www.upwork.com Open in urlscan Pro
104.18.89.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.upwork.com/ab/reports/client/timesheet/?companyReference=521590813793562624&range=20231113-20231119&amp...
Effective URL:
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521...
Submission: On November 20 via api (November 20th 2023, 7:27:52 pm UTC) from US — Scanned from DE

Summary HTTP 129 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 27 domains to perform 129 HTTP transactions. The main IP is 104.18.89.237, located in and belongs to CLOUDFLARENET, US. The main domain is www.upwork.com. The Cisco Umbrella rank of the primary domain is 52643.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 24th 2023. Valid for: a year.

This is the only time www.upwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 44	104.18.89.237 104.18.89.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:e0bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	52.129.66.124 52.129.66.124	16509 (AMAZON-02) (AMAZON-02)
4	54.195.39.4 54.195.39.4	16509 (AMAZON-02) (AMAZON-02)
1	108.129.52.61 108.129.52.61	16509 (AMAZON-02) (AMAZON-02)
1	18.245.86.8 18.245.86.8	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	18.65.39.34 18.65.39.34	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.98.77 143.204.98.77	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2.17.186.40 2.17.186.40	16625 (AKAMAI-AS) (AKAMAI-AS)
5	34.192.191.43 34.192.191.43	14618 (AMAZON-AES) (AMAZON-AES)
3	18.239.94.23 18.239.94.23	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:ae00:2:7cf7:d580:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2011	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	52.222.206.77 52.222.206.77	16509 (AMAZON-02) (AMAZON-02)
1	54.81.184.157 54.81.184.157	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:209... 2600:9000:2090:800:10:f40e:dd80:21	16509 (AMAZON-02) (AMAZON-02)
129	38

44 104.18.89.237 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

www.upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:e0bf (United States)

ASN13335 (CLOUDFLARENET, US)

assets.static-upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.129.66.124 (United States)

ASN16509 (AMAZON-02, US)

first.iovation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.195.39.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.129.52.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-52-61.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-8.fra60.r.cloudfront.net

4c4cc75a16ed.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-34.ams1.r.cloudfront.net

cdn123.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.77 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-77.fra50.r.cloudfront.net

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.186.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-186-40.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.192.191.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-191-43.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.94.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-23.ams1.r.cloudfront.net

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ae00:2:7cf7:d580:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.cityrobotflower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cityrobotflower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

9982405.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-77.fra56.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.184.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-184-157.compute-1.amazonaws.com

b7c23dfcd6a34416afd125a496e05292-4c4cc75a16ed.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2090:800:10:f40e:dd80:21 (United States)

ASN16509 (AMAZON-02, US)

df45ay5pw60dy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	upwork.com 4 redirects www.upwork.com — Cisco Umbrella Rank: 52643	710 KB
13	forter.com 1 redirects 4c4cc75a16ed.cdn4.forter.com — Cisco Umbrella Rank: 104446 cdn123.forter.com — Cisco Umbrella Rank: 27123 cdn9.forter.com — Cisco Umbrella Rank: 4792 cdn0.forter.com — Cisco Umbrella Rank: 4883 cdn3.forter.com — Cisco Umbrella Rank: 4289 b7c23dfcd6a34416afd125a496e05292-4c4cc75a16ed.cdn.forter.com	198 KB
10	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 112 accounts.google.com — Cisco Umbrella Rank: 24 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 105	154 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 342	140 KB
6	cityrobotflower.com ob.cityrobotflower.com — Cisco Umbrella Rank: 117846 obs.cityrobotflower.com — Cisco Umbrella Rank: 81563	40 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	492 KB
4	cloudfront.net d6tizftlrpuof.cloudfront.net df45ay5pw60dy.cloudfront.net	3 KB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 9982405.fls.doubleclick.net — Cisco Umbrella Rank: 112998	4 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	278 B
4	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 6259	22 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 366	14 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	128 KB
3	iovation.com first.iovation.com — Cisco Umbrella Rank: 75430	20 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	563 B
2	googleapis.com content.googleapis.com — Cisco Umbrella Rank: 1855	7 KB
2	gstatic.com www.gstatic.com	225 KB
2	static-upwork.com assets.static-upwork.com — Cisco Umbrella Rank: 106947	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	2 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1452	637 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1333	8 KB
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 504
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	254 B
1	cdn-apple.com appleid.cdn-apple.com — Cisco Umbrella Rank: 3667	17 KB
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 4453	13 KB
1	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1361	885 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 590	303 B
0	Failed function sub() { [native code] }. Failed
129	27

	Domain	Requested by
44	www.upwork.com	4 redirects www.upwork.com
7	cdn.cookielaw.org	www.upwork.com cdn.cookielaw.org
6	www.googletagmanager.com	www.upwork.com www.googletagmanager.com ob.cityrobotflower.com
5	obs.cityrobotflower.com	ob.cityrobotflower.com www.upwork.com
5	cdn0.forter.com
4	www.facebook.com	www.upwork.com
4	apis.google.com	www.upwork.com apis.google.com content.googleapis.com
4	mpsnare.iesnare.com	assets.static-upwork.com mpsnare.iesnare.com www.upwork.com
3	df45ay5pw60dy.cloudfront.net
3	bat.bing.com	www.upwork.com bat.bing.com
3	connect.facebook.net	ob.cityrobotflower.com connect.facebook.net
3	accounts.google.com	apis.google.com www.upwork.com www.gstatic.com
3	cdn3.forter.com
3	first.iovation.com	www.upwork.com
2	www.google.de	www.upwork.com
2	www.google.com	1 redirects www.upwork.com
2	9982405.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	content.googleapis.com	apis.google.com
2	cdn9.forter.com	1 redirects www.upwork.com
2	www.gstatic.com	www.recaptcha.net accounts.google.com
2	assets.static-upwork.com	www.upwork.com www.googletagmanager.com
1	b7c23dfcd6a34416afd125a496e05292-4c4cc75a16ed.cdn.forter.com
1	d6tizftlrpuof.cloudfront.net	www.upwork.com
1	adservice.google.com	9982405.fls.doubleclick.net
1	www.googleadservices.com	www.googletagmanager.com
1	alb.reddit.com	www.upwork.com
1	www.redditstatic.com	www.upwork.com
1	csp.withgoogle.com	www.upwork.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ob.cityrobotflower.com	www.googletagmanager.com
1	appleid.cdn-apple.com	www.upwork.com
1	cdn123.forter.com
1	4c4cc75a16ed.cdn4.forter.com	www.upwork.com
1	w.usabilla.com	www.upwork.com
1	www.recaptcha.net	www.upwork.com
1	geolocation.onetrust.com	cdn.cookielaw.org
0	mlomiejdfkolichcflejclcbmpeaniij Failed
0	ihcjicgdanjaechkgeegckofjjedodee Failed
0	gighmmpiobklfepjocnamgkkbiglidom Failed
129	40

This site contains no links.

Subject Issuer	Validity	Valid
*.upwork.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-24` - `2024-05-03`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
misc.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-12` - `2024-05-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2023-05-01` - `2024-05-29`	a year	crt.sh
w.usabilla.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-09`	a year	crt.sh
*.cdn4.forter.com GeoTrust RSA CA 2018	`2022-12-08` - `2024-01-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn123.forter.com Amazon RSA 2048 M01	`2023-05-11` - `2024-06-08`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2023-11-08` - `2024-02-06`	3 months	crt.sh
cdn0.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-22`	a year	crt.sh
cdn3.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-03`	a year	crt.sh
*.cityrobotflower.com Amazon RSA 2048 M02	`2023-07-17` - `2024-08-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-30` - `2023-11-28`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.cdn.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-22`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Frame ID: C50A4BA311C084D9F3E6F95FE482BBA8
Requests: 107 HTTP requests in this frame

Frame: https://w.usabilla.com/202452b9c34b.js?lv=1
Frame ID: FD3C4C4E17BC9CA4D113B3C40B9EDB03
Requests: 1 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__
Frame ID: AD4644C0DF8E39808E9383A1BE38D7BB
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 20996C6896167AFFDF39663F786E034F
Requests: 4 HTTP requests in this frame

Frame: https://bat.bing.com/bat.js
Frame ID: BD281A069AA29628EAF0F0C11BAA52E8
Requests: 6 HTTP requests in this frame

Frame: https://9982405.fls.doubleclick.net/activityi;dc_pre=CPnxttmn04IDFUhMkQUdoXUOEg;src=9982405;type=conve0;cat=cheqi0;ord=545701963559;auiddc=122936339.1700508468;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online
Frame ID: 2CAB62A8D8C97EAE4E6967BCF9AAFB7C
Requests: 2 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
Frame ID: AAA8A914A86F180DC245EA6DF901D7A3
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://gighmmpiobklfepjocnamgkkbiglidom/icons/icon24.png
Frame ID: BC8069C8FFFA63A6821220906AF0E93E
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/assets/close-icon.svg
Frame ID: 010373CCCCBA6A8F62A9281B1E0F2946
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://mlomiejdfkolichcflejclcbmpeaniij/app/images/icon16.png
Frame ID: CD80D30DA94B65F03370650B95293962
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Upwork Login - Log in to your Upwork account

Page URL History Show full URLs

https://www.upwork.com/ab/reports/client/timesheet/?companyReference=521590813793562624&range=2... HTTP 302
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3Fco... Page URL

Detected technologies

Apple Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

appleid\.auth\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

129
Requests

89 %
HTTPS

59 %
IPv6

27
Domains

40
Subdomains

38
IPs

4
Countries

2198 kB
Transfer

6819 kB
Size

35
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.upwork.com/ab/reports/client/timesheet/?companyReference=521590813793562624&range=20231113-20231119&hours_logged=hours_online HTTP 302
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Request Chain 54

https://www.upwork.com/iojs/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Request Chain 59

https://www.upwork.com/iojs/5.7.0/logo.js HTTP 301
https://first.iovation.com/5.7.0/logo.js

Request Chain 60

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/2cb809993f1e7a286922e31918aa07b9a1e5ca0a2c8d1761b1e0345fbac6cb16ac7f4ace631257efddf64fd2a478

Request Chain 109

https://9982405.fls.doubleclick.net/activityi;src=9982405;type=conve0;cat=cheqi0;ord=545701963559;auiddc=122936339.1700508468;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online HTTP 302
https://9982405.fls.doubleclick.net/activityi;dc_pre=CPnxttmn04IDFUhMkQUdoXUOEg;src=9982405;type=conve0;cat=cheqi0;ord=545701963559;auiddc=122936339.1700508468;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online

Request Chain 110

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1861137516&cv=11&fst=1700508467963&bg=ffffff&guid=ON&async=1&gtm=45be3b81v894577659&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&gtm_ee=1&auid=122936339.1700508468&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=NLNbZcm2A9XjgAfPypvQAw&sscte=1&crd=&pscrd=Ek5DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUklsQUZjX296Vml1bmg2VkUydFhUX0FzcklEaDZZWXhvYnhKSXNjaG5ITHlDZjNORmVXWHcaV0NoQUlnS1RzcWdZUXJfYVp5b1dJcm9CN0VpMEFmYTVXOGxkQ2M2bVF2eTJ0VEROM3pkd3BoWWs3aDdtanZ0bGFEVExZRHJFSEUtN1FvN09xMWRaSkFXVSITCMmgtNmn04IDFdUx4AodT-UGOg HTTP 302
https://www.google.com/pagead/1p-conversion/972598239/?random=1861137516&cv=11&fst=1700508467963&bg=ffffff&guid=ON&async=1&gtm=45be3b81v894577659&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&gtm_ee=1&auid=122936339.1700508468&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUklsQUZjX296Vml1bmg2VkUydFhUX0FzcklEaDZZWXhvYnhKSXNjaG5ITHlDZjNORmVXWHcaV0NoQUlnS1RzcWdZUXJfYVp5b1dJcm9CN0VpMEFmYTVXOGxkQ2M2bVF2eTJ0VEROM3pkd3BoWWs3aDdtanZ0bGFEVExZRHJFSEUtN1FvN09xMWRaSkFXVSITCMmgtNmn04IDFdUx4AodT-UGOg&is_vtc=1&ocp_id=NLNbZcm2A9XjgAfPypvQAw&cid=CAQSGwDICaaNNY3x-PPUrmrcYLWI3fZ8CKm2Dt8_zg&random=3855437474 HTTP 302
https://www.google.de/pagead/1p-conversion/972598239/?random=1861137516&cv=11&fst=1700508467963&bg=ffffff&guid=ON&async=1&gtm=45be3b81v894577659&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&gtm_ee=1&auid=122936339.1700508468&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUklsQUZjX296Vml1bmg2VkUydFhUX0FzcklEaDZZWXhvYnhKSXNjaG5ITHlDZjNORmVXWHcaV0NoQUlnS1RzcWdZUXJfYVp5b1dJcm9CN0VpMEFmYTVXOGxkQ2M2bVF2eTJ0VEROM3pkd3BoWWs3aDdtanZ0bGFEVExZRHJFSEUtN1FvN09xMWRaSkFXVSITCMmgtNmn04IDFdUx4AodT-UGOg&is_vtc=1&ocp_id=NLNbZcm2A9XjgAfPypvQAw&cid=CAQSGwDICaaNNY3x-PPUrmrcYLWI3fZ8CKm2Dt8_zg&random=3855437474&ipr=y&ezwbk=AZuM4hAzHJ7AXL8WvEXxdL4DV3YVStW9TLaoVnENdx-kV-5odRzkD0u3bHYLt4A0Hzj8C8y6U7h0UWXcCzcWbkau7aMt

129 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
www.upwork.com/ab/account-security/
Redirect Chain

https://www.upwork.com/ab/reports/client/timesheet/?companyReference=521590813793562624&range=20231113-20231119&hours_logged=hours_online
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dh...

156 KB
31 KB

519ms
518ms

Document
text/html

104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bb15c96e564d13c46a7be4ddaded64620b0c5c8c1bb49e06cd4939db02e0672

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8293179488023688-FRA
content-encoding: br
content-security-policy-report-only: report-to csp-endpoint
content-type: text/html; charset=utf-8
date: Mon, 20 Nov 2023 19:27:45 GMT
referrer-policy: origin-when-cross-origin
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
server: cloudflare
server-timing: api;dur=69, app;dur=254
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding
vnd-eo-trace-id: 8293179488023688-FRA
x-auth-status: Access
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-upwork-authentication: unauthenticated
x-xss-protection: 1; mode=block

Redirect headers

access-control-expose-headers: vnd-eo-trace-id
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 829317930e483688-FRA
content-length: 0
content-type: text/html
date: Mon, 20 Nov 2023 19:27:45 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: /ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
referrer-policy: origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vnd-eo-parent-span-id: 9ece9e86-1aa9-4fb9-b138-69b7d107f630
vnd-eo-prana-client-receive: 2023-11-20T19:27:45.266Z
vnd-eo-span-id: 49b09f73-a1d7-4a11-b0e7-ffcc22698149
vnd-eo-trace-id: 829317930e483688-FRA 829317930e483688-FRA
vnd.eo.parent-span-id: 9ece9e86-1aa9-4fb9-b138-69b7d107f630
vnd.eo.request-id: d60d6f41-07b9-4a15-a430-92af03b84cb0
vnd.eo.span-id: 49b09f73-a1d7-4a11-b0e7-ffcc22698149
vnd.eo.trace-id: 829317930e483688-FRA
vnd.odesk.error-code: 302
vnd.odesk.error-message: HTTP 302 Found
vnd.odesk.request-id: d60d6f41-07b9-4a15-a430-92af03b84cb0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-upwork-target-status: false
x-xss-protection: 1; mode=block

GET
H3 200 neue-montreal-regular.woff2
www.upwork.com/static/fonts-global/4.0.1/ 23 KB
24 KB 33ms
32ms Font
font/woff2 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/fonts-global/4.0.1/neue-montreal-regular.woff2

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f11a5008f6b38a19dbdc4839557c62ce408d84885dc3e2e4eab7ba8bcdecd96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Origin: https://www.upwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1616507
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 23912
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 09 Aug 2021 13:27:41 GMT
server: cloudflare
vnd-eo-trace-id: 7425b59c8a19a4f0-SJC
etag: "2e9d05ced4fddb6c67f1be57161a2668"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 82931797c86b9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 neue-montreal-medium.woff2
www.upwork.com/static/fonts-global/4.0.1/ 25 KB
25 KB 70ms
63ms Font
font/woff2 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/fonts-global/4.0.1/neue-montreal-medium.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8392acacde68221a87fcd55491814d4b23cb35bc0c446b4814bd3617e7f1e276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Origin: https://www.upwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 476783
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 25348
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 09 Aug 2021 13:27:41 GMT
server: cloudflare
vnd-eo-trace-id: 82368b29eb4867bf-SJC
etag: "f0728e66b926fbcc5376a1d55222e3a7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 82931797d8759b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 rza-regular.woff2
www.upwork.com/static/fonts-global/4.0.1/ 62 KB
63 KB 71ms
63ms Font
font/woff2 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/fonts-global/4.0.1/rza-regular.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e0fad370e50e89b4c84738050440070d6a9723aca47f1f6070b02ce21d22ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Origin: https://www.upwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 579964
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 63800
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 09 Aug 2021 13:27:41 GMT
server: cloudflare
vnd-eo-trace-id: 8256bdc68fda158f-SJC
etag: "4c125a0993ca325b5cc5056afbdd58c7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 82931797d8779b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 vue.runtime.2.7.14.min.js Show response
www.upwork.com/static/vue-libs/ 74 KB
28 KB 80ms
73ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vue.runtime.2.7.14.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72e9e3a3d67504b4790f56d7a644cb1417b421f2f08aa4be9757f0cfabbe1edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1089319
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 27 Oct 2023 06:53:43 GMT
server: cloudflare
vnd-eo-trace-id: 81fc1a8da9106423-SJC
etag: W/"4e644343c0055d4cdf6879735f2c69ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d8789b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 vuex.3.6.2.min.js Show response
www.upwork.com/static/vue-libs/ 12 KB
4 KB 82ms
75ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vuex.3.6.2.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 738593
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 27 Oct 2023 06:53:43 GMT
server: cloudflare
vnd-eo-trace-id: 8246b5858e0e156a-SJC
etag: W/"9190541d2b0b2827d8f9a2b436ffdc3f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d8799b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 vue-i18n.8.28.2.min.js Show response
www.upwork.com/static/vue-libs/ 28 KB
9 KB 83ms
76ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vue-i18n.8.28.2.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4a16fa3036e271376d3ceeef56a5f49dff42ea2560c18099177be8d46fe076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 14959391
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 26 May 2023 16:21:55 GMT
server: cloudflare
vnd-eo-trace-id: 7cfe9cb82c198e78-SJC
etag: W/"5d4375c9b8e7c9eada90983391b8ac24"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d87b9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 runtime.8fb06337.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 68 KB
21 KB 84ms
76ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/runtime.8fb06337.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f284c99cc0f8f7bdbb03b3e692dbd0ebf258a94609f54bd5b136ad0ad007bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 450397
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 15 Nov 2023 13:01:19 GMT
server: cloudflare
vnd-eo-trace-id: 8267c4a15dc8306a-SJC
etag: W/"3d8087cd629c88988983498bc42c0af1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d87f9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 commons~app.987e2e16.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 65 KB
22 KB 86ms
79ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/commons~app.987e2e16.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bcfc02e5990939a86280c99b78ad304ba1641374ffea24d0004db81c599ee2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 450397
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 15 Nov 2023 13:01:12 GMT
server: cloudflare
vnd-eo-trace-id: 8267c4a15bdb30dd-SJC
etag: W/"2c07b77e075b12e08abb39092063986b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d8809b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~app.c84c9847.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 51 KB
9 KB 88ms
81ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~app.c84c9847.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ca7bc6dfdc10951b966ebadce39ad0f42ce673b7a66b02a1670f78b3c2f6ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 366684
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 15 Nov 2023 13:01:19 GMT
server: cloudflare
vnd-eo-trace-id: 8267c4a15bdc30dd-SJC
etag: W/"7a13ad4681c7c67f2597cafa37e89702"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d8819b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 app.b4e9378d.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 1 MB
283 KB 58ms
51ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/app.b4e9378d.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

290c437253d75441c8e787c08f43776e1e691cfb462d5fdb69589966a8fc788e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 366684
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 15 Nov 2023 13:01:12 GMT
server: cloudflare
vnd-eo-trace-id: 8267c4a16dd4306a-SJC
etag: W/"6d64d96a36e2ae5a1ab62dd24787275c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d8839b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 login-air-3.14a2eb75.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/pages/ 448 KB
109 KB 99ms
92ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/pages/login-air-3.14a2eb75.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dadd0e60dc1fe46b2bb07b43c83556b21e6c1ce9603debe6e7bf765bf5a118ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 366684
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 15 Nov 2023 13:01:19 GMT
server: cloudflare
vnd-eo-trace-id: 8267c4a16dd7306a-SJC
etag: W/"24a0e6ee2ce2cca7bbf337c9c1904427"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d8849b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~c2ebc270.1a1a9c74.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 1 KB
858 B 193ms
186ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~c2ebc270.1a1a9c74.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e18ea984522b9bdea4b66a2c9282182ee984d0aafac2818f41804e20dee169ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 823267
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 18:30:11 GMT
server: cloudflare
vnd-eo-trace-id: 81edfeb2ca69c648-SJC
etag: W/"33c31f9f5bdd0ebbef89a8964ecc33fd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d8879b1b-FRA
expires: Tue, 19 Nov 2024 19:27:46 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~0e3fbfb4.39f4b305.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 50 KB
9 KB 200ms
193ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~0e3fbfb4.39f4b305.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82d89f93838285b494bef600481cb8f4a36ef26f5ce40856767a09ff15cf7247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 754624
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 18:30:11 GMT
server: cloudflare
vnd-eo-trace-id: 81edfeb2ca6ac648-SJC
etag: W/"70c0eed768f52b86cc42e515e207e68c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d8889b1b-FRA
expires: Tue, 19 Nov 2024 19:27:46 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~0c214aea.22789e4e.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 13 KB
2 KB 105ms
98ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~0c214aea.22789e4e.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e4514e2e0c577a9895430e6abe43f80291c3beaae54a0523770d2e311b510c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 753664
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 10 Nov 2023 09:59:28 GMT
server: cloudflare
vnd-eo-trace-id: 823e5ef37b086462-SJC
etag: W/"a0c6401a8984b66365c93f4c9e0a4e56"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d8899b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~f0762f27.66e68d8c.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 16 KB
3 KB 105ms
98ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~f0762f27.66e68d8c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57ff3734fd781ea2bde0ee64b9625f5872f071cf61652af66cc29ee53d45ce7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 661964
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 18:30:11 GMT
server: cloudflare
vnd-eo-trace-id: 81edfeb2da6fc648-SJC
etag: W/"1424b00b7152c2ade44bf3e72de6154c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d88a9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~b76381a9.6e87b9e3.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 3 KB
1 KB 106ms
98ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~b76381a9.6e87b9e3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5add4564cdbe664870ff30d9cf18878f291eee8115ab7de7b9ccda7e616d58e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 366683
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 15 Nov 2023 13:01:19 GMT
server: cloudflare
vnd-eo-trace-id: 8267c4a16dde306a-SJC
etag: W/"b0bbe5151538e893599835f527ea7c8f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d88b9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~5cc8a29c.8ef660e8.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 928 B
793 B 106ms
99ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~5cc8a29c.8ef660e8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4b67a188e989cad599d0d3a2daef7a201ad9622136b53cb42df447d8b4b7d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 667416
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 18:30:11 GMT
server: cloudflare
vnd-eo-trace-id: 81edfeb2da71c648-SJC
etag: W/"3f95d4f1436373317fef551d39167401"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d88c9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~71a9c368.b2f7b39d.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 995 B
850 B 106ms
99ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~71a9c368.b2f7b39d.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c332f4a0e91ad5e4c3600f42a3a481cd678cdd95a614f575045b01c89dbacb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1654939
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 18:30:11 GMT
server: cloudflare
vnd-eo-trace-id: 81edfeb2da72c648-SJC
etag: W/"0f6f2b5672cc78ed91f46671a2947fab"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d88d9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~39fabad8.217c2d8a.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 4 KB
1 KB 106ms
98ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~39fabad8.217c2d8a.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

822116d28148ad8a2126cb9b61cddef361afe9feb20f51f0b617ad11e3e1f59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 838852
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 18:30:11 GMT
server: cloudflare
vnd-eo-trace-id: 81edfeb2da73c648-SJC
etag: W/"9a6baf2c71131a429106f326e10eb3b2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d88e9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~c52a1688.c5f55198.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 901 B
833 B 106ms
95ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~c52a1688.c5f55198.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9290d1eebc75f1a6e8ce907e1640a13860cc7041d69cfcd745794760d5287e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 912408
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 18:30:11 GMT
server: cloudflare
vnd-eo-trace-id: 81edfeb2da74c648-SJC
etag: W/"6f3a613d0b422374f698516367d9cc19"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797d88f9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~a7e99353.682be596.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 5 KB
2 KB 55ms
39ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~a7e99353.682be596.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bb32dc6469bf73049aa3b49633004d4efc1404169f1dcced708838a099a3ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 820265
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 18:30:11 GMT
server: cloudflare
vnd-eo-trace-id: 81edfeb2da75c648-SJC
etag: W/"cb8a55a646a3cbf4af5500e4cb7995f1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797e8939b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~4cebbcb2.130178cb.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 2 KB
913 B 106ms
91ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~4cebbcb2.130178cb.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e145d9d1357fba2e807c353c614f721e67dd2cbbc87e08d41a2c6a783ebc416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 668505
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 10 Nov 2023 00:58:29 GMT
server: cloudflare
vnd-eo-trace-id: 823d1d004dfe642f-SJC
etag: W/"39bd50b76691b06d31bfd3da38cdc53a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797e8959b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~air3~db9de1b0.a8e90643.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 6 KB
2 KB 107ms
91ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~air3~db9de1b0.a8e90643.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0371443b137ae2d582665cde517c3680f9f0039460960851fd57db0a4e464b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 830021
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 18:30:11 GMT
server: cloudflare
vnd-eo-trace-id: 81edfeb2da78c648-SJC
etag: W/"b6c2fc3921f82ec255719af94eb4cda0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797e8969b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~f235f08f.9d9a1552.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 5 KB
2 KB 106ms
91ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~f235f08f.9d9a1552.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca6d94451f40c955f400058bccb12383e5848d273703ec1a21feeab416131a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1654939
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 18:30:11 GMT
server: cloudflare
vnd-eo-trace-id: 81edfeb2da79c648-SJC
etag: W/"18681ba7b76efab44ea54f490eca81ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797e8979b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~406ec812.f4cb6104.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 6 KB
2 KB 107ms
91ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~406ec812.f4cb6104.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a13e9d008e396f3240ab3e9fe28aeff0f88e4432749a5ef7d63acc809d781e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1654939
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 18:30:11 GMT
server: cloudflare
vnd-eo-trace-id: 81edfeb2da7ac648-SJC
etag: W/"70ef9076e517334d22e898fe2e9dafb9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797e8999b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~af93fb16.2d6cfe2c.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 1 KB
900 B 107ms
91ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~af93fb16.2d6cfe2c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

622fd25ab4d94f239580b3fe9f37ade0c6ddd584a56f1007813552964657feab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 821725
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 18:30:11 GMT
server: cloudflare
vnd-eo-trace-id: 81edfeb2da7bc648-SJC
etag: W/"caa510ff2d461819c2a9888d977ed7d5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797e89a9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~b22e684c.134c6c59.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 2 KB
1 KB 107ms
92ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~b22e684c.134c6c59.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c59f01217576628101ee057563aaac09b74ea1e2189b2f260eb504892abb82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1013357
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 01 Nov 2023 04:48:53 GMT
server: cloudflare
vnd-eo-trace-id: 81f321060d7cd1d0-SJC
etag: W/"1a42d2e035db43d182c968c1debeade7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797e89b9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 logout-air~9b9aef51.1804cdb6.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/clear-cookies-air-3~pages/device-authorization-air-3~pages/login-air-3~pages/ 4 KB
1 KB 107ms
92ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/clear-cookies-air-3~pages/device-authorization-air-3~pages/login-air-3~pages/logout-air~9b9aef51.1804cdb6.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5978aa9d45bdfba697097c82f292f9e7bdb91ae0c4560d8de40f38fe13830e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 580196
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 01 Nov 2023 04:48:53 GMT
server: cloudflare
vnd-eo-trace-id: 81fc1a960b3015a4-SJC
etag: W/"8d457346dfd55f0e63efc8d38d17559d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797e89c9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 logout-air~f2fc4843.08973d16.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/clear-cookies-air-3~pages/device-authorization-air-3~pages/login-air-3~pages/ 1 KB
1 KB 114ms
99ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/clear-cookies-air-3~pages/device-authorization-air-3~pages/login-air-3~pages/logout-air~f2fc4843.08973d16.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3eecb5cbdf062f146ba18d1836c1fabba8c6a29216dc92c644dcab46502bd2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 569122
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 02:26:50 GMT
server: cloudflare
vnd-eo-trace-id: 822df789e99e67bb-SJC
etag: W/"8bcb3fabaa2ac3b441f913fd774ff836"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797e89d9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 push-notification~e0a5f013.cf1cc2a5.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/device-authorization-air-3~pages/login-air-3~pages/oauth2-air-3~pages/ 930 B
789 B 115ms
99ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/device-authorization-air-3~pages/login-air-3~pages/oauth2-air-3~pages/push-notification~e0a5f013.cf1cc2a5.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3660a0bbff0d6fb4c0d5ac8db3eea60cee95c5f92c41d79d54ad6bcf4f32ddeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 667416
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 18:30:11 GMT
server: cloudflare
vnd-eo-trace-id: 81edfeb2da81c648-SJC
etag: W/"cce2b00b1addb9a7474b981d6879dfa3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797e8a09b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H3 200 password-and-security-air-3.fe92ac24.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~change-fido2~enrollment~pages/login-air-3~pages/ 4 KB
1 KB 52ms
37ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~change-fido2~enrollment~pages/login-air-3~pages/password-and-security-air-3.fe92ac24.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5433b50c12730ad20dd7741b36a3ffe1c069150e739b09cd9bb597a44058908f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1654939
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 31 Oct 2023 18:30:11 GMT
server: cloudflare
vnd-eo-trace-id: 81edfeb2da82c648-SJC
etag: W/"d547ec778c7ee799ad1e83b3ea2604bc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82931797e8a19b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 75ms
22ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Nov 2023 19:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: R1P6TtSHAQZyvOSI/KawHw==
age: 44127
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6821
x-ms-lease-status: unlocked
last-modified: Thu, 16 Nov 2023 13:00:35 GMT
server: cloudflare
etag: 0x8DBE6A4063D2682
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 10118c61-601e-0090-50fa-1803ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 829317985c404d94-FRA

GET
DATA 200
OK truncated
/ 855 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7caf751ab1de54c4cca3e86eab021b3efe4c02cfdda86319d5d084fddfe18c7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 SFProText-Medium.db9b552.woff
www.upwork.com/static/assets/AccountSecurityNuxt/fonts/ 5 KB
6 KB 61ms
60ms Font
font/woff 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/fonts/SFProText-Medium.db9b552.woff

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58dcdc6a8ea111ea6e48841e189dcdb20b3d99200a1f75eb34d43d869941f551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Origin: https://www.upwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 476775
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 5548
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 30 Oct 2023 21:26:19 GMT
server: cloudflare
vnd-eo-trace-id: 81ead6ac396015ca-SJC
etag: "83b478be12abf0ca955063c24a48d5cb"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8293179838d89b1b-FRA
expires: Tue, 19 Nov 2024 19:27:45 GMT

GET
H2 200 beb279fb-8702-46ec-a677-6f14e3828966.json Show response
cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/ 4 KB
2 KB 56ms
29ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/beb279fb-8702-46ec-a677-6f14e3828966.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f5616fe9643b8bdd0bc262f841e1a4aee2511ad0c18b15ca9c30b4054534a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Nov 2023 19:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 59959
content-md5: OXAm5fEvYhaIQZUG2gRXYA==
content-length: 1687
x-ms-lease-status: unlocked
last-modified: Mon, 03 Jul 2023 14:47:00 GMT
server: cloudflare
etag: 0x8DB7BD45B889B8E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d8b73b74-101e-00a5-02e6-116ff9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82931798d96c4dc3-FRA
expires: Tue, 21 Nov 2023 19:27:46 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 75ms
32ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 829317994954911e-FRA
access-control-allow-headers: Content-Type

GET
H3 200 workbox-window.prod.es5-eZxxJ.1b05a921.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 5 KB
2 KB 34ms
34ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/workbox-window.prod.es5-eZxxJ.1b05a921.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/runtime.8fb06337.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cad2ec384ec9bbe908663d2f0fa1c86b1c8c57924887ff87c11cf0e9131c469a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 450396
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 15 Nov 2023 13:01:20 GMT
server: cloudflare
vnd-eo-trace-id: 8267c4a378ab306a-SJC
etag: W/"cd2dc8cc1fe1125ebe8da16475b25e8e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8293179999fa9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:46 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 855 B
885 B 183ms
64ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=explicit

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/pages/login-air-3.14a2eb75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

270cd05112618f7d64aaccbe749b819934196fc43554fcffd6263c6514f0eccc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 20 Nov 2023 19:27:46 GMT

GET
H2 200 loader_only.js Show response
assets.static-upwork.com/iovation/5.2.2/ 4 KB
2 KB 71ms
28ms Script
application/x-javascript 2606:4700::6810:e0bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/iovation/5.2.2/loader_only.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.b4e9378d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e0bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:46 GMT
x-amz-version-id: HskTff9TjeJIN57gDYa1bi2_LbMU_02X
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 9K2PTQ9R49Y385A6
age: 1632
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: OLEUUCQClPJUwLog8cgG4VXFzVx1IJQJFIVzx4Urc+P3AQQJEy8au/GSHYjNBgUvX2/7npDdTIY=
last-modified: Tue, 27 Jul 2021 10:37:17 GMT
server: cloudflare
etag: W/"8422458b55fbda403437065dd5557abf"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8293179a7a942bc0-FRA
x-amz-meta-last-modified: 1593693054000
expires: Mon, 20 Nov 2023 23:27:46 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/ 403 KB
97 KB 28ms
27ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Nov 2023 19:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fuN6EZWNAh2xn3yE+0HSRQ==
age: 64042
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99428
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:48 GMT
server: cloudflare
etag: 0x8DB81B7897E828A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bb61c14c-801e-006c-0ac6-0bd214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8293179a7ec14d94-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 182 KB
64 KB 207ms
69ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.b4e9378d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e30b10e9db593fc3541d9a10532173a313302e2d2f01026a8ecffbe2c4d80aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65064
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Nov 2023 19:27:46 GMT

GET
H3 200 loader.nuxt.js Show response
www.upwork.com/nx/suit2/ 1 KB
1 KB 288ms
285ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/suit2/loader.nuxt.js?t=1700508466343

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.b4e9378d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ec7d7abf57777a3817c32f3ac89825de30d7bebf5b3ac62d5edc6f3e80da4c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-to csp-endpoint, report-to csp-endpoint
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 18 Oct 2023 18:25:12 GMT
server: cloudflare
vnd-eo-trace-id: 8293179aaadb9b1b-SJC
etag: W/"2b58165420e1387a951c56f4b1b6c6e9"
x-frame-options: SAMEORIGIN
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}, {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 8293179aaadb9b1b-FRA
expires: Mon, 20 Nov 2023 23:27:46 GMT

POST
H3 200 visitor-gql-token Show response
www.upwork.com/ab/account-security/ 77 B
823 B 266ms
265ms Fetch
application/json 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/ab/account-security/visitor-gql-token

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.b4e9378d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aa83570a09a27f35da32274259ddcc8fee7dc70a8af6cc88e862d1c4075fd04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
vnd-eo-parent-span-id: 84876b3c-6b71-4a11-b324-2d801d04e155
vnd-eo-trace-id: 8293179488023688-FRA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
vnd-eo-span-id: 99199de8-299d-4c2b-8762-354126edeb52
sec-ch-viewport-width: 1600
accept-language: de-DE,de;q=0.9

Response headers

date: Mon, 20 Nov 2023 19:27:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-security-policy-report-only: report-to csp-endpoint
server-timing: api;dur=58, app;dur=58
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: cloudflare
vnd-eo-trace-id: 8293179aaae09b1b-FRA
x-frame-options: SAMEORIGIN
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/json
vary: Accept-Encoding
cf-ray: 8293179aaae09b1b-FRA

GET
H/1.1

200
OK

static_wdp.js Show response
first.iovation.com/general5/
Redirect Chain

https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

40 KB
17 KB

113ms
36ms

Script
text/javascript

52.129.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7bdfd46cdac7d6e9a54b7e63d8c43cce2a82269cc72c3a2cb471eab955240a5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Mon, 20 Nov 2023 19:27:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Expires: Wed, 20 Dec 2023 19:27:46 GMT

Redirect headers

date: Mon, 20 Nov 2023 19:27:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
cache-control: max-age=3600
cf-ray: 8293179abaed9b1b-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 20 Nov 2023 20:27:46 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 42 KB
20 KB 117ms
35ms Script
text/javascript 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/iovation/5.2.2/loader_only.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

561b552f27e09633ecaa1170e26346b3a1c8ce5ae37f1ebc38482b0bc7440c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: Mon, 20 Nov 2023 19:27:46 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H3 200 snippet-xndwY.a44de98b.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 7 KB
3 KB 28ms
25ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/snippet-xndwY.a44de98b.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/runtime.8fb06337.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95677c0f4180f6ccf65ec5f2fb7b898d94f2becf21e06f8f245b2641006f33b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 366684
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 15 Nov 2023 13:01:19 GMT
server: cloudflare
vnd-eo-trace-id: 8267c4a4195e306a-SJC
etag: W/"57055b0dd5900b92c658003371a4ec47"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8293179abaef9b1b-FRA
expires: Tue, 19 Nov 2024 19:27:46 GMT

GET
H2 200 202452b9c34b.js Show response
w.usabilla.com/ Frame FD3C 48 KB
13 KB 130ms
51ms Script
text/javascript 108.129.52.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/202452b9c34b.js?lv=1
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.129.52.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-129-52-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1498db6b263a4f49f976885fc456f6bf6164f00d0ecbaddb6741d72abab68f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:27:46 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "392f89ab4c79124f51481e0de72f23fa"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 13399

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/d354acbd-fb36-489c-82bd-26b614bd786e/ 137 KB
26 KB 33ms
32ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/d354acbd-fb36-489c-82bd-26b614bd786e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c9217d3c5db14ae809d3d33808d564972d119b91bb2e721da6fe97ea0b01df2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Nov 2023 19:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 44607
content-md5: q+MnSUnftS9Tsb2/ioV7lg==
content-length: 26218
x-ms-lease-status: unlocked
last-modified: Mon, 03 Jul 2023 14:47:11 GMT
server: cloudflare
etag: 0x8DB7BD46240D731
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3b89f7c9-001e-0096-2180-0c3052000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8293179aecde4dc3-FRA
expires: Tue, 21 Nov 2023 19:27:46 GMT

GET
H2 200 script.js Show response
4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/ 440 KB
194 KB 46ms
13ms Script
application/javascript 18.245.86.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-8.fra60.r.cloudfront.net

Software

Resource Hash

4011b414009c3d354ac57c07ace4ec680974d91f140b3733f1445b251d9e0c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:46 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
via: 1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 15:30:08 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/4c4cc75a16ed/47090160019
etag: W/"b2cbd534b6051bffdd7ab906ae5b43e0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, immutable, max-age=600
timing-allow-origin: *
x-amz-cf-id: 4M58RpHwN5ZvKlZH9wM1ecR7nB8ip3e23pg5CdFSBhg_dH4-gKRFLw==

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 10 KB
3 KB 28ms
26ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b45c6cd9209d6f0f4c59e7a3b7db80a0f642898d4728fef9252155a6d264427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Nov 2023 19:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5i2GgzdnYr7xAXvUmxvWyw==
age: 47456
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2606
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:43 GMT
server: cloudflare
etag: 0x8DB81B78646D554
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8c46793c-b01e-00c7-22d4-b3a427000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8293179b4d5e4dc3-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 21 KB
4 KB 28ms
27ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Nov 2023 19:27:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 47771
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 17b86691-801e-006e-6ed4-b371cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8293179b4d604dc3-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 202ms
54ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upwork.com/
Origin: https://www.upwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 14:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 14:25:43 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 28ms
27ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Nov 2023 19:27:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 52024
x-ms-lease-status: unlocked
last-modified: Thu, 16 Nov 2023 13:00:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d61d83b1-a01e-0019-642e-19b938000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8293179b8fee4d94-FRA

GET
BLOB 200
OK 2dea4d2f-e771-49f8-98ee-ecb4ecdb6110
https://www.upwork.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/2dea4d2f-e771-49f8-98ee-ecb4ecdb6110
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ff3cce51d2589f2288391c152c93cd3aa195b3071c2e78aab24633e4a639ef9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Length: 5305
Content-Type: application/javascript

GET
H/1.1

200
OK

dyn_wdp.js Show response
first.iovation.com/5.7.0/
Redirect Chain

https://www.upwork.com/iojs/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

2 KB
2 KB

49ms
49ms

Script
text/javascript

52.129.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: db5819e5371e24b070d0f703b850088c9957c3d5d311a10f960b950b55016c37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: 2023-Nov-20 19:27:46
Content-Encoding: gzip
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
p3p: CP="NON DSP COR CURa"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, private
Keep-Alive: timeout=2, max=96
Content-Length: 1368
Expires: 0

Redirect headers

date: Mon, 20 Nov 2023 19:27:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
cache-control: max-age=3600
cf-ray: 8293179babaf9b1b-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 20 Nov 2023 20:27:46 GMT

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.7.0/ 505 B
1 KB 38ms
37ms Script
text/javascript 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.7.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

eb1e8392242f7051382d8a5b6faab03efa620fdd6e11b867e43f69302c0533f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Mon, 20 Nov 2023 19:27:46 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Tue, 19 Nov 2024 19:27:46 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 77ms
44ms Media
audio/mpeg 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.34729089179941974

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1fb327c679f88cd0c634b32b90c57a785cd31e0fda255fe220fde8102ca4aec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.upwork.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Range: bytes=0-

Response headers

Pragma: public
Date: Mon, 20 Nov 2023 19:27:46 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK d6093f11-bb20-4c9c-92f4-fd570f372912
https://www.upwork.com/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/d6093f11-bb20-4c9c-92f4-fd570f372912
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3209f3d5a6ca288070838e54eb088847db3827c63d4553e00ebb6bedfb6f16f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Length: 2311
Content-Type: application/javascript

GET
H2 200 / Show response
cdn123.forter.com/ 66 B
366 B 88ms
38ms XHR
application/json 18.65.39.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn123.forter.com/?u=b7c23dfcd6a34416afd125a496e05292
Requested by: Host:
URL: (program):2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-34.ams1.r.cloudfront.net
Software: CloudFront /
Resource Hash: d7c0473597e5fbb6ec336c38ad89b875b3b020eccef2628f8366a6458d647185

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain

Response headers

date: Mon, 20 Nov 2023 19:27:46 GMT
via: 1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-P1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 66
x-amz-cf-id: -T6PSIj3PkJkv5fWB0bKz2H-FxOhoHolFJjCjKA69dDWl7fcIT10NA==

GET
H/1.1

200
OK

logo.js Show response
first.iovation.com/5.7.0/
Redirect Chain

https://www.upwork.com/iojs/5.7.0/logo.js
https://first.iovation.com/5.7.0/logo.js

505 B
1 KB

33ms
32ms

Script
text/javascript

52.129.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/5.7.0/logo.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a0a23da99176d152f4bdb4443a572fe50e307d9f940414000195e8ac59e1b0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Mon, 20 Nov 2023 19:27:46 GMT
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Content-Length: 505
Expires: Tue, 19 Nov 2024 19:27:46 GMT

Redirect headers

date: Mon, 20 Nov 2023 19:27:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://first.iovation.com/5.7.0/logo.js
cache-control: max-age=3600
cf-ray: 8293179cbc939b1b-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 20 Nov 2023 20:27:46 GMT

GET
H2

200

2cb809993f1e7a286922e31918aa07b9a1e5ca0a2c8d1761b1e0345fbac6cb16ac7f4ace631257efddf64fd2a478 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/2cb809993f1e7a286922e31918aa07b9a1e5ca0a2c8d1761b1e0345fbac6cb16ac7f4ace631257efddf64fd2a478

0
322 B

104ms
104ms

XHR
text/plain

143.204.98.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/2cb809993f1e7a286922e31918aa07b9a1e5ca0a2c8d1761b1e0345fbac6cb16ac7f4ace631257efddf64fd2a478

Requested by

Protocol

Server

143.204.98.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-77.fra50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:47 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: 1ASPGz-iTav_1Wx2b963T835mK_7VJnpurkz-B6EYjF8Wc1EHnampg==

Redirect headers

date: Mon, 20 Nov 2023 19:27:46 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/2cb809993f1e7a286922e31918aa07b9a1e5ca0a2c8d1761b1e0345fbac6cb16ac7f4ace631257efddf64fd2a478
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: Mn-YfUqRcqK8KskchXHTnY6vus95lFwMwSTIMh6RntBaHEdg2GgsDA==

GET
BLOB 200
OK 3c3b2ead-a958-4d84-9e04-5533f136da6e
https://www.upwork.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/3c3b2ead-a958-4d84-9e04-5533f136da6e
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33749d1ae9b380e1ded9a55d8386b68602c4494f7a76b87696739ec89cae549e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Length: 17365
Content-Type: application/javascript

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 34ms
33ms Media
audio/mpeg 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.9979767033367735

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1fb327c679f88cd0c634b32b90c57a785cd31e0fda255fe220fde8102ca4aec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.upwork.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Range: bytes=0-

Response headers

Pragma: public
Date: Mon, 20 Nov 2023 19:27:46 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ 18 KB
8 KB 331ms
67ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/pages/login-air-3.14a2eb75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04b4fecb7946b0d9e6c275685179c3cd54b9946d1adb8a01faee81e2e560ca7f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Nov 2023 19:27:47 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7112
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "241a6a66017d8392"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Nov 2023 19:27:47 GMT

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 42 KB
17 KB 280ms
17ms Script
application/javascript 2.17.186.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/pages/login-air-3.14a2eb75.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-40.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Mon, 20 Nov 2023 19:27:47 GMT
Last-Modified: Thu, 16 Nov 2023 18:20:41 GMT
Server: Apple
ETag: W/"43171-1700158841845"
Vary: accept-encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17356

GET
H3 200 index.iife.min.js Show response
www.upwork.com/static/suit2-tracker/0.3.14/ 81 KB
30 KB 43ms
43ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/suit2-tracker/0.3.14/index.iife.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/suit2/loader.nuxt.js?t=1700508466343

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd154805d8ffa510ce7524fa7e614811d32cec6d92ac38597499d7832d1e7bed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600

Response headers

date: Mon, 20 Nov 2023 19:27:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 649359
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 18 Oct 2023 17:25:26 GMT
server: cloudflare
vnd-eo-trace-id: 81f2edb5d98d67ab-SJC
etag: W/"7b81190f8263713bde051d8f7c78ea90"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8293179d6d259b1b-FRA
expires: Tue, 19 Nov 2024 19:27:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 509 KB
122 KB 64ms
63ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9eb57d83340c1db2c16a7edbcba28f7aa0ab1bc24a00738fbad61f8aa5407dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124683
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Nov 2023 19:27:46 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/b7c23dfcd6a34416afd125a496e05292/ 20 B
358 B 421ms
205ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/b7c23dfcd6a34416afd125a496e05292/prop.json?_=1700508466770
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: Mon, 20 Nov 2023 19:27:47 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
BLOB 200
OK 85fb92c9-a794-4d0b-86e3-eb039131b747
https://www.upwork.com/ 68 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/85fb92c9-a794-4d0b-86e3-eb039131b747
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aebf5e11b85a9ca6377b615fca84ca9c0db26ff5c81d59a985a864d5239926c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Length: 68
Content-Type: application/javascript

POST
H2 200 events
cdn3.forter.com/ 0
420 B 174ms
100ms Ping
text/plain 18.239.94.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-23.ams1.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:27:47 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 3WHjxxVVNiKfN4HoD1DjqeFHMqD7veRNqHwgaXi4kKNVUSEpWs-M-g==
expires: -1

GET
H2 200 516858f3f9efc799b493c6fec34c75df.js Show response
ob.cityrobotflower.com/i/ 100 KB
37 KB 30ms
8ms Script
text/javascript 2600:9000:2156:ae00:2:7cf7:d580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ae00:2:7cf7:d580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 29477ac7a28d896369a5a70c1392f25cce2c661b8771b125672ca1028b361e28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 10:39:10 GMT
content-encoding: gzip
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA50-C1
age: 31717
etag: "18e5b-iJoIevd4G7KUe+0KX3pRNwLb0+4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 37260
x-amz-cf-id: uRopm31Z8WosMLuaJIAdgn2bT-rUQtOIibUq0pngNJZ7tuI2kshHKw==
expires: Mon, 20 Nov 2023 22:39:10 GMT

GET
H2 200 gtm-snippet.min.js Show response
assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/ 1 KB
890 B 24ms
23ms Script
application/x-javascript 2606:4700::6810:e0bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/gtm-snippet.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e0bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:47 GMT
x-amz-version-id: ZweJj09ERuB7hGd43xe8zP0W7iYDRk9P
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: E6VWPQGWW6ZWJCWH
age: 5702
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: HOTYI0Hww3dI/VMUms3BgV+9dy7Xnlmv97XcEtWfyHYpKLdY7cgJT+3NxvDTL9P7/b600WjMOEE=
last-modified: Wed, 28 Jul 2021 04:55:45 GMT
server: cloudflare
etag: W/"f65b2f243a458c9aae9b29262e8b2877"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 8293179f68322bc0-FRA
x-amz-meta-last-modified: 1532366449000
expires: Mon, 20 Nov 2023 23:27:47 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 225 KB
80 KB 63ms
63ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-KSM221PNDX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50817f49dbb2f438cad42287979c3f264f249e193b717b0fff56793f81a695b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82161
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Nov 2023 19:27:47 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/ 316 KB
108 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8e8e2718bcc985862ab223a49f6eb743a296e0e2b751e7cf0b25d273c0e8803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sat, 18 Nov 2023 18:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110466
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Nov 2024 18:13:08 GMT

GET
H2 200 ct Show response
obs.cityrobotflower.com/ 7 KB
3 KB 488ms
275ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/ct?id=35075&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1700508467255&hl=2&op=0&ag=2318139085&rand=648129160170281652290161720898198476624097808023021506160016048921551528860228715605&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDIyMzldLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjYsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDYsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMTAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsNiwwLDAsMCwwLDAsMCwwLDMsMCJdLFstMSwiLSJdLFstMiwiNCxlY1hHWDE5bm5ydlZPMkpkbE5oeEJLUWtMdlNGZEFRQkNsaDE0VlVWRkFsRjcrQ0FJcVhSQkZDRTE2Rllrb1ZVcEFXaEFTSUQya1o1TnRVKzY5Yi8xKzU4N2N6V1JKQVBsR2w5Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCIsMTYwMCwxMjAwXSJdLFstMjAsIi0iXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MjYwMDAwMDAsXCJ1amhzXCI6MjE3MDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LjYsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNzAwNTA4NDY3MjE0LC0xXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSwyNzksMjc5LDAsMCwwLDAsNTQ2LC0xLDAsOTA1LjYsOTA1LjYsMjEzMCwyMTMxIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDMsZmFsc2UsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMSJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsNjc3LDAsMCwwLDU2MiwwLDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjEwMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMjg3Mjg5OTMyMFwiLFwiMzQxODQyMTcyMFwiLFwiMjQyNDg5NjUwMlwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNTUsIjEiXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRNElBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkY1hCa1JVVTFOU1VvREZoWldXeGRhVUUxQVMxWmJWazFmVlZaT1hFc1hXbFpVRmxBV0RBZ1BBUXdCWHdwZkFGeGZXZzRBQUZzTkFBcGFEMTljV2dvTldnNE1YVjhYVTBvRENBTVBEd2tPQ3hBVldFMFpUUmRjUVVsV1MwMUtHUkZSVFUxSlNnTVdGbFpiRjFwUVRVQkxWbHRXVFY5VlZrNWNTeGRhVmxRV1VCWU1DQThCREFGZkNsOEFYRjlhRGdBQVd3MEFDbG9QWDF4YUNnMWFEZz09Il0sWy01OCwiLSJdLFstNTksImRlZmF1bHQiXSxbLTYwLDIyM10sWy02MSwie1wid2dzbFwiOlwiMDtcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFstNjIsIjgwIl0sWy02MywiMCJdLFstNjQsIlswLFwiXCIsW11dIl0sWy02NSwiLSJdLFstNjYsImdlb2xvY2F0aW9uLHN0b3JhZ2VhY2Nlc3MsZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixsb2NhbGZvbnRzLHBpY3R1cmVpbnBpY3R1cmUscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsb3RwY3JlZGVudGlhbHMsY2h1YWZvcm1mYWN0b3IsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxjaGRvd25saW5rLGNocHJlZmVyc2NvbG9yc2NoZW1lLHN5bmN4aHIsY2h1YW1vZGVsLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksc2VyaWFsLGNhbWVyYSxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsaWRlbnRpdHljcmVkZW50aWFsc2dldCxjaHVhZnVsbHZlcnNpb24sZnVsbHNjcmVlbixjaGRwcix1bmxvYWQsa2V5Ym9hcmRtYXAsY2h1YXBsYXRmb3JtLGd5cm9zY29wZSxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsY2h1YSxtYWduZXRvbWV0ZXIsYWNjZWxlcm9tZXRlcixwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24sY2h1YWFyY2gseHJzcGF0aWFsdHJhY2tpbmcsaWRsZWRldGVjdGlvbixjaHVhcGxhdGZvcm12ZXJzaW9uLGNod2lkdGgsY2xpcGJvYXJkcmVhZCxjaHZpZXdwb3J0d2lkdGgscGF5bWVudCxjaHZpZXdwb3J0aGVpZ2h0LGNocnR0LGF1dG9wbGF5LGNyb3Nzb3JpZ2luaXNvbGF0ZWQsaGlkLGNodWFiaXRuZXNzLHNjcmVlbndha2Vsb2NrLGNsaXBib2FyZHdyaXRlLGNoZGV2aWNlbWVtb3J5LG1pY3JvcGhvbmUiXSxbLTY3LCIyNTMyMzEyODg4OjIwIl0sWyJkZGIiLCIwLDUsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDAsMCwwLDEsMTEsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDQsMCwwLDAsMCwwLDEsMjAiXSxbImJuY2giLDc3XSxbImFibmNoIiw3OF1d&dep=0&pre=0&sdd=%7B%7D&cri=2Q2TEsjlU8&pto=2172&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1700508467.mzUBkPj6hcq5lbr2&suid=1.1700508467.NYzsLJiamE4pklFb&tuid=1.1700508467.hJ3tgDwPJZyu1aSB&fbc=-&gtm=WyJPbmVUcnVzdExvYWRlZCIsIk9wdGFub25Mb2FkZWQiLCJPbmVUcnVzdEdyb3Vwc1VwZGF0ZWQiXQ%3D%3D&it=68%2C2020%2C36&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 0289b7bbbe347eb7db0406b584d4275279669d8ac40a8edc2d757d40721f24b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-type: text/javascript
pragma: no-cache
date: Mon, 20 Nov 2023 19:27:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 2769
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 suit Show response
www.upwork.com/shasta/ 2 B
675 B 221ms
221ms XHR
text/plain 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/shasta/suit

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/suit2-tracker/0.3.14/index.iife.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 20 Nov 2023 19:27:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upwork.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 829317a068289b1b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/b7c23dfcd6a34416afd125a496e05292/ 20 B
358 B 105ms
105ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/b7c23dfcd6a34416afd125a496e05292/prop.json?_=1700508467262
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: Mon, 20 Nov 2023 19:27:47 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 101ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KSM221PNDX&gtm=45je3b81v878988486z8854411223&_p=1700508466342&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1590613910.1700508467&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700508467&sct=1&seg=0&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&dt=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&en=OneTrustGroupsUpdated&_fv=1&_nsi=1&_ss=1&ep.consent_flag=%2CC0001%2C&tfd=2219
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-KSM221PNDX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:27:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame AD46 382 B
1022 B 183ms
61ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51abffeaa1e9927bd81432b7adb2b229dae487b51d8494f1cf249d1ec333a108

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-eLJjidBKlm_rR-eqyBPlYQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upwork.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 270
content-security-policy: script-src 'nonce-eLJjidBKlm_rR-eqyBPlYQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 19:27:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 2099 287 B
1 KB 1683ms
1559ms Document
text/html 2a00:1450:4001:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2413d0ac7cef1d8d28a2b40c467a615bf8e5f7ea45b5127b492f49f77bc905c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-XNAo6a6ZrAmJu150PQd8hQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upwork.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-XNAo6a6ZrAmJu150PQd8hQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 19:27:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/b7c23dfcd6a34416afd125a496e05292/ 20 B
358 B 102ms
101ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/b7c23dfcd6a34416afd125a496e05292/prop.json?_=1700508467478
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: Mon, 20 Nov 2023 19:27:47 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

POST
H3 200 suit Show response
www.upwork.com/shasta/ 2 B
675 B 204ms
204ms XHR
text/plain 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/shasta/suit

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/suit2-tracker/0.3.14/index.iife.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-viewport-width: 1600
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 20 Nov 2023 19:27:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upwork.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 829317a1c9769b1b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

POST
H2 204 apiserving
csp.withgoogle.com/csp/ Frame AD46 0
0 182ms
67ms Other
text/html 2a00:1450:4001:810::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/apiserving
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://content.googleapis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/csp-report

Response headers

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame AD46 18 KB
7 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b093037c5b94003859b96af6b27c8ba17832cfc8943b7511b905b571e78723

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Nov 2023 19:27:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7116
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "23edfa0f3c3c3329"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Nov 2023 19:27:47 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/ Frame AD46 77 KB
27 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f867efe89de2acc7f60da32733292e8c8ea157c6e64dd7a7434c6eb4955475f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sat, 18 Nov 2023 06:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27761
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Nov 2024 06:46:53 GMT

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/4c4cc75a16ed/b7c23dfcd6a34416afd125a496e05292/ 20 B
439 B 103ms
102ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/b7c23dfcd6a34416afd125a496e05292/wpt.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 20 Nov 2023 19:27:47 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=10
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/4c4cc75a16ed/b7c23dfcd6a34416afd125a496e05292/ Frame 0
0 102ms
102ms Preflight 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/b7c23dfcd6a34416afd125a496e05292/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.upwork.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Mon, 20 Nov 2023 19:27:47 GMT
Keep-Alive: timeout=10
Vary: Access-Control-Request-Headers

GET
H2 200 rest Show response
content.googleapis.com/discovery/v1/apis/people/v1/ Frame AD46 44 KB
6 KB 72ms
72ms XHR
application/json 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/discovery/v1/apis/people/v1/rest?pp=0&fields=kind%2Cname%2Cversion%2CrootUrl%2CservicePath%2Cresources%2Cparameters%2Cmethods%2CbatchPath%2Cid

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

edce71fedccb1fae085d029905b45812c9f41c74c2148c5b3a7608089bc3a752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://www.upwork.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.131%20Safari%2F537.36%20Edg%2F92.0.902.67&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.131%20Safari%2F537.36%20Edg%2F92.0.902.67
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Referer: https://www.upwork.com

Response headers

date: Mon, 20 Nov 2023 19:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5925
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 36ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Nov 2023 19:27:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: wsTcYnZnXaOEgYGDixsGJnTZXrJbQKapviYVcVzbCAj7NFO8mkTNbCo7f/dy7attEqUjPcmjvEpEJHDctGgZ5g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
80 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-972598239

Requested by

Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d71b886c1827e71d91a7dd6a3af9b84d3cf50ab2918463e5ba0abc861c964e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82019
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Nov 2023 19:27:47 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
80 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-972598239&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1758f9bdc9c4c33e923caf559f5e351e8cc3f161c5ac193384e648362996f179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82122
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Nov 2023 19:27:47 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame BD28 45 KB
13 KB 53ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 20 Nov 2023 19:27:47 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1E81071EC50540A8AF21999510917C8A Ref B: FRAEDGE2018 Ref C: 2023-11-20T19:27:47Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame BD28 180 KB
66 KB 108ms
106ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9982405

Requested by

Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5898ca42f789d41c9cb024b36372615c4874b5983d04871f8aa51bcfc45dc4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67268
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Nov 2023 19:27:47 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ Frame BD28 23 KB
8 KB 27ms
7ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:47 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 tc_imp.gif
obs.cityrobotflower.com/tracker/ 43 B
79 B 104ms
104ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cityrobotflower.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aeec235e2438c9a9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d148d6a2217071a10acf9f29f674ed7868f047d6d1ea82e26068f3a8b309357350271c101015b330c5892ef634a77be26bb25cb43e2916af05165ad5f2f7a1bda53ec40f4c1d7de3cbb2807ff7ecaa8556d8e0e3143714493d60265a060b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4afa78a9869bad8df5ff5579f592e019cbecbf7af2b95dfe57594351ea4ad9e331114e96171a190167ae8dfe9689d44aa07a08e0a964fcbcc2b963c3d97982e8d339780eef7daeaeb1828a727e0befa2f523dbb85718ca61ce6574c05d45c5f99c294d8cfbcdd70c23cc68ca4d035a3696e21c86f39819981476bd1e57ce602e7de4e9776a26a4e5d1bdd31be1accccb864f58935c217ebd2ccdc6185491b2aad7a175339195ad7ab71b955c2ddc074819f6bf69720ccc5b9da6b84bfe04e6c798fff1914fff0587e03f9e3f037fa73f8bf0abaa27bec2ff5249627d116d6ad35c71226e7a99b653a396205280f4915acb0d12cc700b2463c0178a6e31aca9b6c0efebadcbbbd6dc1f0e6fc84fbaef04a4629f941d7eb197b814666698f3c18332f9927f0214e97bfd460fe388860c9e84392e651c0255a333c1028468ecae5c72e3900cb5b1acbc1d3b8b3c34f17cda2b76fe2ba6167ca80003668e5839c0733bd23994ddd4fb56ad9508e8a01f2a820fe89db8a8a4d70bcb86e228636e6dea2b704c23d724f52c52c1a0fefb1559db206d68bcc992791ded26d4a4e13ac37b918b849a0d73be56e1a741f7e042bf3509c9c2149ab2d9cb5ff5ec4c64d8c756fae0d612f97ebcd0958e86df68d19c61a32084ba0262f85a6cb75cd573f869815a1dbc1e28344da41482415f06b38539c900c5ca621e6fec12d8ccff10f5d7ca26e3c1505cf1750e185f31911906279cf8a8641c9d6b2d34423ba30b806764bcd4e237cd7cc19408bd6e0d1feaf12e13aa566c938c08f02c1ed953725bbc319968cb4a0c5edd7ca344289e62d519d388c57d73b93bf4bf2c9958630b7da87baf9546786a2a3a717d35e9a5308631568ca95393ed863ed43abe37cee6b52bb3c03bb34f3d52302f7756c0301d9ad8c3f8fc95f3c78402cd0daddb2962e910be3d6317ac1f65168712b207c3eb240c1e96745bce786d7eecdcbb0ae8d6cbbe7801f366f1333317b1a02d95f1351aaed8fa120b4923450809750bec303c587c9cb9fe4ac0ea6488853f82fb3c6ec9f816f799795d7e0756940258dd98cfa3e1cb3cc0a345cb865f8653542f95fb82fb11657cc451294c2e5ba87c7c6a98c7c8408&cri=2Q2TEsjlU8&ts=527&cb=1700508467782
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Mon, 20 Nov 2023 19:27:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK 79503785-62bb-43ba-b2ca-b732014191bb
https://www.upwork.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/79503785-62bb-43ba-b2ca-b732014191bb
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8785f5034808b978bf57b7d90cff118fc08004515ddb75096ea73495401b6d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK cb7a2db7-591f-40e9-9945-3d053647cffe
https://www.upwork.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/cb7a2db7-591f-40e9-9945-3d053647cffe
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cee33a29d3ffe0c484e2c91af342db9428167f999db0dcafb4696931cf114e20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Length: 529
Content-Type

GET
H2 200 463930381624031 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/463930381624031?v=2.9.138&r=stable&domain=www.upwork.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e7d934bf947085d3afff65b4d4d33ee8ec26d3c138ff49cc57aacbbc6f49fc5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Nov 2023 19:27:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35441
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: I9HiKKvalQadjilDvWGhZEfIrRQEwkbYMXVP8aY1HKBkTD22xk1NnifnqxMy34r+fpAudUGsrTs46p0R1A69tw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 events
cdn3.forter.com/ 0
418 B 135ms
134ms Ping
text/plain 18.239.94.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-23.ams1.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:27:47 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: rRawkTr9AnDouvYxRrqHxzMZEtcbZdhjdbAcwkKi4-efTmK8wMVj9A==
expires: -1

GET
H2 200 rp.gif
alb.reddit.com/ Frame BD28 42 B
637 B 26ms
7ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1700508467830&id=t2_j0i56&event=Search&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=b528c968-0928-4fbe-b97f-dcc7f5eb1e01&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:47 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 204 331000128.js Show response
bat.bing.com/p/action/ Frame BD28 0
116 B 34ms
34ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/331000128.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 20 Nov 2023 19:27:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 24018F7028F8433F89322B9CC5BD38DA Ref B: FRAEDGE2018 Ref C: 2023-11-20T19:27:47Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame BD28 0
286 B 79ms
77ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=331000128&Ver=2&mid=556be0c3-281f-4096-a9cb-55940f9a413e&sid=e322915087da11ee8ea80f529f7e689e&vid=e322a20087da11ee917fed86bb27806d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&r=&lt=0&evt=pageLoad&ifm=1&sv=1&rn=699599

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 20 Nov 2023 19:27:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 44D72296E6584B6DA71D99ADA3AD6BF5 Ref B: FRAEDGE2018 Ref C: 2023-11-20T19:27:47Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 816554411748126 Show response
connect.facebook.net/signals/config/ 151 KB
39 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/816554411748126?v=2.9.138&r=stable&domain=www.upwork.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24de590a4f0e1e1b6ddc08201222b5c00b9924b1c4603c7d31487f5e8a5c87de

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Nov 2023 19:27:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 39410
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: OFBYJSywmXRQPBzMAGkTE2w0YvMivIvIGMZLrTRAtmPuotdnR1gvu9I3Jj8HO2J0vMnuwJA1o55UGzooHDCing==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&rl=&if=false&ts=1700508467851&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700508467850.1305856943&ler=empty&it=1700508467821&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 20 Nov 2023 19:27:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 9ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&rl=&if=false&ts=1700508467909&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700508467850.1305856943&ler=empty&it=1700508467821&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 20 Nov 2023 19:27:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 9ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=816554411748126&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&rl=&if=false&ts=1700508467910&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700508467850.1305856943&ler=empty&it=1700508467821&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 20 Nov 2023 19:27:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 9ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=816554411748126&ev=Microdata&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&rl=&if=false&ts=1700508467913&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account%22%2C%22meta%3Adescription%22%3A%22Log%20in%20to%20your%20Upwork%20account%20to%20post%20a%20job%2C%20find%20freelance%20work%2C%20and%20connect%20with%20talent%20around%20the%20globe.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700508467850.1305856943&ler=empty&hmd=d610a534445635714af04809&it=1700508467821&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 20 Nov 2023 19:27:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/ 3 KB
2 KB 185ms
69ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1700508467947&cv=11&fst=1700508467947&bg=ffffff&guid=ON&async=1&gtm=45be3b81v894577659&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&auid=122936339.1700508468&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972598239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

294f001dfdc344c951eaa7711fe58b564784c15eb29f2df013c353e024394311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:27:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/972598239/ 3 KB
2 KB 155ms
76ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/972598239/?random=1700508467963&cv=11&fst=1700508467963&bg=ffffff&guid=ON&async=1&gtm=45be3b81v894577659&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&gtm_ee=1&auid=122936339.1700508468&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972598239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

8ba53d62cc82cfb6dd106842fb05f3a0917591c9a65e8b727eb1f08a309baca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:27:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1700
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CPnxttmn04IDFUhMkQUdoXUOEg;src=9982405;type=conve0;cat=cheqi0;ord=545701963559;auiddc=122936339.1700508468;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;... Show response
9982405.fls.doubleclick.net/ Frame 2CAB
Redirect Chain

https://9982405.fls.doubleclick.net/activityi;src=9982405;type=conve0;cat=cheqi0;ord=545701963559;auiddc=122936339.1700508468;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=...
https://9982405.fls.doubleclick.net/activityi;dc_pre=CPnxttmn04IDFUhMkQUdoXUOEg;src=9982405;type=conve0;cat=cheqi0;ord=545701963559;auiddc=122936339.1700508468;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=s...

700 B
723 B

85ms
84ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9982405.fls.doubleclick.net/activityi;dc_pre=CPnxttmn04IDFUhMkQUdoXUOEg;src=9982405;type=conve0;cat=cheqi0;ord=545701963559;auiddc=122936339.1700508468;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9982405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

40cb21d33551df208cc7f852d21d48d327c4421e4ed75350294dca745940eef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upwork.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 385
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 19:27:48 GMT
expires: Mon, 20 Nov 2023 19:27:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 19:27:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9982405.fls.doubleclick.net/activityi;dc_pre=CPnxttmn04IDFUhMkQUdoXUOEg;src=9982405;type=conve0;cat=cheqi0;ord=545701963559;auiddc=122936339.1700508468;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
www.google.de/pagead/1p-conversion/972598239/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1861137516&cv=11&fst=1700508467963&bg=ffffff&guid=ON&async=1&gtm=45be3b81v894577659&gcd=11l1l1l1l1&dma_cps=sypham&...
https://www.google.com/pagead/1p-conversion/972598239/?random=1861137516&cv=11&fst=1700508467963&bg=ffffff&guid=ON&async=1&gtm=45be3b81v894577659&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...
https://www.google.de/pagead/1p-conversion/972598239/?random=1861137516&cv=11&fst=1700508467963&bg=ffffff&guid=ON&async=1&gtm=45be3b81v894577659&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...

42 B
108 B

71ms
71ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/972598239/?random=1861137516&cv=11&fst=1700508467963&bg=ffffff&guid=ON&async=1&gtm=45be3b81v894577659&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&gtm_ee=1&auid=122936339.1700508468&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUklsQUZjX296Vml1bmg2VkUydFhUX0FzcklEaDZZWXhvYnhKSXNjaG5ITHlDZjNORmVXWHcaV0NoQUlnS1RzcWdZUXJfYVp5b1dJcm9CN0VpMEFmYTVXOGxkQ2M2bVF2eTJ0VEROM3pkd3BoWWs3aDdtanZ0bGFEVExZRHJFSEUtN1FvN09xMWRaSkFXVSITCMmgtNmn04IDFdUx4AodT-UGOg&is_vtc=1&ocp_id=NLNbZcm2A9XjgAfPypvQAw&cid=CAQSGwDICaaNNY3x-PPUrmrcYLWI3fZ8CKm2Dt8_zg&random=3855437474&ipr=y&ezwbk=AZuM4hAzHJ7AXL8WvEXxdL4DV3YVStW9TLaoVnENdx-kV-5odRzkD0u3bHYLt4A0Hzj8C8y6U7h0UWXcCzcWbkau7aMt

Requested by

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:27:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:27:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/972598239/?random=1861137516&cv=11&fst=1700508467963&bg=ffffff&guid=ON&async=1&gtm=45be3b81v894577659&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&gtm_ee=1&auid=122936339.1700508468&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tUc3FnWVEtc2FKaC0yU2g0ZS1BUklsQUZjX296Vml1bmg2VkUydFhUX0FzcklEaDZZWXhvYnhKSXNjaG5ITHlDZjNORmVXWHcaV0NoQUlnS1RzcWdZUXJfYVp5b1dJcm9CN0VpMEFmYTVXOGxkQ2M2bVF2eTJ0VEROM3pkd3BoWWs3aDdtanZ0bGFEVExZRHJFSEUtN1FvN09xMWRaSkFXVSITCMmgtNmn04IDFdUx4AodT-UGOg&is_vtc=1&ocp_id=NLNbZcm2A9XjgAfPypvQAw&cid=CAQSGwDICaaNNY3x-PPUrmrcYLWI3fZ8CKm2Dt8_zg&random=3855437474&ipr=y&ezwbk=AZuM4hAzHJ7AXL8WvEXxdL4DV3YVStW9TLaoVnENdx-kV-5odRzkD0u3bHYLt4A0Hzj8C8y6U7h0UWXcCzcWbkau7aMt
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/972598239/ 42 B
455 B 196ms
75ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/972598239/?random=1700508467947&cv=11&fst=1700506800000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v894577659&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNGpnbyfloQdi69nG7hGJzHVWlSY1TvQ&random=344663895&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:27:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/972598239/ 42 B
455 B 181ms
66ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/972598239/?random=1700508467947&cv=11&fst=1700506800000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v894577659&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNGpnbyfloQdi69nG7hGJzHVWlSY1TvQ&random=344663895&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:27:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPnxttmn04IDFUhMkQUdoXUOEg;src=9982405;type=conve0;cat=cheqi0;ord=545701963559;auiddc=*;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2...
adservice.google.com/ddm/fls/z/ Frame 2CAB 42 B
401 B 260ms
131ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPnxttmn04IDFUhMkQUdoXUOEg;src=9982405;type=conve0;cat=cheqi0;ord=545701963559;auiddc=*;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online

Requested by

Host: 9982405.fls.doubleclick.net
URL: https://9982405.fls.doubleclick.net/activityi;dc_pre=CPnxttmn04IDFUhMkQUdoXUOEg;src=9982405;type=conve0;cat=cheqi0;ord=545701963559;auiddc=122936339.1700508468;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9982405.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:27:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
147 B 106ms
105ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Mon, 20 Nov 2023 19:27:48 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
16 B 108ms
107ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Mon, 20 Nov 2023 19:27:48 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 2099 2 KB
917 B 69ms
68ms Other
text/html 2a00:1450:4001:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

47fe7146ffec9a7b12e6d9bd0be7b41e76f411dc48b26f4c14a6ec63bf40c527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.2aYFKO0xRzk.es5.O/am=CAM/d=1/rs=AOaEmlElzTGDsHu9GHxIWyKrr25nWN1CpA/ Frame 2099 107 KB
37 KB 165ms
57ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.2aYFKO0xRzk.es5.O/am=CAM/d=1/rs=AOaEmlElzTGDsHu9GHxIWyKrr25nWN1CpA/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

147911c748e32f798599d58f22f3716e30577d06f57d46ccf71feb6690199205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 14 Nov 2023 22:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37641
x-xss-protection: 0
last-modified: Sat, 11 Nov 2023 03:49:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 22:12:24 GMT

GET
H/1.1 200
OK upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame AAA8 2 KB
2 KB 32ms
8ms Image
image/png 52.222.206.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D521590813793562624%26amp%253Brange%3D20231113-20231119%26amp%253Bhours_logged%3Dhours_online
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-77.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fa952d9b6d3e241177a6da103960eb749e30d3e84c25f1d98fb1b2219ab1864

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Tue, 12 Sep 2023 13:16:38 GMT
x-amz-version-id: d6N_UYHUv2f.lf8yVQQ3CdauiMsM0ICM
Via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Jun 2021 18:49:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P3
Age: 5983872
ETag: "ff48a3c94b69990d5044c0b3b202dd9e"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=315360000, no-transform, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1678
X-Amz-Cf-Id: dCF-9CCh-gYCFuGSVKc7AfKoTLyRaNn8adPOplUMVdc6Buy-yDQHiQ==

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 2099 49 B
94 B 55ms
54ms XHR
application/json 2a00:1450:4001:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.upwork.com&client_id=936450902531-r6k5fu4tni53b4f0o2r8e2ck49egnok0.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.2aYFKO0xRzk.es5.O/am=CAM/d=1/rs=AOaEmlElzTGDsHu9GHxIWyKrr25nWN1CpA/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-754biopVSZ-dM8eu3nGEKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-754biopVSZ-dM8eu3nGEKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
x-content-type-options: nosniff
date: Mon, 20 Nov 2023 19:11:09 GMT
content-encoding: gzip
age: 1000
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 20 Nov 2023 20:11:09 GMT

POST
H/1.1 200
OK prop.json
b7c23dfcd6a34416afd125a496e05292-4c4cc75a16ed.cdn.forter.com/ 2 B
622 B 346ms
103ms Ping
application/json 54.81.184.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://b7c23dfcd6a34416afd125a496e05292-4c4cc75a16ed.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.81.184.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-184-157.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 20 Nov 2023 19:27:49 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Mon, 20 Nov 2023 11:06:59 GMT
Server: Apache
ETag: "2-60a937c29b8ea"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 events
cdn3.forter.com/ 0
306 B 268ms
267ms Ping
text/plain 18.239.94.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

QUIC, , AES_128_GCM

Server

18.239.94.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-23.ams1.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:27:50 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 316c3f6f9514dc45c45cd1b2385757cc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IGD0G9rpeMLMCm1J6OJkXbw_SWiQWaMfW4xle6uouO8wA2FLiVTgwg==
expires: -1

GET icon24.png
gighmmpiobklfepjocnamgkkbiglidom/icons/ Frame BC80 0
0

GET close-icon.svg
ihcjicgdanjaechkgeegckofjjedodee/app/assets/ Frame 0103 0
0

GET
H2 200 logo_small.gif
df45ay5pw60dy.cloudfront.net/ 48 B
282 B 71ms
14ms Image
image/gif 2600:9000:2090:800:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_small.gif?dfpadname=&check=1700508470288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:800:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:50 GMT
via: 1.1 1d10719558a2481e0d462e12964f647a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: I29FOISHonyTs0hQGf9zT5AkdEk87B9vgJ3nmkQ7IMWGHe9AQVZfwg==

GET
H2 200 logo_medium.gif
df45ay5pw60dy.cloudfront.net/ 48 B
279 B 71ms
15ms Image
image/gif 2600:9000:2090:800:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_medium.gif?check=1700508470288&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:800:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:50 GMT
via: 1.1 1d10719558a2481e0d462e12964f647a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: C8JuU1m4_xWlv340EOxVkxsOuofoVbri2go6J30vYWN9O47On81LfQ==

GET
H2 200 logo_large.gif
df45ay5pw60dy.cloudfront.net/ 48 B
280 B 71ms
16ms Image
image/gif 2600:9000:2090:800:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_large.gif?1700508470288&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:800:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 20 Nov 2023 19:27:50 GMT
via: 1.1 1d10719558a2481e0d462e12964f647a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: Yl3CDEz1foOfcG6bSHliER4NSZwzYvRa3kMkDIsPi82jkRchJi90JA==

GET icon16.png
mlomiejdfkolichcflejclcbmpeaniij/app/images/ Frame CD80 0
0

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
39 B 110ms
110ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Mon, 20 Nov 2023 19:27:50 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gighmmpiobklfepjocnamgkkbiglidom
URL: chrome-extension://gighmmpiobklfepjocnamgkkbiglidom/icons/icon24.png

Domain: ihcjicgdanjaechkgeegckofjjedodee
URL: chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/assets/close-icon.svg

Domain: mlomiejdfkolichcflejclcbmpeaniij
URL: chrome-extension://mlomiejdfkolichcflejclcbmpeaniij/app/images/icon16.png

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.upwork.com/	1970-01-21 01:08:50	Name: visitor_id Value: 185.213.155.131.1700508465260000
www.upwork.com/	1970-01-20 16:31:53	Name: __cflb Value: 02DiuEXPXZVk436fJfSVuuwDqLqkhavJb8SFPbpckbXB9
.upwork.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 7TLfeJT_kwMbWnzYTS3eaQfDom3BPITvGZZOQ4W8cFI-1700508465349-0-604800000
.upwork.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: f31a76dc8bd346e4241b92b5bd6d314d
www.upwork.com/	1969-12-31 23:59:59	Name: cookie_prefix Value:
www.upwork.com/	1969-12-31 23:59:59	Name: cookie_domain Value: .upwork.com
.upwork.com/	1970-01-20 20:41:00	Name: umq Value: 1600
.static-upwork.com/	1970-01-20 16:21:50	Name: __cf_bm Value: 0C.tYgz9KnuBiGm6eJPJgIin0I4JTXpDsjb2M_1B2sU-1700508466-0-AR7HhuGoVBqzCSECD5QtwZrgXL1BYv7p5QQfoJlnf09hRq/3ZKcG1dCNDVRg366TFuPGsZ1yVVUJieLYDlH4c1Q=
mpsnare.iesnare.com/	1970-01-21 01:07:24	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: ks8Dm1L/Esnd685S9smFaXZXAx0uRROhrT1OUgdA/Ik=
.upwork.com/	1970-01-21 01:07:24	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Nov+20+2023+20%3A27%3A46+GMT%2B0100+(Central+European+Standard+Time)&version=202305.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=06fa22b1-d1d2-47d3-985e-9a34074ba925&interactionCount=0&landingPath=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D521590813793562624%2526amp%25253Brange%253D20231113-20231119%2526amp%25253Bhours_logged%253Dhours_online&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
first.iovation.com/	1970-01-21 01:07:24	Name: fp_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: 8Wsxr7MoHTU24+1YbMcvL7K7ZfqwVtzek9AE83mgcDQ=
www.upwork.com/	1969-12-31 23:59:59	Name: enabled_ff Value: !CI12577UniversalSearch,TONB3476Air3Migration,OTBnrOn,!MP16400Air3Migration,!CLOBSNAIR3,!RMTAir3Home,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations,!SSINavUser,!air2Dot76Qt,!RMTAir3Talent,CI11132Air2Dot75,i18nOn,!i18nGA,CLOBJPGV2RJP,SSINavUserBpa,air2Dot76,!CI10857Air3Dot0,JPAir3,!CLOBJNAIR3,TONB2256Air3Migration,!FLSAir3,!RMTAir3Hired
.upwork.com/	1970-01-20 16:21:52	Name: ftr_blst_1h Value: 1700508466649
.upwork.com/	1970-01-20 16:23:14	Name: asct_vt Value: oauth2v2_eafdaff4099d022b4de4bc37f38f13ef
.google.com/	1970-01-20 20:45:19	Name: NID Value: 511=fXBNaCuCXap1-nZZCtVxiFFDml8qMKyBJ4QO40SENegvx7dciX1t86cXPN3ADJbQtNseD-ZQVWEpJ0YdEeBDZeggCqPKsOl43uRCh_osMhdyNh2CBiO23w8KcSfciRymYX4rpHljKV-lb_uJ3A19yii38Jf_QaM_5C4-hXpfKjc
.upwork.com/	1970-01-20 16:21:50	Name: _upw_ses.5831 Value: *
.upwork.com/	1970-01-20 18:33:12	Name: _cq_duid Value: 1.1700508467.mzUBkPj6hcq5lbr2
.upwork.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1700508467.NYzsLJiamE4pklFb
.upwork.com/	1970-01-21 01:57:48	Name: _upw_id.5831 Value: 0e8f40f0-a97c-4223-b939-2e996612ddaf.1700508467.1.1700508467..8598a0c5-7f14-4907-93cc-2961e4352e10..77edfaac-ab8e-4d53-972b-c400da6d8dd3.1700508467265.3
.upwork.com/	1970-01-21 01:57:48	Name: _ga_KSM221PNDX Value: GS1.1.1700508467.1.0.1700508467.0.0.0
.upwork.com/	1970-01-21 01:57:48	Name: _ga Value: GA1.1.1590613910.1700508467
.www.upwork.com/	1970-01-21 01:57:48	Name: G_ENABLED_IDPS Value: google
.upwork.com/	1970-01-21 01:57:48	Name: forterToken Value: b7c23dfcd6a34416afd125a496e05292_1700508466388__UDF43-m4_14ck
.upwork.com/	1970-01-21 01:07:24	Name: spt Value: 5df3236c-c87a-42f7-8c22-d59c7b98e37d
www.upwork.com/	1970-01-20 16:31:53	Name: AWSALB Value: vKYWOiSk9/mwd3KojlAaFX4OpmcMlSSIx/7lmXOXRzsyBCD9howY9QWHG22KAZu+Qzly2scRYHtvfJF/aVQCSrA2t+ZPYbMAGjUg2GT3rxfgMwiSQ5rmvTIriSmv
www.upwork.com/	1970-01-20 16:31:53	Name: AWSALBCORS Value: vKYWOiSk9/mwd3KojlAaFX4OpmcMlSSIx/7lmXOXRzsyBCD9howY9QWHG22KAZu+Qzly2scRYHtvfJF/aVQCSrA2t+ZPYbMAGjUg2GT3rxfgMwiSQ5rmvTIriSmv
obs.cityrobotflower.com/	1970-01-21 00:25:38	Name: cg_uuid Value: 7e563ab5ffa281dbdc57bbc14687da85
.upwork.com/	1970-01-20 18:31:24	Name: _rdt_uuid Value: 1700508467829.b528c968-0928-4fbe-b97f-dcc7f5eb1e01
.upwork.com/	1970-01-20 16:23:14	Name: _uetsid Value: e322915087da11ee8ea80f529f7e689e
.upwork.com/	1970-01-21 01:43:24	Name: _uetvid Value: e322a20087da11ee917fed86bb27806d
.upwork.com/	1970-01-20 18:31:24	Name: _fbp Value: fb.1.1700508467850.1305856943
.bing.com/	1970-01-21 01:43:24	Name: MUID Value: 3EC8ED68E01E6662167EFEA7E1CC67D7
.upwork.com/	1970-01-20 18:31:24	Name: _gcl_au Value: 1.1.122936339.1700508468
.doubleclick.net/	1970-01-21 01:43:24	Name: IDE Value: AHWqTUmsaIrvWQgTT0mikvdWj2XNK9pOb9Zou-WADkoXvk6joS9MWehyntnAbFvjb08
.upwork.com/	1970-01-20 16:21:50	Name: __cf_bm Value: q.e_QRyTtEbHjnOu2iksaS570v655UA_6rkXgMNXBa0-1700508469-0-AQZoAlH4tyZ54wpxoV/QS4JHCwxTjsmEc8ChO2PHJHzehzwRlGYft1F1X1KwPq9AJOkJjMeLS/1trrqS6JowdsQ=

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs(Line 184) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
worker	verbose	URL: blob:https://www.upwork.com/79503785-62bb-43ba-b2ca-b732014191bb(Line 1) Message: Error
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()
network	error	Message: A bad HTTP response code (403) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c4cc75a16ed.cdn4.forter.com
9982405.fls.doubleclick.net
accounts.google.com
adservice.google.com
alb.reddit.com
apis.google.com
appleid.cdn-apple.com
assets.static-upwork.com
b7c23dfcd6a34416afd125a496e05292-4c4cc75a16ed.cdn.forter.com
bat.bing.com
cdn.cookielaw.org
cdn0.forter.com
cdn123.forter.com
cdn3.forter.com
cdn9.forter.com
connect.facebook.net
content.googleapis.com
csp.withgoogle.com
d6tizftlrpuof.cloudfront.net
df45ay5pw60dy.cloudfront.net
first.iovation.com
geolocation.onetrust.com
gighmmpiobklfepjocnamgkkbiglidom
googleads.g.doubleclick.net
ihcjicgdanjaechkgeegckofjjedodee
mlomiejdfkolichcflejclcbmpeaniij
mpsnare.iesnare.com
ob.cityrobotflower.com
obs.cityrobotflower.com
region1.google-analytics.com
w.usabilla.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
www.redditstatic.com
www.upwork.com
gighmmpiobklfepjocnamgkkbiglidom
ihcjicgdanjaechkgeegckofjjedodee
mlomiejdfkolichcflejclcbmpeaniij
104.18.89.237
108.129.52.61
142.250.185.194
142.250.186.102
143.204.98.77
151.101.129.140
18.239.94.23
18.245.86.8
18.65.39.34
2.17.186.40
2001:4860:4802:34::36
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:2090:800:10:f40e:dd80:21
2600:9000:2156:ae00:2:7cf7:d580:93a1
2606:4700:4400::ac40:9b77
2606:4700::6810:e0bf
2606:4700::6812:83ec
2620:1ec:c11::200
2a00:1450:4001:802::200d
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2011
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::396
34.192.191.43
52.129.66.124
52.222.206.77
54.195.39.4
54.81.184.157
0289b7bbbe347eb7db0406b584d4275279669d8ac40a8edc2d757d40721f24b7
0371443b137ae2d582665cde517c3680f9f0039460960851fd57db0a4e464b1f
04b4fecb7946b0d9e6c275685179c3cd54b9946d1adb8a01faee81e2e560ca7f
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5
147911c748e32f798599d58f22f3716e30577d06f57d46ccf71feb6690199205
1498db6b263a4f49f976885fc456f6bf6164f00d0ecbaddb6741d72abab68f4d
1758f9bdc9c4c33e923caf559f5e351e8cc3f161c5ac193384e648362996f179
1a13e9d008e396f3240ab3e9fe28aeff0f88e4432749a5ef7d63acc809d781e2
1bb32dc6469bf73049aa3b49633004d4efc1404169f1dcced708838a099a3ae5
1fb327c679f88cd0c634b32b90c57a785cd31e0fda255fe220fde8102ca4aec2
24de590a4f0e1e1b6ddc08201222b5c00b9924b1c4603c7d31487f5e8a5c87de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
270cd05112618f7d64aaccbe749b819934196fc43554fcffd6263c6514f0eccc
290c437253d75441c8e787c08f43776e1e691cfb462d5fdb69589966a8fc788e
29477ac7a28d896369a5a70c1392f25cce2c661b8771b125672ca1028b361e28
294f001dfdc344c951eaa7711fe58b564784c15eb29f2df013c353e024394311
2d71b886c1827e71d91a7dd6a3af9b84d3cf50ab2918463e5ba0abc861c964e9
2f11a5008f6b38a19dbdc4839557c62ce408d84885dc3e2e4eab7ba8bcdecd96
2fa952d9b6d3e241177a6da103960eb749e30d3e84c25f1d98fb1b2219ab1864
3209f3d5a6ca288070838e54eb088847db3827c63d4553e00ebb6bedfb6f16f7
33749d1ae9b380e1ded9a55d8386b68602c4494f7a76b87696739ec89cae549e
3660a0bbff0d6fb4c0d5ac8db3eea60cee95c5f92c41d79d54ad6bcf4f32ddeb
3b45c6cd9209d6f0f4c59e7a3b7db80a0f642898d4728fef9252155a6d264427
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c
4011b414009c3d354ac57c07ace4ec680974d91f140b3733f1445b251d9e0c06
40cb21d33551df208cc7f852d21d48d327c4421e4ed75350294dca745940eef2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47fe7146ffec9a7b12e6d9bd0be7b41e76f411dc48b26f4c14a6ec63bf40c527
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4aebf5e11b85a9ca6377b615fca84ca9c0db26ff5c81d59a985a864d5239926c
4bcfc02e5990939a86280c99b78ad304ba1641374ffea24d0004db81c599ee2c
50817f49dbb2f438cad42287979c3f264f249e193b717b0fff56793f81a695b8
51abffeaa1e9927bd81432b7adb2b229dae487b51d8494f1cf249d1ec333a108
5433b50c12730ad20dd7741b36a3ffe1c069150e739b09cd9bb597a44058908f
561b552f27e09633ecaa1170e26346b3a1c8ce5ae37f1ebc38482b0bc7440c6c
57ff3734fd781ea2bde0ee64b9625f5872f071cf61652af66cc29ee53d45ce7e
5898ca42f789d41c9cb024b36372615c4874b5983d04871f8aa51bcfc45dc4ea
58dcdc6a8ea111ea6e48841e189dcdb20b3d99200a1f75eb34d43d869941f551
5978aa9d45bdfba697097c82f292f9e7bdb91ae0c4560d8de40f38fe13830e93
5a4a16fa3036e271376d3ceeef56a5f49dff42ea2560c18099177be8d46fe076
5add4564cdbe664870ff30d9cf18878f291eee8115ab7de7b9ccda7e616d58e8
5e0fad370e50e89b4c84738050440070d6a9723aca47f1f6070b02ce21d22ef5
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5ff3cce51d2589f2288391c152c93cd3aa195b3071c2e78aab24633e4a639ef9
622fd25ab4d94f239580b3fe9f37ade0c6ddd584a56f1007813552964657feab
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
6e7d934bf947085d3afff65b4d4d33ee8ec26d3c138ff49cc57aacbbc6f49fc5
6ec7d7abf57777a3817c32f3ac89825de30d7bebf5b3ac62d5edc6f3e80da4c9
72e9e3a3d67504b4790f56d7a644cb1417b421f2f08aa4be9757f0cfabbe1edc
7aa83570a09a27f35da32274259ddcc8fee7dc70a8af6cc88e862d1c4075fd04
7bdfd46cdac7d6e9a54b7e63d8c43cce2a82269cc72c3a2cb471eab955240a5b
7c332f4a0e91ad5e4c3600f42a3a481cd678cdd95a614f575045b01c89dbacb8
7c9217d3c5db14ae809d3d33808d564972d119b91bb2e721da6fe97ea0b01df2
7caf751ab1de54c4cca3e86eab021b3efe4c02cfdda86319d5d084fddfe18c7b
7f284c99cc0f8f7bdbb03b3e692dbd0ebf258a94609f54bd5b136ad0ad007bc4
7f5616fe9643b8bdd0bc262f841e1a4aee2511ad0c18b15ca9c30b4054534a1e
822116d28148ad8a2126cb9b61cddef361afe9feb20f51f0b617ad11e3e1f59b
82d89f93838285b494bef600481cb8f4a36ef26f5ce40856767a09ff15cf7247
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
8392acacde68221a87fcd55491814d4b23cb35bc0c446b4814bd3617e7f1e276
8ba53d62cc82cfb6dd106842fb05f3a0917591c9a65e8b727eb1f08a309baca2
8bb15c96e564d13c46a7be4ddaded64620b0c5c8c1bb49e06cd4939db02e0672
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
9290d1eebc75f1a6e8ce907e1640a13860cc7041d69cfcd745794760d5287e93
95677c0f4180f6ccf65ec5f2fb7b898d94f2becf21e06f8f245b2641006f33b9
97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c59f01217576628101ee057563aaac09b74ea1e2189b2f260eb504892abb82d
9ca7bc6dfdc10951b966ebadce39ad0f42ce673b7a66b02a1670f78b3c2f6ed0
9e145d9d1357fba2e807c353c614f721e67dd2cbbc87e08d41a2c6a783ebc416
9e4514e2e0c577a9895430e6abe43f80291c3beaae54a0523770d2e311b510c7
9eb57d83340c1db2c16a7edbcba28f7aa0ab1bc24a00738fbad61f8aa5407dbc
a0a23da99176d152f4bdb4443a572fe50e307d9f940414000195e8ac59e1b0d9
b2413d0ac7cef1d8d28a2b40c467a615bf8e5f7ea45b5127b492f49f77bc905c
c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029
ca6d94451f40c955f400058bccb12383e5848d273703ec1a21feeab416131a96
cad2ec384ec9bbe908663d2f0fa1c86b1c8c57924887ff87c11cf0e9131c469a
cee33a29d3ffe0c484e2c91af342db9428167f999db0dcafb4696931cf114e20
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d7c0473597e5fbb6ec336c38ad89b875b3b020eccef2628f8366a6458d647185
d8785f5034808b978bf57b7d90cff118fc08004515ddb75096ea73495401b6d3
d8e8e2718bcc985862ab223a49f6eb743a296e0e2b751e7cf0b25d273c0e8803
dadd0e60dc1fe46b2bb07b43c83556b21e6c1ce9603debe6e7bf765bf5a118ad
db5819e5371e24b070d0f703b850088c9957c3d5d311a10f960b950b55016c37
e18ea984522b9bdea4b66a2c9282182ee984d0aafac2818f41804e20dee169ce
e30b10e9db593fc3541d9a10532173a313302e2d2f01026a8ecffbe2c4d80aca
e3b093037c5b94003859b96af6b27c8ba17832cfc8943b7511b905b571e78723
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
eb1e8392242f7051382d8a5b6faab03efa620fdd6e11b867e43f69302c0533f0
ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594
edce71fedccb1fae085d029905b45812c9f41c74c2148c5b3a7608089bc3a752
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3eecb5cbdf062f146ba18d1836c1fabba8c6a29216dc92c644dcab46502bd2f
f4b67a188e989cad599d0d3a2daef7a201ad9622136b53cb42df447d8b4b7d17
f867efe89de2acc7f60da32733292e8c8ea157c6e64dd7a7434c6eb4955475f1
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fd154805d8ffa510ce7524fa7e614811d32cec6d92ac38597499d7832d1e7bed

www.upwork.com Open in urlscan Pro 104.18.89.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

89 %HTTPS

59 %IPv6

27 Domains

40 Subdomains

38 IPs

4 Countries

2198 kBTransfer

6819 kBSize

35 Cookies

0 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.upwork.com Open in urlscan Pro
104.18.89.237 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

89 %
HTTPS

59 %
IPv6

27
Domains

40
Subdomains

38
IPs

4
Countries

2198 kB
Transfer

6819 kB
Size

35
Cookies

129 HTTP transactions
1 data transactions