workupload.com Open in urlscan Pro
142.132.152.244 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://workupload.com/file/5hefHmq2Cj2
Submission: On April 15 via manual (April 15th 2023, 3:04:47 pm UTC) from SG — Scanned from SG

Summary HTTP 87 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 12 domains to perform 87 HTTP transactions. The main IP is 142.132.152.244, located in Falkenstein, Germany and belongs to HETZNER-AS, DE. The main domain is workupload.com. The Cisco Umbrella rank of the primary domain is 630746.
TLS certificate: Issued by R3 on February 24th 2023. Valid for: 3 months.

This is the only time workupload.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	142.132.152.244 142.132.152.244	24940 (HETZNER-AS) (HETZNER-AS)
11	2404:6800:400... 2404:6800:4003:c03::9b	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4003:c02::9c	15169 (GOOGLE) (GOOGLE)
13	2404:6800:400... 2404:6800:4003:c11::66	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c01::9c	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c01::9a	15169 (GOOGLE) (GOOGLE)
1	2406:2600:4::13 2406:2600:4::13	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2406:2600:7:1... 2406:2600:7:100::15	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
9	2404:6800:400... 2404:6800:4003:c03::84	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c0f::9d	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c0f::5e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c11::5f	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c00::5e	15169 (GOOGLE) (GOOGLE)
1 2	2404:6800:400... 2404:6800:4003:c06::67	15169 (GOOGLE) (GOOGLE)
10	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	182.161.73.132 182.161.73.132	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2406:2600:7:1... 2406:2600:7:100::7	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2406:2600:7:1... 2406:2600:7:100::f	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
87	20

10 142.132.152.244 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.152.132.142.clients.your-server.de

workupload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4003:c03::9b (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4003:c02::9c (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4003:c11::66 (Singapore)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c01::9c (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c01::9a (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::13 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

rtb.jp2.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::15 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4003:c03::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c0f::9d (Singapore)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c0f::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c00::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c06::67 (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

cat.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:2600:7:100::7 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

pix.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

csm.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 138	323 KB
17	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1937 adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	57 KB
16	criteo.net static.criteo.net — Cisco Umbrella Rank: 655 pix.as.criteo.net — Cisco Umbrella Rank: 20414 csm.as.criteo.net — Cisco Umbrella Rank: 15240	132 KB
11	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	206 KB
10	workupload.com workupload.com — Cisco Umbrella Rank: 630746	379 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	52 KB
3	criteo.com rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 19806 ads.as.criteo.com — Cisco Umbrella Rank: 14878 cat.sg1.as.criteo.com — Cisco Umbrella Rank: 15174	47 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	98 KB
2	google.com.sg adservice.google.com.sg — Cisco Umbrella Rank: 27518	696 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 925	334 B
87	12

	Domain	Requested by
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
11	pagead2.googlesyndication.com	workupload.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	static.criteo.net	ads.as.criteo.com cdnjs.cloudflare.com static.criteo.net
10	workupload.com	workupload.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com workupload.com googleads.g.doubleclick.net
4	pix.as.criteo.net	ads.as.criteo.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	workupload.com securepubads.g.doubleclick.net
2	csm.as.criteo.net	ads.as.criteo.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.com.sg	pagead2.googlesyndication.com
1	cdnjs.cloudflare.com	ads.as.criteo.com
1	cat.sg1.as.criteo.com	ads.as.criteo.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	ads.as.criteo.com	googleads.g.doubleclick.net
1	rtb.jp2.as.criteo.com	workupload.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
87	21

This site contains no links.

Subject Issuer	Validity	Valid
workupload.com R3	`2023-02-24` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.jp2.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-05-30`	3 months	crt.sh
*.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-24` - `2023-05-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.sg1.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-27` - `2023-05-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.as.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-25` - `2023-06-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://workupload.com/file/5hefHmq2Cj2
Frame ID: ADA00873FC6FEF327C31C149D963DF4D
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html
Frame ID: C264E76C845473EC0B4B95BC0E808F50
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8961155381801811&output=html&h=280&slotname=2772924118&adk=148129298&adf=3157403873&pi=t.ma~as.2772924118&w=488&fwrn=4&fwrnh=100&lmt=1681571081&rafmt=3&format=488x280&url=https%3A%2F%2Fworkupload.com%2Ffile%2F5hefHmq2Cj2&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681571081512&bpp=4&bdt=1086&idt=51&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&correlator=6173087292862&frm=20&pv=2&ga_vid=1123008276.1681571082&ga_sid=1681571082&ga_hid=418206751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=556&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31073761%2C44785294%2C44786502&oid=2&pvsid=3686142623668607&tmod=1479666797&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qb8oLHMU2p&p=https%3A//workupload.com&dtd=287
Frame ID: 07B06C659E91A4CB96FF5B8869BF09E6
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8961155381801811&output=html&adk=1812271804&adf=3025194257&lmt=1681571081&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fworkupload.com%2Ffile%2F5hefHmq2Cj2&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681571081512&bpp=2&bdt=1087&idt=52&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=488x280&nras=1&correlator=6173087292862&frm=20&pv=1&ga_vid=1123008276.1681571082&ga_sid=1681571082&ga_hid=418206751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31073761%2C44785294%2C44786502&oid=2&pvsid=3686142623668607&tmod=1479666797&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=300
Frame ID: 63E6023EE36D3E510C94EC885F6C1C5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Frame ID: 771BD4F93CF106ED16882AE9CDB43718
Requests: 8 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZDq9CQAMuMUBc_lYAAMUEv0bz3HJfEsnWJO6RA&u=%7CKxiyAgXd9Cmeps604PYi4x1ppW2KRa6gfRpaJ7p3wv4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcqMBhL_lZw9usTLVfAM6d9LVwHBW84iV_GTnyNIOAQv60sHe1JYkYW2_f5GNSATwuNcBqfKF2n0KwK2de4RqG3oaY1gBndhkduiIZkTcMFPN2NQhHPs_JxaA02ULH035cSCx0x6c6fuDjroT7D8NV4ucKYwcyADOnUIVdlA3kOx9VPhBCfA6c0la3e4-2OeAvDpLfJJCtTpA-7IxlBTBpherorEI1ud4_QveeVX5e_kq8lTee0i37yJ8VSxFHrPmflYGcHsBUPvNknN-N-Y8v5kK8T5jzp40ItSON7iVHee5U8wgumS-fZnnTwdCIF_ORNqugW_27eyOyHXs9vntuM9aff8IsKuAmWYnseI8FfJfxx4H7u28zhB6RoXMHAWxqaNiafXpIen2mOODto-0KnGocwiA_TKk55JJjUWGJJl_kfJvs-v_OWBn-W4nV_UO-vWD6jg9zcNNMahiY2qXz8_Va3o61JgiZN_y8TWaDrZY5ypOgcTponzOKVYW1oH-_8DVaeUpoWpQDAr997eM24PsI1rZKhkQ3KphDS8ivkvkYh4xMJ74Afvm3a7gNmbM36ptYeFy0b0Sfi6Qep3hRaNBayebmlX4ig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkJlXCb06ZMXxMtjyz7sPkqiMoA-91O6wXJCy0tqvAcCNtwEQASAAYKECggEXY2EtcHViLTg5NjExNTUzODE4MDE4MTHIAQmoAwGqBOABT9D_taDIGOzbh9FJo6-6fnKtqbVVwhHRUXtCQTwHcAPV4Ps2X1lEdQQidjRHYL1aUMFN2cxjHEZ7_SD2W-7VstZnI2_G2UMZA8Yr447Ci60CHBuj_ueOQyO7d9qm7DurDrH0MGH3xjkcFrt-fwhU9UXmBwABGuIF67v76cxoV0dkCHQP35fmi-uWlYBuj7pM1U82u1OlLV8Jm_hPVAbr77KQ7lgqFriQGcc-NF2y3E4jxfI9YKeS8d1vJXU8IXdu3CrtR6Gfcogz5r1JHoNR2NVQ3E1gBNThb3Em3yGxxTSABsyk0aa13aDi5AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1s4mRzhws5x0xUTFGYmIiOFkAkEA%26client%3Dca-pub-8961155381801811%26adurl%3D
Frame ID: CF3E15CC9DC4E54AA0AA762608BE4243
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9E15AFFFBB608D4D4DBBD800231C69DE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js
Frame ID: E67AEB61FB9B555F53ADCCA4520A357E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EC86BC9F0BD5FAB94AF0A57E30BDE8A0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 219EB7818CE7B28F44F702EC058D450B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

allinoneseopackpro4341n.rar

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

87
Requests

100 %
HTTPS

89 %
IPv6

12
Domains

21
Subdomains

20
IPs

4
Countries

1303 kB
Transfer

3250 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

87 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 5hefHmq2Cj2 Show response
workupload.com/file/ 11 KB
4 KB 756ms
371ms Document
text/html 142.132.152.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://workupload.com/file/5hefHmq2Cj2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.152.244 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.152.132.142.clients.your-server.de
Software: Apache /
Resource Hash: 7a0016ee726d38f6d9b2b217c3baaef6c2238039c189b160df152aa6d2a9d1f5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate, no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3244
Content-Type: text/html; charset=UTF-8
Date: Sat, 15 Apr 2023 15:04:40 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK translations.js Show response
workupload.com/ 56 KB
18 KB 261ms
261ms Script
application/javascript 142.132.152.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://workupload.com/translations.js?en
Requested by: Host: workupload.com
URL: https://workupload.com/file/5hefHmq2Cj2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.152.244 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.152.132.142.clients.your-server.de
Software: Apache /
Resource Hash: 1fff721baec9b6f5f141fa80b68b1a70235ceaab832f45803523d1e156d3c3c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/file/5hefHmq2Cj2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 15 Apr 2023 15:04:40 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 18443
Expires: Sat, 15 Apr 2023 16:04:40 GMT

GET
H/1.1 200
OK 39b9ad5.js Show response
workupload.com/js/ 356 KB
94 KB 512ms
179ms Script
application/javascript 142.132.152.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://workupload.com/js/39b9ad5.js?v=KUUBLAOP
Requested by: Host: workupload.com
URL: https://workupload.com/file/5hefHmq2Cj2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.152.244 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.152.132.142.clients.your-server.de
Software: Apache /
Resource Hash: eac4f4d762c7c4ac8e6abab139e7ceb30f25ecfd2811a6461834a757cf97d158

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/file/5hefHmq2Cj2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 15:04:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jan 2022 14:01:24 GMT
Server: Apache
ETag: "5916f-5d4fe6c20f2a9-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-control: public, max-age=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK 4280ebd.css
workupload.com/css/ 209 KB
36 KB 499ms
173ms Stylesheet
text/css 142.132.152.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://workupload.com/css/4280ebd.css?v=KUUBLAOP
Requested by: Host: workupload.com
URL: https://workupload.com/file/5hefHmq2Cj2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.152.244 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.152.132.142.clients.your-server.de
Software: Apache /
Resource Hash: 7de1ba9e6dfb2ff5986b0383e47de691469243a0ab2886ab5b10c2103ec900c4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/file/5hefHmq2Cj2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 15:04:40 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 12:14:47 GMT
Server: Apache
ETag: "34414-5d7e53ef7643d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-control: public, max-age=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 36030

GET
H/1.1 200
OK workupload_logo_medium.svg
workupload.com/bundles/app/img/ 6 KB
3 KB 165ms
165ms Image
image/svg+xml 142.132.152.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://workupload.com/bundles/app/img/workupload_logo_medium.svg
Requested by: Host: workupload.com
URL: https://workupload.com/file/5hefHmq2Cj2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.152.244 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.152.132.142.clients.your-server.de
Software: Apache /
Resource Hash: 1e3cf85263ac38036e6d058b800b54c56246185e0517af21309a0e983390f4f4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/file/5hefHmq2Cj2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 15:04:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jan 2022 14:01:24 GMT
Server: Apache
ETag: "1936-5d4fe6c20c3c8-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-control: public, max-age=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2965

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 34ms
19ms Script
text/javascript 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: workupload.com
URL: https://workupload.com/file/5hefHmq2Cj2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c156f42296e1f5083dec35cf0864aa3c3839cf403bd0f08156917dd150a28efc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25677
x-xss-protection: 0
server: cafe
etag: 685 / 19462 / 31073843 / config-hash: 11787412583201714567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 15:04:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 51ms
38ms Script
text/javascript 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: workupload.com
URL: https://workupload.com/file/5hefHmq2Cj2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c4340a531346f01a3221cab8b25ee1711c8be6d3c08dca8ef41fba195f91b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47887
x-xss-protection: 0
server: cafe
etag: 14928868761000096136
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 15:04:41 GMT

GET
H/1.1 200
OK workupload_logo_small.svg
workupload.com/bundles/app/img/ 2 KB
2 KB 164ms
164ms Image
image/svg+xml 142.132.152.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://workupload.com/bundles/app/img/workupload_logo_small.svg
Requested by: Host: workupload.com
URL: https://workupload.com/file/5hefHmq2Cj2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.152.244 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.152.132.142.clients.your-server.de
Software: Apache /
Resource Hash: 4e9605c496b853f222ff4d91123587eaba7fe512ea389babb31d27a66a1f1bcb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/file/5hefHmq2Cj2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 15:04:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jan 2022 14:01:24 GMT
Server: Apache
ETag: "907-5d4fe6c20c3c8-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-control: public, max-age=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1282

GET
H/1.1 200
OK roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
workupload.com/fonts/ 49 KB
49 KB 498ms
165ms Font
font/woff2 142.132.152.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://workupload.com/fonts/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
Requested by: Host: workupload.com
URL: https://workupload.com/css/4280ebd.css?v=KUUBLAOP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.152.244 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.152.132.142.clients.your-server.de
Software: Apache /
Resource Hash: ad885c9ecffe5091fae72b5ea3842772f1f3101ef5a34257125c432c7b32c1e5

Request headers

Referer: https://workupload.com/css/4280ebd.css?v=KUUBLAOP
Origin: https://workupload.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 15:04:41 GMT
Last-Modified: Sun, 13 Feb 2022 12:14:47 GMT
Server: Apache
ETag: "c3a4-5d7e53ef7643d"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 50084

GET
H/1.1 200
OK roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
workupload.com/fonts/ 49 KB
49 KB 498ms
166ms Font
font/woff2 142.132.152.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://workupload.com/fonts/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
Requested by: Host: workupload.com
URL: https://workupload.com/css/4280ebd.css?v=KUUBLAOP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.152.244 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.152.132.142.clients.your-server.de
Software: Apache /
Resource Hash: 659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4

Request headers

Referer: https://workupload.com/css/4280ebd.css?v=KUUBLAOP
Origin: https://workupload.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 15:04:41 GMT
Last-Modified: Sun, 13 Feb 2022 12:14:47 GMT
Server: Apache
ETag: "c440-5d7e53ef773dd"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 50240

GET
H/1.1 200
OK fontawesome-webfont.woff2
workupload.com/fonts/ 75 KB
76 KB 496ms
164ms Font
font/woff2 142.132.152.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://workupload.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: workupload.com
URL: https://workupload.com/css/4280ebd.css?v=KUUBLAOP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.152.244 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.152.132.142.clients.your-server.de
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://workupload.com/css/4280ebd.css?v=KUUBLAOP
Origin: https://workupload.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 15:04:41 GMT
Last-Modified: Fri, 07 Jan 2022 14:01:24 GMT
Server: Apache
ETag: "12d68-5d4fe6c20e309"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 77160

GET
H/1.1 200
OK roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2
workupload.com/fonts/ 49 KB
49 KB 497ms
166ms Font
font/woff2 142.132.152.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://workupload.com/fonts/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2
Requested by: Host: workupload.com
URL: https://workupload.com/css/4280ebd.css?v=KUUBLAOP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.152.244 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.152.132.142.clients.your-server.de
Software: Apache /
Resource Hash: be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f

Request headers

Referer: https://workupload.com/css/4280ebd.css?v=KUUBLAOP
Origin: https://workupload.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 15:04:41 GMT
Last-Modified: Sun, 13 Feb 2022 12:14:47 GMT
Server: Apache
ETag: "c414-5d7e53ef773dd"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 50196

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/ 398 KB
124 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11e4342c37d88d69519e3d4be0ed9da7c51f1febe2abc7944745fc583b29c3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 02:29:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45286
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126317
x-xss-protection: 0
server: cafe
etag: 18140124545370589291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 14 Apr 2024 02:29:55 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 103 B
91 B 160ms
150ms XHR
application/json 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=workupload.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49f737f7e71561d9dfbb040bcdabf0b9e874dea4c21bccfd1515d00e59953ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66
x-xss-protection: 0
expires: Sat, 15 Apr 2023 15:04:41 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 35ms
34ms Script
text/javascript 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b94ca2e1e891af5e06ed5b6b75a421443fea89d11f3977caec6e19f4db09f0d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118928
x-xss-protection: 0
server: cafe
etag: 4632342212451007605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 15:04:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/ Frame C264 10 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://workupload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 39888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 03:59:53 GMT
etag: 2378337311435320485
expires: Sat, 29 Apr 2023 03:59:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 22138162 Show response
fundingchoicesmessages.google.com/i/ 133 KB
45 KB 61ms
43ms Script
application/javascript 2404:6800:4003:c11::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22138162?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4eb92ff7b149f52307d492e2e7d646c3347fa433f8632bc204269ee2480e412b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dn2veN3h3GQRO0_KrscdYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-dn2veN3h3GQRO0_KrscdYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXvCDIiypz9R5FIddGIaL99ORo_kIyfcqLsfUJqQPWDPJZVp5FXo2rox3rubnVEs7fzvdYRMQAo4I-BrD5f3yc= Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 38ms
37ms Script
application/javascript 2404:6800:4003:c11::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXvCDIiypz9R5FIddGIaL99ORo_kIyfcqLsfUJqQPWDPJZVp5FXo2rox3rubnVEs7fzvdYRMQAo4I-BrD5f3yc=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgxNTcxMDgxLDc1ODAwMDAwMF0sIjVCOThCQjZBLUJCQTgtNDcyRi1BQ0EyLTZDNUYxOTcwOUU3NSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd29ya3VwbG9hZC5jb20vZmlsZS81aGVmSG1xMkNqMiIsbnVsbCxbWzgsIkU2X0tiUEtDTEh3Il0sWzksInpoLUNOIl0sWzE3LCJbZmFsc2VdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.E6_KbPKCLHw.es5.O/d=1/rs=AJlcJMxNjvvX3RjvN9782_P33VIYtByvNQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11dfb2364d5996f7c0b92c398cb04294e901cfc2c462ebce4203f75eab13539f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-PWngBeQgmjqB2U69exZfig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-PWngBeQgmjqB2U69exZfig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
334 B 7ms
6ms Script
text/javascript 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=workupload.com&callback=_gfp_s_&client=ca-pub-8961155381801811

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eba9b0e1ac27a12b0e6a77aeeebe29fd220ffc949d2403342ed926921c83c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
531 B 39ms
7ms Script
application/javascript 2404:6800:4003:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=workupload.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 39ms
7ms Script
application/javascript 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=workupload.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 07B0 96 KB
34 KB 348ms
347ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8961155381801811&output=html&h=280&slotname=2772924118&adk=148129298&adf=3157403873&pi=t.ma~as.2772924118&w=488&fwrn=4&fwrnh=100&lmt=1681571081&rafmt=3&format=488x280&url=https%3A%2F%2Fworkupload.com%2Ffile%2F5hefHmq2Cj2&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681571081512&bpp=4&bdt=1086&idt=51&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&correlator=6173087292862&frm=20&pv=2&ga_vid=1123008276.1681571082&ga_sid=1681571082&ga_hid=418206751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=556&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31073761%2C44785294%2C44786502&oid=2&pvsid=3686142623668607&tmod=1479666797&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qb8oLHMU2p&p=https%3A//workupload.com&dtd=287

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96d7fb75113564ed7133c73cb24a08dbb03d638fac2733ac09fa4ad878ae8157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://workupload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34503
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 15:04:42 GMT
expires: Sat, 15 Apr 2023 15:04:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 63E6 40 KB
14 KB 215ms
215ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8961155381801811&output=html&adk=1812271804&adf=3025194257&lmt=1681571081&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fworkupload.com%2Ffile%2F5hefHmq2Cj2&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681571081512&bpp=2&bdt=1087&idt=52&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=488x280&nras=1&correlator=6173087292862&frm=20&pv=1&ga_vid=1123008276.1681571082&ga_sid=1681571082&ga_hid=418206751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31073761%2C44785294%2C44786502&oid=2&pvsid=3686142623668607&tmod=1479666797&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2233e4412d4317370c6fba24575824f423ab3921170bea9f773926da71c7e551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://workupload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14457
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 15:04:42 GMT
expires: Sat, 15 Apr 2023 15:04:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxVuYMqqWLKlpWLzYeKE_aCx_4qNwLaOOd_vMu4xQP4267rnQ0jXHq3B-EluESw61Y2Kv2VbpFlb9CXU-U-M2upwHg0PNRPrkZfX1ACecZn7lilVgvbNKF1Nulz0aU1FrY2ERE2mWA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 54ms
53ms Script
application/javascript 2404:6800:4003:c11::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVuYMqqWLKlpWLzYeKE_aCx_4qNwLaOOd_vMu4xQP4267rnQ0jXHq3B-EluESw61Y2Kv2VbpFlb9CXU-U-M2upwHg0PNRPrkZfX1ACecZn7lilVgvbNKF1Nulz0aU1FrY2ERE2mWA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgxNTcxMDgxLDgxOTAwMDAwMF0sIjVCOThCQjZBLUJCQTgtNDcyRi1BQ0EyLTZDNUYxOTcwOUU3NSIsbnVsbCxudWxsLFtudWxsLFs3LDldLG51bGwsMl0sImh0dHBzOi8vd29ya3VwbG9hZC5jb20vZmlsZS81aGVmSG1xMkNqMiIsbnVsbCxbWzgsIkU2X0tiUEtDTEh3Il0sWzksInpoLUNOIl0sWzE3LCJbZmFsc2VdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f9003a305502681a34513ecdd3bd23fd39d8b976bf8e278249a87592b67a048

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-atb9629IxOSUtdo73yjHvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-atb9629IxOSUtdo73yjHvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 150 KB
51 KB 19ms
19ms Script
text/javascript 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/reactive_library_fy2021.js?bust=31073761

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cee245c2ec584f300649513e8b821658b5b3b5ca266a02cc5b4624282e72505f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52058
x-xss-protection: 0
server: cafe
etag: 29406795641569042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 15:04:42 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
165 B 8ms
6ms Script
application/javascript 2404:6800:4003:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=workupload.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 12ms
9ms Script
application/javascript 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=workupload.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/ Frame 771B 10 KB
4 KB 6ms
5ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://workupload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 81080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 16:33:22 GMT
etag: 2378337311435320485
expires: Fri, 28 Apr 2023 16:33:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 771B 0
0 56ms
55ms Fetch
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CS92mCb06ZMXxMtjyz7sPkqiMoA-91O6wXJCy0tqvAcCNtwEQASAAYKECggEXY2EtcHViLTg5NjExNTUzODE4MDE4MTHIAQmoAwGqBN0BT9D_taDIGOzbh9FJo6-6fnKtqbVVwhHRUXtCQTwHcAPV4Ps2X1lEdQQidjRHYL1aUMFN2cxjHEZ7_SD2W-7VstZnI2_G2UMZA8Yr447Ci60CHBuj_ueOQyO7d9qm7DurDrH0MGH3xjkcFrt-fwhU9UXmBwABGuIF67v76cxoV0dkCHQP35fmi-uWlYBuj7pM1U82u1OlLV8Jm_hPVAbr77KQ7lgqFriQGcc-NF2y3E4jxfI9YKeSs99Ot_T3jBmUcVdcl44qisIk7EhAMJvBfx1_ab_fGvj57J-TsduABsyk0aa13aDi5AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04OTYxMTU1MzgxODAxODExGAA&sigh=ONLkVGEAGTg&uach_m=[UACH]&cid=CAQSGwBygQiDKyMuzZ5gohCso0bQ6VTrurh5T1F0zRgB

Requested by

Host: workupload.com
URL: https://workupload.com/file/5hefHmq2Cj2

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 15 Apr 2023 15:04:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Apr 2023 15:04:42 GMT

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame 771B 0
0 701ms
234ms Fetch 2406:2600:4::13
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kNu5FvezWe0HfOC82V0CAAAAPcewWz7y_JoQCb06ZCxT12hOSn2VMdAAABIAAAoKQVFVQkRRRVBEUQ&wp=ZDq9CQAMuMUBc_lYAAMUEv0bz3HJfEsnWJO6RA

Requested by

Host: workupload.com
URL: https://workupload.com/file/5hefHmq2Cj2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 164458
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame CF3E 140 KB
47 KB 287ms
124ms Document
text/html 2406:2600:7:100::15
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=ZDq9CQAMuMUBc_lYAAMUEv0bz3HJfEsnWJO6RA&u=%7CKxiyAgXd9Cmeps604PYi4x1ppW2KRa6gfRpaJ7p3wv4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcqMBhL_lZw9usTLVfAM6d9LVwHBW84iV_GTnyNIOAQv60sHe1JYkYW2_f5GNSATwuNcBqfKF2n0KwK2de4RqG3oaY1gBndhkduiIZkTcMFPN2NQhHPs_JxaA02ULH035cSCx0x6c6fuDjroT7D8NV4ucKYwcyADOnUIVdlA3kOx9VPhBCfA6c0la3e4-2OeAvDpLfJJCtTpA-7IxlBTBpherorEI1ud4_QveeVX5e_kq8lTee0i37yJ8VSxFHrPmflYGcHsBUPvNknN-N-Y8v5kK8T5jzp40ItSON7iVHee5U8wgumS-fZnnTwdCIF_ORNqugW_27eyOyHXs9vntuM9aff8IsKuAmWYnseI8FfJfxx4H7u28zhB6RoXMHAWxqaNiafXpIen2mOODto-0KnGocwiA_TKk55JJjUWGJJl_kfJvs-v_OWBn-W4nV_UO-vWD6jg9zcNNMahiY2qXz8_Va3o61JgiZN_y8TWaDrZY5ypOgcTponzOKVYW1oH-_8DVaeUpoWpQDAr997eM24PsI1rZKhkQ3KphDS8ivkvkYh4xMJ74Afvm3a7gNmbM36ptYeFy0b0Sfi6Qep3hRaNBayebmlX4ig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkJlXCb06ZMXxMtjyz7sPkqiMoA-91O6wXJCy0tqvAcCNtwEQASAAYKECggEXY2EtcHViLTg5NjExNTUzODE4MDE4MTHIAQmoAwGqBOABT9D_taDIGOzbh9FJo6-6fnKtqbVVwhHRUXtCQTwHcAPV4Ps2X1lEdQQidjRHYL1aUMFN2cxjHEZ7_SD2W-7VstZnI2_G2UMZA8Yr447Ci60CHBuj_ueOQyO7d9qm7DurDrH0MGH3xjkcFrt-fwhU9UXmBwABGuIF67v76cxoV0dkCHQP35fmi-uWlYBuj7pM1U82u1OlLV8Jm_hPVAbr77KQ7lgqFriQGcc-NF2y3E4jxfI9YKeS8d1vJXU8IXdu3CrtR6Gfcogz5r1JHoNR2NVQ3E1gBNThb3Em3yGxxTSABsyk0aa13aDi5AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1s4mRzhws5x0xUTFGYmIiOFkAkEA%26client%3Dca-pub-8961155381801811%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

d3efe694cd26352f2f29d422d732cf264dfabe3ada62179d1fea814277201cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 15:04:42 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=oZ7iSMmobzYl4Y98t4i80x0h4cmU3t7y1IQkTgvUqWzcJ-T9yGLr_MlzbYBWP7BGvXu_aa_t91_L_Xb_TBWlvC1xW0zT3ckH3qOop33-MIj20vAcJpFTTB3bwy07WD5W-eObxZZbFniQQAxxiOcvqI6-3iO8e_Rd9rhz1ymuDz9P0Uo9YEkVCSJvPMip4deGImSUCWu2cnSBUawPmedOWMqFX4CTiqPccObl6kT9LBC-ef9Tyi10qMZEePXQhaT8p91IPg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 41863843
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 771B 3 KB
1 KB 20ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 13:31:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 13:31:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 771B 20 KB
9 KB 18ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 13:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 13:45:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 771B 159 KB
49 KB 21ms
7ms Script
text/javascript 2404:6800:4003:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 15:04:42 GMT

GET
DATA 200
OK truncated
/ Frame 771B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32e8a75d061089f241a75acc7012016d9a30dda48eb418c1a537589c1d27c2ea

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0b76a40db5a0e4006fbd6687403ecdcc.js Show response
www.gstatic.com/mysidia/ Frame 07B0 9 KB
4 KB 18ms
3ms Script
text/javascript 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0b76a40db5a0e4006fbd6687403ecdcc.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8961155381801811&output=html&h=280&slotname=2772924118&adk=148129298&adf=3157403873&pi=t.ma~as.2772924118&w=488&fwrn=4&fwrnh=100&lmt=1681571081&rafmt=3&format=488x280&url=https%3A%2F%2Fworkupload.com%2Ffile%2F5hefHmq2Cj2&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681571081512&bpp=4&bdt=1086&idt=51&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&correlator=6173087292862&frm=20&pv=2&ga_vid=1123008276.1681571082&ga_sid=1681571082&ga_hid=418206751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=556&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31073761%2C44785294%2C44786502&oid=2&pvsid=3686142623668607&tmod=1479666797&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qb8oLHMU2p&p=https%3A//workupload.com&dtd=287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 01:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 12 Jul 2023 01:07:13 GMT

GET
H2 200 74ec634574f05197de646cb87f0af1bd.js Show response
www.gstatic.com/mysidia/ Frame 07B0 10 KB
4 KB 18ms
4ms Script
text/javascript 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/74ec634574f05197de646cb87f0af1bd.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31b4e5121cdc6135c30476d258909c0e815737033f335812ab770213f967b7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:42:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4444
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 11:42:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 07B0 8 KB
1 KB 21ms
7ms Stylesheet
text/css 2404:6800:4003:c11::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 14:14:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 15:04:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 07B0 2 KB
765 B 4ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 09:54:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 07B0 22 KB
9 KB 6ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 13:31:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 13:31:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 07B0 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 13:31:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 13:31:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 07B0 20 KB
8 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 13:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 13:45:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 07B0 159 KB
49 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 15:04:42 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 07B0 33 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 21:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Jul 2023 21:18:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 07B0 0
0 59ms
59ms Fetch
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTbsdCb06ZLaYMpKjogPrv7v4CMb9_p5vh5qNzJ8R0630_QgQASCisKkeYL8FoAGk9oj_A8gBAagDAcgDywSqBOIBT9BF-O4i0yiUIZbc0lNX64MfNE-GXAujz1P87p3PgYSC2nYSvn0zq8oVPufKsLpOya_3RiG3mcr3AlAYFfUSqpc67G-sDuOTLKJD8BCQYrjEQ1agkncCT9K9heutJ2GZ4VCLEED6CxCMLLXe9WAqcUJDtagPRThhjMYAesoGf58kMs2T5pIuo7dKr2NCqA3uR_z-yUvdCrnYM4xFTR02r6IT55E9jijpC_CQfCHb7S00E6rbegr5k7gReGPht0be-clm0ELkN0VM-6Fv6y4MiubNZ77n9v9ZYbGX1VU2tSY9ecAE0v_4s12SBQQIBBgBkgUECAUYBIAHxIl3qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ890B0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTg5NjExNTUzODE4MDE4MTEYAA&sigh=ohrCYddjQ34&uach_m=[UACH]&cid=CAQSGwBygQiDE9lustgV3dG3ZJ3hF5ERVZuHaaVPTRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8961155381801811&output=html&h=280&slotname=2772924118&adk=148129298&adf=3157403873&pi=t.ma~as.2772924118&w=488&fwrn=4&fwrnh=100&lmt=1681571081&rafmt=3&format=488x280&url=https%3A%2F%2Fworkupload.com%2Ffile%2F5hefHmq2Cj2&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681571081512&bpp=4&bdt=1086&idt=51&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&correlator=6173087292862&frm=20&pv=2&ga_vid=1123008276.1681571082&ga_sid=1681571082&ga_hid=418206751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=556&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31073761%2C44785294%2C44786502&oid=2&pvsid=3686142623668607&tmod=1479666797&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qb8oLHMU2p&p=https%3A//workupload.com&dtd=287
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 15 Apr 2023 15:04:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9E15 143 B
166 B 5ms
5ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8961155381801811&output=html&h=280&slotname=2772924118&adk=148129298&adf=3157403873&pi=t.ma~as.2772924118&w=488&fwrn=4&fwrnh=100&lmt=1681571081&rafmt=3&format=488x280&url=https%3A%2F%2Fworkupload.com%2Ffile%2F5hefHmq2Cj2&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681571081512&bpp=4&bdt=1086&idt=51&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&correlator=6173087292862&frm=20&pv=2&ga_vid=1123008276.1681571082&ga_sid=1681571082&ga_hid=418206751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=556&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31073761%2C44785294%2C44786502&oid=2&pvsid=3686142623668607&tmod=1479666797&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qb8oLHMU2p&p=https%3A//workupload.com&dtd=287
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 1541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 14:39:01 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 07B0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36bd4bce73bd1293041f63bfa13af833307380c0edcf2eb71418ffc2b7405380

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 07B0 29 KB
30 KB 16ms
5ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 17:37:29 GMT
x-content-type-options: nosniff
age: 250033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Apr 2024 17:37:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9E15
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

6ms
5ms

Document
text/html

2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 15:04:42 GMT
expires: Sat, 15 Apr 2023 15:04:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 15:04:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js Show response
pagead2.googlesyndication.com/bg/ Frame E67A 36 KB
14 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 01:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 01:05:51 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CF3E 2 KB
1 KB 16ms
4ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZDq9CQAMuMUBc_lYAAMUEv0bz3HJfEsnWJO6RA&u=%7CKxiyAgXd9Cmeps604PYi4x1ppW2KRa6gfRpaJ7p3wv4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcqMBhL_lZw9usTLVfAM6d9LVwHBW84iV_GTnyNIOAQv60sHe1JYkYW2_f5GNSATwuNcBqfKF2n0KwK2de4RqG3oaY1gBndhkduiIZkTcMFPN2NQhHPs_JxaA02ULH035cSCx0x6c6fuDjroT7D8NV4ucKYwcyADOnUIVdlA3kOx9VPhBCfA6c0la3e4-2OeAvDpLfJJCtTpA-7IxlBTBpherorEI1ud4_QveeVX5e_kq8lTee0i37yJ8VSxFHrPmflYGcHsBUPvNknN-N-Y8v5kK8T5jzp40ItSON7iVHee5U8wgumS-fZnnTwdCIF_ORNqugW_27eyOyHXs9vntuM9aff8IsKuAmWYnseI8FfJfxx4H7u28zhB6RoXMHAWxqaNiafXpIen2mOODto-0KnGocwiA_TKk55JJjUWGJJl_kfJvs-v_OWBn-W4nV_UO-vWD6jg9zcNNMahiY2qXz8_Va3o61JgiZN_y8TWaDrZY5ypOgcTponzOKVYW1oH-_8DVaeUpoWpQDAr997eM24PsI1rZKhkQ3KphDS8ivkvkYh4xMJ74Afvm3a7gNmbM36ptYeFy0b0Sfi6Qep3hRaNBayebmlX4ig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkJlXCb06ZMXxMtjyz7sPkqiMoA-91O6wXJCy0tqvAcCNtwEQASAAYKECggEXY2EtcHViLTg5NjExNTUzODE4MDE4MTHIAQmoAwGqBOABT9D_taDIGOzbh9FJo6-6fnKtqbVVwhHRUXtCQTwHcAPV4Ps2X1lEdQQidjRHYL1aUMFN2cxjHEZ7_SD2W-7VstZnI2_G2UMZA8Yr447Ci60CHBuj_ueOQyO7d9qm7DurDrH0MGH3xjkcFrt-fwhU9UXmBwABGuIF67v76cxoV0dkCHQP35fmi-uWlYBuj7pM1U82u1OlLV8Jm_hPVAbr77KQ7lgqFriQGcc-NF2y3E4jxfI9YKeS8d1vJXU8IXdu3CrtR6Gfcogz5r1JHoNR2NVQ3E1gBNThb3Em3yGxxTSABsyk0aa13aDi5AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1s4mRzhws5x0xUTFGYmIiOFkAkEA%26client%3Dca-pub-8961155381801811%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 09 Apr 2024 15:04:42 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame CF3E 2 KB
1 KB 17ms
5ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 09 Apr 2024 15:04:42 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CF3E 308 B
636 B 15ms
6ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 09 Apr 2024 15:04:42 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CF3E 293 B
621 B 14ms
5ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 09 Apr 2024 15:04:42 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame CF3E 43 B
348 B 24ms
6ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=qgZgUs0P9qNFZzSavskmtf0QQGBIf26sNxd3vicrtiE2N0bTKzkBzoOuXKZSl0AvTl_nYwtdBMNJ7eGiRosUjGxR6va1HLQ8YlfeSpyI_BkefZghdAVqWuikelCxwv3ocUQAg3B8yvh6yXB2__Ier-0V-VNFA8WKDajntZ6pyDi0hrqxjiKwv2OVx5nj7UwpLw8-Ch5o5BAaDbuO53Xaib3lt5jVfO8G-y-SUYJMFZQv4LXLwTfepFbUdKCuZTmUlqOYVLeYAv527pvQ2hQzLicSCcAqaSGu85dv2GP0OyAk3vqrp7dTL8qgVUpvWMO3B5_6O7_yGqm6CoiA9ny30IokfeDC6sL2Bt7ax93-DLrhi6J7wltSOTJGhragVALcxbz7fDxpkKpMffrECautFEkFtlTyLWw9yPyKbwCGd3yCfG9v

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 15:04:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2055632
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CF3E 12 KB
5 KB 40ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 157976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6x25GvJCvuTDO8riJDfhCl8FQ%2BKMPX7YiUSJnUlzXTZveOVbrmpGzaE0LdY9Xh8y%2FEMMVU21LetYhJKxpzuoFV98BhPVWimdn%2B5e6qYjAyrtJ1oVu%2BIvTaboCIcBQ5aXxERSKXDYvD00UdWOSu%2F9Onmf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b851521a9379f6b-SIN
expires: Thu, 04 Apr 2024 15:04:42 GMT

GET
H2 200 lato-700.css
static.criteo.net/design/googlefont/lato/ Frame CF3E 682 B
665 B 4ms
4ms Stylesheet
text/css 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef6-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 15:04:42 GMT

GET
H2 200 lato-400.css
static.criteo.net/design/googlefont/lato/ Frame CF3E 682 B
665 B 6ms
6ms Stylesheet
text/css 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 15:04:42 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CF3E 12 KB
6 KB 7ms
6ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 09 Apr 2024 15:04:42 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame CF3E 23 KB
23 KB 28ms
5ms Image
image/png 2406:2600:7:100::7
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?h=244&m=0&partner=26310&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F26310%2F230116%2F007c9cafe47143aa97957c61ae548de8_logo_n_square.png&v=3&w=464&s=rRVeN5Y_trjp_dk_YYUX3bjP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

d83f93aef6af25603096b4b44ccbe0fbf401c5306e906ada909cf8adfdb5d0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28803544
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23427
expires: Thu, 14 Mar 2024 00:03:47 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame CF3E 20 KB
20 KB 31ms
9ms Image
image/webp 2406:2600:7:100::7
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fwww.lenovo.com%2Fmedias%2Flenovo-laptops-ideapad-1i-gen-7-15-intel-hero.png%3Fcontext%3DbWFzdGVyfHJvb3R8Mjc3NzI0fGltYWdlL3BuZ3xoYTQvaDU4LzEyNzk3MTg4ODMzMzEwLnBuZ3xjYzIwZDRiNjkzYjgxM2FjYmVhY2E2YWZhN2E3ZmRjMDM1ZmQwNTNhYzcwNzY2MTg4MzczODAyZGJiZWFjYjc1&v=3&w=400&s=qF7WD1WjeqcfRkUkRoP-DtRg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

11ad59fb6b7c32f08093d5c7b922ae66d3621719bff45c6b6ecc3aa26d65580c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20260
expires: Sat, 15 Apr 2023 15:04:42 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame CF3E 17 KB
17 KB 33ms
11ms Image
image/webp 2406:2600:7:100::7
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fwww.lenovo.com%2Fmedias%2F%3Fcontext%3DbWFzdGVyfHJvb3R8MzMxMjE4fGltYWdlL3BuZ3xoZWIvaGFhLzE0NDY5MTM1NTk3NTk4LnBuZ3xmZDIwNzI5YTUwODljZjM5ZjhlMzcwMjFiMDZkOTJhMzRlZjk4ZGViYjZlZTI4MTcwMmE2MTNhMGQ4ODhmYzMz&v=3&w=400&s=1fMV_glfZcpbk9W_fs_QBN0A&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

cfc5ac3bd5130b82195c9f5ae0b2f981725d8e8edaababcf764cf8b646b8c9f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17424
expires: Sat, 15 Apr 2023 15:04:42 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame CF3E 13 KB
13 KB 31ms
9ms Image
image/webp 2406:2600:7:100::7
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fwww.lenovo.com%2Fmedias%2FThinkPad-X1_Carbon_Gen_10_LEN101T0009_725x515.png%3Fcontext%3DbWFzdGVyfHJvb3R8MjAzODU5fGltYWdlL3BuZ3xoYjkvaDNhLzE0NDc2Mzk1NTQ0NjA2LnBuZ3wwMjRlMjVlM2ViMGE1OWQ4NDUzZThmZjBmYjc5OGNlOGE1ZTlkYzg1OGI2YzA4YzEyZGE2OGMwMDY4MTU3OGVi&v=3&w=400&s=8viuTZyKOZWvyXQwNyGb0C8o&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

5cbcd38ed0e6b90400eeec682eb41cbfca8d756f635ca053161510770adb7675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13194
expires: Sat, 15 Apr 2023 15:04:42 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame CF3E 0
128 B 25ms
3ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=oZ7iSMmobzYl4Y98t4i80x0h4cmU3t7y1IQkTgvUqWzcJ-T9yGLr_MlzbYBWP7BGvXu_aa_t91_L_Xb_TBWlvC1xW0zT3ckH3qOop33-MIj20vAcJpFTTB3bwy07WD5W-eObxZZbFniQQAxxiOcvqI6-3iO8e_Rd9rhz1ymuDz9P0Uo9YEkVCSJvPMip4deGImSUCWu2cnSBUawPmedOWMqFX4CTiqPccObl6kT9LBC-ef9Tyi10qMZEePXQhaT8p91IPg&sds=2&rev=85712&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 15 Apr 2023 15:04:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CF3E 2 KB
1 KB 8ms
7ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 09 Apr 2024 15:04:42 GMT

GET
H2 200 lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame CF3E 23 KB
23 KB 19ms
11ms Font
application/octet-stream 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin: https://ads.as.criteo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5c1c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 09 Apr 2024 15:04:42 GMT

GET
H2 200 lato-700-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame CF3E 23 KB
23 KB 15ms
9ms Font
application/octet-stream 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-700.css
Origin: https://ads.as.criteo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5a00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 09 Apr 2024 15:04:42 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 26ms
16ms XHR
application/json 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230412&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4ac9efd03c557527c4fdf92a6343a2aefa0f0a819d4cbeff002e222a7608f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11143
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 15:04:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EC86 13 KB
5 KB 4ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://workupload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 185630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Apr 2023 11:30:52 GMT
expires: Fri, 12 Apr 2024 11:30:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 219E 783 B
967 B 10ms
9ms Document
text/html 2404:6800:4003:c06::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::67 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23d1f966ba2f7b4905ae0812ba65412d96bc6022e29c4fcdb1e506735a00490f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8wlhVdRU0ndoqTSTDU928w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://workupload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-8wlhVdRU0ndoqTSTDU928w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 15:04:42 GMT
expires: Sat, 15 Apr 2023 15:04:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js Show response
pagead2.googlesyndication.com/bg/ Frame EC86 36 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 01:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 01:05:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 219E 0
0 46ms
45ms Image
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230412&jk=3686142623668607&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EC86 0
10 B 4ms
4ms Image
text/plain 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PQnwJg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 29ms
29ms Image
image/gif 2404:6800:4003:c11::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.073946215140372

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-E7sb-gZcp3o7P2DPcEhgFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-E7sb-gZcp3o7P2DPcEhgFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 26ms
25ms Image
image/gif 2404:6800:4003:c11::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=4.957919083251217

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4cBz_cxEu6DMPyTMVcbPkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-4cBz_cxEu6DMPyTMVcbPkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWvjMXcHOagA9tizbqv3c5f6e9lBkzaHWdUkl7dr1v8j2Q89iugdj0BZ997bDnT8are-FUcFAPyXqCc5WOXs6sdwAWY3taamVx5LKGEnnLuHYmVZfwPIAIQ4NzR_tjehOweNaeYeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 28ms
18ms XHR
text/html 2404:6800:4003:c11::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWvjMXcHOagA9tizbqv3c5f6e9lBkzaHWdUkl7dr1v8j2Q89iugdj0BZ997bDnT8are-FUcFAPyXqCc5WOXs6sdwAWY3taamVx5LKGEnnLuHYmVZfwPIAIQ4NzR_tjehOweNaeYeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nE-2WKeZatNByS4n3fXLoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://workupload.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 15:04:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nE-2WKeZatNByS4n3fXLoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://workupload.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230412&jk=3686142623668607&bg=!lJell8PNAAZA7GLoYOw7ADkAdvg8Wt7mM7MP1elRB1_khNxUFv43NlNeuSytmAWVsN4VTKHe_K-3uM1ShVDBUTBpO3cW8XMBqDUCAAAAUFIAAAACaAEHCgCGYhJt36ouwF7KSXUhFsPX1g9Nfiy0nV-J-dN-ouvB47Mc7L9rK_Sv4Eo1DKelV7ZvbwNVBYSfmgDoKcCMSVstyajO8WYRFUfEDm1LJKkc2LupqPCx1urA43kAThFNn24hfjjC-IELnqyl8RCUmSGs2yUf5FCxZ2Qp5Tfi58Ul4_0OSFEedC-ZAsEcRcFQven-s32W719VYot4bo4r44Q5H-xPB6jt7bfzgo4w3FX32lz5jU0CwXfI8RnlvJ-JVkCTEGo09jMAochKVbq8DLNFii1mpA7D_3Wpk_ZzDgEwhcqgNf_wHRy0F8aG7hJMNa-Q3o8ntXW941FCkom_cEUs7u3sP6zXeHQ8jnGeNL-gqVPfXbZNYiqgeHsEEgNYXxJtrOjFVCxtHMIlionRfOy8bTOXpDgEUT114kXJyIY9GFepp0iGjv3FJospNchsbBHg12ZDHHVjE9hbIAVaw7xqVkRnBmSW6bIPqaaTNvI129AkMGLkG1QrkhHNmkkhEBBvCo5rQZaFV7VVyN6k60Fr6YQvDYUzDp0dY_CyLmeLxG6kGvKUCLg8ybSpegvNRN5f_jaMlzfhFgUQbKIqcVfxyUQkPwFzIwqZapyxdaRgNH_jK1m8324wpjVjUVL9IKYOyHnVy850CX4uyW6YKazZc77jvVrFOfiDLEZF39XQOpI_aIt8W75pjGrVwCQs4C68y37_w_4CXpGmMTQkWJVGdTxXjb_nbjxRK8k_-YiMBWwpwOI4paqPoQ29_3bkIQKdzq9J2pei-K2PM2NPvZaQLQuz29Fl20FSo3B8CvAPIR5DmIEAwuwxMoi3ORSvfT_W4caGX8cFO-MNDMgUHHXtx4jCUjLv8Zet1KjbifzLSamtuQiO64g2snBDCLYk8WhfEScZyjApapF7uggQOUNSdgbs0BAZsQ3_X_nccyhOFAgN3K74fN5F4F0Eyd_LiejINy5lpFIAGypQjgSvmvsdCJVW_x2gtxJe0dZs1ROkztGhNcBMz_ZENMXy_kUoGGe6IGbzQKGkPmX-y4dmTPc9vpFd9L1pEjWKHg5HcK8wJhtrGhzU1Bjgc7nUgxHShAu29ufHM26ElFlHVkMyrKwnqq0WcN20PEHqC6g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 07B0 42 B
64 B 59ms
58ms Fetch
image/gif 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5GGOtISlqQHP4wvJXOh0lWuJh5B5hMF1Xr40vKOeH6UYWYQ7i4DHxk7LGJGMPBegET22_cjMHctnrLt8lczXw1R0AkpnISp-lW4TDiuzLwTin2ytq0fZd9kucz3oP-u2If9c&sai=AMfl-YRbX3RbsElsRYJBrCq-xrJMCHAapgo5oGUs8Z6atBOP-XI3XISslU1U7SdjEP94sm_ecrQ_yhpW3OAL&sig=Cg0ArKJSzGaH2jVgvRk-EAE&cid=CAQSGwBygQiDE9lustgV3dG3ZJ3hF5ERVZuHaaVPTRgB&id=lidar2&mcvt=1000&p=0,0,280,488&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=148129298&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681571081808&rpt=549&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 15:04:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 771B 42 B
64 B 51ms
51ms Fetch
image/gif 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMe0jkUQKWw8P-FhnJ6PNi3-4eWSFNo476he_IDSnYraTweYHqHiuNTKlyyshUl5XmZeJ6Ccwei0_WBHBAWssiFymZ&sig=Cg0ArKJSzEHd-lsUDv9WEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=84,762,1000,1073,1284&tos=84,678,238,73,211&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681571082084&rpt=88&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 15:04:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Ad_Arub__ad3. Show response
fundingchoicesmessages.google.com/f/AGSKWxXdagwI8dS6yjjzxQWme66-8USC_9tQd0WRal4mcufzHn-i12U7o6VsyH_LBCt_vHyuSjZfMDQRS0oJP6lZ14gD3wYuUMvvryjuHH3u4B1fh4Q_fx9aTdpt84GFTsnF9VKIZR4tJNwXyodfShpnQnZMRtMDp... 54 B
109 B 29ms
29ms Script
application/javascript 2404:6800:4003:c11::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXdagwI8dS6yjjzxQWme66-8USC_9tQd0WRal4mcufzHn-i12U7o6VsyH_LBCt_vHyuSjZfMDQRS0oJP6lZ14gD3wYuUMvvryjuHH3u4B1fh4Q_fx9aTdpt84GFTsnF9VKIZR4tJNwXyodfShpnQnZMRtMDpJTIcArywIN4mF6Fi6JfCpOOSvuuY-5F/_-125x40-/sb-relevance.js/ads-holder./Ad_Arub__ad3.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.E6_KbPKCLHw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxNjvvX3RjvN9782_P33VIYtByvNQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e57d9d65835aa3461f90c7924fb0309b2ec4c1c7ea750b73ffe3bb3acaef702

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-f3Zd2IfxS4CrgcjL9elYKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-f3Zd2IfxS4CrgcjL9elYKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 82 KB
29 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.E6_KbPKCLHw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxNjvvX3RjvN9782_P33VIYtByvNQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6177e0b25a5cc536dcb14e779ca96d927d8e0cea761aeb3a61738e540b73ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:56:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30103
x-xss-protection: 0
server: cafe
etag: 6866686437470933839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 15:56:33 GMT

POST
H3 204 AGSKWxWvjMXcHOagA9tizbqv3c5f6e9lBkzaHWdUkl7dr1v8j2Q89iugdj0BZ997bDnT8are-FUcFAPyXqCc5WOXs6sdwAWY3taamVx5LKGEnnLuHYmVZfwPIAIQ4NzR_tjehOweNaeYeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 18ms
18ms XHR
text/html 2404:6800:4003:c11::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWvjMXcHOagA9tizbqv3c5f6e9lBkzaHWdUkl7dr1v8j2Q89iugdj0BZ997bDnT8are-FUcFAPyXqCc5WOXs6sdwAWY3taamVx5LKGEnnLuHYmVZfwPIAIQ4NzR_tjehOweNaeYeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RUlu_DnUnUjzXVqmcA0xlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://workupload.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 15:04:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-RUlu_DnUnUjzXVqmcA0xlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://workupload.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWvjMXcHOagA9tizbqv3c5f6e9lBkzaHWdUkl7dr1v8j2Q89iugdj0BZ997bDnT8are-FUcFAPyXqCc5WOXs6sdwAWY3taamVx5LKGEnnLuHYmVZfwPIAIQ4NzR_tjehOweNaeYeQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 18ms
17ms XHR
text/html 2404:6800:4003:c11::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWvjMXcHOagA9tizbqv3c5f6e9lBkzaHWdUkl7dr1v8j2Q89iugdj0BZ997bDnT8are-FUcFAPyXqCc5WOXs6sdwAWY3taamVx5LKGEnnLuHYmVZfwPIAIQ4NzR_tjehOweNaeYeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-s0ZiRLp-PIJgoYzfDjFzZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://workupload.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 15:04:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-s0ZiRLp-PIJgoYzfDjFzZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://workupload.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWvjMXcHOagA9tizbqv3c5f6e9lBkzaHWdUkl7dr1v8j2Q89iugdj0BZ997bDnT8are-FUcFAPyXqCc5WOXs6sdwAWY3taamVx5LKGEnnLuHYmVZfwPIAIQ4NzR_tjehOweNaeYeQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 19ms
19ms XHR
text/html 2404:6800:4003:c11::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWvjMXcHOagA9tizbqv3c5f6e9lBkzaHWdUkl7dr1v8j2Q89iugdj0BZ997bDnT8are-FUcFAPyXqCc5WOXs6sdwAWY3taamVx5LKGEnnLuHYmVZfwPIAIQ4NzR_tjehOweNaeYeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wlSMjVprziddLWvG5EvCOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://workupload.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 15:04:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-wlSMjVprziddLWvG5EvCOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://workupload.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWvjMXcHOagA9tizbqv3c5f6e9lBkzaHWdUkl7dr1v8j2Q89iugdj0BZ997bDnT8are-FUcFAPyXqCc5WOXs6sdwAWY3taamVx5LKGEnnLuHYmVZfwPIAIQ4NzR_tjehOweNaeYeQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 26ms
26ms XHR
text/html 2404:6800:4003:c11::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWvjMXcHOagA9tizbqv3c5f6e9lBkzaHWdUkl7dr1v8j2Q89iugdj0BZ997bDnT8are-FUcFAPyXqCc5WOXs6sdwAWY3taamVx5LKGEnnLuHYmVZfwPIAIQ4NzR_tjehOweNaeYeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8J4NYH_UYErVQ7jPTLGpxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://workupload.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 15:04:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8J4NYH_UYErVQ7jPTLGpxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://workupload.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWu_lbtkwA_BPV6PvEsmLc0uZ1v7qSJ7qUMknc-U7km0qMA8kfBPQPEqwyJNaKao4K5H2-doHdAqcYBuG_Hyepf6rBWz2347WcEdISfyGZX2WN4imxR4PdAcVGyLM7_9Su61hOmjQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 45ms
45ms Script
application/javascript 2404:6800:4003:c11::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWu_lbtkwA_BPV6PvEsmLc0uZ1v7qSJ7qUMknc-U7km0qMA8kfBPQPEqwyJNaKao4K5H2-doHdAqcYBuG_Hyepf6rBWz2347WcEdISfyGZX2WN4imxR4PdAcVGyLM7_9Su61hOmjQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgxNTcxMDgzLDU0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93b3JrdXBsb2FkLmNvbS9maWxlLzVoZWZIbXEyQ2oyIixudWxsLFtbOCwiRTZfS2JQS0NMSHciXSxbOSwiemgtQ04iXSxbMTcsIltmYWxzZV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4fac761b54399ea3f8632262f16b0ab21f45524831d33a83a4914055893730c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-39asV0ZQMbtZHZ9kffamrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://workupload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 15:04:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-39asV0ZQMbtZHZ9kffamrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame CF3E 0
127 B 4ms
4ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 15 Apr 2023 15:04:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H3 204 AGSKWxX1XU6L6mdF37Eo3Rd7TwSvfKyrhgxFShb1mse0EPBfG5QGT_I-I4ISg5fXw2ri-yo5OS52MpqXX8sW6MsGf7jiZ7LsFfd1Jts_f2q-1vojPWafRlRlkkdxxz8XfURgEZ63pSAN7A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 20ms
20ms XHR
text/html 2404:6800:4003:c11::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX1XU6L6mdF37Eo3Rd7TwSvfKyrhgxFShb1mse0EPBfG5QGT_I-I4ISg5fXw2ri-yo5OS52MpqXX8sW6MsGf7jiZ7LsFfd1Jts_f2q-1vojPWafRlRlkkdxxz8XfURgEZ63pSAN7A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vl9IlkV9uCw6px09GZSKFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://workupload.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 15:04:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vl9IlkV9uCw6px09GZSKFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://workupload.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.workupload.com/	1970-01-20 11:06:32	Name: token Value: nq2gu97lq6s3el4ik4hr3nv1ok
.workupload.com/	1970-01-20 20:27:47	Name: __gads Value: ID=730f934049b6df10-22ce99221adf00d2:T=1681571081:RT=1681571081:S=ALNI_MYGSMq2crITaXioZu8h3ZFkZh8BaA
.workupload.com/	1970-01-20 20:27:47	Name: __gpi Value: UID=00000bf4d31e9eb4:T=1681571081:RT=1681571081:S=ALNI_MbftVTnC28GRL8gh754Vw6oeRzdlw
.doubleclick.net/	1970-01-20 20:42:11	Name: IDE Value: AHWqTUmsNbCp1do9oClzPxikuhtc6IAcSCztpdFrEvmDLJZcHgQLH6-4x2aLYoqhK6k
.doubleclick.net/	1970-01-20 11:06:14	Name: DSID Value: NO_DATA
.workupload.com/	1970-01-20 19:51:47	Name: FCNEC Value: %5B%5B%22AKsRol81A3YjCi4clDXzljgbEEjs5VZF7iVldURPdedXpZdHh7oUHH9bSOqxW7WobaheYIAqznBt6BsXsg6GggOkpK6H7CPQdODKAEoysZ_yvRLQ31WN7ene3nhUOOq3Ml1CoYxsxQvmjSjG-lfN50O0YAYQfL_VmA%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.as.criteo.com
adservice.google.com
adservice.google.com.sg
cat.sg1.as.criteo.com
cdnjs.cloudflare.com
csm.as.criteo.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
rtb.jp2.as.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
workupload.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.132.152.244
182.161.73.132
2404:6800:4003:c00::5e
2404:6800:4003:c01::9a
2404:6800:4003:c01::9c
2404:6800:4003:c02::9c
2404:6800:4003:c03::84
2404:6800:4003:c03::9b
2404:6800:4003:c06::67
2404:6800:4003:c0f::5e
2404:6800:4003:c0f::9d
2404:6800:4003:c11::5f
2404:6800:4003:c11::66
2406:2600:4::13
2406:2600:7:100::1
2406:2600:7:100::15
2406:2600:7:100::7
2406:2600:7:100::f
2606:4700::6811:180e
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
11ad59fb6b7c32f08093d5c7b922ae66d3621719bff45c6b6ecc3aa26d65580c
11dfb2364d5996f7c0b92c398cb04294e901cfc2c462ebce4203f75eab13539f
11e4342c37d88d69519e3d4be0ed9da7c51f1febe2abc7944745fc583b29c3a3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e3cf85263ac38036e6d058b800b54c56246185e0517af21309a0e983390f4f4
1fff721baec9b6f5f141fa80b68b1a70235ceaab832f45803523d1e156d3c3c1
2233e4412d4317370c6fba24575824f423ab3921170bea9f773926da71c7e551
23d1f966ba2f7b4905ae0812ba65412d96bc6022e29c4fcdb1e506735a00490f
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e57d9d65835aa3461f90c7924fb0309b2ec4c1c7ea750b73ffe3bb3acaef702
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4e5121cdc6135c30476d258909c0e815737033f335812ab770213f967b7bd
32e8a75d061089f241a75acc7012016d9a30dda48eb418c1a537589c1d27c2ea
36bd4bce73bd1293041f63bfa13af833307380c0edcf2eb71418ffc2b7405380
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
49f737f7e71561d9dfbb040bcdabf0b9e874dea4c21bccfd1515d00e59953ae7
4c4340a531346f01a3221cab8b25ee1711c8be6d3c08dca8ef41fba195f91b98
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9605c496b853f222ff4d91123587eaba7fe512ea389babb31d27a66a1f1bcb
4eb92ff7b149f52307d492e2e7d646c3347fa433f8632bc204269ee2480e412b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5cbcd38ed0e6b90400eeec682eb41cbfca8d756f635ca053161510770adb7675
5eba9b0e1ac27a12b0e6a77aeeebe29fd220ffc949d2403342ed926921c83c4c
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7a0016ee726d38f6d9b2b217c3baaef6c2238039c189b160df152aa6d2a9d1f5
7de1ba9e6dfb2ff5986b0383e47de691469243a0ab2886ab5b10c2103ec900c4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
96d7fb75113564ed7133c73cb24a08dbb03d638fac2733ac09fa4ad878ae8157
9f9003a305502681a34513ecdd3bd23fd39d8b976bf8e278249a87592b67a048
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0
ad885c9ecffe5091fae72b5ea3842772f1f3101ef5a34257125c432c7b32c1e5
ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b94ca2e1e891af5e06ed5b6b75a421443fea89d11f3977caec6e19f4db09f0d0
be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f
c156f42296e1f5083dec35cf0864aa3c3839cf403bd0f08156917dd150a28efc
c6177e0b25a5cc536dcb14e779ca96d927d8e0cea761aeb3a61738e540b73ac1
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
cee245c2ec584f300649513e8b821658b5b3b5ca266a02cc5b4624282e72505f
cfc5ac3bd5130b82195c9f5ae0b2f981725d8e8edaababcf764cf8b646b8c9f0
d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375
d3efe694cd26352f2f29d422d732cf264dfabe3ada62179d1fea814277201cc8
d4ac9efd03c557527c4fdf92a6343a2aefa0f0a819d4cbeff002e222a7608f20
d83f93aef6af25603096b4b44ccbe0fbf401c5306e906ada909cf8adfdb5d0a2
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fac761b54399ea3f8632262f16b0ab21f45524831d33a83a4914055893730c
e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f
eac4f4d762c7c4ac8e6abab139e7ceb30f25ecfd2811a6461834a757cf97d158
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

workupload.com Open in urlscan Pro 142.132.152.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

87 Requests

100 %HTTPS

89 %IPv6

12 Domains

21 Subdomains

20 IPs

4 Countries

1303 kBTransfer

3250 kBSize

6 Cookies

0 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

workupload.com Open in urlscan Pro
142.132.152.244 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

100 %
HTTPS

89 %
IPv6

12
Domains

21
Subdomains

20
IPs

4
Countries

1303 kB
Transfer

3250 kB
Size

6
Cookies

87 HTTP transactions
2 data transactions