urlscan.io logo urlscan.io
SecurityTrails logo

workupload.com Open in urlscan Pro
193.111.198.62  Public Scan

Go To Rescan Add Verdict Report
URL: https://workupload.com/file/ju89wm5xMDy
Submission Tags: falconsandbox
Submission: On August 01 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 7 domains to perform 67 HTTP transactions. The main IP is 193.111.198.62, located in Germany and belongs to MYLOC-AS IP Backbone of myLoc managed IT AG, DE. The main domain is workupload.com. The Cisco Umbrella rank of the primary domain is 296448.
TLS certificate: Issued by R10 on June 21st 2024. Valid for: 3 months.
This is the only time workupload.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 193.111.198.62 24961 (MYLOC-AS ...)
4 49.13.126.162 24940 (HETZNER-AS)
12 172.217.197.155 15169 (GOOGLE)
1 4 172.217.222.157 15169 (GOOGLE)
12 74.125.192.100 15169 (GOOGLE)
1 172.217.222.154 15169 (GOOGLE)
1 209.85.232.132 15169 (GOOGLE)
10 142.251.174.132 15169 (GOOGLE)
1 173.194.68.154 15169 (GOOGLE)
1 142.251.174.103 15169 (GOOGLE)
1 172.217.29.163 15169 (GOOGLE)
67 12
19    193.111.198.62 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv10131.epyc.dedi.server-hosting.expert
workupload.com
4    49.13.126.162 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.162.126.13.49.clients.your-server.de
t.workupload.com
12    172.217.197.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f155.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
4    172.217.222.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f157.1e100.net
securepubads.g.doubleclick.net
12    74.125.192.100 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f100.1e100.net
fundingchoicesmessages.google.com
1    172.217.222.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f154.1e100.net
securepubads.g.doubleclick.net
1    209.85.232.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f132.1e100.net
24ea2650dfc1b6eb3f26e7cf7a819493.safeframe.googlesyndication.com
10    142.251.174.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f132.1e100.net
cdn.ampproject.org
tpc.googlesyndication.com
1    173.194.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f154.1e100.net
www.googleadservices.com
1    142.251.174.103 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f103.1e100.net
www.google.com
1    172.217.29.163 (United States)

ASN15169 (GOOGLE, US)
PTR: pngrua-ae-in-f3.1e100.net
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
23 workupload.com
workupload.com — Cisco Umbrella Rank: 296448
t.workupload.com — Cisco Umbrella Rank: 478091
427 KB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
24ea2650dfc1b6eb3f26e7cf7a819493.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
398 KB
13 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
www.google.com — Cisco Umbrella Rank: 10
207 KB
9 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
195 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 382
104 KB
1 gstatic.com
csi.gstatic.com
234 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
20 B
67 7
Domain Requested by
19 workupload.com workupload.com
12 fundingchoicesmessages.google.com workupload.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
8 pagead2.googlesyndication.com workupload.com
pagead2.googlesyndication.com
5 tpc.googlesyndication.com workupload.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 securepubads.g.doubleclick.net 1 redirects workupload.com
securepubads.g.doubleclick.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
workupload.com
4 t.workupload.com workupload.com
t.workupload.com
1 csi.gstatic.com pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 www.googleadservices.com workupload.com
1 24ea2650dfc1b6eb3f26e7cf7a819493.safeframe.googlesyndication.com securepubads.g.doubleclick.net
67 12

This site contains no links.

Subject Issuer Validity Valid
workupload.com
R10		 2024-06-21 -
2024-09-19		 3 months crt.sh
t.workupload.com
E5		 2024-07-07 -
2024-10-05		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
misc-sni.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://workupload.com/file/ju89wm5xMDy
Frame ID: 1E479A662CC73C112238F842A0B436B5
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240729/r20110914/zrt_lookup_fy2021.html
Frame ID: 0068384D53E629284C0D7BA7F0288920
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8961155381801811&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1722515182&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fworkupload.com%2Ffile%2Fju89wm5xMDy&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~27_4~30_19&aiixl=32_9~27_3~30_6&aslmct=0.7&asamct=0.7&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1722515181573&bpp=4&bdt=430&idt=524&shv=r20240729&mjsv=m202407300101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2443642137463&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31085664%2C95334528%2C95334830%2C95337868%2C95338227%2C31085792%2C31084185%2C95339222%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3661729144673433&tmod=1960643477&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fworkupload.com%2Ffile%2Fju89wm5xMDy&fc=1920&brdim=1200%2C1170%2C1200%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=561
Frame ID: 33A8425F17136ADCF6674B28995CA021
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: F88178DDE8B86EEEFD537B8A78FD16EE
Requests: 1 HTTP requests in this frame

Frame: https://24ea2650dfc1b6eb3f26e7cf7a819493.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1C2035AB1F5199C5A18E417E88415B99
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240729/r20110914/zrt_lookup_fy2021.html
Frame ID: 74F86D62E45B11D7542BCA3AD1E2347A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240729/r20110914/zrt_lookup_fy2021.html
Frame ID: 65FC588F65ED3B37A095BA98A91E3B92
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs
Frame ID: 040EA0334F8C72222117B2DFCC856EFC
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 56949973CC9EFE2226904B7381EE9692
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D8394DB064AC7C58D80834DAD34E9347
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MyHentaiFantasy-0.10.1-pc-linux.zip

Page URL History Show full URLs

  1. https://workupload.com/file/ju89wm5xMDy Page URL
  2. https://workupload.com/file/ju89wm5xMDy Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

67
Requests

96 %
HTTPS

0 %
IPv6

7
Domains

12
Subdomains

12
IPs

2
Countries

1331 kB
Transfer

4330 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://workupload.com/file/ju89wm5xMDy Page URL
  2. https://workupload.com/file/ju89wm5xMDy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CZwu67n6rZv2IIt2aqMwPwauvuAXy84nmdYjizJSXE_i8iqOZARABIKKwqR5g_aCZgegDoAHNhZPzAsgBAuACAKgDAcgDCKoE8QFP0PEOlwo9-sO-nBZ-_y2LA2T143hVnmU20XPHJmFyHKHM8Er2vkGA2vBJAl0Xr2L6DiuE0M8TC06kIaMkATT9MQUi44-pj3A8jRmr2oLJcMzjNifnijtQgL0sZMUbhv98LmI3aiQ-aSzEo6zGoAWn3PUAWbRg3UfUMvROLl1NUFcnqWUQGRCzg8jHjexehK35c8jjcygQM7x0WpfMIRLYok5ZEUAQIJeAMXzRj8mh2NqKaeU5AJzr6GdtSRoR3UXkTZUMUSBt8uICPpN3xbaLoXy1wdUEevxaoK1qWcnN1S9Rjborjissg4bcrLSQyl0XwATX2tbJ5ATgBAGIBeCBvp9OkgUECAQYAZIFBAgFGASgBgKAB4e1pJMEqAfZtrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwHyBwQQwchG0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WLyDzYzl04cDmgnpAWh0dHBzOi8vaDUuZzEyMy5qcC9nYW1lL2JsYWNrbGFnb29uP3BsYXRmb3JtPWF1dG8mdXRtX3NvdXJjZT1nb29nbGUmdXRtX2NhbXBhaWduPWJsYWNrbGFnb29uX2VuX05ld0Rpc3BsYXlDcmVhdGVyb2xlT3B0aW1pemVQbGFjZW1lbnRfYWRuX2FsbCZ1dG1fYWRncm91cD1jcl9ub3JtYWxfcGxhY2VtZW50X1VTZ2FtZV9zcCZ1dG1fY29udGVudD1ibGFja2xhZ29vbjIwMjQwMjA5X2phX3IyXzMzNi0yODAuanBngAoByAsB2gwQCgoQgPjNjIOAt_4yEgIBA-INEwiAuc2M5dOHAxVdDYoDHcHVC1fYEwzQFQGAFwGyFx4KHAgAEhRwdWItODk2MTE1NTM4MTgwMTgxMRiCmiGyGAkSArBTGAIiAQDoGAE&sigh=_GM9NpPs8KU&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTwDaQooLdsc4JA92-gVsK_CfQ6ogfMQvM8Kv-gFqC5OGTvgo5RwoCjgDakkEwu9FyiATxd3gg7OpEcfXG8nh-kKWAAxrj3L908Ylk5MgLvkYAQ HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x604d34030adfc99e0000000000000000%22,%222%22:%220x2f11217de8b4d1900000000000000000%22,%223%22:%220xcf46bcf7b9fbc81e0000000000000000%22,%224%22:%220x6612a2a03b8ac5c30000000000000000%22,%225%22:%220xf0a0d1b3d65f09780000000000000000%22},%22debug_key%22:%2214072378043208799434%22,%22debug_reporting%22:true,%22destination%22:%22https://g123.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22778355405%22],%2222%22:[%22true%22],%224%22:[%2208-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210230266284140106017%22}&andc=true
Request Chain 58
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ju89wm5xMDy
workupload.com/file/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://workupload.com/file/ju89wm5xMDy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
ebc4fb8dda8e6782794df3b82d86848c262932c679f52703c032f59f3315ac24

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1542
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Aug 2024 12:26:19 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding
39b9ad5.js
workupload.com/js/ 		358 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://workupload.com/js/39b9ad5.js?v=KUUBLZ75
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
2451747b0d4bdd57f0e185612c58a9a3a9eb1f353184922a4fa8cc5345c6b112

Request headers

Referer
https://workupload.com/file/ju89wm5xMDy
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 May 2024 18:31:02 GMT
Server
Apache
ETag
"596c5-619c42f8f68e0-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-control
public, max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
4280ebd.css
workupload.com/css/ 		222 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
ae261a290d0266af21d27563204ad3131d38abd9e416548e2247573b6df579b8

Request headers

Referer
https://workupload.com/file/ju89wm5xMDy
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:19 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 May 2024 10:17:14 GMT
Server
Apache
ETag
"37764-619a92bc51680-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-control
public, max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
38148
workupload_logo_medium.svg
workupload.com/bundles/app/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://workupload.com/bundles/app/img/workupload_logo_medium.svg
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
1e3cf85263ac38036e6d058b800b54c56246185e0517af21309a0e983390f4f4

Request headers

Referer
https://workupload.com/file/ju89wm5xMDy
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Server
Apache
ETag
"1936-60104d57f5342-gzip"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-control
public, max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2965
matomo.js
t.workupload.com/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.workupload.com/matomo.js
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
49.13.126.162 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.162.126.13.49.clients.your-server.de
Software
Apache/2.4.57 (Debian) /
Resource Hash

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2024 23:35:49 GMT
Server
Apache/2.4.57 (Debian)
ETag
"1042f-6131a8902bf40-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21709
roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
workupload.com/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://workupload.com/fonts/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
Requested by
Host: workupload.com
URL: https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
ad885c9ecffe5091fae72b5ea3842772f1f3101ef5a34257125c432c7b32c1e5

Request headers

Referer
https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Origin
https://workupload.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:20 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Server
Apache
ETag
"c3a4-60104d57f62e2"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
50084
puzzle
workupload.com/ 		289 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://workupload.com/puzzle
Requested by
Host: workupload.com
URL: https://workupload.com/js/39b9ad5.js?v=KUUBLZ75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
9ec88df3b4d597706063443f76aac1268b13ac51ef2a6501b0553b02a75f17d5

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://workupload.com/file/ju89wm5xMDy
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
219
captcha
workupload.com/ 		0
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://workupload.com/captcha
Requested by
Host: workupload.com
URL: https://workupload.com/js/39b9ad5.js?v=KUUBLZ75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://workupload.com/file/ju89wm5xMDy
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 01 Aug 2024 12:26:20 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
0
Content-Type
text/html; charset=UTF-8
matomo.php
t.workupload.com/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.workupload.com/matomo.php?action_name=workupload%20-%20Are%20you%20a%20human%3F&idsite=1&rec=1&r=918338&h=5&m=26&s=20&url=https%3A%2F%2Fworkupload.com%2Ffile%2Fju89wm5xMDy&_id=&_idn=1&send_image=0&_refts=0&pv_id=sZkMn6&pf_net=317&pf_srv=127&pf_tfr=2&pf_dm1=633&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: t.workupload.com
URL: https://t.workupload.com/matomo.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
49.13.126.162 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.162.126.13.49.clients.your-server.de
Software
Apache/2.4.57 (Debian) /
Resource Hash

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin
https://workupload.com
Date
Thu, 01 Aug 2024 12:26:20 GMT
Access-Control-Allow-Credentials
true
Server
Apache/2.4.57 (Debian)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Primary Request ju89wm5xMDy
workupload.com/file/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://workupload.com/file/ju89wm5xMDy
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
58257067b091190d312bc97141c1f1e38e2096f95dc183e129420418fdd8b5f2

Request headers

Referer
https://workupload.com/file/ju89wm5xMDy
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, private, must-revalidate, no-cache, private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
4389
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Aug 2024 12:26:21 GMT
Keep-Alive
timeout=5, max=97
Server
Apache
Vary
Accept-Encoding
translations.js
workupload.com/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://workupload.com/translations.js?en
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
6d40635a24497320a8278f088be04645bbc15a7462408d0c485a5d7f97e1f28c

Request headers

Referer
https://workupload.com/file/ju89wm5xMDy
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
cache
Date
Thu, 01 Aug 2024 12:26:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
19431
Expires
Thu, 01 Aug 2024 13:26:21 GMT
39b9ad5.js
workupload.com/js/ 		358 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://workupload.com/js/39b9ad5.js?v=KUUBLZ75
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
2451747b0d4bdd57f0e185612c58a9a3a9eb1f353184922a4fa8cc5345c6b112

Request headers

Referer
https://workupload.com/file/ju89wm5xMDy
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 May 2024 18:31:02 GMT
Server
Apache
ETag
"596c5-619c42f8f68e0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-control
public, max-age=3600
Accept-Ranges
bytes
4280ebd.css
workupload.com/css/ 		222 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
ae261a290d0266af21d27563204ad3131d38abd9e416548e2247573b6df579b8

Request headers

Referer
https://workupload.com/file/ju89wm5xMDy
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:19 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 May 2024 10:17:14 GMT
Server
Apache
ETag
"37764-619a92bc51680-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-control
public, max-age=3600
Accept-Ranges
bytes
Content-Length
38148
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8961155381801811
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
7b6cd8157f019a162991a6036aa4ba66a05b12216811b4628bbf5b203839e193
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Origin
https://workupload.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53467
x-xss-protection
0
server
cafe
etag
6945584003953718394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 01 Aug 2024 12:26:21 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
b33cd57f74018b5451cd4c4212535e0fed31c7afc2ac4f3c6e79d76eed512b29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31719
x-xss-protection
0
server
cafe
etag
485 / 19936 / 31085717 / config-hash: 558971391453262836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 01 Aug 2024 12:26:21 GMT
pub-8961155381801811
fundingchoicesmessages.google.com/i/ 		202 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-8961155381801811?ers=1
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f100.1e100.net
Software
ESF /
Resource Hash
7abbd1df22aab0aacc9bde74f5222af0e6c2a0f82dd2e4674a26b2f0337647c8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-MKUZQoaxzlziR2OEKXH1Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:21 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-MKUZQoaxzlziR2OEKXH1Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HG__rt3KJjBh_5dLTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBubGBnoGJvEFBgDVYzzv"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
workupload_logo_medium.svg
workupload.com/bundles/app/img/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://workupload.com/bundles/app/img/workupload_logo_medium.svg
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
1e3cf85263ac38036e6d058b800b54c56246185e0517af21309a0e983390f4f4

Request headers

Referer
https://workupload.com/file/ju89wm5xMDy
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Server
Apache
ETag
"1936-60104d57f5342-gzip"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-control
public, max-age=3600
Accept-Ranges
bytes
Content-Length
2965
ju89wm5xMDy
workupload.com/qr/file/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://workupload.com/qr/file/ju89wm5xMDy
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
b37200df10950930890afc0f2c641307b1da7dbac07596e0a6da838f7cc2bc32

Request headers

Referer
https://workupload.com/file/ju89wm5xMDy
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:21 GMT
Cache-Control
max-age=0, private, must-revalidate, no-cache, private
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Transfer-Encoding
chunked
Content-Type
image/png
workupload_logo_small.svg
workupload.com/bundles/app/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://workupload.com/bundles/app/img/workupload_logo_small.svg
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
4e9605c496b853f222ff4d91123587eaba7fe512ea389babb31d27a66a1f1bcb

Request headers

Referer
https://workupload.com/file/ju89wm5xMDy
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Server
Apache
ETag
"907-60104d57f5342-gzip"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-control
public, max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1282
matomo.js
t.workupload.com/ 		65 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://t.workupload.com/matomo.js
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
49.13.126.162 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.162.126.13.49.clients.your-server.de
Software
Apache/2.4.57 (Debian) /
Resource Hash
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2024 23:35:49 GMT
Server
Apache/2.4.57 (Debian)
ETag
"1042f-6131a8902bf40-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
21709
fontawesome-webfont.woff2
workupload.com/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://workupload.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: workupload.com
URL: https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Origin
https://workupload.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:21 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Server
Apache
ETag
"12d68-60104d57f62e2"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
77160
roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
workupload.com/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://workupload.com/fonts/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
Requested by
Host: workupload.com
URL: https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4

Request headers

Referer
https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Origin
https://workupload.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:21 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Server
Apache
ETag
"c440-60104d57f62e2"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
50240
roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2
workupload.com/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://workupload.com/fonts/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2
Requested by
Host: workupload.com
URL: https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f

Request headers

Referer
https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Origin
https://workupload.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:21 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Server
Apache
ETag
"c414-60104d57f62e2"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
50196
roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
workupload.com/fonts/ 		49 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://workupload.com/fonts/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
Requested by
Host: workupload.com
URL: https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
ad885c9ecffe5091fae72b5ea3842772f1f3101ef5a34257125c432c7b32c1e5

Request headers

Referer
https://workupload.com/css/4280ebd.css?v=KUUBLZ75
Origin
https://workupload.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:20 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"c3a4-60104d57f62e2"
Content-Length
50084
Content-Type
font/woff2
matomo.php
t.workupload.com/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.workupload.com/matomo.php?action_name=MyHentaiFantasy-0.10.1-pc-linux.zip&idsite=1&rec=1&r=070299&h=5&m=26&s=21&url=https%3A%2F%2Fworkupload.com%2Ffile%2Fju89wm5xMDy&urlref=https%3A%2F%2Fworkupload.com%2Ffile%2Fju89wm5xMDy&_id=&_idn=1&send_image=0&_refts=0&pv_id=JEvVzM&pf_net=0&pf_srv=340&pf_tfr=8&pf_dm1=180&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: t.workupload.com
URL: https://t.workupload.com/matomo.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
49.13.126.162 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.162.126.13.49.clients.your-server.de
Software
Apache/2.4.57 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin
https://workupload.com
Date
Thu, 01 Aug 2024 12:26:21 GMT
Access-Control-Allow-Credentials
true
Server
Apache/2.4.57 (Debian)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407300101/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407300101/slotcar_library_fy2021.js?bust=31085792
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8961155381801811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
e4fc0b373ae69a35c9296666c64cead36c843b2b0457e34d22708335891dbf2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31414
x-xss-protection
0
server
cafe
etag
2453781257760310866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Aug 2024 12:26:22 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407300101/ 		425 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407300101/show_ads_impl_fy2021.js?bust=31085792
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8961155381801811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
68aeee4b71dae9e3245febe674ed195f11a7432054ca7aaae3cf18f4a4cb0bf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146687
x-xss-protection
0
server
cafe
etag
3245714218356035354
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Aug 2024 12:26:21 GMT
AGSKWxXvKQcUMzsq3eSXzeB_t9vmHSO1JQVG8LzyNzwQiHAOIV_9yu407E5iIHee3m6iLH35YzlIlcYWQxGAuSMKX2vHxqQCBs4nLxDDHLgVRFCBeU8jUw7s-ce3JNDkfMKQqZz9ZVLlKg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXvKQcUMzsq3eSXzeB_t9vmHSO1JQVG8LzyNzwQiHAOIV_9yu407E5iIHee3m6iLH35YzlIlcYWQxGAuSMKX2vHxqQCBs4nLxDDHLgVRFCBeU8jUw7s-ce3JNDkfMKQqZz9ZVLlKg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyNTE1MTgxLDg5NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93b3JrdXBsb2FkLmNvbS9maWxlL2p1ODl3bTV4TUR5IixudWxsLFtbOCwiWFFObnRsd1RsT2siXSxbOSwiZW4tVVMiXSxbMjIsImZhbHNlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDE4OV0sbnVsbCwyXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.XQNntlwTlOk.es5.O/am=Phg/d=1/rs=AJlcJMxGNtqRTwNVqmVNYg0k_5cenIbP-w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f100.1e100.net
Software
ESF /
Resource Hash
f9d0ac1be66870182f8e231067715b68f917931859b7df54a8b36f14580dd292
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-upP-mH3951g1HYkKFxxmqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-upP-mH3951g1HYkKFxxmqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmII1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HG__rt3KJjDh15ZDzEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBubGBnoGJvEFBgDVcDzh"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/ 		474 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
c5e1629c5fdb7d18753448f9095701331d3ece89f2e44513c517efaefd24610b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:34:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
49910
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151374
x-xss-protection
0
server
cafe
etag
16932859754834633169
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 31 Jul 2025 22:34:32 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240729/r20110914/ Frame 0068 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240729/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407300101/show_ads_impl_fy2021.js?bust=31085792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
70782
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jul 2024 16:46:40 GMT
etag
2738592464165616
expires
Wed, 14 Aug 2024 16:46:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 33A8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8961155381801811&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1722515182&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fworkupload.com%2Ffile%2Fju89wm5xMDy&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~27_4~30_19&aiixl=32_9~27_3~30_6&aslmct=0.7&asamct=0.7&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1722515181573&bpp=4&bdt=430&idt=524&shv=r20240729&mjsv=m202407300101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2443642137463&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31085664%2C95334528%2C95334830%2C95337868%2C95338227%2C31085792%2C31084185%2C95339222%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3661729144673433&tmod=1960643477&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fworkupload.com%2Ffile%2Fju89wm5xMDy&fc=1920&brdim=1200%2C1170%2C1200%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=561
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407300101/show_ads_impl_fy2021.js?bust=31085792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
97063
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Aug 2024 12:26:22 GMT
expires
Thu, 01 Aug 2024 12:26:22 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
22138162
fundingchoicesmessages.google.com/i/ 		202 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22138162?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f100.1e100.net
Software
ESF /
Resource Hash
75f52a1c78a5085e5ce0e58397636ef7488846622e43d5298f2f7121987871d6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rE8KJlq-xx5moEjfRgfC6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rE8KJlq-xx5moEjfRgfC6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw15BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HO_-rt3KJnDgxKt5jEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBubGBnoGJvEFBgDXWTzu"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8961155381801811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame F881 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f154.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2186
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28869
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Aug 2024 11:49:56 GMT
expires
Thu, 01 Aug 2024 12:39:56 GMT
last-modified
Mon, 29 Jul 2024 19:44:55 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		102 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3661729144673433&correlator=399031436109542&eid=31079956%2C31083340%2C31085717%2C31084181%2C95332149%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290201&ptt=17&impl=fifs&gdpr=0&iu_parts=22138162%2Cfile_top%2Cfile_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=336x280%7C320x100%7C300x250%2C300x250%7C320x100%7C336x280%7C728x90%7C970x250&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1722515182483&lmt=1722515182&adxs=549%2C-9&adys=259%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fworkupload.com%2Ffile%2Fju89wm5xMDy&ref=https%3A%2F%2Fworkupload.com%2Ffile%2Fju89wm5xMDy&vis=1&psz=533x121%7C0x-1&msz=503x100%7C0x-1&fws=0%2C2&ohw=0%2C0&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722515181143&idt=1083&adks=2370457665%2C571498370&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
8082d65e967cd35198fa79468dd87080f0a45cea8d90820d3d40641297c130da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15976
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://workupload.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
24ea2650dfc1b6eb3f26e7cf7a819493.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1C20 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://24ea2650dfc1b6eb3f26e7cf7a819493.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Aug 2024 12:26:22 GMT
expires
Thu, 01 Aug 2024 12:26:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
fundingchoicesmessages.google.com/f/AGSKWxXbQPEJDyomgyTtHX9_3Qfk-X9GgfO-MnPcxTj1OJqaXQ5niVumGObtMgn_sbWaTwi4GTKIG5F4fiKEXCDPZt5ok2cT_sIRlNnKERlAyzOJG0gqHZH4_MnVz1jf0-F_Apbvb3X9bhquq-IVOco6P5UgBIE5e... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXbQPEJDyomgyTtHX9_3Qfk-X9GgfO-MnPcxTj1OJqaXQ5niVumGObtMgn_sbWaTwi4GTKIG5F4fiKEXCDPZt5ok2cT_sIRlNnKERlAyzOJG0gqHZH4_MnVz1jf0-F_Apbvb3X9bhquq-IVOco6P5UgBIE5enVcp8XFI7rlkIdcuXuyMZOOAuw3_T6C/_/dif/?cid/adx2./promo/affiframe./AdsRotateNEW2right.?adtype=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.XQNntlwTlOk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwR7wpTMupHGJohtdPPtWUo2fdLMA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f100.1e100.net
Software
ESF /
Resource Hash
e398b018fb871e4b68d9882eaccd5609ef1937e12ab1e9ba0947c5951a67478f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-l8RSr3Nzp6RN5BngRxE-Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-l8RSr3Nzp6RN5BngRxE-Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HO_-rt3KJvBh4r51TEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBubGBnoGJvEFBgDP0jzJ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.XQNntlwTlOk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwR7wpTMupHGJohtdPPtWUo2fdLMA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
65c4fa6a93a564c4d9760b3d49512314dba8c47d12f1856f8913cfe025ec3572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 11:28:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3458
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25926
x-xss-protection
0
server
cafe
etag
5927158249935957511
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 01 Aug 2024 12:28:44 GMT
AGSKWxVvnSMGBbkVRs36abFDcP_DToiRvHetaa2kJsLjC9dP60WuEptU1RWyvaua_UFtPRVhbgK3UOcqdHRWlQGYQmmickME62EU0Yg4iLD73WXaGWwsBFHqJo5tsOzKZRmvEe85Zv3RdQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvnSMGBbkVRs36abFDcP_DToiRvHetaa2kJsLjC9dP60WuEptU1RWyvaua_UFtPRVhbgK3UOcqdHRWlQGYQmmickME62EU0Yg4iLD73WXaGWwsBFHqJo5tsOzKZRmvEe85Zv3RdQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.XQNntlwTlOk.es5.O/am=Phg/d=1/rs=AJlcJMxGNtqRTwNVqmVNYg0k_5cenIbP-w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8OZH0MAx-_0sZCsD8gpDKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Aug 2024 12:26:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8OZH0MAx-_0sZCsD8gpDKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yDq9_hLrfCAW4uF493ftVjaBHZe2v2FScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiYG5sYGegbm8QUGAFP4MIQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://workupload.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVvnSMGBbkVRs36abFDcP_DToiRvHetaa2kJsLjC9dP60WuEptU1RWyvaua_UFtPRVhbgK3UOcqdHRWlQGYQmmickME62EU0Yg4iLD73WXaGWwsBFHqJo5tsOzKZRmvEe85Zv3RdQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvnSMGBbkVRs36abFDcP_DToiRvHetaa2kJsLjC9dP60WuEptU1RWyvaua_UFtPRVhbgK3UOcqdHRWlQGYQmmickME62EU0Yg4iLD73WXaGWwsBFHqJo5tsOzKZRmvEe85Zv3RdQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.XQNntlwTlOk.es5.O/am=Phg/d=1/rs=AJlcJMxGNtqRTwNVqmVNYg0k_5cenIbP-w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8ymwBG7pKZa5i75nqveztQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Aug 2024 12:26:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-8ymwBG7pKZa5i75nqveztQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yDqj_hLrAiAW4uF493ftVjaBGc-_vWVScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiYG5sYGegbm8QUGAGOdMLs"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://workupload.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVvnSMGBbkVRs36abFDcP_DToiRvHetaa2kJsLjC9dP60WuEptU1RWyvaua_UFtPRVhbgK3UOcqdHRWlQGYQmmickME62EU0Yg4iLD73WXaGWwsBFHqJo5tsOzKZRmvEe85Zv3RdQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvnSMGBbkVRs36abFDcP_DToiRvHetaa2kJsLjC9dP60WuEptU1RWyvaua_UFtPRVhbgK3UOcqdHRWlQGYQmmickME62EU0Yg4iLD73WXaGWwsBFHqJo5tsOzKZRmvEe85Zv3RdQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.XQNntlwTlOk.es5.O/am=Phg/d=1/rs=AJlcJMxGNtqRTwNVqmVNYg0k_5cenIbP-w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-02sZlwe8zo4qeT8nzKawtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Aug 2024 12:26:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-02sZlwe8zo4qeT8nzKawtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Hu79qtbAIz5kx6y6TkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMjQ30DMzjCwwAbuksIw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://workupload.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVvnSMGBbkVRs36abFDcP_DToiRvHetaa2kJsLjC9dP60WuEptU1RWyvaua_UFtPRVhbgK3UOcqdHRWlQGYQmmickME62EU0Yg4iLD73WXaGWwsBFHqJo5tsOzKZRmvEe85Zv3RdQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvnSMGBbkVRs36abFDcP_DToiRvHetaa2kJsLjC9dP60WuEptU1RWyvaua_UFtPRVhbgK3UOcqdHRWlQGYQmmickME62EU0Yg4iLD73WXaGWwsBFHqJo5tsOzKZRmvEe85Zv3RdQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.XQNntlwTlOk.es5.O/am=Phg/d=1/rs=AJlcJMxGNtqRTwNVqmVNYg0k_5cenIbP-w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rXlav-yF1pRGTx3nLPcvmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Aug 2024 12:26:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rXlav-yF1pRGTx3nLPcvmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yDq9_hLrfCAW4uF493ftVjaBCfMb3zEpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxMDc2MDPQPz-AIDACskL_Y"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://workupload.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVJHK5X5xsHHGxMsyvmwg5KTQbHBAjiFwf8hQF4F4Fpa7rvRhB1i1tVfinY1xPFLhBo_maWdf0RHXm7ZXhRZigsoHYw-W-eUngHn5pp9GOvgmVs0IEK63t66CAF0Q3ZcW9b7PSc5Q==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVJHK5X5xsHHGxMsyvmwg5KTQbHBAjiFwf8hQF4F4Fpa7rvRhB1i1tVfinY1xPFLhBo_maWdf0RHXm7ZXhRZigsoHYw-W-eUngHn5pp9GOvgmVs0IEK63t66CAF0Q3ZcW9b7PSc5Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyNTE1MTgyLDY3NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd29ya3VwbG9hZC5jb20vZmlsZS9qdTg5d201eE1EeSIsbnVsbCxbWzgsIlhRTm50bHdUbE9rIl0sWzksImVuLVVTIl0sWzIyLCJmYWxzZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQxODldLG51bGwsMl0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.XQNntlwTlOk.es5.O/am=Phg/d=1/rs=AJlcJMxGNtqRTwNVqmVNYg0k_5cenIbP-w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f100.1e100.net
Software
ESF /
Resource Hash
d52b9c5bb90b41bfa08526ac2c4dc9de6f8a15289f1c31db7993a9ee79f8d2ee
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OrdmyP-6EDkEHjLihHjkiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-OrdmyP-6EDkEHjLihHjkiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmII0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQBid62LrP5AvCTiIuuBxIusBx9fZD0JxIYKl1jtgViIh-Pd37Vb2QQmrL1_m0lJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDc2EDPwCS-wAAAmW8_dQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU9WB-0noZGtHyDDbKx5_S31BjIaXXbUMb1ggFNHPh4qTeAoAWMKQRKHVAnkLDPPFMerKf0Z6weYg-nyMzawusERZYCq13p9CV6wsAXHq9PtiN_3Hr83JB-W_MrG1pyE3XToBTe-w==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU9WB-0noZGtHyDDbKx5_S31BjIaXXbUMb1ggFNHPh4qTeAoAWMKQRKHVAnkLDPPFMerKf0Z6weYg-nyMzawusERZYCq13p9CV6wsAXHq9PtiN_3Hr83JB-W_MrG1pyE3XToBTe-w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyNTE1MTgyLDc4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93b3JrdXBsb2FkLmNvbS9maWxlL2p1ODl3bTV4TUR5IixudWxsLFtbOCwiWFFObnRsd1RsT2siXSxbOSwiZW4tVVMiXSxbMjIsImZhbHNlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDE4OV0sbnVsbCwyXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.XQNntlwTlOk.es5.O/am=Phg/d=1/rs=AJlcJMxGNtqRTwNVqmVNYg0k_5cenIbP-w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f100.1e100.net
Software
ESF /
Resource Hash
7f80d302141e8eceedc789d5b093dd3f6d9c1445cd40341acb6a7fc3deb832ee
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-r_UDe0lDIALwctxVNU1Adw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-r_UDe0lDIALwctxVNU1Adw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HO_-rt3KJrDgzcVuZiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA3NjAz0Dk_gCAwDKmjy9"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWXNjznbBiz7oUjuqRfiJYl-La-vPe2KKvidEyAokZZOQITjZgKBFezPX1BbHgAjZW3URb3r_dGiYdFXXp3uV_SM-aqA4dkhbwglx5fBCyB4Vfd5oBeu0Kq30IWFoNWWq-j8T6jUA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWXNjznbBiz7oUjuqRfiJYl-La-vPe2KKvidEyAokZZOQITjZgKBFezPX1BbHgAjZW3URb3r_dGiYdFXXp3uV_SM-aqA4dkhbwglx5fBCyB4Vfd5oBeu0Kq30IWFoNWWq-j8T6jUA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.XQNntlwTlOk.es5.O/am=Phg/d=1/rs=AJlcJMxGNtqRTwNVqmVNYg0k_5cenIbP-w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-If528SXKZhY6H4ax7MbbAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Aug 2024 12:26:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-If528SXKZhY6H4ax7MbbAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Hu79qtbAIvDh9cx6zkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMjQ30DMzjCwwAjSUsig"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://workupload.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407300101/ 		171 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407300101/reactive_library_fy2021.js?bust=31085792
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407300101/show_ads_impl_fy2021.js?bust=31085792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
10f583aaca271cf09865399a6abd295252d1c62eda55905ff22983baf0d8b514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59076
x-xss-protection
0
server
cafe
etag
15254133987119157049
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Aug 2024 12:26:23 GMT
ca-pub-8961155381801811
fundingchoicesmessages.google.com/i/ 		202 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-8961155381801811?href=https%3A%2F%2Fworkupload.com%2Ffile%2Fju89wm5xMDy&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407300101/show_ads_impl_fy2021.js?bust=31085792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f100.1e100.net
Software
ESF /
Resource Hash
b3f43a66b359aee1e088d55929f886fe9008e605a0e95b7fd8f3a2e78e74dc19
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-xx2RKhlzeXGCkMA_vPVawg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:23 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-xx2RKhlzeXGCkMA_vPVawg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw05BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxDPqL7EuAGIhbo73f9duZRNYsf67l5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgbmxgZ6BSXyBAQDBMEBg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240729/r20110914/ Frame 74F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240729/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407300101/show_ads_impl_fy2021.js?bust=31085792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
70782
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jul 2024 16:46:40 GMT
etag
2738592464165616
expires
Wed, 14 Aug 2024 16:46:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240729/r20110914/ Frame 65FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240729/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407300101/show_ads_impl_fy2021.js?bust=31085792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
70782
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jul 2024 16:46:40 GMT
etag
2738592464165616
expires
Wed, 14 Aug 2024 16:46:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012406241625000/ Frame 040E 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f132.1e100.net
Software
sffe /
Resource Hash
7330191facb7e2ececc564f92a6e4db89028c010eb1d46114c19615354f02bd1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Aug 2024 00:58:47 GMT
age
41257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56144
x-xss-protection
0
server
sffe
etag
"cc18f0752fb26ed7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Aug 2025 00:58:47 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012406241625000/v0/ Frame 040E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f132.1e100.net
Software
sffe /
Resource Hash
63a8ed4d42e2e14d5eeb92b559c0942083d03c633e8aa8d82511b06057b5790c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 31 Jul 2024 12:09:45 GMT
age
87399
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5218
x-xss-protection
0
server
sffe
etag
"a54ee7ef81300879"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 31 Jul 2025 12:09:45 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012406241625000/v0/ Frame 040E 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f132.1e100.net
Software
sffe /
Resource Hash
a1dc183a1e37c034f6528f4768d7912a229f7f25f9e4ed4ad283d0b1d7630551
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 31 Jul 2024 21:53:14 GMT
age
52390
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29004
x-xss-protection
0
server
sffe
etag
"ed67e306da4f50af"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 31 Jul 2025 21:53:14 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012406241625000/v0/ Frame 040E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f132.1e100.net
Software
sffe /
Resource Hash
bdb5fbbf823cdc9431ac0ac26c06d3106dbb27bed5297e1ff8a3da8d72a9bba9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Aug 2024 10:39:00 GMT
age
6444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
server
sffe
etag
"318c9ffc754fdb7f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Aug 2025 10:39:00 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012406241625000/v0/ Frame 040E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290201/pubads_impl.js?cb=31085717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f132.1e100.net
Software
sffe /
Resource Hash
26dca3cd2ff32a9934a9fe12f32f973e38263f497e28ef43175d81b78af04be2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 31 Jul 2024 15:35:24 GMT
age
75060
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12940
x-xss-protection
0
server
sffe
etag
"6b189ee8e91db6e8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 31 Jul 2025 15:35:24 GMT
truncated
/ Frame 040E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c52db49a19a398b8212684f78225280eecd7f6336fbe1f3106f0659bae7abfe

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
9237424570067760123
tpc.googlesyndication.com/daca_images/simgad/ Frame 040E 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/9237424570067760123
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f132.1e100.net
Software
sffe /
Resource Hash
1247a0ba615baaa5aa92ec216db884099eb4595d964773cd8ad273627dba5537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Tue, 30 Jul 2024 04:54:16 GMT
x-content-type-options
nosniff
age
199928
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67695
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 09:34:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Jul 2025 04:54:16 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 040E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f132.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 04:41:58 GMT
x-content-type-options
nosniff
server
cafe
age
27866
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 02 Aug 2024 04:41:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 040E 		295 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f132.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 04:23:19 GMT
x-content-type-options
nosniff
server
cafe
age
28985
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 02 Aug 2024 04:23:19 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 040E
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CZwu67n6rZv2IIt2aqMwPwauvuAXy84nmdYjizJSXE_i8iqOZARABIKKwqR5g_aCZgegDoAHNhZPzAsgBAuACAKgDAcgDCKoE8QFP0PEOlwo9-sO-nBZ-_y2LA2T143hVnmU20XPHJmFy...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x604d34030adfc99e0000000000000000%22,%222%22:%220x2f11217de8b4d1900000000000000000%22,%223%22:%220xcf46bc...
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x604d34030adfc99e0000000000000000%22,%222%22:%220x2f11217de8b4d1900000000000000000%22,%223%22:%220xcf46bcf7b9fbc81e0000000000000000%22,%224%22:%220x6612a2a03b8ac5c30000000000000000%22,%225%22:%220xf0a0d1b3d65f09780000000000000000%22},%22debug_key%22:%2214072378043208799434%22,%22debug_reporting%22:true,%22destination%22:%22https://g123.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22778355405%22],%2222%22:[%22true%22],%224%22:[%2208-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210230266284140106017%22}&andc=true
Requested by
Host: workupload.com
URL: https://workupload.com/file/ju89wm5xMDy
Protocol
H3
Server
173.194.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:24 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x604d34030adfc99e0000000000000000","2":"0x2f11217de8b4d1900000000000000000","3":"0xcf46bcf7b9fbc81e0000000000000000","4":"0x6612a2a03b8ac5c30000000000000000","5":"0xf0a0d1b3d65f09780000000000000000"},"debug_key":"14072378043208799434","debug_reporting":true,"destination":"https://g123.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["778355405"],"22":["true"],"4":["08-01"],"6":["true"]},"priority":"500","source_event_id":"10230266284140106017"}
server
cafe
content-type
text/css; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 01 Aug 2024 12:26:24 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 01 Aug 2024 12:26:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x604d34030adfc99e0000000000000000","2":"0x2f11217de8b4d1900000000000000000","3":"0xcf46bcf7b9fbc81e0000000000000000","4":"0x6612a2a03b8ac5c30000000000000000","5":"0xf0a0d1b3d65f09780000000000000000"},"debug_key":"14072378043208799434","debug_reporting":true,"destination":"https://g123.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["778355405"],"22":["true"],"4":["08-01"],"6":["true"]},"priority":"500","source_event_id":"10230266284140106017"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 040E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240729&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407300101/show_ads_impl_fy2021.js?bust=31085792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
37a0f5ca9b2eecd46c00b46a1e4b5acdc6a753eeb095d8e742890acc60d937b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12767
x-xss-protection
0
favicon.ico
workupload.com/favicon/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://workupload.com/favicon/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.111.198.62 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10131.epyc.dedi.server-hosting.expert
Software
Apache /
Resource Hash
61a6e7fda8a99059f65d45486454cc2f2d728defd75dd396af20113dbaf5e819

Request headers

Referer
https://workupload.com/file/ju89wm5xMDy
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 12:26:24 GMT
Last-Modified
Fri, 21 Jul 2023 20:08:53 GMT
Server
Apache
ETag
"3aee-60104d57f5342"
Content-Type
image/vnd.microsoft.icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
15086
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407300101/show_ads_impl_fy2021.js?bust=31085792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 01 Aug 2024 12:26:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5694 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
91899
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jul 2024 10:54:45 GMT
expires
Thu, 31 Jul 2025 10:54:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D839 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.103 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f103.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JUIjT1PtFlhu2izHOCIE3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://workupload.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JUIjT1PtFlhu2izHOCIE3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Aug 2024 12:26:25 GMT
expires
Thu, 01 Aug 2024 12:26:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 040E 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvqW5to6t8SDNhjSH8AMD8SikPE8OiWhKALy3G5PYU02KvU2k7XqEK1BTGwhzB4kaQzO2N9rOMDdGLZEAQ5RoTc_rQ2b2gdtzcD8yZMr33e-TlxuuK5mF1SAqJDibqwyoeiVsaSfRCrTMqP6Om5nCT_fCj3sPTuug&sai=AMfl-YTBFlaYbB--DMTMC_2J-ni9kTBr1m0ze-u26oLsFuLXJJhrakD7Wj38cmNeRHTC543MXBMiheA0ZIdTy45E1dDWLPqL0E5KNVVjnQYQLWxgbwVBcs90uvtAk3h2asvCw4KCb0qhlMcSB41T3j4r4g&sig=Cg0ArKJSzDUzyHR8s-w3EAE&cid=CAQSTwDaQooLdsc4JA92-gVsK_CfQ6ogfMQvM8Kv-gFqC5OGTvgo5RwoCjgDakkEwu9FyiATxd3gg7OpEcfXG8nh-kKWAAxrj3L908Ylk5MgLvkYAQ&id=ampim&o=632,259&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=930&tls=1930&g=100&h=100&tt=1930&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 12:26:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
csi
csi.gstatic.com/ 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lzb92d6s&ctx=0&met.9=1.zf~2.14y
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.29.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pngrua-ae-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://workupload.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 12:26:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240729&jk=3661729144673433&bg=!VValVhnNAAZTFZZkcxU7ADQBe5WfOBB7LcKFVJRFSXVGQ6BYvITH2R65Rtnwfx5lyCYEivP9MgjDBWdLXViqELPyzKMwAgAAAGZSAAAABWgBB34ANjSqh5iiiTf4KfqbaDHMmb2HgYuGB72DhMoNUmJoFqIvGADAByHzw6utlXny9el6hJomsZwKdpkDE4wf1wA7CZKeSHRkawiP0QaSuVXnSl0qaimb4U6UkicttND27FMwRZosuT0P-NHnw76KSCdD7oNOmxislORltfEQb6aXq0MHENy74Tq0yWqwpsdCEZQz3CkK31BYhzQa_KYcFxaxrvdLb8lGg0Nj9yS_7gOWWaCDTuM88aw26sJ98KHJqvb0DboC3PhYZVvibARJHCZMc6SKWgCBggNZ_gZgazMqUsqSiQ1iYgUs44GYEAs70LPV-xv8oWH9gy4vOFEFpEG8Sgcd_sGtoCfLdCwuk6nE2MiWzxhulewrBbxHZGTPilr-WOZk6tO1DyGp-Me-15eKD5d47CrtT_xpcXhGaoLyyuaci9ZymuJWzpHpNl0TZ0wiu4ouwhm82rYA-W1hR3fUl1chjeW9TfpcfH_h5VM64KG9M3bgzmS0nutL9D6O0_hwfy5hfP5N-0xKtY8fEb0vueqBH2SYqUcNZk36vL4RZS7MxyH8gkwHJsi2uoclWYDQc3MMi0pliIEiXbKCsdAr2vFSeE7Pa0DhuH80UoHpnkQ_VQNSl68suv8yAYHUccmyR1MEg6wJ6kK3KuNfItnZxR6E16nUytd9FIosTxpdVjDHlUaNKIGGEjpALIC_0lXK4gW-o4BGKVziWsBTKeu-ItgFBAMSlh8FcBWyVj38VM-WByqzZrrkahnVQtkXBwBpkrnYfX7RTTRemkH3LQ8otpPY76vOZrL-MgKENOBUzHQTvZ3JWiDCa0KgwtLNQYWEC9bizI59RuQYG0SfHU3W24tp9yHvjTDYBKYQocNUYDRVTEPqKp0Wmv2f-KET7Httkw6LN3zUmntmz8LfLYA8vmxZzNj6TvKPzIKqS6f89LlXGNuRLB8fDCpeJgU_36nH79zl8fO2IR9jcgvBpNegXXlM7tQn5VBlcoWb0nqhf98-C1-HZYngySMO-nAv8oxRrS1q56TN169UrCdrplLPOk6nAXOQCKuHI4IiJJRa88Lb945E506Q-A20zsITGsOsa0Dxydgfek8po5QyNnQA84TRG4R135DZCmBeuFM

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| Dotdotdot object| LoadingMask function| redirect function| isEmail function| validateEmailString string| locale function| byte2human function| setCookie function| getCookie function| tooltip function| $ function| jQuery function| moment function| CountUp function| tmpl object| googletag object| _paq number| interval object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| translations function| translate object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTg2NjhiZmZjNjdkMDljYWxvYWRlcl9qcw== string| NTg2NjhiZmZjNjdkMDljYWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| google_tag_topics_state object| _google_rum_ns_ boolean| c3aa3605-cf94-4544-b5d0-889dbeaac593 boolean| adsbygoogle_ama_fc_has_run object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

15 Cookies

Domain/Path Name / Value
.workupload.com/ Name: captcha
Value: %7B%22puzzle%22%3A%221722515180.155266ab7eec25e16%22%2C%22range%22%3A10000%2C%22find%22%3A%5B%22738264b80a2e9ea0bbf9f075c5358593cf94c9398dce44461edf71c0defb23f6%22%2C%22295555c96adb300a22c94a3749c5e44705b4cde66a544448bb4ba85c24e5aff5%22%2C%227c0835c138dd1f88876be20705528375480d9a9b4b273f9aed65afad115092f2%22%5D%2C%22data%22%3A%22fnKliVtsvqrXGYZjof4BDeunEvefbcry444g1mHHK5Kjd1OXkyidPq5y%5C%2FQuAzwcvNaaD9A4FE0REVajyvWqZiFAPgKw0sPUOxdgCmQhVGmktSWhvJgTwAXKIiyIGyiBjl1gwQIa2iI7LR2k61NXe1j3PnhA4pUKKl0Gf4aiOz43cU8liTlZKZzCjJSO7w%5C%2FrQ%22%7D
.workupload.com/ Name: token
Value: 2p1pple7gni5nnln656fk4jn8m
.workupload.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_3FyQtmV4TgnQ6lmUPtEy7NfC5-zoE1vrl8amz5RXYdElvesXU3VlNVJdUZkqBezRN2MGK92KlSisno0k1VZLWzi7kHBIhIZtiolcGJhsOc-NVC_jZMlyVpcxGcASUtlEo4EdMx5HtcBPLdn1ggUKQMYLmaw%3D%3D%22%5D%5D
.doubleclick.net/ Name: IDE
Value: AHWqTUmJJhQVCE-CEVfcHlur3VBGX3YbX7vV4MGLceNPKXF6l78O5yEtGp3CNurC
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.googleadservices.com/ Name: ar_debug
Value: 1
.workupload.com/ Name: __gads
Value: ID=e68d800eeebc17ef:T=1722515182:RT=1722515182:S=ALNI_Mb5mXcw3FCFGDrLU9CfOheQzQQMPQ
.workupload.com/ Name: __gpi
Value: UID=00000ec5eacabac8:T=1722515182:RT=1722515182:S=ALNI_MYlEATRKx873w4UF08cO6XrgkrUCg
.workupload.com/ Name: __eoi
Value: ID=a4df2af48c8cc401:T=1722515182:RT=1722515182:S=AA-AfjYV4QMBk0_1op9UP0PO1u9M
.casalemedia.com/ Name: CMID
Value: Zqt.8NHM6asAAAy-AKGQdQAA
.casalemedia.com/ Name: CMPS
Value: 3599
.casalemedia.com/ Name: CMPRO
Value: 3599
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

24ea2650dfc1b6eb3f26e7cf7a819493.safeframe.googlesyndication.com
cdn.ampproject.org
csi.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
t.workupload.com
tpc.googlesyndication.com
workupload.com
www.google.com
www.googleadservices.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
142.251.174.103
142.251.174.132
172.217.197.155
172.217.222.154
172.217.222.157
172.217.29.163
173.194.68.154
193.111.198.62
209.85.232.132
49.13.126.162
74.125.192.100
10f583aaca271cf09865399a6abd295252d1c62eda55905ff22983baf0d8b514
1247a0ba615baaa5aa92ec216db884099eb4595d964773cd8ad273627dba5537
1e3cf85263ac38036e6d058b800b54c56246185e0517af21309a0e983390f4f4
2451747b0d4bdd57f0e185612c58a9a3a9eb1f353184922a4fa8cc5345c6b112
26dca3cd2ff32a9934a9fe12f32f973e38263f497e28ef43175d81b78af04be2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37a0f5ca9b2eecd46c00b46a1e4b5acdc6a753eeb095d8e742890acc60d937b2
4c52db49a19a398b8212684f78225280eecd7f6336fbe1f3106f0659bae7abfe
4e9605c496b853f222ff4d91123587eaba7fe512ea389babb31d27a66a1f1bcb
58257067b091190d312bc97141c1f1e38e2096f95dc183e129420418fdd8b5f2
61a6e7fda8a99059f65d45486454cc2f2d728defd75dd396af20113dbaf5e819
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a8ed4d42e2e14d5eeb92b559c0942083d03c633e8aa8d82511b06057b5790c
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
65c4fa6a93a564c4d9760b3d49512314dba8c47d12f1856f8913cfe025ec3572
68aeee4b71dae9e3245febe674ed195f11a7432054ca7aaae3cf18f4a4cb0bf0
6d40635a24497320a8278f088be04645bbc15a7462408d0c485a5d7f97e1f28c
7330191facb7e2ececc564f92a6e4db89028c010eb1d46114c19615354f02bd1
75f52a1c78a5085e5ce0e58397636ef7488846622e43d5298f2f7121987871d6
7abbd1df22aab0aacc9bde74f5222af0e6c2a0f82dd2e4674a26b2f0337647c8
7b6cd8157f019a162991a6036aa4ba66a05b12216811b4628bbf5b203839e193
7f80d302141e8eceedc789d5b093dd3f6d9c1445cd40341acb6a7fc3deb832ee
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8082d65e967cd35198fa79468dd87080f0a45cea8d90820d3d40641297c130da
9ec88df3b4d597706063443f76aac1268b13ac51ef2a6501b0553b02a75f17d5
a1dc183a1e37c034f6528f4768d7912a229f7f25f9e4ed4ad283d0b1d7630551
ad885c9ecffe5091fae72b5ea3842772f1f3101ef5a34257125c432c7b32c1e5
ae261a290d0266af21d27563204ad3131d38abd9e416548e2247573b6df579b8
b33cd57f74018b5451cd4c4212535e0fed31c7afc2ac4f3c6e79d76eed512b29
b37200df10950930890afc0f2c641307b1da7dbac07596e0a6da838f7cc2bc32
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
b3f43a66b359aee1e088d55929f886fe9008e605a0e95b7fd8f3a2e78e74dc19
bdb5fbbf823cdc9431ac0ac26c06d3106dbb27bed5297e1ff8a3da8d72a9bba9
be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f
c5e1629c5fdb7d18753448f9095701331d3ece89f2e44513c517efaefd24610b
d52b9c5bb90b41bfa08526ac2c4dc9de6f8a15289f1c31db7993a9ee79f8d2ee
e398b018fb871e4b68d9882eaccd5609ef1937e12ab1e9ba0947c5951a67478f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fc0b373ae69a35c9296666c64cead36c843b2b0457e34d22708335891dbf2c
ebc4fb8dda8e6782794df3b82d86848c262932c679f52703c032f59f3315ac24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9d0ac1be66870182f8e231067715b68f917931859b7df54a8b36f14580dd292