Submitted URL: https://www.upwork.com/nx/plans/membership/index?frkscc=JOQ3Zc35XTbf
Effective URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Submission: On March 12 via api from BE — Scanned from DE

Summary

This website contacted 38 IPs in 5 countries across 27 domains to perform 120 HTTP transactions. The main IP is 104.18.90.237, located in and belongs to CLOUDFLARENET, US. The main domain is www.upwork.com. The Cisco Umbrella rank of the primary domain is 39088.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on April 4th 2022. Valid for: a year.
This is the only time www.upwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 39 104.18.90.237 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 34.252.19.64 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 52.129.66.1 16509 (AMAZON-02)
4 54.228.71.178 16509 (AMAZON-02)
1 108.138.7.12 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 104.77.46.193 16625 (AKAMAI-AS)
1 2 143.204.89.33 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.77.42.191 16625 (AKAMAI-AS)
7 2600:1f18:e8a... 14618 (AMAZON-AES)
5 54.204.202.163 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
1 2 142.250.186.38 15169 (GOOGLE)
1 151.101.65.140 54113 (FASTLY)
5 2a03:2880:f11... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.206.77 16509 (AMAZON-02)
1 54.81.184.157 14618 (AMAZON-AES)
3 2600:9000:225... 16509 (AMAZON-02)
1 23.23.210.37 ()
120 38
Apex Domain
Subdomains
Transfer
39 upwork.com
www.upwork.com — Cisco Umbrella Rank: 39088
723 KB
10 google.com
apis.google.com — Cisco Umbrella Rank: 107
accounts.google.com — Cisco Umbrella Rank: 73
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 68
150 KB
10 forter.com
4c4cc75a16ed.cdn4.forter.com — Cisco Umbrella Rank: 95792
cdn9.forter.com — Cisco Umbrella Rank: 4536
cdn0.forter.com — Cisco Umbrella Rank: 4509
cd6457ca8a284d8691aa9da2bb9ae659-4c4cc75a16ed.cdn.forter.com
cdn3.forter.com
193 KB
8 cityrobotflower.com
ob.cityrobotflower.com — Cisco Umbrella Rank: 115995
obs.cityrobotflower.com — Cisco Umbrella Rank: 78368
35 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 358
131 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
319 B
5 cloudfront.net
dh0tb61pdpl7x.cloudfront.net
d6tizftlrpuof.cloudfront.net
d3nocrch4qti4v.cloudfront.net
4 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
336 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
9982405.fls.doubleclick.net — Cisco Umbrella Rank: 125733
4 KB
4 iesnare.com
mpsnare.iesnare.com — Cisco Umbrella Rank: 5452
22 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 346
12 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 147
244 KB
3 iovation.com
first.iovation.com — Cisco Umbrella Rank: 73291
19 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6069
563 B
2 googleapis.com
content.googleapis.com — Cisco Umbrella Rank: 1544
8 KB
2 gstatic.com
www.gstatic.com
197 KB
2 static-upwork.com
assets.static-upwork.com — Cisco Umbrella Rank: 97511
3 KB
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1503
157 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 171
2 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1352
8 KB
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 495
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3134
17 KB
1 perimeterx.net
client.perimeterx.net — Cisco Umbrella Rank: 11771
214 B
1 usabilla.com
w.usabilla.com — Cisco Umbrella Rank: 3248
12 KB
1 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1932
879 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 588
295 B
0 Failed
function sub() { [native code] }. Failed
120 27
Domain Requested by
39 www.upwork.com 4 redirects www.upwork.com
7 obs.cityrobotflower.com ob.cityrobotflower.com
www.upwork.com
6 cdn.cookielaw.org www.upwork.com
cdn.cookielaw.org
5 www.facebook.com www.upwork.com
5 cdn0.forter.com
5 www.googletagmanager.com www.upwork.com
www.googletagmanager.com
ob.cityrobotflower.com
4 apis.google.com www.upwork.com
apis.google.com
content.googleapis.com
4 mpsnare.iesnare.com assets.static-upwork.com
mpsnare.iesnare.com
www.upwork.com
3 d3nocrch4qti4v.cloudfront.net
3 bat.bing.com www.upwork.com
bat.bing.com
3 connect.facebook.net ob.cityrobotflower.com
connect.facebook.net
3 accounts.google.com apis.google.com
www.upwork.com
www.gstatic.com
3 first.iovation.com www.upwork.com
2 www.google.de www.upwork.com
2 www.google.com 1 redirects www.upwork.com
2 9982405.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 content.googleapis.com apis.google.com
2 cdn9.forter.com 1 redirects www.upwork.com
2 www.gstatic.com www.recaptcha.net
accounts.google.com
2 assets.static-upwork.com www.upwork.com
www.googletagmanager.com
1 cdn3.forter.com
1 cd6457ca8a284d8691aa9da2bb9ae659-4c4cc75a16ed.cdn.forter.com
1 d6tizftlrpuof.cloudfront.net www.upwork.com
1 adservice.google.com 9982405.fls.doubleclick.net
1 alb.reddit.com www.upwork.com
1 www.googleadservices.com www.googletagmanager.com
1 www.redditstatic.com www.upwork.com
1 csp.withgoogle.com www.upwork.com
1 dh0tb61pdpl7x.cloudfront.net
1 appleid.cdn-apple.com www.upwork.com
1 client.perimeterx.net www.upwork.com
1 ob.cityrobotflower.com www.googletagmanager.com
1 4c4cc75a16ed.cdn4.forter.com www.upwork.com
1 w.usabilla.com www.upwork.com
1 www.recaptcha.net www.upwork.com
1 geolocation.onetrust.com cdn.cookielaw.org
0 mlomiejdfkolichcflejclcbmpeaniij Failed
0 ihcjicgdanjaechkgeegckofjjedodee Failed
0 gighmmpiobklfepjocnamgkkbiglidom Failed
120 40

This site contains no links.

Subject Issuer Validity Valid
*.upwork.com
DigiCert SHA2 High Assurance Server CA
2022-04-04 -
2023-05-05
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-12-13 -
2023-12-13
a year crt.sh
misc.google.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-11 -
2023-06-11
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
w.usabilla.com
Amazon RSA 2048 M01
2023-02-09 -
2024-02-09
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
mpsnare.iesnare.com
DigiCert SHA2 High Assurance Server CA
2022-04-29 -
2023-05-23
a year crt.sh
*.cdn4.forter.com
GeoTrust RSA CA 2018
2022-12-08 -
2024-01-08
a year crt.sh
*.cityrobotflower.com
Amazon RSA 2048 M02
2023-02-22 -
2023-09-14
7 months crt.sh
*.perimeterx.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-13 -
2023-11-14
a year crt.sh
*.apis.google.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1
2022-04-19 -
2023-05-19
a year crt.sh
cdn0.forter.com
GeoTrust RSA CA 2018
2022-06-27 -
2023-07-07
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
accounts.google.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.appspot.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.google.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-10 -
2023-03-20
2 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2023-02-16 -
2023-08-16
6 months crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-05-15
6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-05-14
6 months crt.sh
www.google.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
www.google.de
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.cdn.forter.com
GeoTrust RSA CA 2018
2022-06-27 -
2023-07-27
a year crt.sh
cdn3.forter.com
GeoTrust RSA CA 2018
2022-06-27 -
2023-07-04
a year crt.sh

This page contains 10 frames:

Primary Page: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Frame ID: 45F1DC6FDF392933B7F5831CB100A074
Requests: 99 HTTP requests in this frame

Frame: https://w.usabilla.com/202452b9c34b.js?lv=1
Frame ID: 8E9F65D1C6A7D7DEC1F49CC9764EE17E
Requests: 1 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__
Frame ID: D63BDEDCC49186793102204B9FBC0769
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: A2112BCB4E0FCA2E741B720AC383D57A
Requests: 4 HTTP requests in this frame

Frame: https://bat.bing.com/bat.js
Frame ID: 81103877851B06FF80C4688C86A54B6B
Requests: 6 HTTP requests in this frame

Frame: https://9982405.fls.doubleclick.net/activityi;dc_pre=CMOAgeb41v0CFXlGkQUdt5wAwg;src=9982405;type=conve0;cat=cheqi0;ord=4541347429461;gtm=45fe3360;auiddc=1754578821.1678643084;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf
Frame ID: 00BE66E16BE918594D8A03C5C63925AB
Requests: 2 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
Frame ID: D72F68AE5BCE68A41BA741D817D40DBF
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://gighmmpiobklfepjocnamgkkbiglidom/icons/icon24.png
Frame ID: A2F55F9E3D2FC06AAD1ACFCAFB4A1BDD
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/assets/close-icon.svg
Frame ID: 56CC3DC116561110426C5BDF55FB068E
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://mlomiejdfkolichcflejclcbmpeaniij/app/images/icon16.png
Frame ID: 7E0279B2CB47CF8BFEF7A0DC4CC6FF76
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Log In to Your Account | UpworkUpwork

Page URL History Show full URLs

  1. https://www.upwork.com/nx/plans/membership/index?frkscc=JOQ3Zc35XTbf HTTP 302
    https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • forter\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

120
Requests

91 %
HTTPS

59 %
IPv6

27
Domains

40
Subdomains

38
IPs

5
Countries

2117 kB
Transfer

6763 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.upwork.com/nx/plans/membership/index?frkscc=JOQ3Zc35XTbf HTTP 302
    https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
  • https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Request Chain 52
  • https://www.upwork.com/iojs/5.6.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
  • https://first.iovation.com/5.6.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Request Chain 54
  • https://cdn9.forter.com/vchk2 HTTP 301
  • https://cdn9.forter.com/vchk2/v1/2deb5c9f394d7f2a3575b01218fa0eb9f9b2cf5a27dc1767eab4680eeac2c71dac7f4bc96b1153e4d9f84adda377
Request Chain 60
  • https://www.upwork.com/iojs/5.6.0/logo.js HTTP 301
  • https://first.iovation.com/5.6.0/logo.js
Request Chain 85
  • https://9982405.fls.doubleclick.net/activityi;src=9982405;type=conve0;cat=cheqi0;ord=4541347429461;gtm=45fe3360;auiddc=1754578821.1678643084;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf HTTP 302
  • https://9982405.fls.doubleclick.net/activityi;dc_pre=CMOAgeb41v0CFXlGkQUdt5wAwg;src=9982405;type=conve0;cat=cheqi0;ord=4541347429461;gtm=45fe3360;auiddc=1754578821.1678643084;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf
Request Chain 91
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1792358281&cv=11&fst=1678643084279&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&tiba=Log%20In%20to%20Your%20Account%20%7C%20Upwork&gtm_ee=1&auid=1754578821.1678643084&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=jA8OZKjEFYaF2fcPjq-pqAY&sscte=1&crd=&pscrd=Ek5DaEFJZ0kyMm9BWVF5SWZEdExDbmpyRm9FaVlBeVEzUmVRRjYtOGNWV0lRTURnWVczOWlmM1dONjRsWHBnS3NTa19oTzljZ29PcDhIQUEaWENoQUlnSTIyb0FZUXpmX2x6cUN4LThvaUVpNEFlWUktajFUWkdsUFlxTFZVNllIVzNCU2hBUEhONXcyLVJUOHJpcUlrV2dvVG5vbm5QMVd1aVJJQUNPSWg HTTP 302
  • https://www.google.com/pagead/1p-conversion/972598239/?random=1792358281&cv=11&fst=1678643084279&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&tiba=Log%20In%20to%20Your%20Account%20%7C%20Upwork&gtm_ee=1&auid=1754578821.1678643084&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0kyMm9BWVF5SWZEdExDbmpyRm9FaVlBeVEzUmVRRjYtOGNWV0lRTURnWVczOWlmM1dONjRsWHBnS3NTa19oTzljZ29PcDhIQUEaWENoQUlnSTIyb0FZUXpmX2x6cUN4LThvaUVpNEFlWUktajFUWkdsUFlxTFZVNllIVzNCU2hBUEhONXcyLVJUOHJpcUlrV2dvVG5vbm5QMVd1aVJJQUNPSWg&is_vtc=1&ocp_id=jA8OZKjEFYaF2fcPjq-pqAY&random=2780909403 HTTP 302
  • https://www.google.de/pagead/1p-conversion/972598239/?random=1792358281&cv=11&fst=1678643084279&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&tiba=Log%20In%20to%20Your%20Account%20%7C%20Upwork&gtm_ee=1&auid=1754578821.1678643084&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0kyMm9BWVF5SWZEdExDbmpyRm9FaVlBeVEzUmVRRjYtOGNWV0lRTURnWVczOWlmM1dONjRsWHBnS3NTa19oTzljZ29PcDhIQUEaWENoQUlnSTIyb0FZUXpmX2x6cUN4LThvaUVpNEFlWUktajFUWkdsUFlxTFZVNllIVzNCU2hBUEhONXcyLVJUOHJpcUlrV2dvVG5vbm5QMVd1aVJJQUNPSWg&is_vtc=1&ocp_id=jA8OZKjEFYaF2fcPjq-pqAY&random=2780909403&ipr=y&prhg=0

120 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
www.upwork.com/ab/account-security/
Redirect Chain
  • https://www.upwork.com/nx/plans/membership/index?frkscc=JOQ3Zc35XTbf
  • https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
137 KB
31 KB
Document
General
Full URL
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
749e2c6f2e5fc46a96bcc555cbd088fdfadb4cf73b8942d08dafe94a6e4c004b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7a6dd8c1ab18909a-FRA
content-encoding
br
content-security-policy-report-only
report-to csp-endpoint
content-type
text/html; charset=utf-8
date
Sun, 12 Mar 2023 17:44:42 GMT
referrer-policy
origin-when-cross-origin
report-to
{'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
server
cloudflare
server-timing
total;dur=52;desc="Nuxt Server Time"
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding Accept-Encoding
vnd-eo-trace-id
7a6dd8c1ab18909a-FRA
x-auth-status
Access
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-upwork-authentication
unauthenticated
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a6dd8c0296a909a-FRA
content-security-policy-report-only
report-to csp-endpoint
date
Sun, 12 Mar 2023 17:44:42 GMT
location
/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
referrer-policy
origin-when-cross-origin
report-to
{'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vnd-eo-trace-id
7a6dd8c0296a909a-FRA
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
neue-montreal-regular.woff2
www.upwork.com/static/fonts-global/4.0.1/
23 KB
24 KB
Font
General
Full URL
https://www.upwork.com/static/fonts-global/4.0.1/neue-montreal-regular.woff2
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f11a5008f6b38a19dbdc4839557c62ce408d84885dc3e2e4eab7ba8bcdecd96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
16768971
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23912
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 09 Aug 2021 13:27:41 GMT
server
cloudflare
vnd-eo-trace-id
7425b59c8a19a4f0-SJC
etag
"2e9d05ced4fddb6c67f1be57161a2668"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age
3000
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a6dd8c3b99e9219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
neue-montreal-medium.woff2
www.upwork.com/static/fonts-global/4.0.1/
25 KB
25 KB
Font
General
Full URL
https://www.upwork.com/static/fonts-global/4.0.1/neue-montreal-medium.woff2
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8392acacde68221a87fcd55491814d4b23cb35bc0c446b4814bd3617e7f1e276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
16768971
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25348
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 09 Aug 2021 13:27:41 GMT
server
cloudflare
vnd-eo-trace-id
7425b59c9a48a4f0-SJC
etag
"f0728e66b926fbcc5376a1d55222e3a7"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age
3000
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a6dd8c3b9a99219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
rza-regular.woff2
www.upwork.com/static/fonts-global/4.0.1/
62 KB
63 KB
Font
General
Full URL
https://www.upwork.com/static/fonts-global/4.0.1/rza-regular.woff2
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e0fad370e50e89b4c84738050440070d6a9723aca47f1f6070b02ce21d22ef5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
16768971
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63800
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 09 Aug 2021 13:27:41 GMT
server
cloudflare
vnd-eo-trace-id
742ea1e99c94c8fc-SEA
etag
"4c125a0993ca325b5cc5056afbdd58c7"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age
3000
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a6dd8c3b9ae9219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
vue.runtime.2.7.14.min.js
www.upwork.com/static/vue-libs/
74 KB
28 KB
Script
General
Full URL
https://www.upwork.com/static/vue-libs/vue.runtime.2.7.14.min.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72e9e3a3d67504b4790f56d7a644cb1417b421f2f08aa4be9757f0cfabbe1edc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
4798845
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Thu, 10 Nov 2022 16:24:53 GMT
server
cloudflare
vnd-eo-trace-id
76d8a9db1e173362-SJC
etag
W/"4e644343c0055d4cdf6879735f2c69ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9b19219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
vuex.3.6.2.min.js
www.upwork.com/static/vue-libs/
12 KB
4 KB
Script
General
Full URL
https://www.upwork.com/static/vue-libs/vuex.3.6.2.min.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
30242612
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Wed, 15 Dec 2021 09:34:11 GMT
server
cloudflare
vnd-eo-trace-id
6f29ae611bcdc928-SJC
etag
W/"9190541d2b0b2827d8f9a2b436ffdc3f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9b29219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
runtime.934b6b4c.js
www.upwork.com/static/assets/AccountSecurityNuxt/
63 KB
19 KB
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/runtime.934b6b4c.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5671a2c441d2499f308d44c52e3d71c19d12c82612c2160d986aba61c3a362b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458444
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 06 Mar 2023 17:07:39 GMT
server
cloudflare
vnd-eo-trace-id
7a3c486acdaa2810-SJC
etag
W/"f13f1e8e4f71738eb6e49b0f1d11d679"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9b49219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
commons~app.4043d0ac.js
www.upwork.com/static/assets/AccountSecurityNuxt/
65 KB
22 KB
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/commons~app.4043d0ac.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56d380b6046811e1294f7d53a81dcbae5ab4053a6f1349c613c36649abf623bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
4525049
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Thu, 19 Jan 2023 08:21:31 GMT
server
cloudflare
vnd-eo-trace-id
78be4a423db7bc4b-SJC
etag
W/"d4f11c571bfef3efa860bf2fb2940cf0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9b69219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
styles~app.050c6beb.js
www.upwork.com/static/assets/AccountSecurityNuxt/
130 KB
22 KB
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~app.050c6beb.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9143135526184b5c037d6aa3968e58592987bfbe0032cbb0fedb9abf78f18c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
4525049
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Thu, 19 Jan 2023 08:21:36 GMT
server
cloudflare
vnd-eo-trace-id
78be4a424dc0bc4b-SJC
etag
W/"747fe8c182425840c393ccc5e96c92cc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9b79219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
app.b218a200.js
www.upwork.com/static/assets/AccountSecurityNuxt/
1 MB
313 KB
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/app.b218a200.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01a6c5fec0688b13b22caee961056713fdd2f3fa05ce91c3863cc795ece9d286
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458445
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Thu, 02 Mar 2023 09:06:49 GMT
server
cloudflare
vnd-eo-trace-id
7a1889065919c4ed-SJC
etag
W/"832a9d37f9dd1ef8a0b09f3bc96022b0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9ba9219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
login.bca9751d.js
www.upwork.com/static/assets/AccountSecurityNuxt/pages/
428 KB
108 KB
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/pages/login.bca9751d.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60eb62d9bacace8a91ff87f73c55d00a78939947b706b88133313f1c5a432c1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458445
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 06 Mar 2023 17:07:38 GMT
server
cloudflare
vnd-eo-trace-id
7a3e9cbdfa2d24dc-SJC
etag
W/"b8912443bed5205c5b7afe1487a43621"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9be9219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~eb22db77.54860280.js
www.upwork.com/static/assets/AccountSecurityNuxt/
6 KB
2 KB
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~eb22db77.54860280.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a6237821391df55e2185529c0637d8b4fa50e3caa88aef05a0b6f8e56b1ea71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458445
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Thu, 02 Mar 2023 09:06:55 GMT
server
cloudflare
vnd-eo-trace-id
7a1889065922c4ed-SJC
etag
W/"f873fb89f99a454f4e4e2682cb51808b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9bf9219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~08bd1a50.e1ba26c9.js
www.upwork.com/static/assets/AccountSecurityNuxt/
914 B
858 B
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~08bd1a50.e1ba26c9.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9791f9af5698efb54ac9139ad07200c7d50f752fdffd91190707deb56b02b8d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458445
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Thu, 02 Mar 2023 09:06:55 GMT
server
cloudflare
vnd-eo-trace-id
7a1889065912c4ed-SJC
etag
W/"0f69ff745760b046d63b2a7e6d09fe12"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9c29219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~9fe98c5f.3dde2301.js
www.upwork.com/static/assets/AccountSecurityNuxt/
3 KB
1 KB
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~9fe98c5f.3dde2301.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ff9066625111300a891ec0e665ad8addb4efbb83707732ea8e98448fd88793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458444
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Thu, 02 Mar 2023 09:06:55 GMT
server
cloudflare
vnd-eo-trace-id
7a1889065910c4ed-SJC
etag
W/"ef05d7ac7f36a797220824a00bb5ff4b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9c39219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~a75e686f.830ba612.js
www.upwork.com/static/assets/AccountSecurityNuxt/
1 KB
1014 B
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~a75e686f.830ba612.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a433967d70c77503604191491c50d0fa84f202c2667d2bb1d54057f5fbf99b08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458445
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Thu, 02 Mar 2023 09:06:55 GMT
server
cloudflare
vnd-eo-trace-id
7a1889065920c4ed-SJC
etag
W/"d9c7364f96f3d0b05ca9b8664bf65161"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9c49219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~e5561d30.8f9c8b50.js
www.upwork.com/static/assets/AccountSecurityNuxt/
16 KB
2 KB
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~e5561d30.8f9c8b50.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
170e8e942c1e662c80f313c859e8b294e89293cd4928aa5971ac42bca881bea2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458445
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Thu, 02 Mar 2023 09:06:55 GMT
server
cloudflare
vnd-eo-trace-id
7a188906591fc4ed-SJC
etag
W/"c54bafc5a02837b7cccc0a3e89c3e52f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9c59219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~a773838b.f0b34b50.js
www.upwork.com/static/assets/AccountSecurityNuxt/
5 KB
2 KB
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~a773838b.f0b34b50.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081d64198ba44c43d2c116d1868f6888be1ff7808342eeb2467350262089d8d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458445
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Thu, 02 Mar 2023 09:06:55 GMT
server
cloudflare
vnd-eo-trace-id
7a188906592cc4ed-SJC
etag
W/"2e99f215e011d3ebdf433384ded7f99a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9c69219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~47947da3.81df9ddb.js
www.upwork.com/static/assets/AccountSecurityNuxt/
929 B
807 B
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~47947da3.81df9ddb.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b0a33f155542f0b2b110e7780f7dfb6c3802ef1fc6b4dcd3483157652ab674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458445
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Thu, 02 Mar 2023 09:06:55 GMT
server
cloudflare
vnd-eo-trace-id
7a188906592bc4ed-SJC
etag
W/"458a4c7f32adc99e9e3de5bed5678e1d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9c79219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
pu~df9529e4.fe24129a.js
www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/clear-cookies~pages/device-authorization~pages/login~pages/logout~pages/oauth2~pages/
1 KB
1010 B
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/clear-cookies~pages/device-authorization~pages/login~pages/logout~pages/oauth2~pages/pu~df9529e4.fe24129a.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3858e36a002c5d4e37c552469220332f8f3c24caec3058c90a73279a0f90dcbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458445
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 06 Mar 2023 17:07:39 GMT
server
cloudflare
vnd-eo-trace-id
7a3e4c2a2d4a9441-SJC
etag
W/"2944c39d08a8f40900d6dd65c79026c6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9c99219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
reset-p~1a58e4f3.6544eb30.js
www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-push~add-totp~change-fido2~pages/device-authorization~pages/login~pages/
1 KB
989 B
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-push~add-totp~change-fido2~pages/device-authorization~pages/login~pages/reset-p~1a58e4f3.6544eb30.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49e0e07b0a1267182ec60838b8f8f9f4c63e47bf2fc0fa2f73e1f599737866a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458445
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Thu, 02 Mar 2023 09:06:55 GMT
server
cloudflare
vnd-eo-trace-id
7a1889065928c4ed-SJC
etag
W/"ac37237aa4b8e19b44ad3b93e583cbdf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9cc9219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
password-and-security.febd8e6a.js
www.upwork.com/static/assets/AccountSecurityNuxt/styles~change-fido2~pages/login~pages/
2 KB
1 KB
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~change-fido2~pages/login~pages/password-and-security.febd8e6a.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44c0b64fe96bd29e729e03c4435f2d0a26c28c0a6d109f6977f1791282224e5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458445
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 06 Mar 2023 17:07:39 GMT
server
cloudflare
vnd-eo-trace-id
7a3e4c2a6d849441-SJC
etag
W/"0df9f0b54711dbdb858eb64676c3342f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9ce9219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
login.e2ac09d1.js
www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/
929 B
779 B
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/login.e2ac09d1.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54295ce2a889c0f42dc8c8ae0b0820f09a7f1b5ceb1fe671fea020e536ce6eab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458445
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 06 Mar 2023 17:07:39 GMT
server
cloudflare
vnd-eo-trace-id
7a3e4c2a6d859441-SJC
etag
W/"07fa5995b0e43322f952e401f3ed23f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9d19219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
icons-user-vue-qGx8M.9dcdb0e0.js
www.upwork.com/static/assets/AccountSecurityNuxt/
678 B
817 B
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/icons-user-vue-qGx8M.9dcdb0e0.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3599a20ae03e68f510094fe3e10f2a1b92bd51ad1cd90f1b0b00dee3bd42299
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1666627
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Tue, 14 Feb 2023 16:08:21 GMT
server
cloudflare
vnd-eo-trace-id
799718ff9df8c551-SJC
etag
W/"bc964c04289ce2f88c098276cd1c6123"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c3b9d39219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
25 KB
9 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 12 Mar 2023 17:44:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ewgd1d1Vp0nFNYpIMiFTtA==
age
78213
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
8460
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 03:55:14 GMT
server
cloudflare
etag
0x8DB211B414663E4
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1ba41d74-e01e-00fd-0b80-53e784000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a6dd8c418a92ba4-FRA
truncated
/
855 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7caf751ab1de54c4cca3e86eab021b3efe4c02cfdda86319d5d084fddfe18c7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
SFProText-Medium.db9b552.woff
www.upwork.com/static/assets/AccountSecurityNuxt/fonts/
5 KB
6 KB
Font
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/fonts/SFProText-Medium.db9b552.woff
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58dcdc6a8ea111ea6e48841e189dcdb20b3d99200a1f75eb34d43d869941f551
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
19187457
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5548
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Tue, 02 Aug 2022 11:22:55 GMT
server
cloudflare
vnd-eo-trace-id
7347f159cbcb724c-SJC
etag
"83b478be12abf0ca955063c24a48d5cb"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age
3000
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
font/woff
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a6dd8c40a6a9219-FRA
expires
Mon, 11 Mar 2024 17:44:42 GMT
beb279fb-8702-46ec-a677-6f14e3828966.json
cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/beb279fb-8702-46ec-a677-6f14e3828966.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e471140bdfbadc54b8b6a3259b62abec9d5c17f8a518135b132ee14debbe77be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 12 Mar 2023 17:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
VmLkzirMYR1Hve8spZvsPg==
age
27954
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1654
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 09:52:02 GMT
server
cloudflare
etag
0x8DAF939A6736DC0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
77df89e8-601e-016b-2422-2bc3e5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a6dd8c4aff52c29-FRA
expires
Mon, 13 Mar 2023 17:44:43 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
59 B
295 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7a6dd8c55a99363d-FRA
access-control-allow-headers
Content-Type
workbox-window.prod.es5-eZxxJ.3918ac8a.js
www.upwork.com/static/assets/AccountSecurityNuxt/
5 KB
2 KB
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/workbox-window.prod.es5-eZxxJ.3918ac8a.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/runtime.934b6b4c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8ee440d242c6f601a75974c515d7f84098f36e512dd0d9bbc4f56f7473d6fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
4525049
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Thu, 19 Jan 2023 08:05:17 GMT
server
cloudflare
vnd-eo-trace-id
78be10ac79b8c52d-SJC
etag
W/"01c2fd0727e5f27a6961f1edfe8273da"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c59d4c9219-FRA
expires
Mon, 11 Mar 2024 17:44:43 GMT
api.js
www.recaptcha.net/recaptcha/
855 B
879 B
Script
General
Full URL
https://www.recaptcha.net/recaptcha/api.js?render=explicit
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/pages/login.bca9751d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d31efa1d11db88a2ca54a5cd9919bb62a35741a056d5cef1c7c244a7a400d4e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
559
x-xss-protection
1; mode=block
expires
Sun, 12 Mar 2023 17:44:43 GMT
loader_only.js
assets.static-upwork.com/iovation/5.2.2/
4 KB
2 KB
Script
General
Full URL
https://assets.static-upwork.com/iovation/5.2.2/loader_only.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.b218a200.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8096 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
x-amz-version-id
HskTff9TjeJIN57gDYa1bi2_LbMU_02X
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
T36VBPB0M5YPEBQ6
age
1693
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
i4pbchNXcTBlJFaJBDAyjh9dwDG3q5KmpJJx4KOgq3XVDsLhKZH54AbQDy31JKz2qFQ20rlV/gY=
last-modified
Tue, 27 Jul 2021 10:37:17 GMT
server
cloudflare
etag
W/"8422458b55fbda403437065dd5557abf"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
7a6dd8c66d7b371d-FRA
x-amz-meta-last-modified
1593693054000
expires
Sun, 12 Mar 2023 21:44:43 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.37.0/
367 KB
87 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c09d17405fc079c641533fb989b284d6b25fe4a402017701cfbf0d22b31611
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 12 Mar 2023 17:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
84QDGKEUCS7BR7wlSH5now==
age
15565
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
89029
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:58 GMT
server
cloudflare
etag
0x8DA6BAB51B19C0E
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
55dbfc92-801e-00ed-7f9a-9dd162000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a6dd8c64b482ba4-FRA
gtm.js
www.googletagmanager.com/
122 KB
45 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.b218a200.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5eac2344cf558a722bcacd8c1b3668e70ca1eff7a05e4d9f922dc59e3f0d62b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45302
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Mar 2023 17:44:43 GMT
loader.nuxt.js
www.upwork.com/nx/suit2/
1 KB
1 KB
Script
General
Full URL
https://www.upwork.com/nx/suit2/loader.nuxt.js?t=1678643083256
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.b218a200.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02e92f5cf3fc9a33571b80a4fc81e3f5139026d75511c3aaf376c5a201a1d452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-security-policy-report-only
report-to csp-endpoint, report-to csp-endpoint
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Fri, 03 Feb 2023 13:59:17 GMT
server
cloudflare
vnd-eo-trace-id
7a6dd8c66eaa9219-SJC
etag
W/"d85fed768ac315dd07d959d03482248e"
x-frame-options
SAMEORIGIN
report-to
{'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}, {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
7a6dd8c66eaa9219-FRA
expires
Sun, 12 Mar 2023 21:44:43 GMT
psmetrics
www.upwork.com/upi/
25 B
468 B
Ping
General
Full URL
https://www.upwork.com/upi/psmetrics
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.b218a200.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
86b54313a0e50541ddf8d31208d59dbc3ff8e193b82d18b2bced19a6a85f675c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
origin-when-cross-origin
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
server
cloudflare
vnd-eo-trace-id
7a6dd8c66ead9219-FRA
x-powered-by
Express
etag
W/"19-S1EsuAtdTdtkjGJWTLFLKUdoXrc"
content-type
text/html; charset=utf-8
cf-ray
7a6dd8c66ead9219-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25
x-xss-protection
1; mode=block
visitor-gql-token
www.upwork.com/ab/account-security/
77 B
690 B
Fetch
General
Full URL
https://www.upwork.com/ab/account-security/visitor-gql-token
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.b218a200.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b96d0c756c0ed7e215b2b787b68e4ab48aa5b26f08ab8e4e29a2c831ac7a694b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
vnd-eo-parent-span-id
3cfe41d6-4195-4545-aaeb-5f8d75c76b71
vnd-eo-trace-id
7a6dd8c1ab18909a-FRA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
vnd-eo-span-id
f4aa679e-7d0a-41bc-94ad-550b1de1fea4
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
content-security-policy-report-only
report-to csp-endpoint
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
server
cloudflare
vnd-eo-trace-id
7a6dd8c66eb99219-FRA
x-frame-options
SAMEORIGIN
report-to
{'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type
application/json
vary
Accept-Encoding
cf-ray
7a6dd8c66eb99219-FRA
snippet-xndwY.8f8c1c74.js
www.upwork.com/static/assets/AccountSecurityNuxt/
7 KB
4 KB
Script
General
Full URL
https://www.upwork.com/static/assets/AccountSecurityNuxt/snippet-xndwY.8f8c1c74.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/runtime.934b6b4c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e424c75c578bd740197fdbb6a6dbdaaec05f0957433fd84bfbcb74440c7f57a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
458445
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 06 Mar 2023 17:07:39 GMT
server
cloudflare
vnd-eo-trace-id
7a3f20909dcb645f-SJC
etag
W/"134543cbc668810d1e2fe537cdb647ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c67ed89219-FRA
expires
Mon, 11 Mar 2024 17:44:43 GMT
202452b9c34b.js
w.usabilla.com/ Frame 8E9F
40 KB
12 KB
Script
General
Full URL
https://w.usabilla.com/202452b9c34b.js?lv=1
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.19.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-19-64.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f890726d0f6125e820e6419fd32629abc929b112828017751a0b74a1c9ea788b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 17:44:43 GMT
content-encoding
gzip
x-widget-server
2.1
etag
"2364d5ace567f21371ed43814a1bb8f1"
content-type
text/javascript
cache-control
public,max-age=0
content-length
11867
recaptcha__de.js
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/
405 KB
162 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e008e03e1be26d3c8a0291bb1d29f93bddeef133fefd946ed207245fc6e63ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upwork.com/
Origin
https://www.upwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165509
x-xss-protection
0
last-modified
Sun, 05 Mar 2023 21:03:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 17:26:16 GMT
static_wdp.js
first.iovation.com/general5/
Redirect Chain
  • https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
  • https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
40 KB
16 KB
Script
General
Full URL
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
HTTP/1.1
Server
52.129.66.1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6ac20d1896069d1a7f41dee4bc343ced4db29f3bb52a8704382f912a4395f684

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 17:44:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 May 2014 00:01:40 GMT
Accept-CH
ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary
Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
p3p
CP="NON DSP COR CURa"
Cache-Control
private
Expires
Tue, 11 Apr 2023 17:44:43 GMT

Redirect headers

date
Sun, 12 Mar 2023 17:44:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
location
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
cache-control
max-age=3600
cf-ray
7a6dd8c69f089219-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 18:44:43 GMT
wdp.js
mpsnare.iesnare.com/general5/
41 KB
19 KB
Script
General
Full URL
https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by
Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/iovation/5.2.2/loader_only.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-71-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b63b497594a596a673a0cf4dfa5c49f8aa96c1554ff6a94518a3f2f2f50153a0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 17:44:43 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
Server
nginx
Accept-CH
ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
p3p
CP="NON DSP COR CURa"
Cache-Control
no-cache, private
Connection
keep-alive
Expires
0
en.json
cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/c9941f82-d2b8-4c84-adc0-2e179cea9fc9/
131 KB
25 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/c9941f82-d2b8-4c84-adc0-2e179cea9fc9/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f43c1c9a7970705b02f7e5a079ac1afcee891e786df83ac5b3434288f1c10022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 12 Mar 2023 17:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
a5HOOu3hr5HDPfOwAvXjaw==
age
27598
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
25515
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 09:52:09 GMT
server
cloudflare
etag
0x8DAF939AAACCEAD
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
04c40e50-201e-0041-3122-2bf0f5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a6dd8c6ab4b2c29-FRA
expires
Mon, 13 Mar 2023 17:44:43 GMT
script.js
4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/
418 KB
190 KB
Script
General
Full URL
https://4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/script.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-12.fra56.r.cloudfront.net
Software
/
Resource Hash
34b131c3146311099a7cf0aca7403bc66f691e84d02a6be611b717a38fc4256d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 10:55:31 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
1752552
x-cache
Hit from cloudfront
last-modified
Mon, 20 Feb 2023 10:55:31 GMT
x-sourcemap
https://cdn4.forter.com/map/suid/4c4cc75a16ed/68065154253
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=300
timing-allow-origin
*
x-amz-cf-id
i-ACz_xQBOCBtRi5KOZlJVttsiUqMT2vBfxnFW2BMNTWA-1Pwm7CGQ==
expires
Mon, 20 Feb 2023 11:00:31 GMT
otFloatingRoundedCorner.json
cdn.cookielaw.org/scripttemplates/6.37.0/assets/
10 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/otFloatingRoundedCorner.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce26ecdf22dd9987049b1bdc32d7ebdfeb55b26bd607d83a13f31079bcd6e131
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 12 Mar 2023 17:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
TrvDuzBPccZY8Oudy0hBVA==
age
25988
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2589
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:50 GMT
server
cloudflare
etag
0x8DA6BAB4D3FCC35
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
c57a31ce-901e-0071-1822-2baadf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a6dd8c6fbac2c29-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.37.0/assets/
22 KB
5 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 12 Mar 2023 17:44:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
TLLtdkuMahUQRVIfmZNHNw==
age
27776
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:28:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
a436dc6c-a01e-0079-1422-2bb1ac000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7a6dd8c6fbad2c29-FRA
gtm.js
www.googletagmanager.com/
531 KB
116 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b34cbc413131e41ecf2f9b42bf2750bb5da803bc0bf62267bf865d87e0ddbd61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
118128
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 12 Mar 2023 17:44:43 GMT
truncated
/
306 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc1ae363cdb7dbd47ecc207366703cc1515241cd2401da57c19e04648b9351de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
96199b90-1ee6-4ea9-8487-8780e3b0e2a4
https://www.upwork.com/
5 KB
0
Other
General
Full URL
blob:https://www.upwork.com/96199b90-1ee6-4ea9-8487-8780e3b0e2a4
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f44e40706e036a1979dcfdf3de5c9cbe44d4f4ab1f19160531289d68fc5fe557

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length
5305
Content-Type
application/javascript
516858f3f9efc799b493c6fec34c75df.js
ob.cityrobotflower.com/i/
86 KB
32 KB
Script
General
Full URL
https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:0:2:7cf7:d580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
c2616c9f9ca7283ff2e1cc1b6f593fb269612c40558c7bcc69b7961588df0c69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 10:49:07 GMT
content-encoding
gzip
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
FRA50-C1
age
41553
etag
"1595d-IbkPwqmx3oBHbs480koSIMXsM/k"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
32085
x-amz-cf-id
tyAesSFWBbrHB_i-bxwqkhU5sNMzOixa0KedHcey9NwPTmAmL1BurA==
expires
Sun, 12 Mar 2023 18:12:10 GMT
main.min.js
client.perimeterx.net/PXSs13U803/
0
214 B
Script
General
Full URL
https://client.perimeterx.net/PXSs13U803/main.min.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.46.193 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-46-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
etag
"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
active-cdn
Akamai
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
active-cdn,x-served-by
cache-control
max-age=600,stale-while-revalidate=86400,stale-if-error=3600
content-length
0
gtm-snippet.min.js
assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/
1 KB
850 B
Script
General
Full URL
https://assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/gtm-snippet.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8096 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
x-amz-version-id
ZweJj09ERuB7hGd43xe8zP0W7iYDRk9P
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
T36SFAXQGPC9W5EP
age
3524
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
b4N4/6RJ/PEbd6OcboAJJtsGr1uhriqSCXQNwt271WXnCL4Ql0BJKqehHqyg72/v6zS1Fs85ErocfMzhHiv//A==
last-modified
Wed, 28 Jul 2021 04:55:45 GMT
server
cloudflare
etag
W/"f65b2f243a458c9aae9b29262e8b2877"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
7a6dd8c7dff6371d-FRA
x-amz-meta-last-modified
1532366449000
expires
Sun, 12 Mar 2023 21:44:43 GMT
logo.js
mpsnare.iesnare.com/5.6.0/
505 B
923 B
Script
General
Full URL
https://mpsnare.iesnare.com/5.6.0/logo.js
Requested by
Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-71-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9dd39047a2162dc3dc1181e315478717088833588e2aa6a827430ca390e530f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 17:44:43 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 06 May 2014 00:01:40 GMT
Server
nginx
Accept-CH
ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
p3p
CP="NON DSP COR CURa"
Cache-Control
private
Connection
keep-alive
Expires
Mon, 11 Mar 2024 17:44:43 GMT
time.mp3
mpsnare.iesnare.com/
504 B
881 B
Media
General
Full URL
https://mpsnare.iesnare.com/time.mp3?nocache=0.1620312363799703
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-71-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1940be89f577cc501111e5b0ad5842ab8f35e89fb7f32c5716f08e2f4c057399
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.upwork.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=0-

Response headers

Pragma
public
Date
Sun, 12 Mar 2023 17:44:43 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Server
nginx
Content-Type
audio/mpeg
Content-Range
bytes 0-503/504
Content-Disposition
inline; filename=time.mp3
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
504
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dyn_wdp.js
first.iovation.com/5.6.0/
Redirect Chain
  • https://www.upwork.com/iojs/5.6.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
  • https://first.iovation.com/5.6.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
2 KB
2 KB
Script
General
Full URL
https://first.iovation.com/5.6.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
HTTP/1.1
Server
52.129.66.1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cd76a65e4d48c915c0eed3479dc6805f4ef926df94d22e195977ce2a35d380cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
2023-Mar-12 17:44:43
Content-Encoding
gzip
Accept-CH
ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary
Accept-Encoding, User-Agent
p3p
CP="NON DSP COR CURa"
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, private
Keep-Alive
timeout=2, max=96
Content-Length
1347
Expires
0

Redirect headers

date
Sun, 12 Mar 2023 17:44:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
location
https://first.iovation.com/5.6.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
cache-control
max-age=3600
cf-ray
7a6dd8c809c19219-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 18:44:43 GMT
index.iife.min.js
www.upwork.com/static/suit2-tracker/0.2.63/
78 KB
30 KB
Script
General
Full URL
https://www.upwork.com/static/suit2-tracker/0.2.63/index.iife.min.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/nx/suit2/loader.nuxt.js?t=1678643083256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b4423fb196fe95b96da12e918f10a87de71d85f7fd88cd9d6c9f6624ff82656
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
9944754
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 14 Nov 2022 17:19:39 GMT
server
cloudflare
vnd-eo-trace-id
76a193a2dfe8eb9b-SJC
etag
W/"06c0e390a31d1a7b06c13e6687e64d6f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a6dd8c84a3e9219-FRA
expires
Mon, 11 Mar 2024 17:44:43 GMT
2deb5c9f394d7f2a3575b01218fa0eb9f9b2cf5a27dc1767eab4680eeac2c71dac7f4bc96b1153e4d9f84adda377
cdn9.forter.com/vchk2/v1/
Redirect Chain
  • https://cdn9.forter.com/vchk2
  • https://cdn9.forter.com/vchk2/v1/2deb5c9f394d7f2a3575b01218fa0eb9f9b2cf5a27dc1767eab4680eeac2c71dac7f4bc96b1153e4d9f84adda377
0
322 B
XHR
General
Full URL
https://cdn9.forter.com/vchk2/v1/2deb5c9f394d7f2a3575b01218fa0eb9f9b2cf5a27dc1767eab4680eeac2c71dac7f4bc96b1153e4d9f84adda377
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Server
143.204.89.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-33.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:43 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=86400; includeSubDomains
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
private, s-maxage=0, proxy-revalidate
timing-allow-origin
*
x-amz-cf-id
B9mXUxzUnIviRbjs9FrJ18MEUve2NUE7TNk4350pdf5cwFJkoV9z7w==

Redirect headers

date
Sun, 12 Mar 2023 17:44:43 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=86400; includeSubDomains
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
location
https://cdn9.forter.com/vchk2/v1/2deb5c9f394d7f2a3575b01218fa0eb9f9b2cf5a27dc1767eab4680eeac2c71dac7f4bc96b1153e4d9f84adda377
access-control-allow-origin
*
cache-control
private, s-maxage=0, proxy-revalidate
timing-allow-origin
*
x-amz-cf-id
SLgp5FvBLXdLwJO96MfkGTIcKgEQlauAEoeu7YkLVf9OYpwiFUyJDg==
api.js
apis.google.com/js/
17 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/pages/login.bca9751d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e220226b6daf9afcc3676bf181a0b6b72060d274d09fa838fae65184222ab337
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 Mar 2023 17:44:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"ac2ef0b8980b3937"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 17:44:43 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/
42 KB
17 KB
Script
General
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/pages/login.bca9751d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.77.42.191 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-42-191.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Sun, 12 Mar 2023 17:44:43 GMT
Last-Modified
Thu, 23 Feb 2023 20:19:01 GMT
Server
Apple
ETag
W/"42671-1677183541056"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17247
c999be32-c80c-431c-aa1d-530f707c1536
https://www.upwork.com/
17 KB
0
Other
General
Full URL
blob:https://www.upwork.com/c999be32-c80c-431c-aa1d-530f707c1536
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ab9500d2432aef09f59249fc1fe4e3909824f506637a285a9f057752aa15b33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length
17314
Content-Type
application/javascript
ct
obs.cityrobotflower.com/
6 KB
3 KB
Script
General
Full URL
https://obs.cityrobotflower.com/ct?id=35075&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1678643083742&hl=2&op=0&ag=2671015127&rand=241278697808091010112709805976002425283610758603728528172070540770722100817&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDM5NTVdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjQsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDUsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCw3Il0sWy0xLCItIl0sWy0yLCI0LGVZRzlYMS9YMXRabFMyMmQ1MXg4WU5ZOU14SlFFTUNkVUJISkw4NkwyM0FDR1VoQkl3SVNTRUVBY0lKZlJlQWdRSUVGb0luZEN4d1FYamhvMjcxOTZtTWpPdi9yODcwdXhxRngiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJrZXl3b3Jkc1wiLFwiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjozMzEwMDAwMCxcInVqaHNcIjoyNzYwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY3ODY0MzA4MzcxNiwwXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSwyOTUsMjk1LDAsMCwwLDAsMzA5LC0xLDAsNjkwLjksNjkwLjksMTUxMCwxNTExIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDNdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIjYyMCw2NzcsMCwwLDAsNTYyLDAsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCw2ODQsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiRXRjL1Vua25vd24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjEwMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMjg3Mjg5OTMyMFwiLFwiMzQxODQyMTcyMFwiLFwiOTQwMzg0NDMyXCJdLFwiZFwiOltdLFwiYlwiOltcIl8xXCIsXCIyNDMxNTE3Mjc3XCJdLFwic1wiOjF9Il0sWy01NSwiMSJdLFsiZGRiIiwiMCw0LDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwwLDAsMCwyLDYsMCwxMiwxLDEsMCwwLDAsMCwwLDAiXSxbImJuY2giLDQ5XSxbImFibmNoIiw0OV1d&dep=0&pre=0&sdd=%7B%7D&cri=tVGfpIVmBW&pto=1536&ver=50&gac=-&mei=&ap=&duid=1.1678643083.tFyR24eU6AjhEhZg&suid=1.1678643083.YUpUBtwgXh8R5A5K&tuid=1.1678643083.pgeWqvP0GyAcxk1i&fbc=-&gtm=WyJPbmVUcnVzdExvYWRlZCIsIk9wdGFub25Mb2FkZWQiLCJPbmVUcnVzdEdyb3Vwc1VwZGF0ZWQiXQ%3D%3D&it=50%2C1281%2C84&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by
Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
478bfe7f80ad22e313a3a68cc1192fd1c7455b77e6bc710a088b0a5bf3752203

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Sun, 12 Mar 2023 17:44:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
2518
expires
Fri, 01 Jan 1990 00:00:00 GMT
time.mp3
mpsnare.iesnare.com/
504 B
881 B
Media
General
Full URL
https://mpsnare.iesnare.com/time.mp3?nocache=0.7770613268406534
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-71-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1940be89f577cc501111e5b0ad5842ab8f35e89fb7f32c5716f08e2f4c057399
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.upwork.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=0-

Response headers

Pragma
public
Date
Sun, 12 Mar 2023 17:44:43 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Server
nginx
Content-Type
audio/mpeg
Content-Range
bytes 0-503/504
Content-Disposition
inline; filename=time.mp3
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
504
Expires
Thu, 01 Jan 1970 00:00:00 GMT
logo.js
first.iovation.com/5.6.0/
Redirect Chain
  • https://www.upwork.com/iojs/5.6.0/logo.js
  • https://first.iovation.com/5.6.0/logo.js
505 B
897 B
Script
General
Full URL
https://first.iovation.com/5.6.0/logo.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
HTTP/1.1
Server
52.129.66.1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9feb939864de55f1179ef885a30bb3ab2dac671a9e2d25e167b39a75d8321ce4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 17:44:43 GMT
Last-Modified
Tue, 06 May 2014 00:01:40 GMT
Accept-CH
ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary
Accept-Encoding, User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NON DSP COR CURa"
Cache-Control
private
Content-Length
505
Expires
Mon, 11 Mar 2024 17:44:43 GMT

Redirect headers

date
Sun, 12 Mar 2023 17:44:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
location
https://first.iovation.com/5.6.0/logo.js
cache-control
max-age=3600
cf-ray
7a6dd8c98ce79219-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Mar 2023 18:44:43 GMT
prop.json
cdn0.forter.com/4c4cc75a16ed/cd6457ca8a284d8691aa9da2bb9ae659/
20 B
358 B
XHR
General
Full URL
https://cdn0.forter.com/4c4cc75a16ed/cd6457ca8a284d8691aa9da2bb9ae659/prop.json?_=1678643083747
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-202-163.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 17:44:44 GMT
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://www.upwork.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
-1
27162d07-f4b0-42d1-a68d-7b5bf4760ec6
https://www.upwork.com/
68 B
0
Other
General
Full URL
blob:https://www.upwork.com/27162d07-f4b0-42d1-a68d-7b5bf4760ec6
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aebf5e11b85a9ca6377b615fca84ca9c0db26ff5c81d59a985a864d5239926c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length
68
Content-Type
application/javascript
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/
315 KB
108 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
375ce748fa9ac7816b24528b6c12543a66e530c017a1710f03c65b420b00fd8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 21:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109944
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 16:56:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 21:55:48 GMT
suit
www.upwork.com/shasta/
2 B
706 B
XHR
General
Full URL
https://www.upwork.com/shasta/suit
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/suit2-tracker/0.2.63/index.iife.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Sun, 12 Mar 2023 17:44:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.upwork.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials
true
cf-ray
7a6dd8caaece9219-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
proxy.html
content.googleapis.com/static/ Frame D63B
382 B
1 KB
Document
General
Full URL
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d4f835d9caba5fd28f0d4d80a338e7d30dabf64f374836a5798d78212a04b79
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-xkXRCRcVGpK8Ihvp-3XNFg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
274
content-security-policy
script-src 'nonce-xkXRCRcVGpK8Ihvp-3XNFg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type
text/html
cross-origin-embedder-policy
require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only
same-origin; report-to="apiserving"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 17:44:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Fri, 17 Jul 2020 22:45:00 GMT
pragma
no-cache
report-to
{"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iframe
accounts.google.com/o/oauth2/ Frame A211
280 B
1 KB
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78d950eeb8184582479487646bb4605e4f48948cf8ad17a3cd5d9f9d229a4822
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-lOjjb9WPOnXawnedGAMesQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-lOjjb9WPOnXawnedGAMesQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 17:44:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
analyze
dh0tb61pdpl7x.cloudfront.net/
511 B
790 B
XHR
General
Full URL
https://dh0tb61pdpl7x.cloudfront.net/analyze
Requested by
Host:
URL: (program):2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:15:633e:2b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f2650bc98c0fd3507c2c700b6771a946ed0d0d92641ce42c582385d506819eea

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

uwebsockets
20
date
Sun, 12 Mar 2023 17:44:44 GMT
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.upwork.com
content-length
511
x-amz-cf-id
s-raJy0RoFppCHkvJ1TPEgWX9LDI1MFyvI6vzjSbMpjag_3mo0lo1g==
apiserving
csp.withgoogle.com/csp/ Frame D63B
0
0
Other
General
Full URL
https://csp.withgoogle.com/csp/apiserving
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://content.googleapis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/csp-report

Response headers

googleapis.proxy.js
apis.google.com/js/ Frame D63B
17 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/googleapis.proxy.js?onload=startup
Requested by
Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32c7f6b3c32819bdb40284c30383f00ef0d0349aba198a60970e412cd786de32
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 Mar 2023 17:44:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6897
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"334ae24f799242d9"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 17:44:44 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/ Frame D63B
70 KB
25 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d0cd8a36a51dfa01d044cf17b7597eedde6e8a74d563be3f3fd1cb97efab482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 10:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
372435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25326
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 16:56:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 10:17:29 GMT
rest
content.googleapis.com/discovery/v1/apis/people/v1/ Frame D63B
44 KB
7 KB
XHR
General
Full URL
https://content.googleapis.com/discovery/v1/apis/people/v1/rest?pp=0&fields=kind%2Cname%2Cversion%2CrootUrl%2CservicePath%2Cresources%2Cparameters%2Cmethods%2CbatchPath%2Cid
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7361a4a279549909ad750b137fedd0cc0bde4bd110664dceb90a1d1a80ca53d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://www.upwork.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Referer
https://www.upwork.com

Response headers

date
Sun, 12 Mar 2023 17:44:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6553
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/
107 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 12 Mar 2023 17:44:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27907
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
/aamdGpCSMnpUxtDEKumohi6j15V77oMyys9GogSsCZKtNwN239uiyk97Pk/l1BkBr4vnuN0izPsOe1JTrgIOQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
185 KB
66 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-972598239
Requested by
Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d886c9efd3910647eff9993751c127c540059ff8a6acf9c7fbbc7f73e7da1d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67588
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Mar 2023 17:44:44 GMT
js
www.googletagmanager.com/gtag/
186 KB
66 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-972598239&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d0763333eaeeed063c8a5ea98c0f6037c7db1cd6df85138294aa0fd8255f72ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67600
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Mar 2023 17:44:44 GMT
bat.js
bat.bing.com/ Frame 8110
40 KB
12 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 12 Mar 2023 17:44:43 GMT
last-modified
Thu, 16 Feb 2023 18:31:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 966B08D280D44021B8C297500223E610 Ref B: DUS30EDGE0315 Ref C: 2023-03-12T17:44:44Z
etag
"8072cff03442d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11894
js
www.googletagmanager.com/gtag/ Frame 8110
113 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-9982405
Requested by
Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b2b0a30b161254bf84b5a998c733a16fc4e061c3f1593f67558f57c447a6165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45013
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Mar 2023 17:44:44 GMT
pixel.js
www.redditstatic.com/ads/ Frame 8110
23 KB
8 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:44 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Mon, 23 Jan 2023 21:56:14 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"03d5db9dfd00a5719bb4c9261e6fa1bb"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7356
tc_imp.gif
obs.cityrobotflower.com/tracker/
43 B
79 B
Image
General
Full URL
https://obs.cityrobotflower.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136de6c131e94782999225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d148d6a2217071a10acf9f29f674d8b81dc0f783e1aaf2b7506863ed831c0556557259454045e34000ec5b76e1b77be26bb25cb43e2913bf05365ad5f2b7a1bdb53ed46f497d7df3ebb2907fe7fcaa15c3cdc0e6746751793df0335fd60b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a4958677a0d8db5ce8489a5c2e019cbecbf7af2b95dfe57594351ccdeb8b795904fd733dfe971366bbd9ad268957ae44b5d118c41ecbcb7dcc3b309f9d2fda3799d3e8e193fdbd4c38fc2bb5baff354371fe8f719aa61af7010642dd4245c2979684d6ee903dd8239c9fb88735ed7c36378579268398870136d7e964bb0af18800987aaa764e1644cb30b41d8380fe5bb49d7f9738f581dfd776c9096062fa5114546e5874ccbe24e461dfc08123bfd934d9943cd393e8ff3ade96cf72552fb0e80f13e181095e42baace433b6309bf64eadb57ff123fe239f50d71dcbba6fd5103590db807a2d6d72092b174e52fbf38668ce10f51018166bbae10dcd920a1ee2aa8ce2ae66d0bebca9c7fcefb1185d20e919d7f00039d2073c448971576332e467bd2148b1b79836d424ae7199a13ed0aa118b2d5d527c5b294dd8b9b0c9366948880457d78fcbb1dbc94f069cb6a17e95c66f66ded2132074ff91dd4a3cb42181438219e53f870fddc81195a620b6ded1868a4d70eefe3a65857ea089b3ab1e9f7270604cf66a4705d4a52ed5b46192f3ccda48dfc4c26a5a254dac3cb504ac52ba876d95324b225f53183f8428cac6643de167a2a28430a2dd519e3036f6456e268de9cf0b5ce979f38a13da0f321e0aeb6e4bc3e9b768bc1e4fc9cd48a086cfe392009a0b47287e9f6b3710d8c91e56ba20f5aa9069deafb35d0c38fb357e6a51984e0fb88be4190d82362491858d42cadda6dd197feb22b10676448c13616ddf8e411dd7caf189a1e142f330a772c77a82dc40d6e7a66e6bb39a529bddc7f2b6af899e6f1bd2b1375fcd6ece49c813&cri=tVGfpIVmBW&ts=419&cb=1678643084162
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Sun, 12 Mar 2023 17:44:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
suit
www.upwork.com/shasta/
2 B
705 B
XHR
General
Full URL
https://www.upwork.com/shasta/suit
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/suit2-tracker/0.2.63/index.iife.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Sun, 12 Mar 2023 17:44:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.upwork.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials
true
cf-ray
7a6dd8cc4aaf9219-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1678643084264&cv=11&fst=1678643084264&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&tiba=Log%20In%20to%20Your%20Account%20%7C%20Upwork&auid=1754578821.1678643084&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972598239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6692d69f6d4940a0e1cf027f4fe5cce2f47bf5eee172f917f77bc42ac9f47970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 17:44:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/972598239/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/972598239/?random=1678643084279&cv=11&fst=1678643084279&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&tiba=Log%20In%20to%20Your%20Account%20%7C%20Upwork&gtm_ee=1&auid=1754578821.1678643084&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972598239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
67f649785dbea9f4e358339ef790fc00157991bc2fe07a5a86b818be7e04894e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 17:44:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1619
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
463930381624031
connect.facebook.net/signals/config/
377 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/463930381624031?v=2.9.98&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
68a9477bfcfa812cf535aa460b83e460dfc80192cae8d5c29ffd073612a0661d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 12 Mar 2023 17:44:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110277
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
zdOs1psTsoaxAsDNDzXcmkZvb7qEb0UrPzdePX3EOz96HDmiK0CH5f3xb9azcynl1jsXdMM9ZxnrPRO9vBWsow==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
prop.json
cdn0.forter.com/4c4cc75a16ed/cd6457ca8a284d8691aa9da2bb9ae659/
20 B
358 B
XHR
General
Full URL
https://cdn0.forter.com/4c4cc75a16ed/cd6457ca8a284d8691aa9da2bb9ae659/prop.json?_=1678643084249
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-202-163.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 17:44:44 GMT
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://www.upwork.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
-1
psmetrics
www.upwork.com/upi/
25 B
468 B
Ping
General
Full URL
https://www.upwork.com/upi/psmetrics
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.b218a200.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
86b54313a0e50541ddf8d31208d59dbc3ff8e193b82d18b2bced19a6a85f675c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Mar 2023 17:44:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
origin-when-cross-origin
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
server
cloudflare
vnd-eo-trace-id
7a6dd8ccec0a9219-FRA
x-powered-by
Express
etag
W/"19-S1EsuAtdTdtkjGJWTLFLKUdoXrc"
content-type
text/html; charset=utf-8
cf-ray
7a6dd8ccec0a9219-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25
x-xss-protection
1; mode=block
activityi;dc_pre=CMOAgeb41v0CFXlGkQUdt5wAwg;src=9982405;type=conve0;cat=cheqi0;ord=4541347429461;gtm=45fe3360;auiddc=1754578821.1678643084;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security...
9982405.fls.doubleclick.net/ Frame 00BE
Redirect Chain
  • https://9982405.fls.doubleclick.net/activityi;src=9982405;type=conve0;cat=cheqi0;ord=4541347429461;gtm=45fe3360;auiddc=1754578821.1678643084;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-securi...
  • https://9982405.fls.doubleclick.net/activityi;dc_pre=CMOAgeb41v0CFXlGkQUdt5wAwg;src=9982405;type=conve0;cat=cheqi0;ord=4541347429461;gtm=45fe3360;auiddc=1754578821.1678643084;~oref=https%3A%2F%2Fww...
502 B
628 B
Document
General
Full URL
https://9982405.fls.doubleclick.net/activityi;dc_pre=CMOAgeb41v0CFXlGkQUdt5wAwg;src=9982405;type=conve0;cat=cheqi0;ord=4541347429461;gtm=45fe3360;auiddc=1754578821.1678643084;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9982405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
7bf9907a08850689111f73640eb858007dae97b129dfed010bf1d7cddf0e096f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
288
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 17:44:44 GMT
expires
Sun, 12 Mar 2023 17:44:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 17:44:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9982405.fls.doubleclick.net/activityi;dc_pre=CMOAgeb41v0CFXlGkQUdt5wAwg;src=9982405;type=conve0;cat=cheqi0;ord=4541347429461;gtm=45fe3360;auiddc=1754578821.1678643084;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rp.gif
alb.reddit.com/ Frame 8110
42 B
157 B
Image
General
Full URL
https://alb.reddit.com/rp.gif?ts=1678643084320&id=t2_j0i56&event=Search&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=f209af81-6a59-4100-9678-70819f87164b&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 17:44:44 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
331000128.js
bat.bing.com/p/action/ Frame 8110
0
137 B
Script
General
Full URL
https://bat.bing.com/p/action/331000128.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Sun, 12 Mar 2023 17:44:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 18C6DD955B7D42DD9AEA577182BD601A Ref B: DUS30EDGE0315 Ref C: 2023-03-12T17:44:44Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 8110
0
287 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=331000128&Ver=2&mid=6002ae61-2581-4755-8786-0505aa177551&sid=92f7d920c0fd11edb3979dbe27b192c5&vid=92f7f7d0c0fd11edb945673a1d7a9c84&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&r=&lt=6&evt=pageLoad&ifm=1&sv=1&rn=598898
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 12 Mar 2023 17:44:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4F65FB921DC6491184EC5DA1ABC8E648 Ref B: DUS30EDGE0315 Ref C: 2023-03-12T17:44:44Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
816554411748126
connect.facebook.net/signals/config/
378 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/816554411748126?v=2.9.98&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e365355f1226632d550e8ef828f40208f123183976cbf1509a68bc596e11113
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 12 Mar 2023 17:44:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110668
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
IpaN7jX7115vDaAKE20PRED5SYHrto+xY7qIxvGMcbQZpVGDXzc7GVe6XEmjOahrvxyIWAIg+LMY7I4weIfJkw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&rl=&if=false&ts=1678643084370&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&fbp=fb.1.1678643084368.129056683&it=1678643084291&coo=false&rqm=GET
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-asan /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 12 Mar 2023 17:44:44 GMT
server
proxygen-asan
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.de/pagead/1p-conversion/972598239/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1792358281&cv=11&fst=1678643084279&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=f4FGCLPWhoUYEN_X...
  • https://www.google.com/pagead/1p-conversion/972598239/?random=1792358281&cv=11&fst=1678643084279&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleads...
  • https://www.google.de/pagead/1p-conversion/972598239/?random=1792358281&cv=11&fst=1678643084279&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadse...
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/972598239/?random=1792358281&cv=11&fst=1678643084279&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&tiba=Log%20In%20to%20Your%20Account%20%7C%20Upwork&gtm_ee=1&auid=1754578821.1678643084&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0kyMm9BWVF5SWZEdExDbmpyRm9FaVlBeVEzUmVRRjYtOGNWV0lRTURnWVczOWlmM1dONjRsWHBnS3NTa19oTzljZ29PcDhIQUEaWENoQUlnSTIyb0FZUXpmX2x6cUN4LThvaUVpNEFlWUktajFUWkdsUFlxTFZVNllIVzNCU2hBUEhONXcyLVJUOHJpcUlrV2dvVG5vbm5QMVd1aVJJQUNPSWg&is_vtc=1&ocp_id=jA8OZKjEFYaF2fcPjq-pqAY&random=2780909403&ipr=y&prhg=0
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 17:44:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Mar 2023 17:44:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/972598239/?random=1792358281&cv=11&fst=1678643084279&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&tiba=Log%20In%20to%20Your%20Account%20%7C%20Upwork&gtm_ee=1&auid=1754578821.1678643084&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0kyMm9BWVF5SWZEdExDbmpyRm9FaVlBeVEzUmVRRjYtOGNWV0lRTURnWVczOWlmM1dONjRsWHBnS3NTa19oTzljZ29PcDhIQUEaWENoQUlnSTIyb0FZUXpmX2x6cUN4LThvaUVpNEFlWUktajFUWkdsUFlxTFZVNllIVzNCU2hBUEhONXcyLVJUOHJpcUlrV2dvVG5vbm5QMVd1aVJJQUNPSWg&is_vtc=1&ocp_id=jA8OZKjEFYaF2fcPjq-pqAY&random=2780909403&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/972598239/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/972598239/?random=1678643084264&cv=11&fst=1678640400000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&tiba=Log%20In%20to%20Your%20Account%20%7C%20Upwork&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2199228567&rmt_tld=0&ipr=y
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 17:44:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/972598239/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/972598239/?random=1678643084264&cv=11&fst=1678640400000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&tiba=Log%20In%20to%20Your%20Account%20%7C%20Upwork&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2199228567&rmt_tld=1&ipr=y
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 17:44:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&rl=&if=false&ts=1678643084438&sw=1600&sh=1200&v=2.9.98&r=stable&ec=1&o=30&fbp=fb.1.1678643084368.129056683&it=1678643084291&coo=false&rqm=GET
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-asan /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 12 Mar 2023 17:44:44 GMT
server
proxygen-asan
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=816554411748126&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&rl=&if=false&ts=1678643084439&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&fbp=fb.1.1678643084368.129056683&it=1678643084291&coo=false&rqm=GET
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-asan /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 12 Mar 2023 17:44:44 GMT
server
proxygen-asan
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
prop.json
cdn0.forter.com/4c4cc75a16ed/cd6457ca8a284d8691aa9da2bb9ae659/
20 B
358 B
XHR
General
Full URL
https://cdn0.forter.com/4c4cc75a16ed/cd6457ca8a284d8691aa9da2bb9ae659/prop.json?_=1678643084513
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-202-163.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 17:44:44 GMT
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://www.upwork.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
-1
dc_pre=CMOAgeb41v0CFXlGkQUdt5wAwg;src=9982405;type=conve0;cat=cheqi0;ord=4541347429461;gtm=45fe3360;auiddc=*;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252...
adservice.google.com/ddm/fls/z/ Frame 00BE
42 B
401 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMOAgeb41v0CFXlGkQUdt5wAwg;src=9982405;type=conve0;cat=cheqi0;ord=4541347429461;gtm=45fe3360;auiddc=*;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf
Requested by
Host: 9982405.fls.doubleclick.net
URL: https://9982405.fls.doubleclick.net/activityi;dc_pre=CMOAgeb41v0CFXlGkQUdt5wAwg;src=9982405;type=conve0;cat=cheqi0;ord=4541347429461;gtm=45fe3360;auiddc=1754578821.1678643084;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9982405.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 17:44:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame A211
2 KB
911 B
Other
General
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
24a2c2c88e3b3640cc0ddb42306bd801ade8bd30da887696520a85c8498158ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 17:44:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.WZdagyvc0N8.es5.O/d=1/rs=AOaEmlGQsbPVOROOHkVJ9FOnmvEjxLAmHA/ Frame A211
100 KB
34 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.WZdagyvc0N8.es5.O/d=1/rs=AOaEmlGQsbPVOROOHkVJ9FOnmvEjxLAmHA/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b02b42fa8301c33e7ad03c526f12706519254a826b1839645e88724a3750be86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 08:04:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35137
x-xss-protection
0
last-modified
Sat, 04 Mar 2023 05:41:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 08:04:47 GMT
upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame D72F
2 KB
2 KB
Image
General
Full URL
https://d6tizftlrpuof.cloudfront.net/themes/production/upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-77.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fa952d9b6d3e241177a6da103960eb749e30d3e84c25f1d98fb1b2219ab1864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 11 Jan 2023 08:50:52 GMT
x-amz-version-id
d6N_UYHUv2f.lf8yVQQ3CdauiMsM0ICM
Via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Jun 2021 18:49:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P3
Age
5216033
ETag
"ff48a3c94b69990d5044c0b3b202dd9e"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=315360000, no-transform, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1678
X-Amz-Cf-Id
qFMSRblzdeIZdU6khrj6E94CCBvBNZnM4FIfubcw8udWkQU3a3LYOQ==
iframerpc
accounts.google.com/o/oauth2/ Frame A211
49 B
95 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.upwork.com&client_id=936450902531-r6k5fu4tni53b4f0o2r8e2ck49egnok0.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.WZdagyvc0N8.es5.O/d=1/rs=AOaEmlGQsbPVOROOHkVJ9FOnmvEjxLAmHA/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GiFvm32o-C_aDTs3lniqEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
script-src 'report-sample' 'nonce-GiFvm32o-C_aDTs3lniqEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
x-content-type-options
nosniff
date
Sun, 12 Mar 2023 17:31:28 GMT
content-encoding
gzip
age
796
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sun, 12 Mar 2023 18:31:28 GMT
wpt.json
cdn0.forter.com/4c4cc75a16ed/cd6457ca8a284d8691aa9da2bb9ae659/
20 B
415 B
XHR
General
Full URL
https://cdn0.forter.com/4c4cc75a16ed/cd6457ca8a284d8691aa9da2bb9ae659/wpt.json
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-202-163.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 17:44:44 GMT
ETag
W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.upwork.com
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
20
Expires
-1
prop.json
cd6457ca8a284d8691aa9da2bb9ae659-4c4cc75a16ed.cdn.forter.com/
2 B
622 B
Ping
General
Full URL
https://cd6457ca8a284d8691aa9da2bb9ae659-4c4cc75a16ed.cdn.forter.com/prop.json
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.81.184.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-184-157.compute-1.amazonaws.com
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 12 Mar 2023 17:44:45 GMT
Connection
close
Content-Length
2
Pragma
no-cache
Last-Modified
Mon, 26 Dec 2022 12:08:35 GMT
Server
Apache
ETag
"2-5f0b9fead36a8"
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.upwork.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type, x-csrf-token
Expires
Wed, 11 Jan 1984 05:00:00 GMT
wpt.json
cdn0.forter.com/4c4cc75a16ed/cd6457ca8a284d8691aa9da2bb9ae659/ Frame
0
0
Preflight
General
Full URL
https://cdn0.forter.com/4c4cc75a16ed/cd6457ca8a284d8691aa9da2bb9ae659/wpt.json
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-202-163.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.upwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Sun, 12 Mar 2023 17:44:44 GMT
Vary
Access-Control-Request-Headers
mon
obs.cityrobotflower.com/
0
16 B
XHR
General
Full URL
https://obs.cityrobotflower.com/mon
Requested by
Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.upwork.com
date
Sun, 12 Mar 2023 17:44:45 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
mon
obs.cityrobotflower.com/
0
147 B
XHR
General
Full URL
https://obs.cityrobotflower.com/mon
Requested by
Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.upwork.com
date
Sun, 12 Mar 2023 17:44:45 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
icon24.png
gighmmpiobklfepjocnamgkkbiglidom/icons/ Frame A2F5
0
0

close-icon.svg
ihcjicgdanjaechkgeegckofjjedodee/app/assets/ Frame 56CC
0
0

logo_small.gif
d3nocrch4qti4v.cloudfront.net/
43 B
385 B
Image
General
Full URL
https://d3nocrch4qti4v.cloudfront.net/logo_small.gif?dfpadname=&check=1678643085747
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ee00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:54:46 GMT
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2017 14:48:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
1137000
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=1296000
accept-ranges
bytes
content-length
43
x-amz-cf-id
w6znyWFAGqWEa-RRUcsDol17hM-QUqTO2lKYkCtbNQMBQDkZfyLbGg==
logo_medium.gif
d3nocrch4qti4v.cloudfront.net/
43 B
383 B
Image
General
Full URL
https://d3nocrch4qti4v.cloudfront.net/logo_medium.gif?check=1678643085747&refererPageDetail=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ee00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:06:48 GMT
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2017 14:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
279478
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=1296000
accept-ranges
bytes
content-length
43
x-amz-cf-id
2JMjbFsJeRmHbPEQepJ49rtTgOCLVkAT7kTsR66SbKWN7t6CwORFrg==
logo_large.gif
d3nocrch4qti4v.cloudfront.net/
43 B
384 B
Image
General
Full URL
https://d3nocrch4qti4v.cloudfront.net/logo_large.gif?1678643085747&-linkd-32.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ee00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:09:33 GMT
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2017 14:48:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
1161313
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=1296000
accept-ranges
bytes
content-length
43
x-amz-cf-id
tEnRr0QBqKEFNz10TWOA-VRgL8rqP8XNuwxXP8WVvehQ0ZLtqo5Urw==
icon16.png
mlomiejdfkolichcflejclcbmpeaniij/app/images/ Frame 7E02
0
0

psmetrics
www.upwork.com/upi/
25 B
666 B
Ping
General
Full URL
https://www.upwork.com/upi/psmetrics
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.b218a200.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
86b54313a0e50541ddf8d31208d59dbc3ff8e193b82d18b2bced19a6a85f675c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Mar 2023 17:44:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
origin-when-cross-origin
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
server
cloudflare
vnd-eo-trace-id
7a6dd8d60caa9219-FRA
x-powered-by
Express
etag
W/"19-S1EsuAtdTdtkjGJWTLFLKUdoXrc"
content-type
text/html; charset=utf-8
cf-ray
7a6dd8d60caa9219-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25
x-xss-protection
1; mode=block
/
www.facebook.com/tr/
0
54 B
Image
General
Full URL
https://www.facebook.com/tr/?id=463930381624031&ev=Microdata&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&rl=&if=false&ts=1678643085874&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Log%20In%20to%20Your%20Account%20%7C%20Upwork%22%2C%22meta%3Akeywords%22%3A%22Offshore%20outsourcing%2C%20Freelancers%2C%20India%2C%20Russia%2C%20Ukraine%2C%20php%20Programmers%2C%20Coders%2C%20Developers%2C%20Writers%2C%20Web%20Designers%2C%20Website%20Design%2C%20Technical%20Writers%22%2C%22meta%3Adescription%22%3A%22Log%20in%20to%20your%20Upwork%20account%20to%20post%20a%20job%2C%20find%20freelance%20work%2C%20and%20connect%20with%20talent%20around%20the%20globe.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.98&r=stable&ec=2&o=30&fbp=fb.1.1678643084368.129056683&it=1678643084291&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-asan /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 12 Mar 2023 17:44:45 GMT
server
proxygen-asan
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
18 B
Image
General
Full URL
https://www.facebook.com/tr/?id=816554411748126&ev=Microdata&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&rl=&if=false&ts=1678643085941&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Log%20In%20to%20Your%20Account%20%7C%20Upwork%22%2C%22meta%3Akeywords%22%3A%22Offshore%20outsourcing%2C%20Freelancers%2C%20India%2C%20Russia%2C%20Ukraine%2C%20php%20Programmers%2C%20Coders%2C%20Developers%2C%20Writers%2C%20Web%20Designers%2C%20Website%20Design%2C%20Technical%20Writers%22%2C%22meta%3Adescription%22%3A%22Log%20in%20to%20your%20Upwork%20account%20to%20post%20a%20job%2C%20find%20freelance%20work%2C%20and%20connect%20with%20talent%20around%20the%20globe.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.98&r=stable&ec=1&o=30&fbp=fb.1.1678643084368.129056683&it=1678643084291&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 12 Mar 2023 17:44:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
mon
obs.cityrobotflower.com/
0
39 B
XHR
General
Full URL
https://obs.cityrobotflower.com/mon
Requested by
Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.upwork.com
date
Sun, 12 Mar 2023 17:44:47 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
mon
obs.cityrobotflower.com/
0
39 B
XHR
General
Full URL
https://obs.cityrobotflower.com/mon
Requested by
Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.upwork.com
date
Sun, 12 Mar 2023 17:44:49 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
psmetrics
www.upwork.com/upi/
25 B
468 B
Ping
General
Full URL
https://www.upwork.com/upi/psmetrics
Requested by
Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.b218a200.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
86b54313a0e50541ddf8d31208d59dbc3ff8e193b82d18b2bced19a6a85f675c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.upwork.com/ab/account-security/login?redir=%2Fnx%2Fplans%2Fmembership%2Findex%3Ffrkscc%3DJOQ3Zc35XTbf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Mar 2023 17:44:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
origin-when-cross-origin
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
server
cloudflare
vnd-eo-trace-id
7a6dd8f00ab19219-FRA
x-powered-by
Express
etag
W/"19-S1EsuAtdTdtkjGJWTLFLKUdoXrc"
content-type
text/html; charset=utf-8
cf-ray
7a6dd8f00ab19219-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25
x-xss-protection
1; mode=block
events
cdn3.forter.com/
0
241 B
Ping
General
Full URL
https://cdn3.forter.com/events
Requested by
Host:
URL: (program):2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.210.37 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 17:44:51 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Origin
access-control-allow-origin
https://www.upwork.com
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
expires
-1
mon
obs.cityrobotflower.com/
0
39 B
XHR
General
Full URL
https://obs.cityrobotflower.com/mon
Requested by
Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.upwork.com
date
Sun, 12 Mar 2023 17:44:54 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gighmmpiobklfepjocnamgkkbiglidom
URL
chrome-extension://gighmmpiobklfepjocnamgkkbiglidom/icons/icon24.png
Domain
ihcjicgdanjaechkgeegckofjjedodee
URL
chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/assets/close-icon.svg
Domain
mlomiejdfkolichcflejclcbmpeaniij
URL
chrome-extension://mlomiejdfkolichcflejclcbmpeaniij/app/images/icon16.png

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 boolean| credentialless function| OptanonWrapper object| dataLayer object| dashApiScript object| NUXT_APP_CONFIG object| microAppContainer object| microAppApi object| topNavigationApi function| loadSuit2ContainerResolve object| loadSuit2ContainerPromise object| suit2TrackerPromise object| __NUXT__ object| OneTrustStub function| Vue object| Vuex object| webpackJsonp object| onNuxtReadyCbs function| onNuxtReady object| $workbox string| io_global_object_name object| IGLOO string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData function| lightningjs function| usabilla_live object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client number| ftr__startScriptLoad object| Optanon object| OneTrust object| google_tag_manager object| recaptcha function| t6EE function| T5oo function| G2tt function| N4kk function| u066 object| ftr__ext function| ftr__ object| ftr__scriptLoadOptions object| ftr__bufferW function| postscribe object| google_tag_manager_external object| google_tag_data string| _pxAppId function| suitLoader object| ftr__JSON3 object| $nuxt function| __ctcg_ct_35075_exec function| setupSUIT2 object| suit2config object| suitTracker object| gapi object| ___jsl object| AppleID object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis object| _cq function| fbq function| he object| GooglebQhCsO

32 Cookies

Domain/Path Name / Value
.upwork.com/ Name: visitor_id
Value: 217.114.215.131.1678643082394000
www.upwork.com/ Name: lang
Value: en
www.upwork.com/ Name: cookie_prefix
Value:
www.upwork.com/ Name: cookie_domain
Value: .upwork.com
.upwork.com/ Name: __cfruid
Value: 607979d5ecbf7653376538a09a1e77486a6a7306-1678643082
.upwork.com/ Name: XSRF-TOKEN
Value: 33b67fb96fdedc1c0fc4cbe3721f76eb
.upwork.com/ Name: lang
Value: en
.static-upwork.com/ Name: __cf_bm
Value: D8y79KAPEp27244noHr6PaBe8u4Ur3qOwAtQy9pORME-1678643083-0-AbpXchZSfgXMqAIpS5ephW4O2JSiByO1fdabFR5q1PLhumq2qnRF9hOOUfxaeqlo82+YPXTGxNT7zZBDgiLkHsE=
.upwork.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sun+Mar+12+2023+17%3A44%3A43+GMT%2B0000+(GMT)&version=6.37.0&isIABGlobal=false&hosts=&consentId=d038d5d9-c1b0-455d-baa8-e743cdcdf886&interactionCount=0&landingPath=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Fplans%252Fmembership%252Findex%253Ffrkscc%253DJOQ3Zc35XTbf&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
mpsnare.iesnare.com/ Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef
Value: KH6Ru3PiY7Z4wyldpEURzmX5279xgt3zVQLrvnjy98w=
.upwork.com/ Name: forterToken
Value: cd6457ca8a284d8691aa9da2bb9ae659_1678643083308__UDF43_14ck
.upwork.com/ Name: ftr_blst_1h
Value: 1678643083591
first.iovation.com/ Name: fp_token_7c6a6574-f011-4c9a-abdd-9894a102ccef
Value: D13soNr1ZJBLqU3VLJ/bQSZqrKbvUdtu8v6m+QillY0=
.upwork.com/ Name: asct_vt
Value: oauth2v2_a6f6b49f451462f8f155bb2ca683cd68
.upwork.com/ Name: _cq_duid
Value: 1.1678643083.tFyR24eU6AjhEhZg
.upwork.com/ Name: _cq_suid
Value: 1.1678643083.YUpUBtwgXh8R5A5K
www.upwork.com/ Name: _sp_ses.2a16
Value: *
www.upwork.com/ Name: _sp_id.2a16
Value: da8dc4da-a255-4eae-ae38-4c0f603a2c06.1678643084.1.1678643084..9ffecbb0-1025-42a9-a718-ea41caff000d..146191da-6017-48a6-88c9-bd650c1b2a26.1678643083923.3
.www.upwork.com/ Name: G_ENABLED_IDPS
Value: google
obs.cityrobotflower.com/ Name: cg_uuid
Value: 492e8d11ac22157c7aeb6764114a395d
.upwork.com/ Name: spt
Value: 468ff40d-a1d0-42e2-9168-bc064c7bc8b5
.upwork.com/ Name: _gcl_au
Value: 1.1.1754578821.1678643084
.upwork.com/ Name: _rdt_uuid
Value: 1678643084319.f209af81-6a59-4100-9678-70819f87164b
.upwork.com/ Name: _uetsid
Value: 92f7d920c0fd11edb3979dbe27b192c5
.upwork.com/ Name: _uetvid
Value: 92f7f7d0c0fd11edb945673a1d7a9c84
.upwork.com/ Name: _fbp
Value: fb.1.1678643084368.129056683
.bing.com/ Name: MUID
Value: 228E258266FD69570B2C3750673D68BC
www.upwork.com/ Name: AWSALB
Value: X1Kg2PUGkQE4RruGAckRBtD5g+jbC1a30QLfprAxPVypPD9Yz+bEt66liMWDExI3uPJMJqHfb0bTDeCLnYXdT53Vc1zspEo4IbBobFcGpG/0lgaHXnUec4PEvMVI
www.upwork.com/ Name: AWSALBCORS
Value: X1Kg2PUGkQE4RruGAckRBtD5g+jbC1a30QLfprAxPVypPD9Yz+bEt66liMWDExI3uPJMJqHfb0bTDeCLnYXdT53Vc1zspEo4IbBobFcGpG/0lgaHXnUec4PEvMVI
.doubleclick.net/ Name: IDE
Value: AHWqTUmPwxwlQrgwi6MyFD7FZyHmXUAHN5_9pkkeYjlGU-kbR7DaLUXCR17E43KRbJ8
www.upwork.com/ Name: enabled_ff
Value: !air2Dot76Qt,CI11132Air2Dot75,air2Dot76,!CI10270Air2Dot5QTAllocations,OTBnrOn,!CI12577UniversalSearch,TONB2256Air3Migration,!SSINavUser,CI9570Air2Dot5,!MP16400Air3Migration,!CI10857Air3Dot0
.upwork.com/ Name: __cf_bm
Value: DrcaOPFvsA_q3m5vwALj3CSZeiKGfeUVQemrcNzm5wQ-1678643085-0-AcvMPT2o8iNl0Gc6PFHlBcT8Je1lcbV+riud4JvOi7JUcwoF2WGw+ZSqJ0fjZOMfJjOKYhKPhilJh3HSzn8UiTM=

5 Console Messages

Source Level URL
Text
security warning URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_0?le=scs(Line 177)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()
network error
Message:
A bad HTTP response code (403) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c4cc75a16ed.cdn4.forter.com
9982405.fls.doubleclick.net
accounts.google.com
adservice.google.com
alb.reddit.com
apis.google.com
appleid.cdn-apple.com
assets.static-upwork.com
bat.bing.com
cd6457ca8a284d8691aa9da2bb9ae659-4c4cc75a16ed.cdn.forter.com
cdn.cookielaw.org
cdn0.forter.com
cdn3.forter.com
cdn9.forter.com
client.perimeterx.net
connect.facebook.net
content.googleapis.com
csp.withgoogle.com
d3nocrch4qti4v.cloudfront.net
d6tizftlrpuof.cloudfront.net
dh0tb61pdpl7x.cloudfront.net
first.iovation.com
geolocation.onetrust.com
gighmmpiobklfepjocnamgkkbiglidom
googleads.g.doubleclick.net
ihcjicgdanjaechkgeegckofjjedodee
mlomiejdfkolichcflejclcbmpeaniij
mpsnare.iesnare.com
ob.cityrobotflower.com
obs.cityrobotflower.com
w.usabilla.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
www.redditstatic.com
www.upwork.com
gighmmpiobklfepjocnamgkkbiglidom
ihcjicgdanjaechkgeegckofjjedodee
mlomiejdfkolichcflejclcbmpeaniij
104.18.90.237
104.77.42.191
104.77.46.193
108.138.7.12
142.250.186.38
143.204.89.33
151.101.65.140
172.217.18.98
23.23.210.37
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:2156:0:2:7cf7:d580:93a1
2600:9000:2156:8000:15:633e:2b40:93a1
2600:9000:2251:ee00:7:bffe:c3c0:21
2606:4700:4400::ac40:9062
2606:4700::6810:8096
2606:4700::6813:bc61
2620:1ec:c11::200
2a00:1450:4001:803::200d
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::2008
2a00:1450:4001:829::2011
2a00:1450:4001:831::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::396
34.252.19.64
52.129.66.1
52.222.206.77
54.204.202.163
54.228.71.178
54.81.184.157
01a6c5fec0688b13b22caee961056713fdd2f3fa05ce91c3863cc795ece9d286
02e92f5cf3fc9a33571b80a4fc81e3f5139026d75511c3aaf376c5a201a1d452
05b0a33f155542f0b2b110e7780f7dfb6c3802ef1fc6b4dcd3483157652ab674
081d64198ba44c43d2c116d1868f6888be1ff7808342eeb2467350262089d8d9
0e365355f1226632d550e8ef828f40208f123183976cbf1509a68bc596e11113
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
170e8e942c1e662c80f313c859e8b294e89293cd4928aa5971ac42bca881bea2
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
1940be89f577cc501111e5b0ad5842ab8f35e89fb7f32c5716f08e2f4c057399
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
24a2c2c88e3b3640cc0ddb42306bd801ade8bd30da887696520a85c8498158ec
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ab9500d2432aef09f59249fc1fe4e3909824f506637a285a9f057752aa15b33
2d886c9efd3910647eff9993751c127c540059ff8a6acf9c7fbbc7f73e7da1d6
2f11a5008f6b38a19dbdc4839557c62ce408d84885dc3e2e4eab7ba8bcdecd96
2fa952d9b6d3e241177a6da103960eb749e30d3e84c25f1d98fb1b2219ab1864
30ff9066625111300a891ec0e665ad8addb4efbb83707732ea8e98448fd88793
32c7f6b3c32819bdb40284c30383f00ef0d0349aba198a60970e412cd786de32
34b131c3146311099a7cf0aca7403bc66f691e84d02a6be611b717a38fc4256d
375ce748fa9ac7816b24528b6c12543a66e530c017a1710f03c65b420b00fd8e
3858e36a002c5d4e37c552469220332f8f3c24caec3058c90a73279a0f90dcbe
3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c0b64fe96bd29e729e03c4435f2d0a26c28c0a6d109f6977f1791282224e5a
478bfe7f80ad22e313a3a68cc1192fd1c7455b77e6bc710a088b0a5bf3752203
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
49e0e07b0a1267182ec60838b8f8f9f4c63e47bf2fc0fa2f73e1f599737866a7
4aebf5e11b85a9ca6377b615fca84ca9c0db26ff5c81d59a985a864d5239926c
4d4f835d9caba5fd28f0d4d80a338e7d30dabf64f374836a5798d78212a04b79
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54295ce2a889c0f42dc8c8ae0b0820f09a7f1b5ceb1fe671fea020e536ce6eab
54c09d17405fc079c641533fb989b284d6b25fe4a402017701cfbf0d22b31611
56d380b6046811e1294f7d53a81dcbae5ab4053a6f1349c613c36649abf623bf
58dcdc6a8ea111ea6e48841e189dcdb20b3d99200a1f75eb34d43d869941f551
5e008e03e1be26d3c8a0291bb1d29f93bddeef133fefd946ed207245fc6e63ea
5e0fad370e50e89b4c84738050440070d6a9723aca47f1f6070b02ce21d22ef5
5eac2344cf558a722bcacd8c1b3668e70ca1eff7a05e4d9f922dc59e3f0d62b0
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
60eb62d9bacace8a91ff87f73c55d00a78939947b706b88133313f1c5a432c1c
6692d69f6d4940a0e1cf027f4fe5cce2f47bf5eee172f917f77bc42ac9f47970
67f649785dbea9f4e358339ef790fc00157991bc2fe07a5a86b818be7e04894e
68a9477bfcfa812cf535aa460b83e460dfc80192cae8d5c29ffd073612a0661d
6ac20d1896069d1a7f41dee4bc343ced4db29f3bb52a8704382f912a4395f684
6b4423fb196fe95b96da12e918f10a87de71d85f7fd88cd9d6c9f6624ff82656
72e9e3a3d67504b4790f56d7a644cb1417b421f2f08aa4be9757f0cfabbe1edc
7361a4a279549909ad750b137fedd0cc0bde4bd110664dceb90a1d1a80ca53d2
749e2c6f2e5fc46a96bcc555cbd088fdfadb4cf73b8942d08dafe94a6e4c004b
78d950eeb8184582479487646bb4605e4f48948cf8ad17a3cd5d9f9d229a4822
7bf9907a08850689111f73640eb858007dae97b129dfed010bf1d7cddf0e096f
7caf751ab1de54c4cca3e86eab021b3efe4c02cfdda86319d5d084fddfe18c7b
8392acacde68221a87fcd55491814d4b23cb35bc0c446b4814bd3617e7f1e276
86b54313a0e50541ddf8d31208d59dbc3ff8e193b82d18b2bced19a6a85f675c
8b2b0a30b161254bf84b5a998c733a16fc4e061c3f1593f67558f57c447a6165
8d0cd8a36a51dfa01d044cf17b7597eedde6e8a74d563be3f3fd1cb97efab482
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144
9791f9af5698efb54ac9139ad07200c7d50f752fdffd91190707deb56b02b8d8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a6237821391df55e2185529c0637d8b4fa50e3caa88aef05a0b6f8e56b1ea71
9dd39047a2162dc3dc1181e315478717088833588e2aa6a827430ca390e530f8
9feb939864de55f1179ef885a30bb3ab2dac671a9e2d25e167b39a75d8321ce4
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a3599a20ae03e68f510094fe3e10f2a1b92bd51ad1cd90f1b0b00dee3bd42299
a433967d70c77503604191491c50d0fa84f202c2667d2bb1d54057f5fbf99b08
a9143135526184b5c037d6aa3968e58592987bfbe0032cbb0fedb9abf78f18c7
b02b42fa8301c33e7ad03c526f12706519254a826b1839645e88724a3750be86
b34cbc413131e41ecf2f9b42bf2750bb5da803bc0bf62267bf865d87e0ddbd61
b63b497594a596a673a0cf4dfa5c49f8aa96c1554ff6a94518a3f2f2f50153a0
b8ee440d242c6f601a75974c515d7f84098f36e512dd0d9bbc4f56f7473d6fd1
b96d0c756c0ed7e215b2b787b68e4ab48aa5b26f08ab8e4e29a2c831ac7a694b
bc1ae363cdb7dbd47ecc207366703cc1515241cd2401da57c19e04648b9351de
c2616c9f9ca7283ff2e1cc1b6f593fb269612c40558c7bcc69b7961588df0c69
c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029
cd76a65e4d48c915c0eed3479dc6805f4ef926df94d22e195977ce2a35d380cc
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
ce26ecdf22dd9987049b1bdc32d7ebdfeb55b26bd607d83a13f31079bcd6e131
d0763333eaeeed063c8a5ea98c0f6037c7db1cd6df85138294aa0fd8255f72ee
d31efa1d11db88a2ca54a5cd9919bb62a35741a056d5cef1c7c244a7a400d4e4
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
e220226b6daf9afcc3676bf181a0b6b72060d274d09fa838fae65184222ab337
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e424c75c578bd740197fdbb6a6dbdaaec05f0957433fd84bfbcb74440c7f57a4
e471140bdfbadc54b8b6a3259b62abec9d5c17f8a518135b132ee14debbe77be
e5671a2c441d2499f308d44c52e3d71c19d12c82612c2160d986aba61c3a362b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2650bc98c0fd3507c2c700b6771a946ed0d0d92641ce42c582385d506819eea
f43c1c9a7970705b02f7e5a079ac1afcee891e786df83ac5b3434288f1c10022
f44e40706e036a1979dcfdf3de5c9cbe44d4f4ab1f19160531289d68fc5fe557
f890726d0f6125e820e6419fd32629abc929b112828017751a0b74a1c9ea788b