urlscan.io logo urlscan.io
SecurityTrails logo

www.upwork.com Open in urlscan Pro
104.18.89.237  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.upwork.com/ab/create-profile/v1/baseline
Effective URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Submission: On July 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 53 IPs in 6 countries across 42 domains to perform 138 HTTP transactions. The main IP is 104.18.89.237, located in and belongs to CLOUDFLARENET, US. The main domain is www.upwork.com. The Cisco Umbrella rank of the primary domain is 42448.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on April 4th 2022. Valid for: a year.
This is the only time www.upwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 104.18.89.237 13335 (CLOUDFLAR...)
32 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 96.16.134.158 16625 (AKAMAI-AS)
2 35.186.220.184 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 54.228.71.178 16509 (AMAZON-02)
2 151.101.193.194 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 151.101.2.132 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 151.101.66.137 54113 (FASTLY)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 2a04:4e42:600... 54113 (FASTLY)
2 142.250.184.226 15169 (GOOGLE)
1 35.186.249.72 15169 (GOOGLE)
3 209.197.3.19 20446 (STACKPATH...)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
1 35.244.142.80 15169 (GOOGLE)
1 199.232.136.157 54113 (FASTLY)
1 2600:9000:225... 16509 (AMAZON-02)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 18.66.97.114 16509 (AMAZON-02)
1 2001:678:cb4:... 56396 (AMOBEE)
3 2a03:2880:f12... 32934 (FACEBOOK)
1 52.58.57.50 16509 (AMAZON-02)
1 54.204.196.80 14618 (AMAZON-AES)
1 162.247.241.14 23467 (NEWRELIC-...)
6 3.66.13.220 16509 (AMAZON-02)
1 151.101.129.194 54113 (FASTLY)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 151.101.193.140 54113 (FASTLY)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
2 2001:4860:480... 15169 (GOOGLE)
2 52.22.196.83 14618 (AMAZON-AES)
2 2620:1ec:27::... 8075 (MICROSOFT...)
2 34.252.122.164 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 20.96.88.162 8075 (MICROSOFT...)
2 151.101.2.217 54113 (FASTLY)
1 54.93.143.28 16509 (AMAZON-02)
1 2 3.219.182.94 14618 (AMAZON-AES)
138 53
11    104.18.89.237 (None, )

ASN13335 (CLOUDFLARENET, US)
www.upwork.com
shasta-collector-production.upwork.com
32    2606:4700::6810:fe95 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.static-upwork.com
1    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
4    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    96.16.134.158 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-134-158.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
2    35.186.220.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com
collector-pxss13u803.px-cloud.net
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    54.228.71.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-71-178.eu-west-1.compute.amazonaws.com
mpsnare.iesnare.com
2    151.101.193.194 (United States)

ASN54113 (FASTLY, US)
fyrsbckgi-c.global.ssl.fastly.net
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
content.googleapis.com
3    2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
5    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.2.132 (United States)

ASN54113 (FASTLY, US)
pt.ispot.tv
3    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
3    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
1    35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com
d.impactradius-event.com
3    209.197.3.19 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net
servedby.flashtalking.com
1    2a02:26f0:f7::5c7b:e1c4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.clinch.co
1    35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2600:9000:225e:400:1d:bf0a:0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.tvpixel.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    18.66.97.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-114.fra56.r.cloudfront.net
upwork.trackinglibrary.prodperfect.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
r.turn.com
3    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.58.57.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-57-50.eu-central-1.compute.amazonaws.com
d.agkn.com
1    54.204.196.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-196-80.compute-1.amazonaws.com
q.quora.com
1    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
6    3.66.13.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-13-220.eu-central-1.compute.amazonaws.com
colrep.sitelabweb.com
1    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
wkxppshj-qx.global.ssl.fastly.net
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-adaptive-growth.cloudfunctions.net
2    52.22.196.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-196-83.compute-1.amazonaws.com
p.tvpixel.com
2    2620:1ec:27::cafe:1375 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    34.252.122.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-122-164.eu-west-1.compute.amazonaws.com
session.sitelabweb.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
k.clarity.ms
2    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
cdn.480app.com
1    54.93.143.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-143-28.eu-central-1.compute.amazonaws.com
colres.sitelabweb.com
2    3.219.182.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-182-94.compute-1.amazonaws.com
trk.clinch.co
Apex Domain
Subdomains		 Transfer
32 static-upwork.com
assets.static-upwork.com — Cisco Umbrella Rank: 98190
460 KB
11 google.com
apis.google.com — Cisco Umbrella Rank: 177
accounts.google.com — Cisco Umbrella Rank: 126
www.google.com — Cisco Umbrella Rank: 17
143 KB
11 upwork.com
www.upwork.com — Cisco Umbrella Rank: 42448
shasta-collector-production.upwork.com — Cisco Umbrella Rank: 88915
68 KB
9 sitelabweb.com
colrep.sitelabweb.com — Cisco Umbrella Rank: 7934
session.sitelabweb.com — Cisco Umbrella Rank: 39632
colres.sitelabweb.com — Cisco Umbrella Rank: 9744
3 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
region1.google-analytics.com — Cisco Umbrella Rank: 2603
20 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 600
c.clarity.ms — Cisco Umbrella Rank: 1163
k.clarity.ms — Cisco Umbrella Rank: 6012
27 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 485
www.linkedin.com — Cisco Umbrella Rank: 534
px4.ads.linkedin.com — Cisco Umbrella Rank: 5743
3 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 398
c.bing.com — Cisco Umbrella Rank: 235
13 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 4915
735 B
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 138
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
2 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
476 B
3 tvpixel.com
c.tvpixel.com — Cisco Umbrella Rank: 8630
p.tvpixel.com — Cisco Umbrella Rank: 1850
32 KB
3 clinch.co
cdn.clinch.co — Cisco Umbrella Rank: 5544
trk.clinch.co — Cisco Umbrella Rank: 4299
6 KB
3 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 768
4 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 164
130 KB
3 fastly.net
fyrsbckgi-c.global.ssl.fastly.net — Cisco Umbrella Rank: 39445
wkxppshj-qx.global.ssl.fastly.net — Cisco Umbrella Rank: 25496
160 KB
3 iesnare.com
mpsnare.iesnare.com — Cisco Umbrella Rank: 5355
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 101
222 KB
2 480app.com
cdn.480app.com — Cisco Umbrella Rank: 9945
460 B
2 cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2817
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 134
17 KB
2 googleapis.com
content.googleapis.com — Cisco Umbrella Rank: 3740
8 KB
2 gstatic.com
www.gstatic.com
179 KB
2 px-cloud.net
collector-pxss13u803.px-cloud.net — Cisco Umbrella Rank: 55447
1 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 543
357 B
1 t.co
t.co — Cisco Umbrella Rank: 441
337 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1490
157 B
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 305
725 B
1 quora.com
q.quora.com — Cisco Umbrella Rank: 3172
422 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 603
1 turn.com
r.turn.com — Cisco Umbrella Rank: 3520
398 B
1 prodperfect.com
upwork.trackinglibrary.prodperfect.com — Cisco Umbrella Rank: 175856
20 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 683
15 KB
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 2772
6 KB
1 impactradius-event.com
d.impactradius-event.com — Cisco Umbrella Rank: 2932
13 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1404
8 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 914
3 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 477
14 KB
1 ispot.tv
pt.ispot.tv — Cisco Umbrella Rank: 1951
314 B
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3924
17 KB
1 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1938
969 B
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1044
16 KB
138 42
Domain Requested by
32 assets.static-upwork.com www.upwork.com
assets.static-upwork.com
www.googletagmanager.com
6 colrep.sitelabweb.com www.upwork.com
6 shasta-collector-production.upwork.com www.upwork.com
5 www.google-analytics.com www.googletagmanager.com
www.upwork.com
5 www.upwork.com 1 redirects www.upwork.com
assets.static-upwork.com
4 www.google.de www.upwork.com
4 www.google.com 1 redirects www.upwork.com
4 apis.google.com assets.static-upwork.com
apis.google.com
content.googleapis.com
3 www.facebook.com
3 bat.bing.com www.upwork.com
bat.bing.com
3 servedby.flashtalking.com www.googletagmanager.com
servedby.flashtalking.com
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 stats.g.doubleclick.net www.upwork.com
3 accounts.google.com apis.google.com
www.upwork.com
www.gstatic.com
3 mpsnare.iesnare.com assets.static-upwork.com
mpsnare.iesnare.com
www.upwork.com
3 www.googletagmanager.com www.upwork.com
www.googletagmanager.com
2 trk.clinch.co 1 redirects cdn.clinch.co
2 cdn.480app.com www.upwork.com
2 c.clarity.ms 1 redirects
2 session.sitelabweb.com www.upwork.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 p.tvpixel.com www.upwork.com
2 us-central1-adaptive-growth.cloudfunctions.net www.upwork.com
2 px.ads.linkedin.com 2 redirects
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 content.googleapis.com apis.google.com
2 fyrsbckgi-c.global.ssl.fastly.net www.upwork.com
2 www.gstatic.com www.recaptcha.net
accounts.google.com
2 collector-pxss13u803.px-cloud.net www.upwork.com
1 colres.sitelabweb.com www.upwork.com
1 k.clarity.ms www.upwork.com
1 c.bing.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 analytics.twitter.com
1 t.co
1 alb.reddit.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 wkxppshj-qx.global.ssl.fastly.net www.upwork.com
1 bam.nr-data.net js-agent.newrelic.com
1 q.quora.com
1 d.agkn.com
1 r.turn.com
1 upwork.trackinglibrary.prodperfect.com www.upwork.com
1 c.tvpixel.com www.googletagmanager.com
1 static.ads-twitter.com www.upwork.com
1 cdn.pdst.fm www.upwork.com
1 cdn.clinch.co www.upwork.com
1 d.impactradius-event.com www.upwork.com
1 www.redditstatic.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 js-agent.newrelic.com www.upwork.com
1 region1.google-analytics.com www.googletagmanager.com
1 pt.ispot.tv www.upwork.com
1 appleid.cdn-apple.com assets.static-upwork.com
1 www.recaptcha.net assets.static-upwork.com
1 unpkg.com www.upwork.com
138 57

This site contains no links.

Subject Issuer Validity Valid
*.upwork.com
DigiCert SHA2 High Assurance Server CA		 2022-04-04 -
2023-05-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-11 -
2023-06-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2022-04-19 -
2023-05-19		 a year crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2021-09-01 -
2022-09-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
mpsnare.iesnare.com
DigiCert SHA2 High Assurance Server CA		 2022-04-29 -
2023-05-23		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.ispot.tv
R3		 2022-07-18 -
2022-10-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-28 -
2022-07-27		 3 months crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.impactradius-event.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-10 -
2023-01-06		 a year crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-02-24		 a year crt.sh
*.clinch.co
DigiCert SHA2 Secure Server CA		 2021-07-19 -
2022-07-27		 a year crt.sh
cdn.pdst.fm
GTS CA 1D4		 2022-06-12 -
2022-09-10		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.tvpixel.com
Amazon		 2022-01-14 -
2023-02-12		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
*.trackinglibrary.prodperfect.com
Amazon		 2022-01-15 -
2023-02-13		 a year crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-02 -
2023-04-01		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.quora.com
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.sitelabweb.com
Go Daddy Secure Certificate Authority - G2		 2022-05-08 -
2023-04-13		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
cdn.480app.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-18 -
2022-11-19		 a year crt.sh

This page contains 6 frames:

Primary Page: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Frame ID: BA1252B2C48899764E617F0110FAB0E1
Requests: 122 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
Frame ID: 484F058B726EFB371C6B49B39E227E48
Requests: 4 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 2C4F08446C51453242E88D881FED6132
Requests: 4 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/18442;121244;12954;iframe/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.upwork.com/ab/account-security/login%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&ns=&cb=782241.1634974742
Frame ID: C640634CB95E43656DC772132960CEEC
Requests: 3 HTTP requests in this frame

Frame: https://trk.clinch.co/trk?cid=ufx03Y&dsid=ikf8WI&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&version=3.4&a=1658267218695&try2=true
Frame ID: 3EBFA8448FB06305B6EBD899CC767463
Requests: 1 HTTP requests in this frame

Frame: https://colrep.sitelabweb.com/chpdata/
Frame ID: EB17771E73B90F95133620E96210DBD4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log In - UpworkUpwork

Page URL History Show full URLs

  1. https://www.upwork.com/ab/create-profile/v1/baseline HTTP 302
    https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • vue[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • d\.impactradius-event\.com
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

138
Requests

96 %
HTTPS

46 %
IPv6

42
Domains

57
Subdomains

53
IPs

6
Countries

1629 kB
Transfer

5108 kB
Size

63
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.upwork.com/ab/create-profile/v1/baseline HTTP 302
    https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63814&time=1658267215617&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D63814%26time%3D1658267215617%26url%3Dhttps%253A%252F%252Fwww.upwork.com%252Fab%252Faccount-security%252Flogin%253Fredir%253D%25252Fab%25252Fcreate-profile%25252Fv1%25252Fbaseline%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63814&time=1658267215617&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=63814&time=1658267215617&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&liSync=true&e_ipv6=AQIA23PKvhtAFQAAAYIYbamCvkeVHXD3SCXVINDrmw4NHfpXmh9Bjc8OVBDFc2vrjn0mLS_26CDEErFN4YIO5PzNbKhD
Request Chain 113
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/428342732/?random=1250053560&cv=9&fst=1658267215669&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&tiba=Log%20In%20-%20Upwork&auid=732892872.1658267215&em=tv.1&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TybXYr3JLNbY1wamr4bwBg&sscte=1&crd=&eitems=ChAI8KzZlgYQ0Zir-YSd5axpEh0AAdZ5-NDASAtG_-Yng_wftj8P4Q6jrJcQZnvb7w HTTP 302
  • https://www.google.com/pagead/1p-conversion/428342732/?random=1250053560&cv=9&fst=1658267215669&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&tiba=Log%20In%20-%20Upwork&auid=732892872.1658267215&em=tv.1&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TybXYr3JLNbY1wamr4bwBg&eitems=ChAI8KzZlgYQ0Zir-YSd5axpEh0AAdZ5-M3V-fnrkVpoeshbdBk2_iSI4YQ1d7bKzQ&random=534985139&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/428342732/?random=1250053560&cv=9&fst=1658267215669&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&tiba=Log%20In%20-%20Upwork&auid=732892872.1658267215&em=tv.1&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TybXYr3JLNbY1wamr4bwBg&eitems=ChAI8KzZlgYQ0Zir-YSd5axpEh0AAdZ5-M3V-fnrkVpoeshbdBk2_iSI4YQ1d7bKzQ&random=534985139&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hB4HjGhlksIrnIC0nl7RY-9MbFKiNveURKXZVrB-hdN0fUrzRT5VMbPWgXw9eh7XegaG79si8D6WJ7wFe_JAlgO
Request Chain 115
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=20D5CC994B96414EAB324D28F2BA1044&RedC=c.clarity.ms&MXFR=2651808090F564AE2326916694F56A3D HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=20D5CC994B96414EAB324D28F2BA1044&MUID=026ADA2F54176F983AF8CBC955C56EE4
Request Chain 132
  • https://trk.clinch.co/trk?cid=ufx03Y&dsid=ikf8WI&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&version=3.4&a=1658267218695 HTTP 302
  • https://trk.clinch.co/trk?cid=ufx03Y&dsid=ikf8WI&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&version=3.4&a=1658267218695&try2=true

138 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
www.upwork.com/ab/account-security/
Redirect Chain
  • https://www.upwork.com/ab/create-profile/v1/baseline
  • https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
68 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464426560a0b6eee3a047ea5b3d1dc030141a2373ae57251b9a477beb7773c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
72d6a707ea599b46-FRA
content-encoding
br
content-security-policy-report-only
report-uri /ab/csp/index; report-to csp-endpoint report-uri /ab/csp/index; report-to csp-endpoint
content-type
text/html; charset=UTF-8
date
Tue, 19 Jul 2022 21:46:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
origin-when-cross-origin
report-to
{"endpoints":[{"url":"https://www.upwork.com/ab/csp/index"}],"group":"csp-endpoint","max-age": 10886400} {"endpoints":[{"url":"https://www.upwork.com/ab/csp/index"}],"group":"csp-endpoint","max-age": 10886400}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding Accept-Encoding
vnd-eo-trace-id
72d6a707ea599b46-FRA
x-auth-status
Access
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-upwork-authentication
unauthenticated
x-xss-protection
1; mode=block

Redirect headers

access-control-expose-headers
vnd-eo-trace-id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72d6a7061fde9b46-FRA
content-length
0
content-type
text/html
date
Tue, 19 Jul 2022 21:46:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
referrer-policy
origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vnd-eo-parent-span-id
9dd428ed-3495-46bb-a809-71f00387df47
vnd-eo-prana-client-receive
2022-07-19T21:46:53.956Z
vnd-eo-span-id
c5b7f518-b71e-411f-b365-edf579acdd7b
vnd-eo-trace-id
72d6a7061fde9b46-FRA 72d6a7061fde9b46-FRA
vnd.eo.parent-span-id
9dd428ed-3495-46bb-a809-71f00387df47
vnd.eo.request-id
9b1a6c37-28da-46b9-9fe2-a53b13b9ce11
vnd.eo.span-id
c5b7f518-b71e-411f-b365-edf579acdd7b
vnd.eo.trace-id
72d6a7061fde9b46-FRA
vnd.odesk.error-code
302
vnd.odesk.error-message
HTTP 302 Found
vnd.odesk.request-id
9b1a6c37-28da-46b9-9fe2-a53b13b9ce11
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-upwork-target-status
false
x-xss-protection
1; mode=block
setup-iife.min.css
assets.static-upwork.com/detect-keyboard-user/1.2.0/ 		165 B
878 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/detect-keyboard-user/1.2.0/setup-iife.min.css
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b10cf7d4f51fffa163623e2e9e508b731a96817c79ffcec26bf472b27a9c69e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
768
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
8EVPWFXCT9EMSC59
x-amz-id-2
W52+o03J17Tz7B7WZdizI6a0y1jrpT/85e7AxdePq/55jtv0QSVF38w9pGcuOjzeFLAyGww9C88=
last-modified
Tue, 27 Jul 2021 15:59:32 GMT
server
cloudflare
etag
W/"29609da797ea78f6f267011be3c88cc4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
Eq1lX1uawefSHUuS_n2sUTIjmEPzrcBW
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
72d6a70a9ce7698b-FRA
x-amz-meta-last-modified
1611777553000
expires
Wed, 20 Jul 2022 01:46:54 GMT
ui-styles.css
assets.static-upwork.com/ui-packages/@upwork/ui-styles/2.21.5/ 		278 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/ui-packages/@upwork/ui-styles/2.21.5/ui-styles.css
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb0c538e1f5c6ed407590bd029f7cd6dacaaf5a6edc63a94a8d809e2ffd04fba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7149
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
QPW6GCVMSZNKS916
x-amz-id-2
p1rAbvodCdySGTZ4SV6QVy3YUPWbS45iAcK+rF4zFqzWWmtdfUvSJoLnVM+8LP4TFmsMwOx6jAU=
last-modified
Tue, 27 Jul 2021 11:41:54 GMT
server
cloudflare
etag
W/"80b5c6771d736740437f50890ac3a44a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
_U9mas2Gux6ZX6hpNX.zaGgwf1enK9v2
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
72d6a70a9cea698b-FRA
x-amz-meta-last-modified
1617635854000
expires
Wed, 20 Jul 2022 01:46:54 GMT
fonts.air2-icons.css
assets.static-upwork.com/fonts-global/4.0.1/ 		85 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/fonts-global/4.0.1/fonts.air2-icons.css
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5718c45c887b088e69f39849d1f3fbb0f677dff0d1f17488eceab37f6871cb44
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
8517519
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
3JC2RT41GX2W1JNQ
x-amz-id-2
bLoeW7DaAqFUakLEvWJnq83xZudb8jd0tzj+ibjY+ULFLH6Wbhd70oPpTTOVwQeH8wAI+UNiVGU=
last-modified
Mon, 09 Aug 2021 13:27:41 GMT
server
cloudflare
etag
W/"91eff7d36f0f87d30a9a532dfe679ddf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
hMToMxj2JTYjCQZRzDgQMYXiofp_FydI
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
72d6a70a9cec698b-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
fonts.css
assets.static-upwork.com/fonts-global/4.0.1/ 		528 B
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/fonts-global/4.0.1/fonts.css
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d69214e6ff9577f6c67ec1f6861124479876bacf1a0a0ad21f96ac4e4657a04a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
8593073
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
MQWTADZZ6853HKFP
x-amz-id-2
tj5eVcidbE2zxXxDLo15kQX4Nh3TGzFVDvA1kuiJ66zAt+cHYeIk5CM0RcWXKdT1zBUisc7/s6E=
last-modified
Mon, 09 Aug 2021 13:27:41 GMT
server
cloudflare
etag
W/"8333949a4910aa053755024037305f14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
lecDI3.35pAO3W4quOC4rF4NpooaQGGJ
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
72d6a70a9ced698b-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
login.css
assets.static-upwork.com/assets/AccountSecurity/08e71fb/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/css/login.css
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a812c96edd0aeb3b2920d01d28cc878cba521e5f29e9fb3bbdd1e1459064a581
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
32749
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HJBSKKNV1Z8SNNMB
x-amz-id-2
qaCZDFBdcImONHa+RFLPmLWTJUpUtD56LTkxF42fIBHI/Au86XVlmZb7Ta6ig91Obwdl/bCjF30=
last-modified
Tue, 19 Jul 2022 12:10:37 GMT
server
cloudflare
etag
W/"59fe4e98668fc04ef2976a60e4080275"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
TmDd2sTOV3G.XeA3lUqR4KOURIjXq0Ha
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
72d6a70a9cee698b-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
vendor.css
assets.static-upwork.com/assets/AccountSecurity/08e71fb/css/ 		207 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/css/vendor.css
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
977d03d9939c44eeb644946d230b5a7fe8d8533d5c6b9012023c0839767c68a8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
32749
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HJBWHXRPS96FZV33
x-amz-id-2
M4eF64XCAstVflRbhB9h22o1pYaA36IlTBDJiCviisQzplhL6OxohTHiP0+yuqwa9nbTwOsmoXY=
last-modified
Tue, 19 Jul 2022 12:10:37 GMT
server
cloudflare
etag
W/"5be08934e79abb6d678cfe379a3045dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
EJT_XHDQ0UpnPmUvSdWxSTN7BzaKA6_T
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
72d6a70a9cf0698b-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
shared.css
assets.static-upwork.com/assets/AccountSecurity/08e71fb/css/ 		998 B
942 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/css/shared.css
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f714e52efb1636d5f73a0dfba846ba5ec7c98b92425259f88d62a22df3f15d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
32749
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HJBQ2FDM5Z3DMYBS
x-amz-id-2
TdiPjiYoJ5CD/Z62hDjP60glZp6NFedqsC54ZYXRp6Gnkv8mQUiKCeY8IQCpGAMPlMeWAdoF+Bg=
last-modified
Tue, 19 Jul 2022 12:10:37 GMT
server
cloudflare
etag
W/"13dec72d955f5895e8b79cf365ec101f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
ci9c.lywGS9BB03dnkLtqxZzRYbh.jJt
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
72d6a70a9cef698b-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
setup-iife.min.js
assets.static-upwork.com/detect-keyboard-user/1.2.0/ 		593 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/detect-keyboard-user/1.2.0/setup-iife.min.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae6a88b479a8b53bdf15d0c7eb9dd55444a202cb1e5d7fd475adf8ba9702a7e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
603
content-type
application/x-javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FQMVZYETQTC5PWQ7
x-amz-id-2
tYH0PSC+z0RASAoULx/5RuoqNWC2AWPO79jbFjide+xQGOuI2e3NeZ8S6TSPo6JAZ0hoScBIIdg=
last-modified
Tue, 27 Jul 2021 16:05:39 GMT
server
cloudflare
etag
W/"fd3d41838bf118855b04cb7b39f93796"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
KTCqjhG0gaFuY21VIEy0SnBvZXvcUSIr
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
72d6a70abd0e698b-FRA
x-amz-meta-last-modified
1611777553000
expires
Wed, 20 Jul 2022 01:46:54 GMT
ugc.js
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a855bcdfa8fc01be44dce94f0399a3cbcbe8a10b218a1cd3085588aaad8d67c2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6864
content-type
application/x-javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
EP0GD6W9WVGJKRS0
x-amz-id-2
4Wg5oAHqJoksD/l7+4CVyfHExYLizMrP9f6w+xI6xTvLV2tguIduXl/G+C4JPt9/AO0tnF7KqaI=
last-modified
Tue, 27 Jul 2021 11:40:13 GMT
server
cloudflare
etag
W/"8c4a394c4ec8fc987ea5b03ac01e5f58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
IM7r5jAh6kGB4bK12EGacMnhfhcelApe
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
72d6a70abd0d698b-FRA
x-amz-meta-last-modified
1617376198000
expires
Wed, 20 Jul 2022 01:46:54 GMT
vue.2.6.14.min.js
assets.static-upwork.com/vue-libs/ 		92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/vue-libs/vue.2.6.14.min.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12554077
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
C94BN1JX9M6DENSE
x-amz-id-2
Sx7I8+hR9epZ74AVGeLIuNEsJknJiKvppFMLAqASmKbKmnYd/UXTBTgKpGaA18zLQK2ffV8X9cA=
last-modified
Wed, 15 Dec 2021 09:34:11 GMT
server
cloudflare
etag
W/"b21b8531847604ab5f2f5caaef51ba31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
CbbobUYer64lboa3Iav3iwkZ8_q6DQ4o
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
72d6a70abd08698b-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
vuex.3.1.0.min.js
assets.static-upwork.com/vue-libs/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/vue-libs/vuex.3.1.0.min.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
648be4b03f38aff2e09c64d70bee266c070aa071eed70f44761a566a30ecd5d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
16744394
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
T216K8R57QQNNQS9
x-amz-id-2
Hkni8PXFHJj8SFUt1H4x9m0lgHgLAQawuprp2h12R/WnPYpvuPV9zDEfxLzlLBeOOD//A+quHv4=
last-modified
Wed, 15 Dec 2021 09:34:11 GMT
server
cloudflare
etag
W/"3a841559c12509618f94a0be58e4641e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
UV4kR7mek.oubPV2PkKitwkVovPqJNgX
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
72d6a70abd07698b-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
runtime.0.12.1.min.js
assets.static-upwork.com/vue-libs/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/vue-libs/runtime.0.12.1.min.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7630082d74db78951af0f13dab15ecfe5b20b769efb0da71dd81eafd4853346a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12554077
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
C9470M8R1F8KA6K7
x-amz-id-2
TvnNhMdpGn2N3igVk01QvrGShlf7PCnmsQOVCnnyUYYd7bVrAJVBL0kVwfYRnNVe0/WhoNNOcBM=
last-modified
Wed, 15 Dec 2021 09:34:11 GMT
server
cloudflare
etag
W/"a1e8a5d2482d34546b3e1f614e8b18cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
oroW0mNm4hYvvWz8jcYGXiFncm_RSD9g
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
72d6a70abd06698b-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
vendor.js
assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/ 		447 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/vendor.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b94edfbd8fb67dcb0d7b0d053c829169fea09aaf7fa57b728bc1af8d2ca79de
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
32749
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HJBVKRETNZ2XWHTM
x-amz-id-2
fel5nBE6eSAIV/HinnW13IVetwr+QE/RC7Th1uu50b0hkmXOYBTL6uWqw34s76gEey+X2Hk59A4=
last-modified
Tue, 19 Jul 2022 12:10:48 GMT
server
cloudflare
etag
W/"07d2aabdfe20166c1c13d2a96259c423"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
fdVZ4gQGQ.K8g_vgMYyxT3KBupZqN5W5
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
72d6a70a9cf2698b-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
header-skinny.js
assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/header-skinny.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a32f7557f94b211f72729b2bf509386290aba4bd814479983c1fb8fd5968427
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
32706
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
6E2PGBST662K6HP3
x-amz-id-2
eWfHerr4t4pBZH9anAsYwHq5gn7E4oO1Cbay/2M6SIbnPOIsboKwenrgoe/fmnfPLhWEKmZTaHQ=
last-modified
Tue, 19 Jul 2022 12:10:48 GMT
server
cloudflare
etag
W/"02b859867108e3fb162ff63b4ac045ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
Ob88SJilUeu.WBNSZYz_OfoDhGiFHjWf
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
72d6a70abd0a698b-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
vue-i18n.js
unpkg.com/vue-i18n@8.27.1/dist/ 		66 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/vue-i18n@8.27.1/dist/vue-i18n.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1c7cde516557fe9fc40d1e5afb31771043f4dc166a4143a9f957b8d286cdbb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
9746621
fly-request-id
01FZ9QQZH6DK3H19Y6PHCPG7PS-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"10768-aXqCjUX2tKQD5bmvbUTaoCyKq+Y"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
72d6a70a8ba69250-FRA
login.js
assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/ 		171 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/login.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6610a798c6ccb118745c9beb3c55d108218444af40052d2e13279d3101c1e662
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
32706
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
6E2HSK95W09NXCYD
x-amz-id-2
UCr44PlsaAFCHn2vHG/g0YJu4myB5RrWxR88fcoop3+0t4HI8R1vi7+fNm9DVJd5uD4UwTHA+xY=
last-modified
Tue, 19 Jul 2022 12:10:48 GMT
server
cloudflare
etag
W/"d8b88c9cb3cd384b3b537c36acf7f919"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
ftam1LQc3RgtsZ5ajNuD8VApnvIXNDCV
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
72d6a70abd0b698b-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
gtm.js
www.googletagmanager.com/ 		125 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
86c2ab05dc97c56e9c9d13d9e6c33ef8767f0cc03a7cd60997c1a4257c55b098
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44261
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 Jul 2022 21:46:54 GMT
init.js
www.upwork.com/Ss13U803/ 		110 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upwork.com/Ss13U803/init.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ad8731ee1f5f4ee8cd71cfc800b9a4cbbbce746766030e23c24c1a5f3e780f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
236
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
expires
Wed, 20 Jul 2022 01:46:54 GMT
x-px-hash
ODljMDllM2QyNWZiMjNkYzYzNTIzOTU1OWYyYzE0ZTMxMzliMDg2ZTJjNzQwMTBlMmY3ZGYyYTg2M2JlNWY5Yg==
server
cloudflare
vnd-eo-trace-id
71f605a1abbe940e-PDX
active-cdn
Akamai
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
etag
W/"1b718-M/YypSyk/stuFDUYSlF3sX1EjJo"
cf-ray
72d6a70b2fee9b4c-FRA
access-control-expose-headers
active-cdn,x-served-by
truncated
/ 		1003 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a968e6a78d18dace88b8a14a6bb48eeb0a449994f2b9fd3c38e01026e634120

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		855 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7caf751ab1de54c4cca3e86eab021b3efe4c02cfdda86319d5d084fddfe18c7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
neue-montreal-medium.woff2
assets.static-upwork.com/fonts-global/4.0.1/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/fonts-global/4.0.1/neue-montreal-medium.woff2
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/fonts-global/4.0.1/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8392acacde68221a87fcd55491814d4b23cb35bc0c446b4814bd3617e7f1e276
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.static-upwork.com/fonts-global/4.0.1/fonts.css
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
8493813
x-amz-storage-class
INTELLIGENT_TIERING
content-length
25348
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HTGDX73JHBHHA46G
x-amz-id-2
Unnro/I4EjhMYPgn44lsyQROeL3/ZvUmyLjd1tVD8Psb55xEgRSka7CaN43iagtpNKytWOnmoz0=
last-modified
Mon, 09 Aug 2021 13:27:41 GMT
server
cloudflare
etag
"f0728e66b926fbcc5376a1d55222e3a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31536000
x-amz-version-id
cLu1llrI08CfPUP0mg7hrXdsJNjAMmLf
accept-ranges
bytes
cf-ray
72d6a70b684668fb-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
neue-montreal-regular.woff2
assets.static-upwork.com/fonts-global/4.0.1/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/fonts-global/4.0.1/neue-montreal-regular.woff2
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/fonts-global/4.0.1/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f11a5008f6b38a19dbdc4839557c62ce408d84885dc3e2e4eab7ba8bcdecd96
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.static-upwork.com/fonts-global/4.0.1/fonts.css
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
8493813
x-amz-storage-class
INTELLIGENT_TIERING
content-length
23912
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HTG6ETB6EYX3AEWN
x-amz-id-2
9v2EaFdy9/+Q4ieNMvpNJP7kXpTIqnjClMHBeNcOXtaAgdIWzMNKHoFMECXh2CHmVyCA9SxXWCY=
last-modified
Mon, 09 Aug 2021 13:27:41 GMT
server
cloudflare
etag
"2e9d05ced4fddb6c67f1be57161a2668"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31536000
x-amz-version-id
ZYwn95tDouFwC8Jkq8jlJ9kBc2RKLsNs
accept-ranges
bytes
cf-ray
72d6a70b684968fb-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
SFProText-Medium.woff
assets.static-upwork.com/assets/AccountSecurity/08e71fb/fonts/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/fonts/SFProText-Medium.woff
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/css/login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58dcdc6a8ea111ea6e48841e189dcdb20b3d99200a1f75eb34d43d869941f551
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/css/login.css
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
32699
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FWACD2T50M0PKVFM
x-amz-id-2
e0kORIKp7gxhHjC8v1S4j13oh8xhTVl8D/8LE7C/H3NUE9ThStU8yPeRZHxGLyQH1ArN7PvmEKU=
last-modified
Tue, 19 Jul 2022 12:10:37 GMT
server
cloudflare
etag
W/"83b478be12abf0ca955063c24a48d5cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31536000
x-amz-version-id
hmZhlQ3hSgNxuJ0fs_Ujby6EEjmftSsk
cf-ray
72d6a70b684a68fb-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
ugc.gefqxef1.js
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/ 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/ugc.gefqxef1.js
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbfeb079f2e522ccd4c254db56d9c22a86cb8ad4d8c97d2bad9e8dd1d734de34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upwork.com/
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
4771
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
JMM8F2XGGYSDTM07
x-amz-id-2
Z0Fx+yYqZS0KxEL1mn1Mn6+2DgxKYreyN7uchyNqiIUA5kHE4mSu3CgAB87kLdJnhuPQboLYHoE=
last-modified
Tue, 27 Jul 2021 11:39:59 GMT
server
cloudflare
etag
W/"804150c5e7f54f921028a1754f0ea324"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=14400
x-amz-version-id
EtukFMSWdURdwpdqtbWIcGpXHW7QH4sa
cf-ray
72d6a70b786168fb-FRA
x-amz-meta-last-modified
1617376227000
expires
Wed, 20 Jul 2022 01:46:54 GMT
api.js
www.recaptcha.net/recaptcha/ 		855 B
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?render=explicit
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a183e281795b0d2460178df0a8dda72f35e9e4e92b5306756075b9c6b010e09c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
x-xss-protection
1; mode=block
expires
Tue, 19 Jul 2022 21:46:54 GMT
402.js
assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/ 		695 B
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/402.js
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/login.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ffb2d5fe7dc61111c8788fa1ddc7ef4ecb22291ee578857daa2995dfe6e00de
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
32515
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
5HX02S7891YVH7AK
x-amz-id-2
qFsKnWqBLfWxjgJo7bQZ3FU8YZvunDoK9UYDPoa7qunIEf/gnSqC01ngzdLYPpjJ3PLchP3dPo8=
last-modified
Tue, 19 Jul 2022 12:10:44 GMT
server
cloudflare
etag
W/"76c3a165fabbfb6f47afc8805df55cb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
3N2aRksb3YbKE_8HTL2RVeHWkn13QcAs
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
72d6a70c29368fca-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
10.css
assets.static-upwork.com/assets/AccountSecurity/08e71fb/css/ 		277 B
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/css/10.css
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/login.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30f37eb0dac0c0d6f41ae2ca2386b4f64cc04c9d3e3e4e17779f405d1f043933
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
32515
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
5HX2W50TJ6P67SCP
x-amz-id-2
R0q09zJO1wB2yHAUGWoHg8IcvEpCHKz7mSk8HWlPNAbJmISXK9Rff4OPe5ZxLAWrlePeTGFEZzY=
last-modified
Tue, 19 Jul 2022 12:10:37 GMT
server
cloudflare
etag
W/"b8951fe13e2829b53e008f0d49779f1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
rnhgCvDe3pKoy3NKttAfwyQ6p.pbgJc3
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
72d6a70c29378fca-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
10.js
assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/ 		921 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/10.js
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/login.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e637c4f3a88fcd5d5981cff166c1621617ef4c345f5ef96fd76a4d5571241e57
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
32515
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
5HX2RQDCWEGA322F
x-amz-id-2
RFjSdgoL+VL4cdxfvi3BK48S+CK7MpyDJRhexTP1JgvBZ8pBrjyheeuLRWwzQsvbvEz2xzQ50D8=
last-modified
Tue, 19 Jul 2022 12:10:37 GMT
server
cloudflare
etag
W/"6e8de67b49a3ec7853b48efe75036927"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
ymP3tjG6kefXKJKcTUNZtaNuCHuRA6a1
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
72d6a70c29388fca-FRA
expires
Wed, 19 Jul 2023 21:46:54 GMT
api.js
apis.google.com/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/login.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ea949901347c2d47eee3e4b87b2a01ed7da200797ca5f7833895bc7b2eb898
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Tue, 19 Jul 2022 21:46:54 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"62022d8722bdbfd3"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 21:46:54 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/login.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Wed, 13 Jul 2022 17:44:09 GMT
Server
Apple
ETag
W/"42671-1657734249364"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Date
Tue, 19 Jul 2022 21:46:55 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17247
loader_only.js
assets.static-upwork.com/iovation/5.2.2/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/iovation/5.2.2/loader_only.js
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/08e71fb/js/vendor.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
701
content-type
application/x-javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CKK9SK8HYBM58YRG
x-amz-id-2
Hsyo02cLV6efa8tSWXgXzWH/F5mKMVB0TG8rWgamP3GWvvSKxpTJU4S37B50KGw59Mz6a7yfRcc=
last-modified
Tue, 27 Jul 2021 10:37:17 GMT
server
cloudflare
etag
W/"8422458b55fbda403437065dd5557abf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
HskTff9TjeJIN57gDYa1bi2_LbMU_02X
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
72d6a70c29398fca-FRA
x-amz-meta-last-modified
1593693054000
expires
Wed, 20 Jul 2022 01:46:54 GMT
collector
collector-pxss13u803.px-cloud.net/api/v2/ 		384 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxss13u803.px-cloud.net/api/v2/collector
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
7aaab62dc507494c31db2efe6baae2bb31da84e07d2d1672f68d6ef7991dabff

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upwork.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
384
q5vbxlpb.entry.js
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/ 		80 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/q5vbxlpb.entry.js
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/ugc.gefqxef1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d196a8d7c6c4b1c67011a8bc0dcf24bfccf299b34c039983ca10c04f91a7465
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upwork.com/
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
4475
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQGQKSX8Z42NK628
x-amz-id-2
6rQWhmTVLpmMyb2fqASwMcuakqjXP0Q9Rm2iluOZ5c6jdprYaPbhLj9z8bKGFQ70LOjCuwBsk6s=
last-modified
Tue, 27 Jul 2021 11:39:34 GMT
server
cloudflare
etag
W/"439541c4ba5b5c23c249c9faaf06bda7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=14400
x-amz-version-id
m1iNIMZ7D02xXMHm17GuNbkR7hwspar7
cf-ray
72d6a70c69e968fb-FRA
x-amz-meta-last-modified
1617376225000
expires
Wed, 20 Jul 2022 01:46:54 GMT
uyxe51gv.entry.js
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/ 		364 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/uyxe51gv.entry.js
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/ugc.gefqxef1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca0459ee200a8d22d2629fd2a7b91ab11f948e90f50061b5acbfd5416763c572
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upwork.com/
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-request-id
B90010XMHJ67B2MD
cf-ray
72d6a70c69eb68fb-FRA
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Lpo2tJws9uWc9c/QdNwbGuZAPyiXPkEi01e22NM52ETHjApZT4tttD2kMP0vuIxXBBnWruxy0H8=
last-modified
Tue, 27 Jul 2021 11:40:03 GMT
server
cloudflare
etag
W/"b98c5ee75815ea7c23295669eb6993bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
uGJF4g4qFQKF_b69Pczb7D6AcfIXesZf
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=14400
content-type
application/x-javascript
x-amz-meta-last-modified
1617376227000
expires
Wed, 20 Jul 2022 01:46:55 GMT
vs0iedso.entry.js
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/vs0iedso.entry.js
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/ugc.gefqxef1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25e678f80e1b9c84e8898113f85ad591fab958bca711e2baf3d09137705550fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upwork.com/
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5115
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
YDMZ17DXM24SFPGW
x-amz-id-2
lLR1cGahXvKqRXAtS8eZYtm83npmUPDK03DtCWxBJPtUfdqWf7Jm0nDYh4h8eqRALws57zU5PzU=
last-modified
Tue, 27 Jul 2021 11:40:07 GMT
server
cloudflare
etag
W/"bd2d2210348e314ff24ff275cbe9e7ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=14400
x-amz-version-id
cniz2ON8lSvGwK7yulN2Ax.ICwUD9XVp
cf-ray
72d6a70c69ec68fb-FRA
x-amz-meta-last-modified
1617376228000
expires
Wed, 20 Jul 2022 01:46:54 GMT
gtm.js
www.googletagmanager.com/ 		534 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2d40c76d8520d292d7d936cfdccf44c4539f019ed0528fc021de025d710fb2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112109
x-xss-protection
0
expires
Tue, 19 Jul 2022 21:46:54 GMT
6wbLCwJ51XyBMi45LjA.js
assets.static-upwork.com/suit/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/suit/6wbLCwJ51XyBMi45LjA.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
574
content-type
application/x-javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
YEYS91QR0BGYSWXV
x-amz-id-2
Tls6BQ0nI5LL5sVfep/EtFIgJgXVoslINZbhVYuVq/Lh6hJhU7C3Ktk2xhvoplODqqxMDoqwdQo=
last-modified
Tue, 27 Jul 2021 11:06:01 GMT
server
cloudflare
etag
W/"2f70fa2239343e20deb5c199873fbed1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
4NbgX_Q9RQD0mZEuD5sk_77UvI8Wwqum
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
72d6a70c797a8fca-FRA
x-amz-meta-last-modified
1553188230000
expires
Wed, 20 Jul 2022 01:46:54 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upwork.com/
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 20:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 20:59:38 GMT
static_wdp.js
www.upwork.com/iojs/general5/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/iovation/5.2.2/loader_only.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
referrer-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
72d6a70c89d29b4c-FRA
vary
Accept-Encoding
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:01 GMT
wdp.js
mpsnare.iesnare.com/general5/ 		41 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/iovation/5.2.2/loader_only.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-71-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
80fcffbcb08817026b07d9dfb68bde42ce7949b3d4fbc0c2bc2bb5293eb6505f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Jul 2022 21:46:54 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
p3p
CP="NON DSP COR CURa"
Accept-CH
ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Expires
0
chunk-6133ee7c.js
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/ 		297 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/chunk-6133ee7c.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5351498935ff16c8551109da3eb037d0f3e44aa8e3611b5f7430388f942a5265
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/vs0iedso.entry.js
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-request-id
WHNT2JBS1X4W15M9
cf-ray
72d6a70c9a3068fb-FRA
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
aFLSKKSbXw7fzvWqs4CHOSz2LDuBX4sa3XkmlAfiGd7s3DRxR+v0Am2kAslnQCPQ7uGW1wqG7VI=
last-modified
Tue, 27 Jul 2021 11:36:46 GMT
server
cloudflare
etag
W/"bca27c11d131bfc8e44f9e4bdbd42599"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
4F5aO8L0LhKphFMHHilABtXkbuAwTzqd
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=14400
content-type
application/x-javascript
x-amz-meta-last-modified
1617376207000
expires
Wed, 20 Jul 2022 01:46:55 GMT
chunk-d22bbcbe.js
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/chunk-d22bbcbe.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5d510467fef93e3cd58b3eb0d1e1270ddd456db641bbbd6cb143b551664ce68
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/vs0iedso.entry.js
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6812
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
9T1YKJ2BAFSP702J
x-amz-id-2
Z/9Kst1bXZVko5GCIyH2FGcs6nq+ZWUTsJeahU0eQ4HLtvQneGKmIb+TG7e9Y/bldjloPXXPFI8=
last-modified
Tue, 27 Jul 2021 11:37:43 GMT
server
cloudflare
etag
W/"e4c1609ae4f66ad5a36fced728060146"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=14400
x-amz-version-id
Lzd75yBH2wdd9MjZjfQL7NXmCNHcwq4Y
cf-ray
72d6a70c9a3168fb-FRA
x-amz-meta-last-modified
1617376213000
expires
Wed, 20 Jul 2022 01:46:54 GMT
chunk-bdcb8f8f.js
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/ 		178 B
953 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/chunk-bdcb8f8f.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
806f46e8cc6612f03edc24b4f9654884f118b01d81dbb17ccfc51e0723f01e1e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/q5vbxlpb.entry.js
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1269
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
MKNT4WK22CCAZF3G
x-amz-id-2
Dy/1p0kFA1gSImVcyTcwgPWe7YJFtq8qocM22piqndec7LR/VK4sNO0GMty0ZGivJAoKKdLmB18=
last-modified
Tue, 27 Jul 2021 11:36:07 GMT
server
cloudflare
etag
W/"7cd65c23e591bbc5017dab5bea368dd7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=14400
x-amz-version-id
cjzhu0r7msRZuZ9glp29zg2sLohk4Zcj
cf-ray
72d6a70c9a3668fb-FRA
x-amz-meta-last-modified
1617376212000
expires
Wed, 20 Jul 2022 01:46:54 GMT
chunk-1a25d1f0.js
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/chunk-1a25d1f0.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
835a3b7a53579d8a68fb4452be90247d5167e66248af9a4df5abc51af439cfbe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.4/ugc/q5vbxlpb.entry.js
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5441
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
KE0XZV364FWR4KQ9
x-amz-id-2
qxeWNSnvs7CuSZceom6/mmJ665Khj/xJrIYbsLtI2DNxFUHMQk8LE3Xtp2rNEL/dIBBYzaqtLNA=
last-modified
Tue, 27 Jul 2021 11:34:59 GMT
server
cloudflare
etag
W/"e8a3f6c8e4d76c03768a5215fafe373a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=14400
x-amz-version-id
bxRDP4ARubnEybNMmfkmNf6hgJPESZCn
cf-ray
72d6a70c9a3768fb-FRA
x-amz-meta-last-modified
1617376203000
expires
Wed, 20 Jul 2022 01:46:54 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ 		313 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
614d0b427693ae675f0a6927ee14d1bd4c88558375ebc7a5db26aa3876699389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 23:38:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
598114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108243
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 15:25:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jul 2023 23:38:20 GMT
tp2
shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.upwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.upwork.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72d6a70d2d039c0c-FRA
content-length
0
date
Tue, 19 Jul 2022 21:46:55 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
tp2
shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/ 		2 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

cf-ray
72d6a70e8c7d9b4c-FRA
date
Tue, 19 Jul 2022 21:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.upwork.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
UP4R77Y9Z.js
fyrsbckgi-c.global.ssl.fastly.net/ 		135 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fyrsbckgi-c.global.ssl.fastly.net/UP4R77Y9Z.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0d8b29d0d9b574f35e6c51c9e24c448a65d52eb6503c3fd43f46bc3f0491a87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
ETag
"1bcea252726822cb8fb9aaaca1636f85"
Age
446
X-Cache
HIT
Connection
keep-alive
Content-Length
59461
X-Served-By
cache-hhn4078-HHN
Access-Control-Allow-Origin
*
Last-Modified
Mon, 11 Jul 2022 13:21:00 GMT
X-Timer
S1658267215.982343,VS0,VE0
Date
Tue, 19 Jul 2022 21:46:54 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish
cache-control
max-age=3600
Accept-Ranges
bytes
X-Cache-Hits
3
gtm-snippet.min.js
assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/gtm-snippet.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:fe95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2560
content-type
application/x-javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FNVK4AMXTK7DQTD1
x-amz-id-2
DyD1ZO0qTVdOMRkn9O91kMwxZFZSiNvry3p8+DP3P3lyAnZknUKFzirmVD0x5s4aEVKTxHojK2g=
last-modified
Wed, 28 Jul 2021 04:55:45 GMT
server
cloudflare
etag
W/"f65b2f243a458c9aae9b29262e8b2877"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-version-id
ZweJj09ERuB7hGd43xe8zP0W7iYDRk9P
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
72d6a70d5a0b8fca-FRA
x-amz-meta-last-modified
1532366449000
expires
Wed, 20 Jul 2022 01:46:54 GMT
proxy.html
content.googleapis.com/static/ Frame 484F 		382 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47be0cad14cf7021630adfb11471f6b1ec8a72b9c6f52b722a11ad037ccbe615
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-cwvrqg6r-T_vAUovikeQBA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
270
content-security-policy
script-src 'nonce-cwvrqg6r-T_vAUovikeQBA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
content-type
text/html
cross-origin-embedder-policy
require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only
same-origin; report-to="apiserving"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 21:46:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Fri, 17 Jul 2020 22:45:00 GMT
pragma
no-cache
report-to
{"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iframe
accounts.google.com/o/oauth2/ Frame 2C4F 		280 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
49c8bf0ee457c55d2924b8c2ffa4dafaae02fc85a49c8dc25b6b0d0f1d590b64
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-N9ow-P90yEr3OltChmlO7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-N9ow-P90yEr3OltChmlO7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 21:46:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		189 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KSM221PNDX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca8a4c3f10d2f967783f3c7f6f4cf7e8039a93014d62c450ae8455f56b1b8eb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:55 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70137
x-xss-protection
0
expires
Tue, 19 Jul 2022 21:46:55 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2695
date
Tue, 19 Jul 2022 21:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 19 Jul 2022 23:02:00 GMT
TC-4171-1.gif
pt.ispot.tv/v2/ 		43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pt.ispot.tv/v2/TC-4171-1.gif?app=web&type=visit&gtmcb=910480361
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:55 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
0
8e996e75-b05c-48a4-850b-455b7adf6899
https://www.upwork.com/ 		163 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.upwork.com/8e996e75-b05c-48a4-850b-455b7adf6899
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06a1e588118bd582160e9616f004650fb7e290847427dc0b48961996d92d1bcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length
163
logo.js
mpsnare.iesnare.com/5.5.0/ 		505 B
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mpsnare.iesnare.com/5.5.0/logo.js
Requested by
Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-71-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a62852591804336bb6c7f983652aec669dba4cedbd47d1c8e7efd8da0aa2234d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 21:46:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 May 2014 00:01:40 GMT
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
p3p
CP="NON DSP COR CURa"
Accept-CH
ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control
private
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Expires
Wed, 19 Jul 2023 21:46:55 GMT
time.mp3
mpsnare.iesnare.com/ 		504 B
881 B 		Media
General
Check archive.org
Download Go to
Full URL
https://mpsnare.iesnare.com/time.mp3?nocache=0.2561230036788036
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-71-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f4ab147daac0b8df43fabb8361f0e3b10efea54c6ab65db997211dd5c2af80f0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.upwork.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range
bytes=0-

Response headers

Pragma
public
Date
Tue, 19 Jul 2022 21:46:55 GMT
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
audio/mpeg
Content-Range
bytes 0-503/504
Content-Disposition
inline; filename=time.mp3
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
504
Expires
Thu, 01 Jan 1970 00:00:00 GMT
googleapis.proxy.js
apis.google.com/js/ Frame 484F 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/googleapis.proxy.js?onload=startup
Requested by
Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a784012b2473da50eb02e3a5d1faa7f331cf8b86d81abdcd072778f2a7d10d0f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5568
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Tue, 19 Jul 2022 21:46:55 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"371831777998fc0a"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 21:46:55 GMT
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 2C4F 		2 KB
848 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
49160bc524e4714177fd6226dd3e0c3f07450757093fa6b94befa266b0653872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.SvqUhkEkCjE.es5.O/d=1/rs=AOaEmlFEoUkN5msN0I2JCJyRs_IGX7QUaw/ Frame 2C4F 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.SvqUhkEkCjE.es5.O/d=1/rs=AOaEmlFEoUkN5msN0I2JCJyRs_IGX7QUaw/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974502fdcc892fde4e9c08679fa61b36386b81b1ae7d80dc8d35eafaf854e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 21:15:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88295
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34470
x-xss-protection
0
last-modified
Fri, 08 Jul 2022 23:41:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Jul 2023 21:15:20 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ Frame 484F 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f02797b26c02d8bfb2581db8bc7b6a071d4c06e9c7ef43645fb4350de1fb3157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 23:46:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23334
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 15:25:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jul 2023 23:46:50 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-62227314-1&cid=310230270.1658267215&jid=750285020&gjid=1170764106&_gid=42496385.1658267215&_u=YGBAgEABAAAAAE~&z=1828953096
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 19 Jul 2022 21:46:55 GMT
content-type
text/plain
access-control-allow-origin
https://www.upwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-62227314-13&cid=310230270.1658267215&jid=742471183&gjid=1893766964&_gid=42496385.1658267215&_u=YGDAgEABAAAAAE~&z=816638936
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 19 Jul 2022 21:46:55 GMT
content-type
text/plain
access-control-allow-origin
https://www.upwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1275531193&t=pageview&_s=1&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&dp=%2Fab%2Faccount-security%2Flogin&ul=en-us&de=UTF-8&dt=Log%20In%20-%20Upwork&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=750285020&gjid=1170764106&cid=310230270.1658267215&tid=UA-62227314-1&_gid=42496385.1658267215&gtm=2wg7i0WNVF2RB&cd2=normal&cd18=AccountSecurity&cd19=08e71fbf8d595c40fab08c91dbe80a449f23e062&cd20=prod&cd21=0&cd22=0&cd23=0&cd24=unknown&cd25=unknown&cd26=unknown&cd27=false&cd33=unknown&cd35=onsite&cd37=undefined-flow-cl&cd39=217.114.215.133.1658267213951000&cd40=217.114.215.133.1658267213951000&cd41=GTM-WNVF2RB&cd69=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&cd106=Upwork%20UA&cd115=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&cd122=%2Fab%2Faccount-security%2Flogin&z=1944804284
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 04:34:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61953
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1275531193&t=pageview&_s=1&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&dp=%2Fab%2Faccount-security%2Flogin&ul=en-us&de=UTF-8&dt=Log%20In%20-%20Upwork&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAE~&jid=742471183&gjid=1893766964&cid=310230270.1658267215&tid=UA-62227314-13&_gid=42496385.1658267215&gtm=2wg7i0WNVF2RB&cd3=%5BUA%5D%20-%20Global%20Tracking%20(AS%20Testing)&cd8=%2Fab%2Faccount-security%2Flogin&z=2074215382
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 04:34:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61953
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KSM221PNDX&gtm=2oe7i0&_p=1275531193&_z=ccd.v9B&cid=310230270.1658267215&ul=en-us&sr=1600x1200&_s=1&sid=1658267215&sct=1&seg=0&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&dt=Log%20In%20-%20Upwork&en=page_view&_fv=1&_ss=1&ep.dl_app_name=AccountSecurity&ep.dl_app_version=08e71fbf8d595c40fab08c91dbe80a449f23e062&ep.dl_deployment_status=prod&ep.dl_logged_in=false&ep.dl_recognized=false&ep.dl_internal=false&ep.dl_primary_user_type=unknown&ep.dl_freelancer_type=unknown&ep.dl_client_type=unknown&ep.client_posted=false&ep.dl_quality_test_array=unknown&ep.dl_registration_method=onsite&ep.dl_signup_flow=undefined-flow-cl&ep.dl_visitor_id_hit_scoped=217.114.215.133.1658267213951000&ep.gtm_container_id=GTM-WNVF2RB&ep.gtm_page_url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&ep.cookieDomain=auto&ep.gtm_tag_name=%5BGA4%5D%20-%20Global%20Pageview&up.retina_hidpi=normal&up.dl_visitor_id_user_scoped=217.114.215.133.1658267213951000
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KSM221PNDX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.upwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rest
content.googleapis.com/discovery/v1/apis/people/v1/ Frame 484F 		44 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/discovery/v1/apis/people/v1/rest?pp=0&fields=kind%2Cname%2Cversion%2CrootUrl%2CservicePath%2Cresources%2Cparameters%2Cmethods%2CbatchPath%2Cid
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed4426d101e491e5bf6c49ebc6be8d9e2fad5f519a9ea871dd69e83c6747d669
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://www.upwork.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Referer
https://www.upwork.com

Response headers

date
Tue, 19 Jul 2022 21:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
cache-control
private
vary
Origin, X-Origin, Referer
content-length
6611
x-xss-protection
0
iframerpc
accounts.google.com/o/oauth2/ Frame 2C4F 		49 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.upwork.com&client_id=936450902531-r6k5fu4tni53b4f0o2r8e2ck49egnok0.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.SvqUhkEkCjE.es5.O/d=1/rs=AOaEmlFEoUkN5msN0I2JCJyRs_IGX7QUaw/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mmexmFzFB0wGL5KQRop-NA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-mmexmFzFB0wGL5KQRop-NA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
expires
Tue, 19 Jul 2022 21:46:55 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-62227314-13&cid=310230270.1658267215&jid=742471183&_u=YGDAgEABAAAAAE~&z=1149571593
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-62227314-13&cid=310230270.1658267215&jid=742471183&_u=YGDAgEABAAAAAE~&z=1149571593
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-62227314-1&cid=310230270.1658267215&jid=750285020&_u=YGBAgEABAAAAAE~&z=1187263196
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-62227314-1&cid=310230270.1658267215&jid=750285020&_u=YGBAgEABAAAAAE~&z=1187263196
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp2
shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/ 		2 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

cf-ray
72d6a7115fd19b4c-FRA
date
Tue, 19 Jul 2022 21:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.upwork.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
tp2
shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.upwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.upwork.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72d6a7101a3d699f-FRA
content-length
0
date
Tue, 19 Jul 2022 21:46:55 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
W2S5A87EG1C89ADE
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
c9P6myFxLLD3IyZ4P2Q59GznMAh/LL0NtRLP/qzmj57pyyLc8LBRAjUQIZZNiJ5WMagYxPOHvUs=
x-served-by
cache-hhn4082-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1658267216.523329,VS0,VE0
date
Tue, 19 Jul 2022 21:46:55 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2311
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 21:46:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=78738
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26001
x-xss-protection
0
pragma
public
x-fb-debug
ycZrGvO2ro4dByNbTRNRJ3I8yfVt84hL91B8utVbho4Fq3+V3dV2dDMz9f73U4dpElKvYRlxCE1tOGVwJDsjgA==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 19 Jul 2022 21:46:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel.js
www.redditstatic.com/ads/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:55 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Mon, 18 Apr 2022 22:30:59 GMT
server
snooserv
etag
"5dcf2f59e7a6e0d30193fedad78db790"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
accept-ranges
bytes
content-encoding
gzip
content-length
7461
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15160
x-xss-protection
0
server
cafe
etag
9823212955285023900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 21:46:55 GMT
A2798569-68a2-43d5-98ff-96c66d56992b1.js
d.impactradius-event.com/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.impactradius-event.com/A2798569-68a2-43d5-98ff-96c66d56992b1.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c789ce935e968b4c00f9c09b25abe402df275df18053d515128dcff82d0be897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:45:12 GMT
content-encoding
gzip
age
103
x-guploader-uploadid
ADPycdtIPO6WesUj56BrXChQ3Uri1TursgPQlOWTyNsPF2qlUIsmRgKfwz1mJbTRoS5xJXouqoeNbMerQ0lyTTr2I03jKGWdVrmB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12936
last-modified
Thu, 02 Jun 2022 22:28:36 GMT
server
UploadServer
etag
"c9a9fd6362c9670bcfd2e51b68558bcb"
vary
Accept-Encoding
x-goog-hash
crc32c=QUhC7g==, md5=yan9Y2LJZwvP0uUbaFWLyw==
x-goog-generation
1654208916373885
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
12936
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Tue, 19 Jul 2022 21:50:12 GMT
/
servedby.flashtalking.com/container/18442;121244;12954;iframe/ Frame C640 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/container/18442;121244;12954;iframe/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.upwork.com/ab/account-security/login%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&ns=&cb=782241.1634974742
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app3.frk11 /
Resource Hash
0c24db260c0473de70f2a929cd0ca038978f4abd5039d5ad64fd5dd67c8e328a

Request headers

Referer
https://www.upwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Connection
close
Content-Type
text/html
Date
Tue, 19 Jul 2022 21:46:55 GMT
Pragma
no-cache
Server
prod-xre-app3.frk11
X-HW
1658267215.dop097.fr8.t,1658267215.cds107.fr8.shn,1658267215.dop097.fr8.t,1658267215.cds205.fr8.sc,1658267215.cds205.fr8.p
script.min.js
cdn.clinch.co/a_js/client_pixels/clq/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clinch.co/a_js/client_pixels/clq/script.min.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f7::5c7b:e1c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4006b2b20c4ba8ac04ddd00bb13dc8fe178503b89b31481e4b43243795bcb7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 21:46:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
NYD6TYV18E30AG1Y
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
4567
x-amz-id-2
3askyC/wuzwnOxL+5FmsHNzbMNytdmkC7Hz23EbtNAxSH0xJPfbf29AtOy14gZzqAWc5jsq1T7U=
Last-Modified
Tue, 11 Jan 2022 12:52:46 GMT
Server
AmazonS3
ETag
"666e09028e21421106f9ecd0ceb1ddac"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=15174976
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 11 Jan 2023 13:03:11 GMT
ping.min.js
cdn.pdst.fm/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 20:55:42 GMT
content-encoding
gzip
age
3073
x-guploader-uploadid
ADPycdutS6AHXkSCFOam8lYeYS5R2i7oWOWye9CcG9Np0Cfx9p0VgyUnXkrx_n4sAHvL3JZT3hQTqUUA4FlWTrw83hEK4A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5774
last-modified
Fri, 28 May 2021 20:34:03 GMT
server
UploadServer
etag
"d001d1c9f5a942fa5524eeacb047e819"
vary
Accept-Encoding
x-goog-hash
crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation
1622234043862937
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5774
accept-ranges
bytes
content-type
application/javascript;
expires
Tue, 19 Jul 2022 21:55:42 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:55 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 17:28:46 GMT
etag
"ca88912498e17137955859948f14e272+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15196
x-served-by
cache-iad-kiad7000093-IAD, cache-hhn11543-HHN
dpm_pixel_min.js
c.tvpixel.com/js/current/ 		103 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=upwork-22294895-87a4-487e-a3e2-e0600ba62e35
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:400:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 18:14:59 GMT
server
AmazonS3
age
78079
etag
W/"08e770c8a17bf087d50cec01af0892c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
date
Tue, 19 Jul 2022 00:05:38 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
vFvYcY95ZxgH_Dn8jymkykoksyVZMjtQ9X4za1EWofMUQLM51TXPjg==
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 18:22:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A07B23FA5DD14F3F8B7E09767DF32659 Ref B: FRAEDGE1312 Ref C: 2022-07-19T21:46:55Z
etag
"0c8eafcad81d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Tue, 19 Jul 2022 21:46:54 GMT
accept-ranges
bytes
content-length
11360
keen-tracking.min.js
upwork.trackinglibrary.prodperfect.com/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upwork.trackinglibrary.prodperfect.com/keen-tracking.min.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-114.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82ea856a006f5ca10107c8b8793a900c75d21602f3fa7044fc889d2d44fbed8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 14:03:55 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 19:58:06 GMT
server
AmazonS3
age
27785
etag
W/"b0a422732c8ad4bdfd21c9c8db48a1ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
4w2i425O4E0UqpqRBHIPbMnhPFkJSeLkQCIzTtXl2Khrk959tIVUpA==
beacon
r.turn.com/r/ 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/beacon?b2=TJhd3q3XuRUwQqBwz96_-zVNHqnYOaIYhAQobq5rJCuSbPlR19X41jj3I3RocldVy4lvM2FB1CR5zTfcPGPjBg&cid=&gtmcb=537888122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tr
www.facebook.com/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=463930381624031&ev=PageView&cd[order_id]=217.114.215.133.1658267213951000&gtmcb=135487573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 19 Jul 2022 21:46:55 GMT
/
d.agkn.com/iframe/10922/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/iframe/10922/?gauid=217.114.215.133.1658267213951000&che=1367381747
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.57.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-57-50.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
pixel
q.quora.com/_/ad/82de7146d5c84e3489aeb7b3c62256a3/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/82de7146d5c84e3489aeb7b3c62256a3/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.196.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-196-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 21:46:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Q-Stat
,d002b5d128f26409583683e552d929ba,10.0.0.26,63284,217.114.215.133,,46571848392,1,1658267216.038,0.001,,.,0,0,0.000,0.000,-,0,0,197,178,89,10,34729,,,,,,-,
Content-Type
image/gif
8e23a381b9
bam.nr-data.net/1/ 		49 B
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8e23a381b9?a=524523012&v=1216.487a282&to=NVxRMRBYVhBXUhBQDAwWcgYWUFcNGV4AXBAJZlIGAVZNDUJuF1wAF0taERsXVAxRWAo%3D&rst=1855&ck=1&ref=https://www.upwork.com/ab/account-security/login&ap=30&be=743&fe=1759&dc=1028&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1658267213705,%22n%22:0,%22r%22:0,%22re%22:352,%22f%22:352,%22dn%22:352,%22dne%22:352,%22c%22:352,%22ce%22:352,%22rq%22:356,%22rp%22:722,%22rpe%22:723,%22dl%22:724,%22di%22:1028,%22ds%22:1028,%22de%22:1028,%22dc%22:1758,%22l%22:1759,%22le%22:1764%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=914&fcp=914&at=GRtSR1hCRR4%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 21:46:55 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
72d6a7125c678fe8-FRA
nmg_tag.json
colrep.sitelabweb.com/ 		90 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://colrep.sitelabweb.com/nmg_tag.json
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.13.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-13-220.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
63fd35fd6f70164800f8bbd3b985bf2d870194d4914444de92dca7b67f7707b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 21:46:55 GMT
Server
nginx
etag
1694-1658267215.762-e735c5978d07d73d0124a83ddc58ea69-531
Access-Control-Allow-Methods
POST,GET,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
cache-control
max-age=31536000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type
Content-Length
90
collector
collector-pxss13u803.px-cloud.net/api/v2/ 		423 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxss13u803.px-cloud.net/api/v2/collector
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
6e7b3ba3e77311691979194e3435757485fa329e57ddad9fda22a71c87c9f5a1

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 19 Jul 2022 21:46:55 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upwork.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
423
LUP4R77Y9Z.json
wkxppshj-qx.global.ssl.fastly.net/ 		36 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wkxppshj-qx.global.ssl.fastly.net/LUP4R77Y9Z.json
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed27b8436ef14c327b045d009181cd79c90e5cd5adc00322b4ddfd4c5bdb72a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
ETag
"25d0d2c5a3be13c3e21673329155b6e9"
Age
629
X-Cache
HIT
Connection
keep-alive
Content-Length
25846
X-Served-By
cache-hhn4061-HHN
Access-Control-Allow-Origin
*
Last-Modified
Mon, 11 Jul 2022 13:21:00 GMT
X-Timer
S1658267216.757046,VS0,VE0
Date
Tue, 19 Jul 2022 21:46:55 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish
cache-control
max-age=3600
Accept-Ranges
bytes
X-Cache-Hits
4
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63814&time=1658267215617&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D63814%26time%3D1658267215617%26url%3Dhttps%253A%252F%252Fwww.upwork.com%252Fab%25...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63814&time=1658267215617&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=63814&time=1658267215617&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaselin...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=63814&time=1658267215617&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&liSync=true&e_ipv6=AQIA23PKvhtAFQAAAYIYbamCvkeVHXD3SCXVINDrmw4NHfpXmh9Bjc8OVBDFc2vrjn0mLS_26CDEErFN4YIO5PzNbKhD
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:56 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: BD012DF2D7B049E28C70AF0268F1C94C Ref B: FRAEDGE1213 Ref C: 2022-07-19T21:46:56Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXkL2xiCCZ31JOILDzNXg==
x-li-fabric
prod-lor1

Redirect headers

date
Tue, 19 Jul 2022 21:46:55 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: A768C53D6D1248109AD24F075A78ED53 Ref B: FRAEDGE1510 Ref C: 2022-07-19T21:46:56Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=63814&time=1658267215617&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&liSync=true&e_ipv6=AQIA23PKvhtAFQAAAYIYbamCvkeVHXD3SCXVINDrmw4NHfpXmh9Bjc8OVBDFc2vrjn0mLS_26CDEErFN4YIO5PzNbKhD
x-li-proto
http/2
content-length
0
x-li-uuid
AAXkL2xd+XkIAfEUGyT68Q==
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.65
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-xss-protection
0
pragma
public
x-fb-debug
Z+70Gir6sIv69axYRMbXqOvLxPHIQP7Zz4e3lukYT9bOgRpZ+U0t3a0I3rjmEkJmFoqpKQo2Czo9g5ScmSjMeA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 19 Jul 2022 21:46:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
816554411748126
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/816554411748126?v=2.9.65&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d2218a79e31ef17549c5b73c6367c5c1ac01ee7439ff5863e2e38dae49c8f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85733
x-xss-protection
0
pragma
public
x-fb-debug
E5M7BaSh0+yVrdDHrHQWcRHJpNHM7pbW/QHxpxQf/PMwaElsrVVnpmWhXxZfb+gf14iHAYXQuF1nidfgm8oLbg==
x-frame-options
DENY
date
Tue, 19 Jul 2022 21:46:55 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1658267215666&id=t2_j0i56&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=0f86f3ee-596b-4a97-b308-403b1c051a4b&aaid=&em=&external_id=2f5eb164c6fa64492fcf914688ea7ceea65317cbddbf39bcb94f4fddd46359e4&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_90e98f9f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:55 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
/
www.googleadservices.com/pagead/conversion/428342732/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/428342732/?random=1658267215669&cv=9&fst=1658267215669&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&tiba=Log%20In%20-%20Upwork&auid=732892872.1658267215&em=tv.1&ec_mode=m&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
32289229a1cfd525309293fc76682e713cccc5f51e6cb669d416c26c728b6dcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1270
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=43f7f4c6-ace9-456b-9424-e8b85810edab&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=5dba3a70-0028-4662-be0e-2e80ee80c2e7&tw_document_href=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o692s&type=javascript&version=2.4.15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time
110
date
Tue, 19 Jul 2022 21:46:55 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
b9c6ba4757d226101cec7c7d77d73fd59e4811852a9962a71965cc145ab6de2b
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=43f7f4c6-ace9-456b-9424-e8b85810edab&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=5dba3a70-0028-4662-be0e-2e80ee80c2e7&tw_document_href=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o692s&type=javascript&version=2.4.15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time
106
date
Tue, 19 Jul 2022 21:46:55 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
f9b3db7668d7e60fe36fc9ca576c1e90a3c0f1745f1cff2a4eb4a4b6fa29d423
content-length
43
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
application/json
Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 19 Jul 2022 21:46:56 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server
Google Frontend
access-control-allow-headers
Content-Type, Accept
x-powered-by
Express
access-control-allow-methods
GET, POST
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
58fc877efb28c6bb6f17823a89bcb448
function-execution-id
t26nlhosty4f
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.upwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
22
content-type
text/html; charset=utf-8
date
Tue, 19 Jul 2022 21:46:55 GMT
etag
W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id
j3pk9k7j4y4u
server
Google Frontend
x-cloud-trace-context
2be5f5754289f6cbe40e92b949d88da4
x-powered-by
Express
/
servedby.flashtalking.com/spot/8/18442;121984;12954/ Frame C640 		42 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/spot/8/18442;121984;12954/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.upwork.com/ab/account-security/login%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&ns=&cb=782241.1634974742
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18442;121244;12954;iframe/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.upwork.com/ab/account-security/login%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&ns=&cb=782241.1634974742
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app12.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/18442;121244;12954;iframe/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.upwork.com/ab/account-security/login%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&ns=&cb=782241.1634974742
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Jul 2022 21:46:55 GMT
Server
prod-xre-app12.frk11
X-HW
1658267215.dop215.fr8.shc,1658267215.dop215.fr8.t,1658267215.cds287.fr8.sc,1658267215.cds287.fr8.p
Content-Type
image/gif
Cache-Control
no-cache,no-store
Connection
Keep-Alive
Content-Length
42
/
servedby.flashtalking.com/segment/2/read/a;;pixel/ Frame C640 		42 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/segment/2/read/a;;pixel/?s=12954&d=www.upwork.com&r=ab/account-security/login
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18442;121244;12954;iframe/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.upwork.com/ab/account-security/login%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&ns=&cb=782241.1634974742
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app4.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/18442;121244;12954;iframe/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.upwork.com/ab/account-security/login%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&ns=&cb=782241.1634974742
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Jul 2022 21:46:55 GMT
Server
prod-xre-app4.frk11
X-HW
1658267215.dop107.fr8.shc,1658267215.dop107.fr8.t,1658267215.cds284.fr8.sc,1658267215.cds284.fr8.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ 		2 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.196.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-196-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.upwork.com
date
Tue, 19 Jul 2022 21:46:56 GMT
access-control-allow-credentials
true
server
nginx
content-type
text/plain; charset=UTF-8
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.196.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-196-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.upwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.upwork.com
access-control-max-age
5
content-length
0
date
Tue, 19 Jul 2022 21:46:55 GMT
server
nginx
36000147.js
bat.bing.com/p/action/ 		828 B
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/36000147.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
fef3ad398dbb5a74ddb4f46c9ddc7a19c8e64264ddc560daa715d825468596a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3711F55C9A774E0FB0860986A5808755 Ref B: FRAEDGE1312 Ref C: 2022-07-19T21:46:55Z
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
date
Tue, 19 Jul 2022 21:46:54 GMT
content-length
571
0
bat.bing.com/action/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=36000147&Ver=2&mid=865d0cf4-f063-466a-b2ff-eaaca61f0be3&sid=4edccbe007ac11ed924f3b7066ca9f04&vid=4edd28d007ac11edbf91f7cffdcf4967&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Log%20In%20-%20Upwork&kw=Offshore%20outsourcing,%20Freelancers,%20India,%20Russia,%20Ukraine,%20php%20Programmers,%20Coders,%20Developers,%20Writers,%20Web%20Designers,%20Website%20Design,%20Technical%20Writers&p=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&r=&lt=1764&evt=pageLoad&msclkid=N&sv=1&rn=661442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 190DAF5378A24536B03CF0CF2E44E010 Ref B: FRAEDGE1312 Ref C: 2022-07-19T21:46:55Z
date
Tue, 19 Jul 2022 21:46:54 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=816554411748126&ev=PageView&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&rl=&if=false&ts=1658267215758&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1658267215758.1897078606&it=1658267215655&coo=false&tm=1&exp=u0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 19 Jul 2022 21:46:55 GMT
36000147
www.clarity.ms/tag/uet/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/36000147
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/36000147.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1375 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
36cdfabec8d283d7cc6af6c9db7b79f46da290b573f568175ab06fc9b0908c95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:55 GMT
x-powered-by
ASP.NET
x-azure-ref
0TybXYgAAAACZOtmYoJJzSaNg4EcBBZptVklFRURHRTA3MTkANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
sid
session.sitelabweb.com/ 		199 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://session.sitelabweb.com/sid?userId=1694-1658267215.762-e735c5978d07d73d0124a83ddc58ea69-531&clientTag=UP4R77Y9Z
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.122.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-122-164.eu-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
14c893d6e2522aaf8e622dd2b1dfa944aa140d412b19f3278cd69d0875e2f3f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 19 Jul 2022 21:46:55 GMT
server
nginx
x-powered-by
Express
etag
W/"c7-CZFQ3+lqSqu8obIvuawdHrPP9Tk"
content-length
199
content-type
application/json; charset=utf-8
/
www.google.de/pagead/1p-conversion/428342732/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/428342732/?random=1250053560&cv=9&fst=1658267215669&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
  • https://www.google.com/pagead/1p-conversion/428342732/?random=1250053560&cv=9&fst=1658267215669&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
  • https://www.google.de/pagead/1p-conversion/428342732/?random=1250053560&cv=9&fst=1658267215669&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/428342732/?random=1250053560&cv=9&fst=1658267215669&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&tiba=Log%20In%20-%20Upwork&auid=732892872.1658267215&em=tv.1&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TybXYr3JLNbY1wamr4bwBg&eitems=ChAI8KzZlgYQ0Zir-YSd5axpEh0AAdZ5-M3V-fnrkVpoeshbdBk2_iSI4YQ1d7bKzQ&random=534985139&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hB4HjGhlksIrnIC0nl7RY-9MbFKiNveURKXZVrB-hdN0fUrzRT5VMbPWgXw9eh7XegaG79si8D6WJ7wFe_JAlgO
Protocol
H3
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:55 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/428342732/?random=1250053560&cv=9&fst=1658267215669&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&tiba=Log%20In%20-%20Upwork&auid=732892872.1658267215&em=tv.1&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TybXYr3JLNbY1wamr4bwBg&eitems=ChAI8KzZlgYQ0Zir-YSd5axpEh0AAdZ5-M3V-fnrkVpoeshbdBk2_iSI4YQ1d7bKzQ&random=534985139&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hB4HjGhlksIrnIC0nl7RY-9MbFKiNveURKXZVrB-hdN0fUrzRT5VMbPWgXw9eh7XegaG79si8D6WJ7wFe_JAlgO
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/eus2-e/s/0.6.36/ 		52 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-e/s/0.6.36/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/36000147
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1375 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:55 GMT
content-encoding
br
etag
"1d897c159e34826"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0UCbXYgAAAACJB0NfX9cZTLFb0El67AzwVklFRURHRTA3MTkANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges
bytes
content-length
23009
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=20D5CC994B96414EAB324D28F2BA1044&RedC=c.clarity.ms&MXFR=2651808090F564AE2326916694F56A3D
  • https://c.clarity.ms/c.gif?CtsSyncId=20D5CC994B96414EAB324D28F2BA1044&MUID=026ADA2F54176F983AF8CBC955C56EE4
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=20D5CC994B96414EAB324D28F2BA1044&MUID=026ADA2F54176F983AF8CBC955C56EE4
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:55 GMT
last-modified
Wed, 13 Jul 2022 17:48:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"96611cd5e096d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6FCC85BD753E48678ED517DC9629296E Ref B: FRAEDGE1312 Ref C: 2022-07-19T21:46:56Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=20D5CC994B96414EAB324D28F2BA1044&MUID=026ADA2F54176F983AF8CBC955C56EE4
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
tp2
shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.upwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.upwork.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72d6a715c935699f-FRA
content-length
0
date
Tue, 19 Jul 2022 21:46:56 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
tp2
shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/ 		2 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

cf-ray
72d6a7170f2a9b4c-FRA
date
Tue, 19 Jul 2022 21:46:56 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.upwork.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
217.114.215.133.1658267213951000.json
www.upwork.com/api/o2/v1/logging/ 		102 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.upwork.com/api/o2/v1/logging/217.114.215.133.1658267213951000.json
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-Odesk-Referrer
desktop
x-odesk-user-agent
oDesk LM
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
x-requested-with
XMLHttpRequest
X-Odesk-Visitor
0c1d9ba976cf6fb484c1b5397f0cc8dd

Response headers

date
Tue, 19 Jul 2022 21:46:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy-report-only
report-uri /ab/csp/index; report-to csp-endpoint, report-uri /ab/csp/index; report-to csp-endpoint
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin-when-cross-origin
last-modified
Tue, 19 Jul 2022 21:46:56 GMT
server
cloudflare
vnd-eo-trace-id
72d6a715dd699b4c-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https://www.upwork.com/ab/csp/index"}],"group":"csp-endpoint","max-age": 10886400}, {"endpoints":[{"url":"https://www.upwork.com/ab/csp/index"}],"group":"csp-endpoint","max-age": 10886400}
content-type
application/json
access-control-allow-origin
https://www.upwork.com
vary
Cookie
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
72d6a715dd699b4c-FRA
access-control-allow-headers
origin, content-type, accept, authorization, x-odesk-user-agent, x-requested-with
expires
Fri, 13 Oct 2000 05:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1275531193&t=event&ni=true&_s=1&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&dp=%2Fab%2Faccount-security%2Flogin&ul=en-us&de=UTF-8&dt=Log%20In%20-%20Upwork&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=footer&ea=impression&el=footer_section&ev=0&_u=aGDAAEABAAAAAG~&jid=1814836997&gjid=1658122888&cid=310230270.1658267215&tid=UA-62227314-1&_gid=42496385.1658267215&_r=1&gtm=2wg7i0WNVF2RB&cd2=normal&cd18=AccountSecurity&cd19=08e71fbf8d595c40fab08c91dbe80a449f23e062&cd20=prod&cd21=0&cd22=0&cd23=0&cd24=unknown&cd25=unknown&cd26=unknown&cd27=false&cd33=unknown&cd35=onsite&cd37=undefined-flow-cl&cd39=217.114.215.133.1658267213951000&cd40=217.114.215.133.1658267213951000&cd41=GTM-WNVF2RB&cd69=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&cd106=GA%20Events&cd122=%2Fab%2Faccount-security%2Flogin&z=800530709
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.upwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-62227314-1&cid=310230270.1658267215&jid=1814836997&gjid=1658122888&_gid=42496385.1658267215&_u=aGDAAEABAAAAAG~&z=1673925594
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 19 Jul 2022 21:46:56 GMT
content-type
text/plain
access-control-allow-origin
https://www.upwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
k.clarity.ms/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://www.upwork.com
date
Tue, 19 Jul 2022 21:46:55 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-62227314-1&cid=310230270.1658267215&jid=1814836997&_u=aGDAAEABAAAAAG~&z=101188622
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-62227314-1&cid=310230270.1658267215&jid=1814836997&_u=aGDAAEABAAAAAG~&z=101188622
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 21:46:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads.js
cdn.480app.com/ 		21 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.480app.com/ads.js?r=25482730717465496
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
etag
"8a68886c66c8ca4dccac563705f5891c"
age
1505
x-cache
HIT
content-length
41
x-served-by
cache-hhn4076-HHN
access-control-allow-origin
*
last-modified
Tue, 23 Jun 2015 06:50:40 GMT
x-timer
S1658267217.736466,VS0,VE0
date
Tue, 19 Jul 2022 21:46:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1053
/
colrep.sitelabweb.com/chpdata/ 		42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colrep.sitelabweb.com/chpdata/?d=NKeed8~01342u5dFkvfP1c-GEia0EjItNrYT4cJRg0OSE-1DO8cGL9S8YflDPlY7s1Fq0wMjohJQo0OWBn~mkIcFL9V9ZvtlgSTKQmF9BvX2CqM5wzYGQD1jtTMRYzcTQolT9lb7~pCQltOWcVbvrmal1rJGu9PUUQRwIik1j4WmE2CuI8LTY_NNnmXl4D1TxOOC9mbjIojTX0OHz20LIwMTYbO5w1XS1RH3TBbFwhN8JvkS3vJXzwzcdoamVadijlLiBSAC7KMCDwPPAPj0HkMnsXEt41MCYeQMryLGg62CO7MiABgyBWwVckYoZpH_UxQjYeNbSzMhU01CLiSEQNXtUbnyTxMKcpEQUkLjFyZ9kraxkp1jqaaGIvfBUPjkXwMH1u-_40LDbbLNrzISI~92u8YWIpN8JvkTL2Ln12y8hgb0Zldvsub1lzHjfIJmU1eBQojjj0ZHvyC8U1XThNM6vwLyM62WBPZiX2QBFNvWTxNnMmGQljOTbbMvb4MCNp1D3LZSD3R8RMkmD0NXEi-tI2NDRNM6klIlV4DWHsc1UyWBQojTX4NGhx05U3LjbkMNb1Kic61ig7NyL1beUkkzgjMHJk0LNjLDIdNvb4L1RoDz7SZVD2S70gjzDlZa6hCPNkb3RVbhTJYC0-2jOOLSD2R8gbkjbxMX9u0LYxKWYkMcsjMSk73G3IN1P3QjQ_jTH-YXMzCdRiMTlRY6v5KSU11V8nNEH3RikktjD1NXMy05cxLTYmMs6mbGYD1SCAclUmTBhf-HAyJX2ByqJFITNxdi-3KmV~J2oKax4jfj0PjkYgYm9y48FiX2DibRntb1VnJXyBdGjlQQZWz2cobm9z49JkYGpdJ6kEISI51kC3YhTyR8Jvv3IkYa6l~uBxa2cVbvrlLiU06nBJJSH1QQZMvXMkbKRuCpZ-YWhdP9Wm_WNNHmC7Y2Qlcu0_gmMra_AuHcNkb3RVbhTJYC001TGGMSD0PPIakS3wM11u-qY0NDMjNcfxLyk51TpIMBYjb8Eoo0DwLnzu0aI-NTbeOsruLSY53DxQNyHxR7ZNvTH8R4vx~5ItLzIbMNjwLic~0jtQNSfyRPcbjTTlbL19HeJ0YScdccPmXVx1ESCGcmX9QtZbwXAucr59y9JoOTIF&c=213
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.13.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-13-220.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 21:46:56 GMT
Last-Modified
Tue, 13 Jul 2021 10:02:51 GMT
Server
nginx
ETag
"60ed64cb-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=816554411748126&ev=Microdata&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&rl=&if=false&ts=1658267217332&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Log%20In%20-%20Upwork%22%2C%22meta%3Akeywords%22%3A%22Offshore%20outsourcing%2C%20Freelancers%2C%20India%2C%20Russia%2C%20Ukraine%2C%20php%20Programmers%2C%20Coders%2C%20Developers%2C%20Writers%2C%20Web%20Designers%2C%20Website%20Design%2C%20Technical%20Writers%22%2C%22meta%3Adescription%22%3A%22Log%20in%20at%20Upwork%2C%20the%20world%27s%20top%20freelancing%20website.%20Hire%20expert%20freelancers%20in%20the%20U.S.%20or%20worldwide%20and%20grow%20your%20business.%20Get%20it%20done%20with%20a%20freelancer%20on%20Upwork.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1658267215758.1897078606&it=1658267215655&coo=false&es=automatic&tm=3&exp=u0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 19 Jul 2022 21:46:57 GMT
UP4R77Y9Z_SE.js
fyrsbckgi-c.global.ssl.fastly.net/ 		172 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fyrsbckgi-c.global.ssl.fastly.net/UP4R77Y9Z_SE.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6130f7e0ddc3da31a69087462f6db9ceb6b0acfff697113449dd662b7c5b06b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
ETag
"5fb6a249a73811ba90e8aa8725034825"
Age
435
X-Cache
HIT
Connection
keep-alive
Content-Length
76842
X-Served-By
cache-hhn4078-HHN
Access-Control-Allow-Origin
*
Last-Modified
Sun, 17 Jul 2022 08:35:46 GMT
X-Timer
S1658267218.585524,VS0,VE0
Date
Tue, 19 Jul 2022 21:46:57 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish
cache-control
max-age=3600
Accept-Ranges
bytes
X-Cache-Hits
4
nmg_tag.json
colrep.sitelabweb.com/ 		93 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://colrep.sitelabweb.com/nmg_tag.json
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.13.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-13-220.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
18c11277675cd5949fc5339664aed7c1e89818d8ed21ccfc6801310b0da59a28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 21:46:57 GMT
Server
nginx
etag
3760653-1658267217.675-54388145ec8a318c79bcc67afe68a439-531
Access-Control-Allow-Methods
POST,GET,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
cache-control
max-age=31536000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type
Content-Length
93
referrer
colres.sitelabweb.com/ 		20 B
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://colres.sitelabweb.com/referrer
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.143.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-143-28.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
15971bae84a18f790ed6d3842f47d5c3097a44e43f2f891a8571f3273ce25b24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 21:46:57 GMT
server
nginx
content-length
20
content-type
text/plain
sid
session.sitelabweb.com/ 		205 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://session.sitelabweb.com/sid?userId=3760653-1658267217.675-54388145ec8a318c79bcc67afe68a439-531&clientTag=UP4R77Y9Z
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.122.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-122-164.eu-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
24f8ef05ba61328d938218fa01a37c82da4e6d1f88577f1753ae4fe6e48d5d7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 19 Jul 2022 21:46:57 GMT
server
nginx
x-powered-by
Express
etag
W/"cd-JEx11TBnmVZIw8pXfN5vx4Qx4Yc"
content-length
205
content-type
application/json; charset=utf-8
ads.js
cdn.480app.com/ 		21 B
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.480app.com/ads.js?r=3318835928161401
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fcreate-profile%2Fv1%2Fbaseline
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
etag
"8a68886c66c8ca4dccac563705f5891c"
age
1507
x-cache
HIT
content-length
41
x-served-by
cache-hhn4076-HHN
access-control-allow-origin
*
last-modified
Tue, 23 Jun 2015 06:50:40 GMT
x-timer
S1658267219.689316,VS0,VE0
date
Tue, 19 Jul 2022 21:46:58 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1056
trk
trk.clinch.co/ Frame 3EBF
Redirect Chain
  • https://trk.clinch.co/trk?cid=ufx03Y&dsid=ikf8WI&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%25...
  • https://trk.clinch.co/trk?cid=ufx03Y&dsid=ikf8WI&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%25...
79 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trk.clinch.co/trk?cid=ufx03Y&dsid=ikf8WI&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&version=3.4&a=1658267218695&try2=true
Requested by
Host: cdn.clinch.co
URL: https://cdn.clinch.co/a_js/client_pixels/clq/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.182.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-182-94.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
3a2f25076dd3c45cd69196f5c15d3ae2678b208bc5f8ac053d54d4a1fb792006

Request headers

Referer
https://www.upwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-length
79
content-type
text/html
date
Tue, 19 Jul 2022 21:46:59 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
Kestrel
x-robots-tag
none

Redirect headers

content-length
0
date
Tue, 19 Jul 2022 21:46:58 GMT
location
https://trk.clinch.co/trk?cid=ufx03Y&dsid=ikf8WI&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&version=3.4&a=1658267218695&try2=true
server
Kestrel
/
colrep.sitelabweb.com/chpdata/ 		42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colrep.sitelabweb.com/chpdata/?d=QJfimBub52yyd99vG019kGZ3ajNjFCN_nTvMJSb0a_IEjDFact295hcsmjH3YFI1vo0iBTHdJUf0IwBObmH1c_h9CIZsClPhT98mG4B6e2SVMUNz9zQsbDBTN6rzkuQTjTxabf-pGHlnoWD6bSamv61ZSGrUPCjQGeIjf1wCW0u2KLIl2TB7NcpmC34LTTbMO~~m8kIsaTRROta2Z4IFiTFkO2F1Fh1G-3U6bS2hcoJ1BSgcJAXwDedUumc0dNhl7YB~BCBBM6dw-0AxT0b5MV-XBC4lbCNNQNmyYOgMiCW_MKtBKWBlyVI2Yw~pxYUjFj4fNfJzG6UceCtSSZmNE0UZ6yBBM9LpFLUxTjVcZHBrCekTaj4caxbvncU3hkJlMp2u3R4wlDCDLvazcoIhI2rTYEYpCsJwfTYAL1h24ahIJ0CJd9uuHLl5ijKGJZW1EClSdWKAOAqzZqAKuTOlM_213CkrlTHGNPfhrOEoNWqiZUa2CBVhtWbGM141K1EZFmBHYM1h0lY6TzfONHM19QYlaW87YAmyZqg4y2XZP3Ew3VEzmD12MPXzsoEqBT1PNUT1GsZNeWUAOXih7HNM-mCFYP1VHLV8ZWjVMEM5zu0ebjNUMOq3YqELgjOsMJjl4CMwxz8ON9okfZdWBzzRMwTyGfEke2crYHp4KKEe4SjGMsdmDpRtf1g5cqBpCk50nDvLNO10X_EMiTSmNKJy3hUnmzCFLha3fJVVBTLlOzewGSQje2b1Mmd0JHg_FG8yNM5lClYHSTnJMGJQzxImb1dVWOX2Z_gGijOmM3A53Skf0HCSMdfow6VYDWIid~QzCsNrbTVNJmeGPtdf1nC9dxZyFF5vi2K5MWNh8PUffm87YiS1nuQBy2GYd7-pLWkelkD9bEkpv2UkFnvSZz~yCsNubTU8M2uhJXUZ3T0VYyilCpRxSXVIbpNpCyUTajNMRSqxV_ILhkKXY73lJVlnySDJZhkyir8YPXz-bUnlRTRQrDC1J4isMKVVKF4~cympGL5VfDKIMERuy9Ej_jBLN6NxY4MChTJrOp~24CIqlzPKMeHwfYZVMTqrRjTxE7IZfDU7Omtz91UV2TFGO6h21GI7USs3YE691iEe_jBIMdXwYqMEhjOkLKw24hgrmjHFMeamrrRUQGlQaljyIsARqWc4da5sKKJTI244ZQh90VZ2jzLMcZJlvUJgdWS5bxflVt5GzjnkJO3lJj9dxX5~PffnppooHmYfVls3Rtd9wWxZT4NzGsdT8lP1NQi5JYd0bF37Yo_r~CZ5eWwDUjfxj9pfiWPqQ6roMlNdxzvDdSsOsOlZPm9UWRUrHwdrlVtAb3uxHKpz7ma~WdLx53dTeUgMdISC0SVmtkmNSQ2omAgNhGobaO-y9~lh-XLMMSsoysNhM1HibVjRGgZguTZ~W2i0PLZ1FGkCVy0z91ZhTGP4Yq-x5vNDgleQbxwkYNh5wUwpTNS0IlZdlGM4RSQ5l5h_PWM4RDOoOg5dllgBepuOJs9P7FC0Z71a2o1cVXgOVnNt6ANctWm8VAnnb95HoXWkWtBR4jZyl3MJSwYjxO1YIVEUaTjyMwl4w2ZVT55kG4JYBmrFdP1k8ndzTGc6TGJXzydSiV28Vwbxfahqz3K-VLO0CHN9xUM8bSflpr5ZTnEbTD2zVfZPiV-~MWNPG2VsIGG~TO1nF2Z3eUxZb1BO2Cd_am28YASUoNNhnWPfMJjzF-9G-G1gSvInoaVnHF5CdDsOJv9Si0LBTp5vQKYh9l4FbODzCmN5lWB4VHdoFA9jhlKQbjbSep1QnGeaYMSoKWZ~mHD4QFU4s_cnP2M4TTwzOgJkoltueah3H_V_BHoKTgDW1pJ_bW-MV2v36C9NqXCVSAw0g9pNnlXcct233Vdgq214WxbvybgqIXvUaVJtMtd_fWtYV3ipG4NM9Ws8N91OAol~hl2DTWB0CzhufleKWwwmj8YKw2XCT7toI~V~sk54dSfOpr5aFGvnTU2jYfddfGLve4RuEZRSLmOIZx5o5Z9ycW6Ga1N01DFgtnWHW9~omtd2uF8qb6n5ACBUlGDJaEYoobZjGlIcM~YRSdRgoGp7YnzVPKx1AXG0eg157pp9TWsJM1WoBT5ihVONMirkcdB4wn4wTL3M3kcysXv6RRs3m4dhPmItRD2nOb1Plm~7aqe5EK9P2lX0Wdqz1_J_aW79Unh43CpNjmzTUPfoquhno0JtesKkClFg~nzPTgbafOdnFWERbTn5NdRFuXgJS3z0MZxQFDy5dy1z9op1a2PJUXFvFCtWnH4Ve9U4j4FPznPbceBz3~Rnrk51RFQRlqdZP3zPWDOoXBh5fWDtW_zmHLBXLXCgUgik9ZNNejVqbZJRzxdVaHGNWPwsoOd1qWagQenzAzRdq3zjSgknu65kIlIVeEbRKA1gm072YL1VNLV1LFLzV9i47nZCTmsiVH_o5yNukVa3eSfRqM9NxWsbZptwJ0ddlWD1beU0nMdCQXz7TUG0OSodoltmcNz5GJh_2kG3Wd1R0Z5Hbm7QMVBw8SYjp2enSA~oqa9GoUCfd6Fk8k5f~lQJThsQybdWJXrUaVY6MuVFxmtVVp1nC3VY8lP1a9yO0lF1bF3FTGFQyyZSiXCCaRr-erNj~GPZV7xnI0J-sV9tMhUnm5NZPkYuUBfaXvZOfG-uVZqzEKp6LWLFQPun9_JG_373MYS02ChWi3GHYi6NYOd6qlPZbN30BTdv~HDVTxkkvqBkNF52dlboL9dkj1c4Za9MNLVP9lyCMbRiC2hciHrPMIv26yNUkX4FbBb5mNdGh2wuY4Kr5kZd~2lJRRszp5hgAnv4ZybnOgJblW-uM4zRHK5cHn0KTN1fF4JcbW38aZvn6C8ds38WTQS0cLtPoXaLasN3BkpvuF9MThGvybdnJWdfaVbiM8R_enVrR3moQb5cCU8pegmLBJsyjmoGbq70-8ZfpTvMJSUmpK0HjQLO&c=213
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.13.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-13-220.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 21:46:58 GMT
Last-Modified
Tue, 13 Jul 2021 10:02:51 GMT
Server
nginx
ETag
"60ed64cb-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
/
colrep.sitelabweb.com/chpdata/ 		42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colrep.sitelabweb.com/chpdata/?d=~vUMuhOcqbV2bqde8vCp15eXp4JNT5u9x8nTusZcM0wr0MT0esM6hzBbdFeWKMJ3Oyf_N_hTEIJpPyxe9UdW6-JrgyvZNYQT0aJ3Oyz9VM-2M-b8Tlk6IMS0asNPglypJKfXlMa6Fuz7NI0Wh6JpPyhrNnSSqARas31IUJXysLMOXhv3ULki43Qoa3o5UZSnjscSlpC85KQTgLJ3TBf_dahTu2cPbz-RlWhnjKbStuEIUJTisMQ3Klj7Q8l00rM5Tlk6JKimW4cLsyyoUKXSsSQJ_yiuN8-3zvbPCzhrIZPTjIJr0CvZIJj2tMcervyuNb~35~dZayk5U_WTasNPolyqM6TjhCbNeluAR8xFzrcQUp~R5_PTe3JrlBvZdZQTgLa7TJytZ8w31rZa2p-SQMSjesMPclz_IHQTtcJ3jEf_JbhTu2cPov-fBQhm~mZv409b5KhWYHcZ_yipUMoS49Q3ayk9FedXj7URdm9aBJhWl8R7n0q9VM-2M-b8UMzvNcPTe3JrlBvZVZTCsQRo_ym3ULkmI-b7b5pvhc_2r4cR8vCtNihXlPJ3Oyf_N_hT5IMZa1paUZWyq3MAloC9BNeXhAR7n0q9VM-2M-b8UMzvNcPTe3JrlBvZVZTCsQRo_ym3ULkm5oYtYl-PVgjFjscSlpC85K_G8Mdo_yipUMoS47Q4HllsQMSkisM6h3BbtAentUR7n0q9VM-2M-b8UMzvNcPTe3JrlBvZVZTCsQRo_ym3ULknn2asUl-RNWjXnMefpT9cNKhWYHcc1pzAQ8kjurMNLllsIXPTrLJrhDvZIJj24IctHlzrVT0FzrcQUp~R5_ZG64dasyyoUKXSsQQKGljaQ8kkyrM4Qjxu5chH6MefpT9cNKhWYHcc1pzAQ8kjurMNLllsIXPTrLJr0EvZdaQT0cJ3jEft5Gx31nZK8VsbR2Tz~fOtBmEsVJWTcQLKd0ftJHnTq2N_nwh9NJVTa9Nr3yzpcJTTsQMpqm~cEYrWlCas2swqUZXjq-MasyyIhthWU7bfjzf_IJrl0rM4Hxka4XPTjJJrgw58lFUjo8McOliqBTlj0vJpPwovBXhGrdZuhLBcQ6TkwQM_iui4Y8kjmuSNoUrswMSkisM6_sBbt6QTgJReajx98ChTu0QPoy~R1MPTfNMrZzxpAFUTZRMoA1i3ULkFznZ7MyzqUZXjq4NLTzzoZ9eXldetXlyuNC~2gFMZf40vVQeDOrZ68my3YHUGsSM3Szj_MUkjq9MKX2wuNITWroNexjzoZOkW87P3O5jcQKkm9rN7L3wrEeSDi4N6tmzbYPUjd4YeLliqYThnzvZ_72kbBIUDm4ZrZ0y8UIUzsPYKehj_URwjroNKnzwrE_eSvsdedn5cN6jk87P3K2k_QGkT87O_P2lMIYTSRAN6gt9ZcKUWkQO3i4vKASxDD3Z_Hxk6RIUDjrZek1~MV2Uj7GN3SxftVPwWEZZtUzzu9VYWmGMrw5zI0IUjsTMKd3iqEQjjD8M38llMMddzqCNM4kyJd5Uzl7MpKyjNETk21qYKa4xuEeUSN8MMdV4JRoUz0xO5uxjqUTkj89M4L1mrAhPnY9PrcmBNJ6fjQBdtXwz3UMoS42R3aypAdfjyS8cf0vDssFe2YGJ3PGucI8kk9nYPUv0u5cRXjsYStyBcRSQThebsFnxc48k092ZsYp-5U_XCq3NrhG8bI6TjsLRNTyvcFPxSd0c7GmzuxMPTe8M7x2yYUJUTheYNLzvcxC~m4sdcbn-61WPm64SuUm9bNNfWoYMoejyNl8~n1ZZtUzzu9VYWmGM6c3xpEIUCTLM3_ui_MMjjq8Npnyl6cZSTiCNrcwyJA7e2cKP4jBiZ4Ljj02N_r2kMgdRja9Nr3yzpcJTTs9YeKylad_kSg2L4TxkbI_SDeAMaTxzpURTjwSMKK1fuJCnTqsccf0nrI_&c=213
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.13.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-13-220.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 21:46:59 GMT
Last-Modified
Tue, 13 Jul 2021 10:02:51 GMT
Server
nginx
ETag
"60ed64cb-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1275531193&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&dp=%2Fab%2Faccount-security%2Flogin&ul=en-us&de=UTF-8&dt=Log%20In%20-%20Upwork&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Namogoo&ea=Infected%20Sessions&el=Infected%20-%20Blocking&_u=aGDAgEABAAAAAG~&jid=&gjid=&cid=310230270.1658267215&tid=UA-62227314-1&_gid=42496385.1658267215&gtm=2wg7i0WNVF2RB&cd2=normal&cd18=AccountSecurity&cd19=08e71fbf8d595c40fab08c91dbe80a449f23e062&cd20=prod&cd21=0&cd22=0&cd23=0&cd24=unknown&cd25=unknown&cd26=unknown&cd27=false&cd33=unknown&cd35=onsite&cd37=undefined-flow-cl&cd39=217.114.215.133.1658267213951000&cd40=217.114.215.133.1658267213951000&cd41=GTM-WNVF2RB&cd69=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fcreate-profile%252Fv1%252Fbaseline&cd122=%2Fab%2Faccount-security%2Flogin&cd96=1&cd97=1&z=1086479978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 04:34:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61958
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
colrep.sitelabweb.com/chpdata/ 		42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colrep.sitelabweb.com/chpdata/?d=H2aIK6b2KM2YPdsive81IXGIPaYGjlvNBWTJeJOG0StELHTfScs39VscIKjvSYf81et0IHDPhJM80WwB2GmObcsJ9UuZaPlk8TrSmiBBFV2RqMJWzbhQUGTfkMIGzfBQULTTSbfGpbTlDIWbVbrBmiA16aGYTP5SQQfIOG1nmWIG2fwIUJTm_NKNmaB4UFTLhOotmeSIUJTqiOpF2QOIGGTXbO1G1es1hZ36VbsuhMtJaGS7bJ2-wRed8ZmjadfJlP8BiOCXdMoxwS7A4J0aRMK8Xdw4NGCXeQIByTggNKC1RMK8BfhBBSVgRYKapkbUHOjmeNZ1zQ7UHFCk0Sq8N_bUHNymdMsupdTU4FjEyZ54riMk4JjUuatGvewU4FkacMo3uTb4MJDqbLKRzMtIFN2ISY60pQsJaKTekLKJ2MBh0W0YldrCujSlEZjJbJOe1gwl3IWUSO5FzU7ALWTvcM_J1POkHFTfeNoGheSEMWWXhZNJ2MCVMUWTqMJS1fcEHWmmjY3ahPtYFFzPjN5F1f7YNJWYPY6RyQ8g5W2oQP2FwTfEPKDfRMpNzbtEOGTUONMx1UsZ1JWakOpKhPtN4CmYhY5LVjSVHPWiqM3V5Qc0GGjXlMJF3T7EMIjvjMJ~lQOMMRzXmNZPkTcd3KzfQMpByQgEPF2UQYZB4fvENLSJiM_BmbxR0S1QRce4piS5dWDJcNKh0OtENGTjdNJKyTsUDKzqdL6R3POV2GTnkOr7wUSQOJ2ibM3F0atgISGUPN2PlesYQITmeM5SQQfIOG1nmWJx2UsgHKjvdM3R5Pdk5WHaqM1GojAV5MW~hdt8zMtNWCTMxJ20GkTdOInnbde6ydN52V23RMKGhe6UHOmYPYe61eCQCW2YPd60pkgk4JkrYbeape7UIKnMRZrTyQsNZGTaiMLWha7UHGTMxYe0lewR4IXUdbeWpegU4FjXdRNFxQsIMJkrOY7KleglDSSbhZ5LyWv85YXf~bNWlaUR4SD4hcNClQANBYWn_drKlfUN8V28~ZojyTscDJTXhLKFxQs4GFzP_M2F1VcINKzacM_h1PtAFFCbPY2x9YQEGIja_NpF0RtYIHDX_M2F1VcINKzacN2WjatIUK0HcLJ-uTNEFJjebMK_wO8ENGTjdNJKyTsU5VWjObs6jdTVHITDSY58zkglBWWbYbeKrbxIUFCbYcZk0jBV4GnbeP6WhehN4CmQdP1B3X6UHJnadMpFyMtIHCTQsNnByXMUHJnadMpFzMtIHCTQsM1ByXMUHJnajN_R3MtIHCTQsMYB3YbZD_nqqMoWobxJEIXUdd5BmiAl8MTXSbNF9PsZ5UWnqM1GzfAkUJSrdZ78vfCQUCTgtJ2-yZv5NYXfVYNulVgFDSCXdMIBzXsM4K0iScNh9PNZFSnTqMJ7_&c=213
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.13.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-13-220.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 21:47:00 GMT
Last-Modified
Tue, 13 Jul 2021 10:02:51 GMT
Server
nginx
ETag
"60ed64cb-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
d20bd139-9575-41f4-96b5-4d2fca79bf21
https://www.upwork.com/ 		9 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9c72482ef87c5aa2bb9c99da75af275aef1471e84f8745f855d4633c94132f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length
8830
Content-Type
application/javascript
/
colrep.sitelabweb.com/chpdata/ Frame EB17 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
colrep.sitelabweb.com
URL
https://colrep.sitelabweb.com/chpdata/

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require function| create_mark function| remove_mark function| create_measure function| remove_measure string| PSMETRICS_PAGE_ID number| PSMETRICS_TRAFFIC_RATE object| perfume function| loadCSS object| Applet object| dataLayer string| _pxAppId object| ugc object| s-apps function| Vue object| Vuex object| regeneratorRuntime object| authWebpackJsonpFunction object| upTracking function| VueI18n string| io_global_object_name object| IGLOO object| PXSs13U803 object| PX undefined| _Ss13U803handler object| google_tag_manager object| s-defined object| GlobalSnowplowNamespace function| snowplow object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gapi object| ___jsl object| Snowplow function| postscribe object| google_tag_manager_external object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis object| recaptcha object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData object| AppleID number| bbi8yy function| infectSession string| _linkedin_data_partner_id function| fbq function| _fbq object| _fbq_gtm_ids function| rdt string| qp string| ire_o function| ire object| ft_onetag_12954 function| clq function| _clq function| pdst function| twq object| uetq function| ProdPerfectKeen function| nmgsem function| lintrk boolean| _already_called_lintrk object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| twttr number| created_style object| dpmComscoreVars function| dpm function| DPMSendConversionEvent function| DPMSendSingleTransactionEvent object| keys_processed function| UET function| UET_init function| UET_push object| ueto_fc551b9f59 function| Keen function| setImmediate function| clearImmediate object| _nmgtag object| _wlUP4R77Y9Z object| _blUP4R77Y9Z function| clarity function| ImpactRadiusEvent object| irEvent object| CJOS boolean| canRunAds number| vdceed function| cartCheckoutGintReport string| referrer object| journeyDataLayer function| runSeg

63 Cookies

Domain/Path Name / Value
www.upwork.com/ Name: _pxhd
Value: zgufIirCFt95qe/74et1oC5OJE/NFZEu9mp1gfsklC7diILlKMbJiqlIperOqZDTISffRdHCq9MvQxlPnG34Gg==:oJfe3-XohAmfgjyMSvx2f322kNm/up6R1Gt5FQ6AKDDbvQFPAr5nvYkrIHRapmeaKwhcF7aDpugnjorIGGqgFUUqOTwhkTCDRQ6zhF99PNg=
.upwork.com/ Name: visitor_id
Value: 217.114.215.133.1658267213951000
.upwork.com/ Name: __cf_bm
Value: pfdZTJMDSl8g01HLZxGafLu0huO_t3A7YdlO69cqXg0-1658267214-0-AaVm4owwRkp+3Q+VtVKjuWK0on4jQJx+xWbvDRRZddXZqSYroXENuzr4b/FknEyUSpMr8M1vX9JgnllwIRk6q5Q=
.upwork.com/ Name: __cfruid
Value: f34cdd9d1d03ae7a9224a2a2117a74f6bf3c8d69-1658267214
www.upwork.com/ Name: enabled_ff
Value: CI11132Air2Dot75,OTBnrOn,!CI10857Air3Dot0,!CI10270Air2Dot5QTAllocations,!air2Dot76,CI9570Air2Dot5,!CI12577UniversalSearch,!SSINav,!air2Dot76Qt
.upwork.com/ Name: XSRF-TOKEN
Value: 4c695aaebed240236becae60ef783b0e
.static-upwork.com/ Name: __cf_bm
Value: uTWn2vHeqEMXrwppSFz7RBvNG1_TkzN5LypPYtpuPCI-1658267214-0-ARlVjn5XCRo91b7oETvMF2zQZnvMDYMb0dF6rzjotgKPQx/yUP52p4/8X34TNPz+yuO8r0qkdVwG2rkOIYudGgY=
www.upwork.com/ Name: _sp_ses.2a16
Value: *
www.upwork.com/ Name: pxcts
Value: 4e54e9af-07ac-11ed-87a1-434672494576
www.upwork.com/ Name: _pxvid
Value: 4dc705f0-07ac-11ed-bc10-4e427067476b
www.upwork.com/ Name: _pxff_fp
Value: 1
.www.upwork.com/ Name: G_ENABLED_IDPS
Value: google
.upwork.com/ Name: _gcl_au
Value: 1.1.732892872.1658267215
mpsnare.iesnare.com/ Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef
Value: EOqjEqg8gKKVatHKnpaZNP6zao+n/Lozh59vBxIQ0m0=
.upwork.com/ Name: _gid
Value: GA1.2.42496385.1658267215
.ispot.tv/ Name: pt
Value: v2:5e2e6626600cb6e6163bde52d8cc578009b2e198e31b9dcbae3029c3cbcee446|daa7c790b35a199c8caaf87d94650f26412f22406736e43ff2e3096d4846beba
.upwork.com/ Name: _dc_gtm_UA-62227314-1
Value: 1
.upwork.com/ Name: _dc_gtm_UA-62227314-13
Value: 1
.google.com/ Name: NID
Value: 511=j58HoEJhnMqIxWG1goWhNiCDmQJP6sC52-bRzCDt_fSAivOOOtKJ4YmKP8xbiPA2Y6JzxNR3CuXciby5kVeCc4lAmA930P3z5TJS69nGMdDxl3uyScy68dQVpYYQBjSX68Ur2_T6dw0ZVL39PnOmRDgS7-khsRHjUjF6pWfg4Ok
.upwork.com/ Name: spt
Value: b82c653b-f051-4f80-a4f7-57800cd2da2b
.upwork.com/ Name: _rdt_uuid
Value: 1658267215665.0f86f3ee-596b-4a97-b308-403b1c051a4b
www.upwork.com/ Name: __pdst
Value: 09f8032c49e54403b2ef089c84afa9d8
www.upwork.com/ Name: _px3
Value: 014f74517a50c30b72f38360698718a39a1c5de77e322276347243518217884b:h0L5Wm49sVvaUZq0vBq0MwPpLxZABIRNyJB7Mhv5h5r/tv/1Q8qrA3+iFUgv3l0m1XDAzJf2Y7b5DKMGbT7wQg==:1000:Nkfw0wGzpG+xpp7K5ZqNTlirW8v9SRd9hREEDybi4ydZ9JxtoqXiFEKpKEsS+2hsPcl0adhYjUuLIsafmiSseXF5ymipTAiBGXelUKIMxlShTuH9Gw9Ylv/nqIWB11e/lsQeHorCW/fk4TCtmuy4eYg82WsMXk5H3M3LPqwkPK8SU1i05i0awZSNzExC6y89CxdVdS/8pQWBWSccLuGORg==
.bing.com/ Name: MUID
Value: 026ADA2F54176F983AF8CBC955C56EE4
.upwork.com/ Name: _dpm_ses.5831
Value: *
.upwork.com/ Name: _dpm_id.5831
Value: 7db8d189-11e0-4076-9cc0-87314cd6c710.1658267216.1.1658267216.1658267216.09c624b0-9c5f-41c1-81b0-d61652546ab4
.upwork.com/ Name: _uetsid
Value: 4edccbe007ac11ed924f3b7066ca9f04
.upwork.com/ Name: _uetvid
Value: 4edd28d007ac11edbf91f7cffdcf4967
www.upwork.com/ Name: prodperfect_session
Value: {%22session_uuid%22:%22bb38f422-2389-4866-ab6f-c090a64f01df%22}
.turn.com/ Name: uid
Value: 3978111118062929644
.upwork.com/ Name: _fbp
Value: fb.1.1658267215758.1897078606
.agkn.com/ Name: ab
Value: 0001%3AlqM6zBvBvtCFxHTugxyu%2BSgO%2BfTO6uuq
.agkn.com/ Name: u
Value: C|0CAAqaeLPKmnizwAAAAAAAUDlAAAAAA
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=53132657A9F753"
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.t.co/ Name: muc_ads
Value: dff92520-ea8c-4b71-a673-e66919d321c8
.twitter.com/ Name: personalization_id
Value: "v1_+G1uAAmNxZrKaUXOJ+DJdA=="
.linkedin.com/ Name: UserMatchHistory
Value: AQIVj_7xJ9gIRgAAAYIYbafrQk9zpIVHFBUos7VZJVy79boP0p-1Yfv9gmGr54ZObYYe0Jpax0dcCg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIkz2Q1eSNBoAAAAYIYbafrT_of7yAuuG8xtpdiWeIVFB4xw3dVd9yk22fYI5pgNuWMUr5H0NZN2b3Tuj-krA
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&94d60ed8-5b18-41e3-8933-54d66de4c0ac"
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2442:u=1:x=1:i=1658267215:t=1658353615:v=2:sig=AQEwwdvixOFB55u1clChdyAjwpKQS8iF"
.nr-data.net/ Name: JSESSIONID
Value: 1df862512555786d
www.clarity.ms/ Name: CLID
Value: db45ba35347a47c8953693ce7b6525d3.20220719.20230719
.upwork.com/ Name: IR_gbd
Value: upwork.com
.upwork.com/ Name: IR_13634
Value: 1658267216003%7C0%7C1658267216003%7C%7C
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220719214656fd2c2754-6c21-4bb8-894a-c69e2159b9b9AQGknM3Uo3V8w-X_d-TjuhreYaFX_6GV"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTgyNjcyMTY7MjswMjGBp290wOZnbLBIEtWT810tPabGK7duYxcE7Dl4Oir8VQ==
.c.bing.com/ Name: SRM_B
Value: 026ADA2F54176F983AF8CBC955C56EE4
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 026ADA2F54176F983AF8CBC955C56EE4
.c.clarity.ms/ Name: ANONCHK
Value: 0
www.upwork.com/ Name: _sp_id.2a16
Value: 4ed79abe-d0cc-4e2c-8e38-5d9af388f1b0.1658267215.1.1658267216.1658267215.0531a4f9-7d29-4521-9fdb-4b31febba6bf
.upwork.com/ Name: _clck
Value: 1tqucp6|1|f3a|0
.upwork.com/ Name: _ga
Value: GA1.2.310230270.1658267215
.upwork.com/ Name: _gat_UA-62227314-1
Value: 1
.tvpixel.com/ Name: sp
Value: 05f96ff1-1a5c-494a-a69a-0d8c61de6b70
shasta-collector-production.upwork.com/ Name: AWSALB
Value: zfhathNcOzWpfAyD+Clng5ar+lyALUui+tGXuxlVpd3M/TQkX+bJPUpObJLoqZ8BWcTL2bQf3CTGF/dnMIDqCLwEdtlHNZytV1wWWskBOHLAYwHVRoIyPwmUyRym
shasta-collector-production.upwork.com/ Name: AWSALBCORS
Value: zfhathNcOzWpfAyD+Clng5ar+lyALUui+tGXuxlVpd3M/TQkX+bJPUpObJLoqZ8BWcTL2bQf3CTGF/dnMIDqCLwEdtlHNZytV1wWWskBOHLAYwHVRoIyPwmUyRym
.upwork.com/ Name: _clsk
Value: dze666|1658267216759|1|0|k.clarity.ms/collect
.clinch.co/ Name: clinch-sid
Value: 6a9e5533-3c21-45d7-9d2b-b10682146ed9
.upwork.com/ Name: _ga_KSM221PNDX
Value: GS1.1.1658267215.1.0.1658267220.0

13 Console Messages

Source Level URL
Text
network error URL: https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Message:
Failed to load resource: the server responded with a status of 403 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()
worker error URL: blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21(Line 70)
Message:
Mixed Content: The page at 'blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://kmhkepipobnjllejbafajoemahjejdcm/assets/font/roboto-font.css'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21(Line 70)
Message:
Mixed Content: The page at 'blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://ekeeeebmbhkkjcaoicinbdjmklipppkj/content/styles.css'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21(Line 70)
Message:
Mixed Content: The page at 'blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://nenlahapcbofgnanklpelkaejcehkggg/GENERATED/bg.js'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21(Line 70)
Message:
Mixed Content: The page at 'blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://nakplnnackehceedgkgkokbgbmfghain/walkThroughView.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21(Line 70)
Message:
Mixed Content: The page at 'blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://pcihjlbjjghnbohanlafcldoddloecfo/img/cc-icon-16x16.png'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21(Line 70)
Message:
Mixed Content: The page at 'blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://chhjbpecpncaggjpdakmflnfcopglcmi/img/rakuten/logo-rakuten.svg'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21(Line 70)
Message:
Mixed Content: The page at 'blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://idpbkophnbfijcnlffdmmppgnncgappc/img/rakuten/icon-32.png'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21(Line 70)
Message:
Mixed Content: The page at 'blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://gngocbkfmikdgphklgmmehbjjlfgdemm/assets/images/logo.svg'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21(Line 70)
Message:
Mixed Content: The page at 'blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://pbjikboenpfhbbejgkoklgkhjpfogcam/static/js/localProxy.js'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21(Line 70)
Message:
Mixed Content: The page at 'blob:https://www.upwork.com/d20bd139-9575-41f4-96b5-4d2fca79bf21' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://iaggnolkjmfokghjpmdkcmaoldckdgfk/assets/images/billy.svg'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
alb.reddit.com
analytics.twitter.com
apis.google.com
appleid.cdn-apple.com
assets.static-upwork.com
bam.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
c.tvpixel.com
cdn.480app.com
cdn.clinch.co
cdn.pdst.fm
collector-pxss13u803.px-cloud.net
colrep.sitelabweb.com
colres.sitelabweb.com
connect.facebook.net
content.googleapis.com
d.agkn.com
d.impactradius-event.com
fyrsbckgi-c.global.ssl.fastly.net
googleads.g.doubleclick.net
js-agent.newrelic.com
k.clarity.ms
mpsnare.iesnare.com
p.tvpixel.com
pt.ispot.tv
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
r.turn.com
region1.google-analytics.com
servedby.flashtalking.com
session.sitelabweb.com
shasta-collector-production.upwork.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
trk.clinch.co
unpkg.com
upwork.trackinglibrary.prodperfect.com
us-central1-adaptive-growth.cloudfunctions.net
wkxppshj-qx.global.ssl.fastly.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.recaptcha.net
www.redditstatic.com
www.upwork.com
colrep.sitelabweb.com
104.18.89.237
104.244.42.67
104.244.42.69
13.107.42.14
142.250.184.226
151.101.129.194
151.101.193.140
151.101.193.194
151.101.2.132
151.101.2.217
151.101.66.137
162.247.241.14
18.66.97.114
199.232.136.157
20.234.93.27
20.96.88.162
2001:4860:4802:32::36
2001:4860:4802:36::36
2001:678:cb4:bbbb::11
209.197.3.19
2600:9000:225e:400:1d:bf0a:0:93a1
2606:4700::6810:7daf
2606:4700::6810:fe95
2620:1ec:21::14
2620:1ec:27::cafe:1375
2620:1ec:c11::200
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::200e
2a00:1450:4001:827::200d
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9c
2a02:26f0:480:f::213:7edd
2a02:26f0:f7::5c7b:e1c4
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:600::396
3.219.182.94
3.66.13.220
34.252.122.164
35.186.220.184
35.186.249.72
35.244.142.80
52.22.196.83
52.58.57.50
54.204.196.80
54.228.71.178
54.93.143.28
96.16.134.158
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
06a1e588118bd582160e9616f004650fb7e290847427dc0b48961996d92d1bcb
0c24db260c0473de70f2a929cd0ca038978f4abd5039d5ad64fd5dd67c8e328a
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14c893d6e2522aaf8e622dd2b1dfa944aa140d412b19f3278cd69d0875e2f3f3
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
15971bae84a18f790ed6d3842f47d5c3097a44e43f2f891a8571f3273ce25b24
18c11277675cd5949fc5339664aed7c1e89818d8ed21ccfc6801310b0da59a28
1ad8731ee1f5f4ee8cd71cfc800b9a4cbbbce746766030e23c24c1a5f3e780f7
1ffb2d5fe7dc61111c8788fa1ddc7ef4ecb22291ee578857daa2995dfe6e00de
24f8ef05ba61328d938218fa01a37c82da4e6d1f88577f1753ae4fe6e48d5d7f
25e678f80e1b9c84e8898113f85ad591fab958bca711e2baf3d09137705550fc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b10cf7d4f51fffa163623e2e9e508b731a96817c79ffcec26bf472b27a9c69e
2f11a5008f6b38a19dbdc4839557c62ce408d84885dc3e2e4eab7ba8bcdecd96
30f37eb0dac0c0d6f41ae2ca2386b4f64cc04c9d3e3e4e17779f405d1f043933
32289229a1cfd525309293fc76682e713cccc5f51e6cb669d416c26c728b6dcd
36cdfabec8d283d7cc6af6c9db7b79f46da290b573f568175ab06fc9b0908c95
3974502fdcc892fde4e9c08679fa61b36386b81b1ae7d80dc8d35eafaf854e33
3a2f25076dd3c45cd69196f5c15d3ae2678b208bc5f8ac053d54d4a1fb792006
3a32f7557f94b211f72729b2bf509386290aba4bd814479983c1fb8fd5968427
3ae6a88b479a8b53bdf15d0c7eb9dd55444a202cb1e5d7fd475adf8ba9702a7e
3d2218a79e31ef17549c5b73c6367c5c1ac01ee7439ff5863e2e38dae49c8f04
464426560a0b6eee3a047ea5b3d1dc030141a2373ae57251b9a477beb7773c5c
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47be0cad14cf7021630adfb11471f6b1ec8a72b9c6f52b722a11ad037ccbe615
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49160bc524e4714177fd6226dd3e0c3f07450757093fa6b94befa266b0653872
49c8bf0ee457c55d2924b8c2ffa4dafaae02fc85a49c8dc25b6b0d0f1d590b64
5351498935ff16c8551109da3eb037d0f3e44aa8e3611b5f7430388f942a5265
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5718c45c887b088e69f39849d1f3fbb0f677dff0d1f17488eceab37f6871cb44
58dcdc6a8ea111ea6e48841e189dcdb20b3d99200a1f75eb34d43d869941f551
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
6130f7e0ddc3da31a69087462f6db9ceb6b0acfff697113449dd662b7c5b06b0
614d0b427693ae675f0a6927ee14d1bd4c88558375ebc7a5db26aa3876699389
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
63fd35fd6f70164800f8bbd3b985bf2d870194d4914444de92dca7b67f7707b1
648be4b03f38aff2e09c64d70bee266c070aa071eed70f44761a566a30ecd5d4
6610a798c6ccb118745c9beb3c55d108218444af40052d2e13279d3101c1e662
6b94edfbd8fb67dcb0d7b0d053c829169fea09aaf7fa57b728bc1af8d2ca79de
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6e7b3ba3e77311691979194e3435757485fa329e57ddad9fda22a71c87c9f5a1
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
75f714e52efb1636d5f73a0dfba846ba5ec7c98b92425259f88d62a22df3f15d
7630082d74db78951af0f13dab15ecfe5b20b769efb0da71dd81eafd4853346a
7aaab62dc507494c31db2efe6baae2bb31da84e07d2d1672f68d6ef7991dabff
7caf751ab1de54c4cca3e86eab021b3efe4c02cfdda86319d5d084fddfe18c7b
806f46e8cc6612f03edc24b4f9654884f118b01d81dbb17ccfc51e0723f01e1e
80fcffbcb08817026b07d9dfb68bde42ce7949b3d4fbc0c2bc2bb5293eb6505f
82ea856a006f5ca10107c8b8793a900c75d21602f3fa7044fc889d2d44fbed8b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835a3b7a53579d8a68fb4452be90247d5167e66248af9a4df5abc51af439cfbe
8392acacde68221a87fcd55491814d4b23cb35bc0c446b4814bd3617e7f1e276
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86c2ab05dc97c56e9c9d13d9e6c33ef8767f0cc03a7cd60997c1a4257c55b098
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144
977d03d9939c44eeb644946d230b5a7fe8d8533d5c6b9012023c0839767c68a8
98ea949901347c2d47eee3e4b87b2a01ed7da200797ca5f7833895bc7b2eb898
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a968e6a78d18dace88b8a14a6bb48eeb0a449994f2b9fd3c38e01026e634120
9d196a8d7c6c4b1c67011a8bc0dcf24bfccf299b34c039983ca10c04f91a7465
a183e281795b0d2460178df0a8dda72f35e9e4e92b5306756075b9c6b010e09c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c7cde516557fe9fc40d1e5afb31771043f4dc166a4143a9f957b8d286cdbb9
a5d510467fef93e3cd58b3eb0d1e1270ddd456db641bbbd6cb143b551664ce68
a62852591804336bb6c7f983652aec669dba4cedbd47d1c8e7efd8da0aa2234d
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0
a784012b2473da50eb02e3a5d1faa7f331cf8b86d81abdcd072778f2a7d10d0f
a812c96edd0aeb3b2920d01d28cc878cba521e5f29e9fb3bbdd1e1459064a581
a855bcdfa8fc01be44dce94f0399a3cbcbe8a10b218a1cd3085588aaad8d67c2
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086
b0d8b29d0d9b574f35e6c51c9e24c448a65d52eb6503c3fd43f46bc3f0491a87
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b4006b2b20c4ba8ac04ddd00bb13dc8fe178503b89b31481e4b43243795bcb7b
bbfeb079f2e522ccd4c254db56d9c22a86cb8ad4d8c97d2bad9e8dd1d734de34
c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029
c789ce935e968b4c00f9c09b25abe402df275df18053d515128dcff82d0be897
ca0459ee200a8d22d2629fd2a7b91ab11f948e90f50061b5acbfd5416763c572
ca8a4c3f10d2f967783f3c7f6f4cf7e8039a93014d62c450ae8455f56b1b8eb9
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d2d40c76d8520d292d7d936cfdccf44c4539f019ed0528fc021de025d710fb2c
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d69214e6ff9577f6c67ec1f6861124479876bacf1a0a0ad21f96ac4e4657a04a
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e637c4f3a88fcd5d5981cff166c1621617ef4c345f5ef96fd76a4d5571241e57
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926
eb0c538e1f5c6ed407590bd029f7cd6dacaaf5a6edc63a94a8d809e2ffd04fba
ed27b8436ef14c327b045d009181cd79c90e5cd5adc00322b4ddfd4c5bdb72a7
ed4426d101e491e5bf6c49ebc6be8d9e2fad5f519a9ea871dd69e83c6747d669
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02797b26c02d8bfb2581db8bc7b6a071d4c06e9c7ef43645fb4350de1fb3157
f4ab147daac0b8df43fabb8361f0e3b10efea54c6ab65db997211dd5c2af80f0
f9c72482ef87c5aa2bb9c99da75af275aef1471e84f8745f855d4633c94132f3
fef3ad398dbb5a74ddb4f46c9ddc7a19c8e64264ddc560daa715d825468596a2