNLq
workupload.com/qr/file/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://workupload.com/qr/file/3xSs2a8cNLq
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
ea580e50fe05fefd1026b9deb781498ce4e57c134a4500cebc7c4405334f3f76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/file/3xSs2a8cNLq

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=0, private, must-revalidate, no-cache, private
Keep-Alive
timeout=5, max=95
Date
Wed, 04 Dec 2024 19:52:11 GMT
Content-Type
image/png
Server
Apache
Connection
Keep-Alive
workupload_logo_small.svg
workupload.com/bundles/app/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://workupload.com/bundles/app/img/workupload_logo_small.svg
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
4e9605c496b853f222ff4d91123587eaba7fe512ea389babb31d27a66a1f1bcb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/file/3xSs2a8cNLq

Response headers

Cache-control
public, max-age=3600
Content-Encoding
gzip
ETag
"907-60104d57f5342-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1282
Keep-Alive
timeout=5, max=100
Date
Wed, 04 Dec 2024 19:52:12 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
image/svg+xml
roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
workupload.com/fonts/ 		49 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://workupload.com/fonts/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
Requested by
Host: workupload.com
URL: https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://workupload.com
Referer
https://workupload.com/css/4280ebd.css?v=KUUBLZ75

Response headers

ETag
"c3a4-60104d57f62e2"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
50084
Keep-Alive
timeout=5, max=99
Date
Wed, 04 Dec 2024 19:52:10 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Content-Type
font/woff2
Server
Apache
roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
workupload.com/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://workupload.com/fonts/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
Requested by
Host: workupload.com
URL: https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://workupload.com
Referer
https://workupload.com/css/4280ebd.css?v=KUUBLZ75

Response headers

ETag
"c440-60104d57f62e2"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
50240
Keep-Alive
timeout=5, max=99
Date
Wed, 04 Dec 2024 19:52:11 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Content-Type
font/woff2
Server
Apache
fontawesome-webfont.woff2
workupload.com/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://workupload.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: workupload.com
URL: https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://workupload.com
Referer
https://workupload.com/css/4280ebd.css?v=KUUBLZ75

Response headers

ETag
"12d68-60104d57f62e2"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
77160
Keep-Alive
timeout=5, max=94
Date
Wed, 04 Dec 2024 19:52:11 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Content-Type
font/woff2
Server
Apache
roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2
workupload.com/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://workupload.com/fonts/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2
Requested by
Host: workupload.com
URL: https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://workupload.com
Referer
https://workupload.com/css/4280ebd.css?v=KUUBLZ75

Response headers

ETag
"c414-60104d57f62e2"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
50196
Keep-Alive
timeout=5, max=98
Date
Wed, 04 Dec 2024 19:52:12 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Content-Type
font/woff2
Server
Apache
matomo.php
t.workupload.com/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.workupload.com/matomo.php?action_name=MonsterTutor-0.1.4-pc.zip&idsite=1&rec=1&r=025449&h=11&m=52&s=11&url=https%3A%2F%2Fworkupload.com%2Ffile%2F3xSs2a8cNLq&urlref=https%3A%2F%2Fworkupload.com%2Ffile%2F3xSs2a8cNLq&_id=&_idn=1&send_image=0&_refts=0&pv_id=JOcm5W&pf_net=0&pf_srv=328&pf_tfr=10&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: t.workupload.com
URL: https://t.workupload.com/matomo.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
49.13.126.162 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.162.126.13.49.clients.your-server.de
Software
Apache/2.4.57 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://workupload.com/

Response headers

Connection
Keep-Alive
Access-Control-Allow-Origin
https://workupload.com
Keep-Alive
timeout=5, max=98
Date
Wed, 04 Dec 2024 19:52:11 GMT
Server
Apache/2.4.57 (Debian)
Access-Control-Allow-Credentials
true
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/ 		90 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8961155381801811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
ac808fa6bd0b694b4b9ea1fd5cc7774c6d896a71e802c5936b13712efc19f547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
br
etag
17548852256405538886
age
65409
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 01:42:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 04 Dec 2024 01:42:02 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
31863
x-xss-protection
0
server
cafe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/ 		433 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8961155381801811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
3cf5c69269511160224c4dcb0b4353a47c4c809d2a84b6412a9c4c43c8014bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
br
etag
9236013936983795650
age
25715
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 12:43:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 04 Dec 2024 12:43:36 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147568
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 		492 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
br
etag
1421939719645060458
age
57382
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 03:55:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 04 Dec 2024 03:55:49 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
155913
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412030101/ 		64 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412030101/gpt
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
e33cff2da607ed34049c949ac59d671b34ce321369629f45ed5462131f6b0a83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
7798723742105243693
age
22333
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 13:39:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 04 Dec 2024 13:39:58 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23021
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412030101"
AGSKWxXK7YrInP8nhxr3AB5yIqAlYJ0J9g_PlVAWxXGyw3U7WGefn5tu2u37fnR8Exzo99eyvVKyOK5MeBSZ0Mg_yPfowrRCfFWMLAmC7CyMq9_bmEhNW4UcQKSucD5wCsEf5HDbqyt6AQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXK7YrInP8nhxr3AB5yIqAlYJ0J9g_PlVAWxXGyw3U7WGefn5tu2u37fnR8Exzo99eyvVKyOK5MeBSZ0Mg_yPfowrRCfFWMLAmC7CyMq9_bmEhNW4UcQKSucD5wCsEf5HDbqyt6AQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzMzQxOTMxLDc3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93b3JrdXBsb2FkLmNvbS9maWxlLzN4U3MyYThjTkxxIixudWxsLFtbOCwiYnpKVnJMemYxUTAiXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bzJVrLzf1Q0.es5.O/am=DAY/d=1/rs=AJlcJMwHOVyF4Qpk1735-LSCEBaqlqpNyg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
ESF /
Resource Hash
7e374591d1db0c6bf9907cfbdf3732cf4b11f098841b0f29016f171a48878c83
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-OibVXvvtd97xN_1EKivuYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 19:52:11 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw1ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfj9dNDu9gEJszZ3saspJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJoZGCsZ2AWX2AAAOnCPY0"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-OibVXvvtd97xN_1EKivuYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
22138162
fundingchoicesmessages.google.com/i/ 		196 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22138162?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
ESF /
Resource Hash
9b4f02b005a2c31ea6f25adc0973501c24f1e93040ecf52d739b584d84163ef8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3a4MND4TIRFHsY3wVPY3gQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 19:52:11 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfj9dNDu9gEVtw_u4BZSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTQyMBYz8AsvsAAAABJPhQ"
content-security-policy
script-src 'report-sample' 'nonce-3a4MND4TIRFHsY3wVPY3gQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame B468 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
68469
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 00:51:02 GMT
etag
17661348622971093804
expires
Wed, 18 Dec 2024 00:51:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B1EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-8961155381801811&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1733341931&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fworkupload.com%2Ffile%2F3xSs2a8cNLq&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733341931616&bpp=4&bdt=191&idt=215&shv=r20241120&mjsv=m202411190101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2346309817965&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95344791%2C95345966&oid=2&pvsid=1062286514720022&tmod=1832175530&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fworkupload.com%2Ffile%2F3xSs2a8cNLq&fc=1920&brdim=340%2C340%2C340%2C340%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=236
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
76649
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 19:52:12 GMT
expires
Wed, 04 Dec 2024 19:52:12 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8961155381801811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://workupload.com/

Response headers
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 6C0A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1195
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28994
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 19:32:17 GMT
expires
Wed, 04 Dec 2024 20:22:17 GMT
last-modified
Mon, 18 Nov 2024 20:43:40 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		138 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1062286514720022&correlator=1004436170328108&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=22138162%2Cfile_top%2Cfile_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=336x280%7C320x100%7C300x250%2C300x250%7C320x100%7C336x280%7C728x90%7C970x250&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1733341931949&lmt=1733341931&adxs=549%2C-9&adys=222%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fworkupload.com%2Ffile%2F3xSs2a8cNLq&ref=https%3A%2F%2Fworkupload.com%2Ffile%2F3xSs2a8cNLq&vis=1&psz=533x121%7C0x-1&msz=503x100%7C0x-1&fws=0%2C2&ohw=0%2C0&td=1&egid=15785&tan=96307b66-4a42-4dad-894f-0654f8b766ed%2C96307b66-4a42-4dad-894f-0654f8b766ee&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733341931425&idt=368&adks=2370457665%2C571498370&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
c8ebcbeeb84985a9e9ba04630476c5df1fda53a8153d40b80049d8a9bba8e9a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
content-encoding
dcb
google-lineitem-id
-1,6384954600
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 04 Dec 2024 19:52:12 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1,138447555713
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://workupload.com
content-length
20701
x-xss-protection
0
server
cafe
container.html
504e4d59f2d23bed43c31848ea6e5104.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3434 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://504e4d59f2d23bed43c31848ea6e5104.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 19:52:12 GMT
expires
Wed, 04 Dec 2024 19:52:12 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads160x600.
fundingchoicesmessages.google.com/f/AGSKWxVVLgSqRobVjAf8kKwiYdYBOH2OkZ0DCeQyefgPPquFbuMPrmjChq9UnGak67cC21tcCNLm4Qtb6JnyhomVbMTy9i-k4jsMDS3b5fuzBV39y-JghbMWknn1GP-hhl0cL9M8oEuFSPYTxQKfivQNiSjwp7toG... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVVLgSqRobVjAf8kKwiYdYBOH2OkZ0DCeQyefgPPquFbuMPrmjChq9UnGak67cC21tcCNLm4Qtb6JnyhomVbMTy9i-k4jsMDS3b5fuzBV39y-JghbMWknn1GP-hhl0cL9M8oEuFSPYTxQKfivQNiSjwp7toG9IVgXwkNnFyInr24zoSo-U6hVmuh0aJ/_/banneradviva./ads/panel./js.ad/size=/300x500_ad/ads160x600.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bzJVrLzf1Q0.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzmEeiKR8-YrCjsVQ6xmO3_13bpdA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
ESF /
Resource Hash
cbad93d87a3fc4ee5bc219428ea3be30b7e1ece32d65060c1e4e43cb1357e8ef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1MHMFKFt8J_LTfyGpV3drQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 19:52:12 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1JBiOHHrNtMFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIDZUuMTqDMSORZdYPYFYtecSqzkQ3193ifU5EM84f5l1ARAXSVxhbQFihq9XWDmAWIiH483TQ7vYBGbsO_2VUUkjKb8wPjk_r6QoM6m0JL8oLTkttTi1qCy1KN7IwMjE0MjAWM_ALL7AAAABKUND"
content-security-policy
script-src 'report-sample' 'nonce-1MHMFKFt8J_LTfyGpV3drQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bzJVrLzf1Q0.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzmEeiKR8-YrCjsVQ6xmO3_13bpdA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
f8224f73044793a48aae4044ec71eebbd20cdffdb5a6d023cd4f088ec68b6e30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
br
etag
3035191291650644685
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 19:52:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 04 Dec 2024 19:52:12 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53335
x-xss-protection
0
server
cafe
AGSKWxV31f53eJ0nwu0u8W4EtJ_kcO1ygPI2Ye8nqu-c0kNGLkvYXDwdS_o-IPFhIw17D3jR4UIpe7upINZBPFWv_Wbeq6bwfYOnFlZJICcBja9-95ybbqSuflRVBCShuKkfnyzczutkTQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV31f53eJ0nwu0u8W4EtJ_kcO1ygPI2Ye8nqu-c0kNGLkvYXDwdS_o-IPFhIw17D3jR4UIpe7upINZBPFWv_Wbeq6bwfYOnFlZJICcBja9-95ybbqSuflRVBCShuKkfnyzczutkTQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bzJVrLzf1Q0.es5.O/am=DAY/d=1/rs=AJlcJMwHOVyF4Qpk1735-LSCEBaqlqpNyg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vOdYT-MXeltpPxmg0WhpUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://workupload.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 19:52:12 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1pBicEqfwRoCxAxfr7ByALEQD8ebp4d2sQl8WPGqkUnJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGRjrGZjHFxgAAFF3Juk"
content-security-policy
script-src 'report-sample' 'nonce-vOdYT-MXeltpPxmg0WhpUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://workupload.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxV31f53eJ0nwu0u8W4EtJ_kcO1ygPI2Ye8nqu-c0kNGLkvYXDwdS_o-IPFhIw17D3jR4UIpe7upINZBPFWv_Wbeq6bwfYOnFlZJICcBja9-95ybbqSuflRVBCShuKkfnyzczutkTQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV31f53eJ0nwu0u8W4EtJ_kcO1ygPI2Ye8nqu-c0kNGLkvYXDwdS_o-IPFhIw17D3jR4UIpe7upINZBPFWv_Wbeq6bwfYOnFlZJICcBja9-95ybbqSuflRVBCShuKkfnyzczutkTQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bzJVrLzf1Q0.es5.O/am=DAY/d=1/rs=AJlcJMwHOVyF4Qpk1735-LSCEBaqlqpNyg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tZ6S6Cv47gHwJySjOgdHQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://workupload.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 19:52:12 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BicEqfwRoCxAxfr7ByALEQD8ebp4d2sQmsOL__IZOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0MjDWMzCPLzAAAFgCJwE"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tZ6S6Cv47gHwJySjOgdHQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://workupload.com
content-length
0
x-xss-protection
0
server
ESF
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012406252034000/ Frame 56FE 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406252034000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
278685d4467e915e1a1ce58a24e15dcdefbd7719acf70a59655361c35f8e273d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
br
etag
"ab8c5e684db96b44"
age
524193
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 18:15:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 18:15:39 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
56152
x-xss-protection
0
server
sffe
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012406252034000/v0/ Frame 56FE 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406252034000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
fa843245814c185e1139a54052cf819ea23a33ac393d90f3525958116681e8be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
br
etag
"de79a6048671db85"
age
428891
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 20:44:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 20:44:01 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
5219
x-xss-protection
0
server
sffe
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012406252034000/v0/ Frame 56FE 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406252034000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
7442d5ba404c482128280bb0416c3d62c8d06868594c1a23892b06df1ee2983a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
br
etag
"16a9579aec57c4a5"
age
407511
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 30 Nov 2025 02:40:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 30 Nov 2024 02:40:21 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
29025
x-xss-protection
0
server
sffe
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012406252034000/v0/ Frame 56FE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406252034000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
f4a66f520e5a1676afa712f63b38fec877047301b208e1d2df15fd94d16a2435
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
br
etag
"b7204740773aee25"
age
424317
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 22:00:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 22:00:15 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
1907
x-xss-protection
0
server
sffe
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012406252034000/v0/ Frame 56FE 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406252034000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
0e284c175ea1cd1866d5d88171f3ca5fcad2b370093f0ae7891c152827a12dd0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
br
etag
"c65b00eac3dcf073"
age
436772
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 18:32:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 18:32:40 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
12949
x-xss-protection
0
server
sffe
css
fonts.googleapis.com/ Frame 56FE 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f95.1e100.net
Software
ESF /
Resource Hash
d95ef68aba30eecf80756ae2645af00669c14c2def73eb5d528a5f767e3392d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 19:52:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 19:52:12 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 04 Dec 2024 19:26:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
14763004658117789537
tpc.googlesyndication.com/simgad/6081295936186154272/ Frame 56FE 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6081295936186154272/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
5465c95c1505fc8fcf6c66813d9df0ff5a33a176d690f5ef2b16c6759c484f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 19:52:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 04 Dec 2024 19:52:12 GMT
content-type
image/jpeg
last-modified
Sat, 29 Jun 2024 10:42:09 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
30871
x-xss-protection
0
server
sffe
truncated
/ Frame 56FE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa1e31f532d79a1ae0ed7eb0cba37f2cb43fa153f315cd42d65d867dba0118dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 56FE 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
14819457070020093239
age
71827
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 23:55:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2502
x-xss-protection
0
date
Tue, 03 Dec 2024 23:55:05 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 56FE 		295 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
426692510519060060
age
71826
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 23:55:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
295
x-xss-protection
0
date
Tue, 03 Dec 2024 23:55:06 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
/
www.googleadservices.com/pagead/ar-adview/ Frame 56FE
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C_V5o7LJQZ66JArrK0_wPgK-r2QXF_K3Me_aRi8_NEoiWrJ74ExABIKKwqR5g_aCZgegDoAGqs_LSKcgBCeACAKgDAcgDCqoEggJP0CAH31ZUMzn7XLNczKTIUMB3GZmBGLGaUN1Xdzpn...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1c7eca3628c272260000000000000000%22,%222%22:%220x545c7a8e604418880000000000000000%22,%223%22:%220x14827c...
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1c7eca3628c272260000000000000000%22,%222%22:%220x545c7a8e604418880000000000000000%22,%223%22:%220x14827c4c3483e20d0000000000000000%22,%224%22:%220xbc749576a2fa5f150000000000000000%22,%225%22:%220x32dcfabe22ed40b50000000000000000%22},%22debug_key%22:%2211206914521841965673%22,%22debug_reporting%22:true,%22destination%22:%22https://cerebrum-iq.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211179694506%22],%2222%22:[%22true%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213692067406659601889%22}&andc=true
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

cache-control
private
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 19:52:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 04 Dec 2024 19:52:12 GMT
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x1c7eca3628c272260000000000000000","2":"0x545c7a8e604418880000000000000000","3":"0x14827c4c3483e20d0000000000000000","4":"0xbc749576a2fa5f150000000000000000","5":"0x32dcfabe22ed40b50000000000000000"},"debug_key":"11206914521841965673","debug_reporting":true,"destination":"https://cerebrum-iq.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11179694506"],"22":["true"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"13692067406659601889"}
content-type
text/css; charset=UTF-8
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x1c7eca3628c272260000000000000000","2":"0x545c7a8e604418880000000000000000","3":"0x14827c4c3483e20d0000000000000000","4":"0xbc749576a2fa5f150000000000000000","5":"0x32dcfabe22ed40b50000000000000000"},"debug_key":"11206914521841965673","debug_reporting":true,"destination":"https://cerebrum-iq.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11179694506"],"22":["true"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"13692067406659601889"}&andc=true
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 04 Dec 2024 19:52:12 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/ 		178 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
e39997830881c9cc3f92cd565333de0b885597232049a4a468a64aefe2e4da41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
br
etag
6086196249219209634
age
23942
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 13:13:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 04 Dec 2024 13:13:10 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
60651
x-xss-protection
0
server
cafe
autogames_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/ 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/autogames_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
46532756b85164e6ba2e1644244287ad3a64c520c6c02ed1c8aaf94d78f6327f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
br
etag
9461590057947190029
age
25664
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 12:44:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 04 Dec 2024 12:44:28 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
24487
x-xss-protection
0
server
cafe
AGSKWxV31f53eJ0nwu0u8W4EtJ_kcO1ygPI2Ye8nqu-c0kNGLkvYXDwdS_o-IPFhIw17D3jR4UIpe7upINZBPFWv_Wbeq6bwfYOnFlZJICcBja9-95ybbqSuflRVBCShuKkfnyzczutkTQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV31f53eJ0nwu0u8W4EtJ_kcO1ygPI2Ye8nqu-c0kNGLkvYXDwdS_o-IPFhIw17D3jR4UIpe7upINZBPFWv_Wbeq6bwfYOnFlZJICcBja9-95ybbqSuflRVBCShuKkfnyzczutkTQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bzJVrLzf1Q0.es5.O/am=DAY/d=1/rs=AJlcJMwHOVyF4Qpk1735-LSCEBaqlqpNyg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-s_3-ws102aAGbuPsvocdKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://workupload.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 19:52:12 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BicEqfwRoCxAxfr7ByALEQD8ebp4d2sQncWNnbxKzkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAyNDIz1DMzjCwwAMfsmeg"
content-security-policy
script-src 'report-sample' 'nonce-s_3-ws102aAGbuPsvocdKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://workupload.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxV31f53eJ0nwu0u8W4EtJ_kcO1ygPI2Ye8nqu-c0kNGLkvYXDwdS_o-IPFhIw17D3jR4UIpe7upINZBPFWv_Wbeq6bwfYOnFlZJICcBja9-95ybbqSuflRVBCShuKkfnyzczutkTQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV31f53eJ0nwu0u8W4EtJ_kcO1ygPI2Ye8nqu-c0kNGLkvYXDwdS_o-IPFhIw17D3jR4UIpe7upINZBPFWv_Wbeq6bwfYOnFlZJICcBja9-95ybbqSuflRVBCShuKkfnyzczutkTQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bzJVrLzf1Q0.es5.O/am=DAY/d=1/rs=AJlcJMwHOVyF4Qpk1735-LSCEBaqlqpNyg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6R3z_W-L7yFea_IbH-Ymfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://workupload.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 19:52:12 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBicEqfwRoCxAxfr7ByALEQD8ebp4d2sQl8WNjSyqzkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAyNDIz1DMzjCwwANwImiQ"
content-security-policy
script-src 'report-sample' 'nonce-6R3z_W-L7yFea_IbH-Ymfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://workupload.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXwb9IxFBlejinrpVv1RbZJ_v20MvuvGgZvYUGzIUJ50EAhCCz_theIpxfDp45Z6tYwJn00mmrDJaKMgnt6Wx5-H8_mcvS2sEjGZUm0v08MM-bFNnOaiNFDzFRWYBHpIX2shWDKmA==
fundingchoicesmessages.google.com/f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXwb9IxFBlejinrpVv1RbZJ_v20MvuvGgZvYUGzIUJ50EAhCCz_theIpxfDp45Z6tYwJn00mmrDJaKMgnt6Wx5-H8_mcvS2sEjGZUm0v08MM-bFNnOaiNFDzFRWYBHpIX2shWDKmA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzMzQxOTMyLDc4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd29ya3VwbG9hZC5jb20vZmlsZS8zeFNzMmE4Y05McSIsbnVsbCxbWzgsImJ6SlZyTHpmMVEwIl0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bzJVrLzf1Q0.es5.O/am=DAY/d=1/rs=AJlcJMwHOVyF4Qpk1735-LSCEBaqlqpNyg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
ESF /
Resource Hash
f1e1729b78929cb34be446d233f815feda20f798ef3151befd727f6777398bc8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-1SlLyv9cwoZRfIfK9owfPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 19:52:12 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0pBiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIDZUuMTqDMSORZdYPYFYtecSqzkQ3193ifU5EM84f5l1ARAXSVxhbQFihq9XWDmAWIiH483TQ7vYBCY0P-hkVtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxNDIw1jMwiy8wAADtJ0K2"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-1SlLyv9cwoZRfIfK9owfPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame FD55 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
68469
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 00:51:02 GMT
etag
17661348622971093804
expires
Wed, 18 Dec 2024 00:51:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame 2A37 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
68469
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 00:51:02 GMT
etag
17661348622971093804
expires
Wed, 18 Dec 2024 00:51:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxW1o9fZPrGfzVDTdUr1K4IUlrKdVEd4l9SzE52jAFNcWd1rf6cf6sk3_NYLixHxuTu10JWlLXfyUJg8wje4pLqYaUTBCHXMMbWs_58e1phY48srQBT0_0VL4KjbU5m-23SLV82CTQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW1o9fZPrGfzVDTdUr1K4IUlrKdVEd4l9SzE52jAFNcWd1rf6cf6sk3_NYLixHxuTu10JWlLXfyUJg8wje4pLqYaUTBCHXMMbWs_58e1phY48srQBT0_0VL4KjbU5m-23SLV82CTQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzMzQxOTMyLDg4NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd29ya3VwbG9hZC5jb20vZmlsZS8zeFNzMmE4Y05McSIsbnVsbCxbWzgsImJ6SlZyTHpmMVEwIl0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bzJVrLzf1Q0.es5.O/am=DAY/d=1/rs=AJlcJMwHOVyF4Qpk1735-LSCEBaqlqpNyg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
ESF /
Resource Hash
ef2a739bba73f5fdf55a195237fb1cb65c5894ec3da00926a606446cc1416e3e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-8vMZct50BNUXD8FhwgBzlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 19:52:12 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmII0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfjzdNDu9gEbkyac5RZSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTQyMBYz8AsvsAAAP5cPfU"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-8vMZct50BNUXD8FhwgBzlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 56FE 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://workupload.com
Referer
https://fonts.googleapis.com/

Response headers

age
335570
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 30 Nov 2025 22:39:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 30 Nov 2024 22:39:22 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 56FE 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://workupload.com
Referer
https://fonts.googleapis.com/

Response headers

age
259496
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Mon, 01 Dec 2025 19:47:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 19:47:16 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/autogames_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://workupload.com/

Response headers
AGSKWxUWzZC2MJXnW2fynN0_W9K1GAabgYDG8vXJeWKcmdcx-oImCvzqCPNyrdiYhaKdcACBWKtJgCm_oTw2XyC56G588mHCRN7twMAS1rmjok2CUJORrvZboJ7mBLDBG6V_lDv7KcK4oA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUWzZC2MJXnW2fynN0_W9K1GAabgYDG8vXJeWKcmdcx-oImCvzqCPNyrdiYhaKdcACBWKtJgCm_oTw2XyC56G588mHCRN7twMAS1rmjok2CUJORrvZboJ7mBLDBG6V_lDv7KcK4oA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzMzQxOTMzLDI0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwLDldLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3dvcmt1cGxvYWQuY29tL2ZpbGUvM3hTczJhOGNOTHEiLG51bGwsW1s4LCJiekpWckx6ZjFRMCJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bzJVrLzf1Q0.es5.O/am=DAY/d=1/rs=AJlcJMwHOVyF4Qpk1735-LSCEBaqlqpNyg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
ESF /
Resource Hash
97a44bd5b1363b9bc60bff0ebf35b1a886d922c00f554993d45bc7e0db6242b6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DDX22kpDcHPhYHwVjZVCgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 19:52:13 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiJvj7dNDu9gELlxsUVTSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTQyMNYzMIsvMAAAtCo9Zg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DDX22kpDcHPhYHwVjZVCgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 56FE 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
14819457070020093239
age
71827
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 23:55:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2502
x-xss-protection
0
date
Tue, 03 Dec 2024 23:55:05 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 56FE 		295 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
426692510519060060
age
71826
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 23:55:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
295
x-xss-protection
0
date
Tue, 03 Dec 2024 23:55:06 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
view
securepubads.g.doubleclick.net/btr/ Frame 56FE 		0
0
AGSKWxUJhJb1qDg57jn4kHsJNcG84IxzzQazFXGHKq-LRgIDYkX4vL9-nn6uKfneAFW4yJoHpWnRoR2mQLNJz73a6tVoZ_ZLWUtU0GIbEP5mu7Sz5TQroGOocGQsN8GpCopNTOOhW7QsXw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUJhJb1qDg57jn4kHsJNcG84IxzzQazFXGHKq-LRgIDYkX4vL9-nn6uKfneAFW4yJoHpWnRoR2mQLNJz73a6tVoZ_ZLWUtU0GIbEP5mu7Sz5TQroGOocGQsN8GpCopNTOOhW7QsXw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bzJVrLzf1Q0.es5.O/am=DAY/d=1/rs=AJlcJMwHOVyF4Qpk1735-LSCEBaqlqpNyg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4fLF4CvxsUx163UEqlf0ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://workupload.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 19:52:13 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBicEqfwRoCxAxfr7ByALEQN8fbp4d2sQkcuPHQTsklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoZGOsZmMcXGAAAKWEmkA"
content-security-policy
script-src 'report-sample' 'nonce-4fLF4CvxsUx163UEqlf0ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://workupload.com
content-length
0
x-xss-protection
0
server
ESF
activeview
pagead2.googlesyndication.com/pcs/ Frame 56FE 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXcIMwlXTdrm50B0lNKgFfWbI5c1Qdcti7uXud4CZyKSFCvLp6T_d17ygAf6SZrmFvhmJeg4Gpe-JBbDt57z7WOfWEQM6gH1TvG1gw0Oo8L79hnHYi0hkMIpcAKrOFZpatdZx7C-UOImSVlI_IcPj8gOVDy9Q5RKQVlkXm-9h1lYqP9DLgscTgui2BaVlv-tQ71w&sai=AMfl-YSk2M4OpZBOGavg4srAZUvE1QNazuiKa5AIQmW75MkInLObd6meXIrSOBt1WSCuNigdSjdn0kmz4YEHQRT4729VY7Pi4bhM23lwEvfDh9H8UftM8I32vLdHca3e8OXi4V1aTj8m9EtrPVVAUOtM&sig=Cg0ArKJSzDJMQpSKVP4zEAE&cid=CAQSTgCa7L7d7KvkwDnb6Nq6oEjXKGa5V6JwH5klXDDOtH29HKUfkSFpfFAo3AHTmLY4OgZK6iC93jl8TiVLi-rXjISACPT-DinXRa3U4aplPhgB&id=ampim&o=632,222&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=335&tls=1335&g=100&h=100&tt=1335&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: workupload.com
URL: https://workupload.com/file/3xSs2a8cNLq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 04 Dec 2024 19:52:14 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
705a539b254964bd80ed082a53920f94c4f2e5a599bc9c78804756a0cb741ea9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13026
date
Wed, 04 Dec 2024 19:52:14 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
workupload.com/favicon/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://workupload.com/favicon/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.24 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
d6b22h04.dedi.server-hosting.expert
Software
Apache /
Resource Hash
61a6e7fda8a99059f65d45486454cc2f2d728defd75dd396af20113dbaf5e819

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/file/3xSs2a8cNLq

Response headers

ETag
"3aee-60104d57f5342"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
15086
Keep-Alive
timeout=5, max=99
Date
Wed, 04 Dec 2024 19:52:14 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Content-Type
image/vnd.microsoft.icon
Server
Apache
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f132.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://workupload.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 19:52:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 19:52:14 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 9137 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2159
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 19:16:15 GMT
expires
Wed, 04 Dec 2024 20:06:15 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E818 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.105 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f105.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--N63EEk5EuMzS3iAxoWa4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--N63EEk5EuMzS3iAxoWa4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 19:52:14 GMT
expires
Wed, 04 Dec 2024 19:52:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/btr/view?ai=C_V5o7LJQZ66JArrK0_wPgK-r2QXF_K3Me_aRi8_NEoiWrJ74ExABIKKwqR5g_aCZgegDoAGqs_LSKcgBCeACAKgDAcgDCqoEggJP0CAH31ZUMzn7XLNczKTIUMB3GZmBGLGaUN1XdzpntrYamp6f5P5P1hEWcmubvsSTC8A8mw4QOsl49Y9q5TcQijSzLTvDFclTS4bfgbFn7uqA609lNdrlwlYcBNd91KhfTZlOHT0ivz42EcTit7-hOPztulzmtadY3kqWvekAG3gTNnQbRwQMM7yGyN8W-dCpjHSrBcydaUDbtbBx4cNMJwEMmIzqLpCJqR3hrnxwFHDDoCykFO33CouuNfdMyo50toXjudSt9bkVgeHTYhYd0ksj7IGnHB6RQN2L3g2lm4n6asLmRkjkognznk3EaJqp2_YtuL7fi5STR47ituBAb8XABIOertjjBOAEAYgFvb-V20-SBQQIBBgBkgUECAUYBKAGLoAHquvCsgSoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcEEI_TCNIIJgiAYRABGB0yAooCOguAQIDAgICAoKiAAki9_cE6WPeihvHxjooDmgmpAmh0dHBzOi8vY2VyZWJydW0taXEuY29tL3N0YXJ0LW5ldz9QPTUyRkhBUU9QJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1XVy1FTi1EaXNwbGF5JnV0bV9jYW1wYWlnbl9pZD0yMTM5NzU5NDA0NSZ1dG1fYWRncm91cD0mdXRtX2FkZ3JvdXBfaWQ9MTY0MTk5MzcwNDk5JnV0bV90ZXJtPSZ1dG1fY29udGVudD03MDUxMjU0NDgxNTEmdXRtX2Z1bm5lbD0mcGFydG5lcj1XTSZ1cmw9aHR0cHM6Ly9jZXJlYnJ1bS1pcS5jb20vc3RhcnQtbmV3JTNGUCUzRDUyRkhBUU9QJmdhZF9zb3VyY2U9NYAKAcgLAdoMEAoKEJCF652l9OSLYRICAQPiDRMIy9GG8fGOigMVOuWUCR2A1ypb6g0TCP63h_HxjooDFTrllAkdgNcqW9gTDIgUA9AVAZgWAYAXAbIXIAocCAASFHB1Yi04OTYxMTU1MzgxODAxODExGIKaIRgBuhcCOAGyGAkSArFpGC4iAQDQGAE&sigh=Dp-112Ds3js&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSTgCa7L7d7KvkwDnb6Nq6oEjXKGa5V6JwH5klXDDOtH29HKUfkSFpfFAo3AHTmLY4OgZK6iC93jl8TiVLi-rXjISACPT-DinXRa3U4aplPhgB&template_id=5000&ibtr=1
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241120&jk=1062286514720022&bg=!wcKlwo3NAAaIaF9IqGg7ADQBe5WfOBYhvj8GhN5bGPp-Cs4rRg0n75WIQSrZjtkHqvQm_dSrXF-T02TfYoFymG9hmPf7AgAAAG9SAAAAA2gBB34ANiji_gYx6PCPAsq4y6ybd3dDqHsSXBTzCrQaNG8fa9-NlmfuZT5kzhTj-FErS7OkxZzEl2Gxw5kCkZWlCqL_HngI0ZffYldOQzlNpYUBM5lWsTC98-tOD8qSwb63BBkBIvUigkuIkVshE60zTZ130MhQbiaBvRA2sjaDzUW-Kclnbwhjd26cUiCfP92d_fg4Gn5N6AJlqMo_UzpYMN-Z9Fe08ny05qYpmTNx1sWZ9Cgcnc6R7_wvug0MHMmiPq1R2Gvsk_fggvPV2Yb9zJIxcjwcejTIHQVb5K-_HvOw99o9ISonlYD4MJHaqV6IhVgcpdCj4o0wFGEl7BEVFJTnP5DGKojS5jLkZ_X2oZoqMYBdBwgMaBVnA6p8k570C8xdk0Y0bLaCq2b-QhZ5En0k0yp9zZImRAJeCL-9JFsF9jJHc7GQECUB8RDXHJgjYntQBR0DaedZanWXVdE8ncNkrjOKfAtAbXRHVKg95j8WrpYPfZiocBkzWjkvb3u_sXXE7ZlVZQ-Gwmu88XPG4jCnTfMoCjuLI0t3f0vxegK60Lw7rVQODD_B_besPoRIwr54gsMJWTjZbxlwQ2CviKQKmlLo4eyB6coEWIypc7UxIPmh5Gvl1xJ5ewUZtIsz3IMhp8FXUWcGMmqVlmJRyGX7hMoEVAv1IQG35jkAn4W_SPaFr8968kJpNQlzg773qlhwzweWScd8pXvcjq-NanMl8EEGjMSOMZEyc-R2srpMS7rzMcO8Ru9-eYKvckYZNbHeVqtDjRpZvXMRMmt8iyAL27hC_eRvwVitmtZu_dwtyv0HIRpopTp3Ia-Ec2hkJt530lLFD0GpHN2VaazCvyH_rAe5_n7ogGOz8diY21N5qIftwUeQvuVG8-WHfMYwNkKxBPANSVBb2wmirmiK_A9x_GysR0nbF2vd4sMnTvfZ_oszfcMmLBXeJFZhDg

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| Dotdotdot object| LoadingMask function| redirect function| isEmail function| validateEmailString string| locale function| byte2human function| setCookie function| getCookie function| tooltip function| $ function| jQuery function| moment function| CountUp function| tmpl object| googletag object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log number| interval object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTg2NjhiZmZjNjdkMDljYWxvYWRlcl9qcw== string| NTg2NjhiZmZjNjdkMDljYWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| translations function| translate function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_topics_state boolean| 42c40927-6222-451d-9dcf-5df5fafd459a object| googFloatingToolbarManager object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
.workupload.com/ Name: token
Value: 8adjl303it8ooi9iitb46o7ot0
.workupload.com/ Name: captcha
Value: %7B%22puzzle%22%3A%221733341930.75346750b2eab7f24%22%2C%22range%22%3A10000%2C%22find%22%3A%5B%225ed64f9ed05590fa859e3fe66e0999310ee050bbb6508f8f8d22bf7f384edd79%22%2C%224af54fced113fe4afaf1e88fe56d5cf3296dbcb5aa5f114f7c7aa74078fc92d2%22%2C%22b24bc650466c9ee07815e9f7006951baa0bd8a0f3b1e7c0b1b857052f7a02229%22%5D%2C%22data%22%3A%22fnKliVtsvqrXGYZjof4BDex%2BDOVIhZtPZx1gSnEdkcoGpcQf7w2C7S3%2BkX7g%2BFA%5C%2FfcDQVgTGTVTDDjMBdyXcI85UPeNRg6t3dNJiq%5C%2Fdjg2N4899a%5C%2FcdYZa5%5C%2FsWaGSjpVsDLUwzYbskctrozh02VOYhJUAVg3WoLcmlQRPl9HlC0wwRmLJH65qmMRs18y7Kqo%22%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUn2vg1W2Hnuyo1yaWdz3hNx1_E2zVDays9KprmEUdW3N-1wzPsRp3rHJXuauDs
.googleadservices.com/ Name: ar_debug
Value: 1
.workupload.com/ Name: __gads
Value: ID=36ccc78e8c3d2cd8:T=1733341931:RT=1733341931:S=ALNI_MbWFyLmDkAJ8NNf7hIFtGT7gcxwYg
.workupload.com/ Name: __gpi
Value: UID=00000fa7135fdd1b:T=1733341931:RT=1733341931:S=ALNI_MZKKCZLEqpjOPt-EWowXpIikAEfxQ
.workupload.com/ Name: __eoi
Value: ID=6b62fa261238e3a7:T=1733341931:RT=1733341931:S=AA-AfjarhOi-c-HVM3TrOGwVneNd
.workupload.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-VgBFdwPeIs-dqzFaGiLZBeVqWv8AxrEjflmtTlyTyRrbqHIVK4lKzmUeuj1BE9IZH-jiRsw3N1UzGRJxQVBqjrRaxDgbFaXUuEelPwHFfM92tDhjE9nGkYOmSGAvP3GjorjlrIJhKTrxc0Cfo2oJZ9qQ-Rg%3D%3D%22%5D%5D
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mediago.io/ Name: __mguid_
Value: e94ce74f9aa0f8c82zjpg100m4ab17cc
gtrace.mediago.io/ Name: cst_70
Value: ts=1733341934

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

504e4d59f2d23bed43c31848ea6e5104.safeframe.googlesyndication.com
cdn.ampproject.org
ep1.adtrafficquality.google
ep2.adtrafficquality.google
f73.workupload.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
t.workupload.com
tpc.googlesyndication.com
workupload.com
www.google.com
www.googleadservices.com
ep1.adtrafficquality.google
securepubads.g.doubleclick.net
142.251.111.95
142.251.16.156
142.251.16.157
142.251.163.154
142.251.167.105
142.251.167.132
142.251.179.102
172.253.122.156
172.253.63.94
193.111.198.24
23.88.73.37
49.13.126.162
64.233.180.132
0e284c175ea1cd1866d5d88171f3ca5fcad2b370093f0ae7891c152827a12dd0
1e3cf85263ac38036e6d058b800b54c56246185e0517af21309a0e983390f4f4
2451747b0d4bdd57f0e185612c58a9a3a9eb1f353184922a4fa8cc5345c6b112
278685d4467e915e1a1ce58a24e15dcdefbd7719acf70a59655361c35f8e273d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3cf5c69269511160224c4dcb0b4353a47c4c809d2a84b6412a9c4c43c8014bf5
46532756b85164e6ba2e1644244287ad3a64c520c6c02ed1c8aaf94d78f6327f
4e9605c496b853f222ff4d91123587eaba7fe512ea389babb31d27a66a1f1bcb
5465c95c1505fc8fcf6c66813d9df0ff5a33a176d690f5ef2b16c6759c484f47
61a6e7fda8a99059f65d45486454cc2f2d728defd75dd396af20113dbaf5e819
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
660cd6c68d355dce5f1b504b9b1320f999d59bcb0bbc2cd47b11de53f74ad4e9
6d40635a24497320a8278f088be04645bbc15a7462408d0c485a5d7f97e1f28c
705a539b254964bd80ed082a53920f94c4f2e5a599bc9c78804756a0cb741ea9
7442d5ba404c482128280bb0416c3d62c8d06868594c1a23892b06df1ee2983a
7e374591d1db0c6bf9907cfbdf3732cf4b11f098841b0f29016f171a48878c83
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
876588d9c38d40679e6cbb698d08e6938789b2628b7b04785525b9805de7fbbf
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a8f9efe2e3257843cb8e0d8ddc60a33086b53e8e405531b5f639c6e54cf22eb
97a44bd5b1363b9bc60bff0ebf35b1a886d922c00f554993d45bc7e0db6242b6
9b4f02b005a2c31ea6f25adc0973501c24f1e93040ecf52d739b584d84163ef8
a85a329e87bb82115a40c6a7b4a313078e19ac603daca3531140f8a1769afca8
ac808fa6bd0b694b4b9ea1fd5cc7774c6d896a71e802c5936b13712efc19f547
ad885c9ecffe5091fae72b5ea3842772f1f3101ef5a34257125c432c7b32c1e5
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
ae261a290d0266af21d27563204ad3131d38abd9e416548e2247573b6df579b8
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f
c8ebcbeeb84985a9e9ba04630476c5df1fda53a8153d40b80049d8a9bba8e9a1
cbad93d87a3fc4ee5bc219428ea3be30b7e1ece32d65060c1e4e43cb1357e8ef
d95ef68aba30eecf80756ae2645af00669c14c2def73eb5d528a5f767e3392d0
e2e45f4af4990ee04b81a361ae33f029af23def56c83ddb6ca441cbe421bdbdd
e33cff2da607ed34049c949ac59d671b34ce321369629f45ed5462131f6b0a83
e39997830881c9cc3f92cd565333de0b885597232049a4a468a64aefe2e4da41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea580e50fe05fefd1026b9deb781498ce4e57c134a4500cebc7c4405334f3f76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2a739bba73f5fdf55a195237fb1cb65c5894ec3da00926a606446cc1416e3e
f1e1729b78929cb34be446d233f815feda20f798ef3151befd727f6777398bc8
f4a66f520e5a1676afa712f63b38fec877047301b208e1d2df15fd94d16a2435
f8224f73044793a48aae4044ec71eebbd20cdffdb5a6d023cd4f088ec68b6e30
fa1e31f532d79a1ae0ed7eb0cba37f2cb43fa153f315cd42d65d867dba0118dd
fa843245814c185e1139a54052cf819ea23a33ac393d90f3525958116681e8be
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99