www.upwork.com Open in urlscan Pro
104.18.89.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.upwork.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGNjbOlC4Dna18zdAaAAmIe5inzbnJgRozauAszf6zfLGzeq7Jb3h5zdjNUvqum...
Effective URL:
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%...
Submission: On October 21 via manual (October 21st 2021, 11:10:26 am UTC) from IN — Scanned from DE

Summary HTTP 98 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 4 countries across 31 domains to perform 98 HTTP transactions. The main IP is 104.18.89.237, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.upwork.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on March 24th 2020. Valid for: 2 years.

This is the only time www.upwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.223.232.234 162.223.232.234	15334 (RESPONSYS) (RESPONSYS)
5 11	104.18.89.237 104.18.89.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	104.16.252.149 104.16.252.149	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
2	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
4	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
1	104.111.230.79 104.111.230.79	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.225.78.112 13.225.78.112	16509 (AMAZON-02) (AMAZON-02)
3	80.252.88.155 80.252.88.155	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
4	54.216.48.107 54.216.48.107	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
2	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
2	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
1	13.225.78.89 13.225.78.89	16509 (AMAZON-02) (AMAZON-02)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
2	35.186.220.184 35.186.220.184	15169 (GOOGLE) (GOOGLE)
3	104.18.90.237 104.18.90.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.225.25.49 3.225.25.49	14618 (AMAZON-AES) (AMAZON-AES)
1	74.125.140.156 74.125.140.156	15169 (GOOGLE) (GOOGLE)
2	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
2	142.250.186.77 142.250.186.77	15169 (GOOGLE) (GOOGLE)
2	142.250.74.196 142.250.74.196	15169 (GOOGLE) (GOOGLE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK)
1	18.184.251.131 18.184.251.131	16509 (AMAZON-02) (AMAZON-02)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	34.238.185.203 34.238.185.203	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
2	52.59.36.213 52.59.36.213	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	13.225.78.2 13.225.78.2	16509 (AMAZON-02) (AMAZON-02)
3	209.197.3.19 209.197.3.19	20446 (HIGHWINDS3) (HIGHWINDS3)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	50.116.194.21 50.116.194.21	6336 (TURN-US-ASN) (TURN-US-ASN)
2	34.206.110.32 34.206.110.32	14618 (AMAZON-AES) (AMAZON-AES)
2	216.239.36.54 216.239.36.54	15169 (GOOGLE) (GOOGLE)
98	39

1 162.223.232.234 (United States) 1 redirects

ASN15334 (RESPONSYS, US)
PTR: e.upwork.com

e.upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.89.237 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

www.upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
shasta-collector-production.upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 104.16.252.149 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.static-upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.79 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-79.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.112 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-112.fra2.r.cloudfront.net

bcdn.upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 80.252.88.155 (Netherlands)

ASN15830 (EQUINIX-CONNECT, GB)
PTR: 80.252.88.155.telecityredbus.nl

first.iovation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.216.48.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-48-107.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

fyrsbckgi-c.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wkxppshj-qx.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.89 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-89.fra2.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.220.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com

collector-pxss13u803.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.90.237 (United States)

ASN13335 (CLOUDFLARENET, US)

shasta-collector-production.upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.225.25.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-25-49.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.77 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.60.216.35 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.251.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-251-131.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.185.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-185-203.compute-1.amazonaws.com

colres.sitelabweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

cdn.480app.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.36.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-36-213.eu-central-1.compute.amazonaws.com

colrep.sitelabweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-2.fra2.r.cloudfront.net

c.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.197.3.19 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.206.110.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-110-32.compute-1.amazonaws.com

p.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.54 (Los Gatos, United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	static-upwork.com assets.static-upwork.com	407 KB
16	upwork.com 6 redirects e.upwork.com www.upwork.com bcdn.upwork.com shasta-collector-production.upwork.com	178 KB
8	google.com apis.google.com accounts.google.com www.google.com	139 KB
4	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	44 KB
4	iesnare.com mpsnare.iesnare.com	23 KB
3	flashtalking.com servedby.flashtalking.com	4 KB
3	tvpixel.com c.tvpixel.com p.tvpixel.com	32 KB
3	sitelabweb.com colres.sitelabweb.com colrep.sitelabweb.com	640 B
3	iovation.com first.iovation.com	43 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net
2	googleadservices.com www.googleadservices.com	16 KB
2	googleapis.com content.googleapis.com	7 KB
2	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	px-cloud.net collector-pxss13u803.px-cloud.net	1 KB
2	fastly.net fyrsbckgi-c.global.ssl.fastly.net wkxppshj-qx.global.ssl.fastly.net	70 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	gstatic.com www.gstatic.com ssl.gstatic.com	175 KB
1	turn.com r.turn.com	407 B
1	pdst.fm cdn.pdst.fm	6 KB
1	480app.com cdn.480app.com	325 B
1	t.co t.co	469 B
1	twitter.com analytics.twitter.com	675 B
1	nr-data.net bam-cell.nr-data.net	715 B
1	agkn.com d.agkn.com
1	facebook.com www.facebook.com	313 B
1	ads-twitter.com static.ads-twitter.com	6 KB
1	newrelic.com js-agent.newrelic.com	13 KB
1	impactradius-event.com d.impactradius-event.com	13 KB
1	cdn-apple.com appleid.cdn-apple.com	17 KB
1	recaptcha.net www.recaptcha.net	943 B
1	googletagmanager.com www.googletagmanager.com	58 KB
98	31

	Domain	Requested by
30	assets.static-upwork.com	www.upwork.com assets.static-upwork.com www.googletagmanager.com
8	www.upwork.com	5 redirects www.upwork.com
6	shasta-collector-production.upwork.com	www.upwork.com
4	mpsnare.iesnare.com	assets.static-upwork.com mpsnare.iesnare.com www.upwork.com
4	apis.google.com	assets.static-upwork.com apis.google.com content.googleapis.com
3	servedby.flashtalking.com	www.googletagmanager.com servedby.flashtalking.com
3	heapanalytics.com	www.upwork.com
3	first.iovation.com	www.upwork.com
2	us-central1-adaptive-growth.cloudfunctions.net	www.upwork.com
2	p.tvpixel.com	www.upwork.com
2	colrep.sitelabweb.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.google.com	www.upwork.com
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	content.googleapis.com	apis.google.com
2	collector-pxss13u803.px-cloud.net	www.upwork.com
2	www.google-analytics.com	www.googletagmanager.com www.upwork.com
1	r.turn.com
1	cdn.pdst.fm	www.upwork.com
1	c.tvpixel.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	1 redirects
1	cdn.480app.com	www.upwork.com
1	colres.sitelabweb.com	www.upwork.com
1	wkxppshj-qx.global.ssl.fastly.net	www.upwork.com
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	d.agkn.com
1	www.facebook.com
1	static.ads-twitter.com	www.upwork.com
1	js-agent.newrelic.com	www.upwork.com
1	ssl.gstatic.com	accounts.google.com
1	stats.g.doubleclick.net	www.upwork.com
1	d.impactradius-event.com	www.upwork.com
1	cdn.heapanalytics.com	www.upwork.com
1	fyrsbckgi-c.global.ssl.fastly.net	www.googletagmanager.com
1	www.gstatic.com	www.recaptcha.net
1	bcdn.upwork.com	assets.static-upwork.com
1	appleid.cdn-apple.com	assets.static-upwork.com
1	www.recaptcha.net	assets.static-upwork.com
1	www.googletagmanager.com	www.upwork.com
1	e.upwork.com	1 redirects
98	42

This site contains no links.

Subject Issuer	Validity	Valid
*.upwork.com DigiCert SHA2 High Assurance Server CA	`2020-03-24` - `2022-05-04`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-12` - `2022-07-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2021-01-19` - `2022-02-18`	a year	crt.sh
bcdn.upwork.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-30` - `2022-10-15`	a year	crt.sh
first.iovation.com DigiCert SHA2 Extended Validation Server CA	`2021-04-27` - `2022-05-24`	a year	crt.sh
mpsnare.iesnare.com DigiCert SHA2 Extended Validation Server CA	`2021-04-27` - `2022-05-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-06` - `2022-01-06`	a year	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
heapanalytics.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.sitelabweb.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2022-05-10`	2 years	crt.sh
cdn.480app.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-18` - `2022-11-19`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.tvpixel.com Amazon	`2021-02-13` - `2022-03-14`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-04` - `2022-02-22`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2021-08-28` - `2021-11-26`	3 months	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
Frame ID: CC5E129AA0FB720E7597A2AFBA178986
Requests: 85 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 63D5DDB87E71E4722D8F86A93DC16C7A
Requests: 4 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 37DA68D4605CACCCD21E09CB15798465
Requests: 3 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/18442;121244;12954;iframe/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.upwork.com/ab/account-security/login%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&ns=&cb=644396.7438665143
Frame ID: 8ABD1F289D42820276BCC0C1D5F28E95
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In - UpworkUpwork

Page URL History Show full URLs

https://e.upwork.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGNjbOlC4Dna18zdAaAAmIe5inzbnJgRozauAszf6zf... HTTP 302
https://www.upwork.com/e/jobs/new/?cta=button1&utm_source=responsys&utm_medium=email&utm_campaign=1... HTTP 301
https://www.upwork.com/ab/job-post/new?cta=button1&utm_source=responsys&utm_medium=email&utm_campai... HTTP 302
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm... Page URL

Detected technologies

Apple Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

appleid\.auth\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

vue[.-]([\d.]*\d)[^/]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

98
Requests

99 %
HTTPS

0 %
IPv6

31
Domains

42
Subdomains

39
IPs

4
Countries

1272 kB
Transfer

4047 kB
Size

44
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.upwork.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGNjbOlC4Dna18zdAaAAmIe5inzbnJgRozauAszf6zfLGzeq7Jb3h5zdjNUvqumOaBY4gy6zffBeo2RVXtpKX%3DDYSWCSCY&_ei_=Eq2tf9zs59idfPO1Sc_9BbneXOOu9R3fu3pJL4btlJIHmdXkmKExhHOjjbo0cBFrc7Eisw7McsX5pD_8wrQ0DTFhiaiqulLJbbvOxKaOtOleDHLZObhLDcI.&_di_=s6lg5m07bbfbsspvpqjhhr59pi5rguugpduh6t5riinm6pfmqrmg HTTP 302
https://www.upwork.com/e/jobs/new/?cta=button1&utm_source=responsys&utm_medium=email&utm_campaign=1909_RC_CL_Welcome_RNP_Rebranded HTTP 301
https://www.upwork.com/ab/job-post/new?cta=button1&utm_source=responsys&utm_medium=email&utm_campaign=1909_RC_CL_Welcome_RNP_Rebranded HTTP 302
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Request Chain 56

https://www.upwork.com/iojs/5.4.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
https://first.iovation.com/5.4.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Request Chain 64

https://www.upwork.com/iojs/5.4.0/logo.js HTTP 301
https://first.iovation.com/5.4.0/logo.js

Request Chain 81

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/428342732/?random=1847255531&cv=9&fst=1634814619544&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&tiba=Log%20In%20-%20Upwork&auid=627242148.1634814619&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=m0pxYbmbI-PFx_APn4GGuAo&sscte=1&crd=&eitems=ChEI8J_EiwYQ6Muc1qf6oJuxARIdAKULEUN2ULM4fKmJisJSPynao_jyuqiJsZo6zTE HTTP 302
https://www.google.com/pagead/1p-conversion/428342732/?random=1847255531&cv=9&fst=1634814619544&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&tiba=Log%20In%20-%20Upwork&auid=627242148.1634814619&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=m0pxYbmbI-PFx_APn4GGuAo&eitems=ChEI8J_EiwYQ6Muc1qf6oJuxARIdAKULEUOz1Ok3pT4VQ1kkrjDi8xnxtVDNPutyyZM&random=194183803&resp=GooglemKTybQhCsO

98 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request login Show response
www.upwork.com/ab/account-security/
Redirect Chain

https://e.upwork.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGNjbOlC4Dna18zdAaAAmIe5inzbnJgRozauAszf6zfLGzeq7Jb3h5zdjNUvqumOaBY4gy6zffBeo2RVXtpKX%3DDYSWCSCY&_ei_=Eq2tf9zs59idfPO1Sc_9BbneXOOu9R3fu3pJL4btl...
https://www.upwork.com/e/jobs/new/?cta=button1&utm_source=responsys&utm_medium=email&utm_campaign=1909_RC_CL_Welcome_RNP_Rebranded
https://www.upwork.com/ab/job-post/new?cta=button1&utm_source=responsys&utm_medium=email&utm_campaign=1909_RC_CL_Welcome_RNP_Rebranded
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded

65 KB
23 KB

313ms
312ms

Document
text/html

104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f995a86be3b899dd063d55ea4786ddc24f7d8b89907e0bce9490e66a14a8e577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.upwork.com
:scheme: https
:path: /ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: _pxhd=HFLocusL-0e/fR8uUZIClS8c6wQe7lSZm/rQqQBSosilhkpPbKmCQGTGqC0-qw/qaU9vgA570krc4LTieasTCw==:vZ2ZVjK4f-UbgBZbbLvNCF26W23IwjNQingktsr5/uYYc08rPe8oM/3uSO2Jfvldl6vfbrAr5gaqUjxlEkyp5WwbqvhtTdXDXGOKqKVMrGM=; __cf_bm=6cdca70024f949bed07a73998b4b643de4b288cd-1634814618-0-AUiNs4wYk7tIO4FYyNo0T2+vCLycu047Ecwe7eqEg1vGKgyWR54Lxq1I4cF/NNqjyr9lBmMA7RHPFDeGUBg9yeo=; visitor_id=216.131.114.72.1634814618256000; enabled_ff=CI11132Air2Dot75,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations,!CI10857Air3Dot0; __cfruid=12be4d84fdfedac4aed4c8e4ca1dd22327a1a68c-1634814618
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-type: text/html; charset=UTF-8
set-cookie: _pxhd=HFLocusL-0e/fR8uUZIClS8c6wQe7lSZm/rQqQBSosilhkpPbKmCQGTGqC0-qw/qaU9vgA570krc4LTieasTCw==:vZ2ZVjK4f-UbgBZbbLvNCF26W23IwjNQingktsr5/uYYc08rPe8oM/3uSO2Jfvldl6vfbrAr5gaqUjxlEkyp5WwbqvhtTdXDXGOKqKVMrGM=; Expires=Fri, 21-Oct-22 11:10:18 GMT; Path=/ enabled_ff=CI11132Air2Dot75,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations,!CI10857Air3Dot0; Path=/; Secure visitor_id=216.131.114.72.1634814618256000; expires=Fri, 21-Oct-2022 11:10:18 GMT; Max-Age=31536000; path=/; domain=.upwork.com; secure XSRF-TOKEN=54317fe1b068299d169669ff6245fac5; path=/; domain=.upwork.com; secure
vary: Accept-Encoding Accept-Encoding
cache-control: no-cache, private
x-auth-status: Access
x-upwork-authentication: unauthenticated
report-to: {"endpoints":[{"url":"https://www.upwork.com/ab/csp/index"}],"group":"csp-endpoint","max-age": 10886400}
content-security-policy-report-only: report-uri /ab/csp/index; report-to csp-endpoint
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vnd-eo-trace-id: 6a1a09e4c8804138-SEA
referrer-policy: origin-when-cross-origin
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6a1a09e4c8804138-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-type: text/html
content-length: 0
set-cookie: _pxhd=HFLocusL-0e/fR8uUZIClS8c6wQe7lSZm/rQqQBSosilhkpPbKmCQGTGqC0-qw/qaU9vgA570krc4LTieasTCw==:vZ2ZVjK4f-UbgBZbbLvNCF26W23IwjNQingktsr5/uYYc08rPe8oM/3uSO2Jfvldl6vfbrAr5gaqUjxlEkyp5WwbqvhtTdXDXGOKqKVMrGM=; Expires=Fri, 21-Oct-22 11:10:18 GMT; Path=/ visitor_id=216.131.114.72.1634814618256000; secure; path=/; expires=1666350618; domain=.upwork.com enabled_ff=CI11132Air2Dot75,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations,!CI10857Air3Dot0; Path=/; Secure visitor_id=216.131.114.72.1634814618256000;Path=/;Domain=.upwork.com;Expires=Fri, 21-Oct-2022 16:59:30 GMT;Max-Age=31556952;Secure __cfruid=12be4d84fdfedac4aed4c8e4ca1dd22327a1a68c-1634814618; path=/; domain=.upwork.com; HttpOnly; Secure; SameSite=None
vnd.eo.request-id: ceb7a914-2dbb-4816-aa74-552983f15265
vnd.odesk.request-id: ceb7a914-2dbb-4816-aa74-552983f15265
vnd-eo-trace-id: 6a1a09e31e632784-SEA 6a1a09e31e632784-SEA
vnd-eo-span-id: 85432ce2-e6fc-4361-937b-61d0aa229394
vnd-eo-parent-span-id: c0080a97-4f16-4340-8b00-d68bf6708c10
vnd.eo.trace-id: 6a1a09e31e632784-SEA
vnd.eo.span-id: 85432ce2-e6fc-4361-937b-61d0aa229394
vnd.eo.parent-span-id: c0080a97-4f16-4340-8b00-d68bf6708c10
x-upwork-target-status: false
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-expose-headers: vnd-eo-trace-id
vnd.odesk.error-message: HTTP 302 Found
vnd.odesk.error-code: 302
location: /ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
vnd-eo-prana-client-receive: 2021-10-21T11:10:18.261Z
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: origin-when-cross-origin
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6a1a09e31e632784-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 setup-iife.min.css
assets.static-upwork.com/detect-keyboard-user/1.2.0/ 165 B
334 B 53ms
21ms Stylesheet
text/css 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/detect-keyboard-user/1.2.0/setup-iife.min.css

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b10cf7d4f51fffa163623e2e9e508b731a96817c79ffcec26bf472b27a9c69e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2389110
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: HCTBQJB1VHDRSG9R
x-amz-id-2: 1mrOZZqStTGmbzzn3EX3039rTgSHXckp8pySjIYTF+eXE66aoCwzjU8iprz4jjn4AXjyfput5+k=
last-modified: Wed, 27 Jan 2021 19:59:13 GMT
server: cloudflare
etag: W/"29609da797ea78f6f267011be3c88cc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 0E.V0iZXJZQAkCPYCRI_J0S3ptZuSMYD
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e7095cf9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 ui-styles.css
assets.static-upwork.com/ui-packages/@upwork/ui-styles/2.21.1/ 277 KB
46 KB 68ms
36ms Stylesheet
text/css 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/ui-packages/@upwork/ui-styles/2.21.1/ui-styles.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3850422856d94f393a062b09fcf5235c20d1a58c9db04988c164a450daf19ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2356890
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 7DMHGFGYQTDC8GZ3
x-amz-id-2: c5lyWYBcZvRlvdlN/Z6pIj49R1N+SPj6xB6iElK0WFy455er5XFSspOMU5XtFN+2V7S1HlmuCrg=
last-modified: Tue, 16 Mar 2021 16:40:05 GMT
server: cloudflare
etag: W/"8a116b594806d449a19425048749d39d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: TIOpFnhwiBBAiRiUsc3Cuk6.FwZKYjQK
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e7095ef9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 fonts.air2-icons.css
assets.static-upwork.com/fonts-global/3.3.0/ 85 KB
40 KB 56ms
24ms Stylesheet
text/css 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/fonts-global/3.3.0/fonts.air2-icons.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5718c45c887b088e69f39849d1f3fbb0f677dff0d1f17488eceab37f6871cb44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14548167
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 0EGZFBYS0YR84XJT
x-amz-id-2: tALIL8+fvd611936kQwrHZja7qu9xpPUnUAqtJFRXa9Q4P1f6jRgXt86hKxLGyICoU22s2QxRQc=
last-modified: Fri, 12 Feb 2021 16:56:21 GMT
server: cloudflare
etag: W/"91eff7d36f0f87d30a9a532dfe679ddf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: iVGZLs2eX2yoIzYtRExDYnTj5.mN2A3_
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e7095ff9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 fonts.css
assets.static-upwork.com/fonts-global/3.3.0/ 1 KB
472 B 53ms
21ms Stylesheet
text/css 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/fonts-global/3.3.0/fonts.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca331f82a4dd7bd618b96c2f4384e5794529977ffce47bb4a35c915a12d9d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14548167
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 0EGWSEWXN0Y36FSY
x-amz-id-2: csJgPEAvxXvj0QntwihXp9As7yY+pO+cy7ss3Rxghpx5dyWuLBo88fkevi2BQ1qd+B/BuoomkCk=
last-modified: Fri, 12 Feb 2021 16:56:21 GMT
server: cloudflare
etag: W/"234369dfc1f03731da0df5a1ef948b3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: h_ylVvbggT685yCrKr6_DjBM3kf_Kn3g
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e70964f9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 login.css
assets.static-upwork.com/assets/AccountSecurity/20d438a/css/ 12 KB
3 KB 53ms
22ms Stylesheet
text/css 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/assets/AccountSecurity/20d438a/css/login.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06ae2adf234e8f79b9bf04e49617173ace87d022897c5436a855b8b8d74c0737

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272875
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: ZBJ1VS2QWM22EABG
x-amz-id-2: pRvF+IodJuZLXlVBBmdaIjppEpAyygq2VD/HpJQW6iXFA3F64WocKSvPg8lKZY2hblK7pl6tG3o=
last-modified: Fri, 15 Oct 2021 10:10:54 GMT
server: cloudflare
etag: W/"b6c30f7226e4aafc32e41cd88ceced5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: i4KA0H2J3PyW1KYpfjg._8AiPnhhmmvq
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e70960f9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 vendor.css
assets.static-upwork.com/assets/AccountSecurity/20d438a/css/ 113 KB
14 KB 66ms
34ms Stylesheet
text/css 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/assets/AccountSecurity/20d438a/css/vendor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a090e6daf090d8799d0176483bc0577f6534086b753c8dc9baa85eaaae3ad203

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272875
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: ZBJ3KRZGPWQQ5T8K
x-amz-id-2: 775BXrHtLRSfAUELn95XbSFcxRjg3DBfNpK6Oh01Vq/kj5jbK7opf7/KNofxXFVz/jh2O8eaN0Y=
last-modified: Fri, 15 Oct 2021 10:10:54 GMT
server: cloudflare
etag: W/"1e76194503191ef09efcd38a8969f786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: dPwdq7px2kZfpAKZ6XX6EWlLD4cWf_0R
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e70961f9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 shared.css
assets.static-upwork.com/assets/AccountSecurity/20d438a/css/ 998 B
1 KB 51ms
20ms Stylesheet
text/css 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/assets/AccountSecurity/20d438a/css/shared.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75f714e52efb1636d5f73a0dfba846ba5ec7c98b92425259f88d62a22df3f15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272875
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: ZBJFMKMS8J2H5FRR
x-amz-id-2: 3pbBhxg7ql5xYX4F2Ndx4+plvweK4QaVFoEV0gnS3+hVQaazqOzEgvmyq3UwN71hCPZFfUY+4kw=
last-modified: Fri, 15 Oct 2021 10:10:54 GMT
server: cloudflare
etag: W/"13dec72d955f5895e8b79cf365ec101f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: q0tuuxbZ6BkO68rUrp9bsyMveDQtXsme
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e70962f9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 setup-iife.min.js Show response
assets.static-upwork.com/detect-keyboard-user/1.2.0/ 593 B
490 B 53ms
22ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/detect-keyboard-user/1.2.0/setup-iife.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ae6a88b479a8b53bdf15d0c7eb9dd55444a202cb1e5d7fd475adf8ba9702a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14548064
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: YTJRF89Z7QFNT85R
x-amz-id-2: uN/2CkgrYs+EvUB4CtfSWJS3vwfkAlXZ58ONO9PiSd6jZFKnB2ELTZqC6IhxP+nzFdulnMCyqC8=
last-modified: Wed, 27 Jan 2021 19:59:13 GMT
server: cloudflare
etag: W/"fd3d41838bf118855b04cb7b39f93796"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: w6i9J1sjbr_f2lnn0liDEGZau6fSYT2O
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e70965f9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 ugc.js Show response
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ 3 KB
2 KB 62ms
36ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e447bb24eea310c4ca34db92b3ebadee638dc1dcfa5bbafdaf7256768e788cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14548064
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: YTJWCDX5B6QMPRV0
x-amz-id-2: xmWMgFTVDO7Twn0wuDx4of5SZ5R/8yeAZB/ROvHPnJ7RohMc8OnFI6mDsFq8sUJMTDL7G1XfJso=
last-modified: Tue, 16 Mar 2021 17:53:05 GMT
server: cloudflare
etag: W/"631e6bca8353e2ae954074c8e1d0dcd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: u3SK7Ubl_m96bV2fiuuMATGxM9bfOZw5
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e71983f9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 vue.2.6.10.min.js Show response
assets.static-upwork.com/vue-libs/ 91 KB
34 KB 70ms
44ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/vue-libs/vue.2.6.10.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2516423
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: A8XX0HB08P3B3KYZ
x-amz-id-2: 2WHq1kfTs4QVtT0s77NadTeusPNszvdDEFM90tMspczsEs3DDvNgo4VhDZxNf3LD2m0WDpdbgjM=
last-modified: Wed, 29 Jul 2020 11:23:57 GMT
server: cloudflare
etag: W/"17e942ea0854bd9dce2070bae6826937"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: null
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e71980f9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 vuex.3.1.0.min.js Show response
assets.static-upwork.com/vue-libs/ 10 KB
3 KB 62ms
36ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/vue-libs/vuex.3.1.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

648be4b03f38aff2e09c64d70bee266c070aa071eed70f44761a566a30ecd5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14548064
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: YTJMVA5HTEFTC1DR
x-amz-id-2: VjEJSH9gAatJ4Tbi9lx6SBqp1iFo0pCS3JpJU5tAp0dlPU68ri30Eq7XKbvLoN832kiMc+alwjc=
last-modified: Wed, 29 Jul 2020 11:23:57 GMT
server: cloudflare
etag: W/"3a841559c12509618f94a0be58e4641e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: null
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e71981f9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 runtime.0.12.1.min.js Show response
assets.static-upwork.com/vue-libs/ 6 KB
2 KB 62ms
36ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/vue-libs/runtime.0.12.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7630082d74db78951af0f13dab15ecfe5b20b769efb0da71dd81eafd4853346a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2389110
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: HCT47NAVM6B1WB9X
x-amz-id-2: lOvO1GpTaCW9AXAKc/Q6h0peG8bkyl3XKgUTiSQbKZbjSNoAnmVCVCvKbsJVhi0nlyPhDTAVzdM=
last-modified: Wed, 29 Jul 2020 11:23:57 GMT
server: cloudflare
etag: W/"a1e8a5d2482d34546b3e1f614e8b18cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: null
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e71984f9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 vendor.js Show response
assets.static-upwork.com/assets/AccountSecurity/20d438a/js/ 360 KB
96 KB 75ms
50ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/assets/AccountSecurity/20d438a/js/vendor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81f148fc6d78ad2231e9802f93f3dad52407c55b7f89dec610d5ed998def20a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272875
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: ZBJ2M5AF2R6AK521
x-amz-id-2: 2VqOGlgk9Eu89v73vBhF3E/xXOfeWSbHXymctBhT6JGHYhGio89AZflPK1YlrxEls3iGfn2limg=
last-modified: Fri, 15 Oct 2021 10:11:02 GMT
server: cloudflare
etag: W/"44151a8a38c6795bca6e536ebc2dbb57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: hj4cYaWzIF_w9QWZGLZEAEX2Fn4UdGWi
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e7197ef9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 header-skinny.js Show response
assets.static-upwork.com/assets/AccountSecurity/20d438a/js/ 22 KB
8 KB 61ms
36ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/assets/AccountSecurity/20d438a/js/header-skinny.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f079bb1c57b80e4915b1b9673a78ad0246d0330d900e2299e9ab0f05dba6516

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272875
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: ZBJES8CJ4Z8918TD
x-amz-id-2: PgNkdNZvYTEo1WS1qDDbeF2mR0smRgLHLO25emrCGOMYNvDlGoQiYd4TOnFNMjb62xzCKR1hF44=
last-modified: Fri, 15 Oct 2021 10:11:02 GMT
server: cloudflare
etag: W/"b30cdafa7e3200d72e105bf5efa4be66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: MMRgRfpLiQrmeg4sazBjDA3rPKGsmHbV
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e71978f9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 login.js Show response
assets.static-upwork.com/assets/AccountSecurity/20d438a/js/ 141 KB
38 KB 74ms
49ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/assets/AccountSecurity/20d438a/js/login.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f32cb63f3194e4806059b63b4fc9091bce9e7741f36f40318a7b4c9fd3c3588

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272875
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: ZBJBKCNRWKQPKE5C
x-amz-id-2: tNTcVeVc+ztSGuPve6OyuIMHy3NBM4cKQ9RkiEttxptznZOvu5UUf17UrGNJ6h0sYLShWeXKI9c=
last-modified: Fri, 15 Oct 2021 10:11:02 GMT
server: cloudflare
etag: W/"e27934212b2b4138f2a6128e0ee6b4ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: Pm23gpJXImy3mfhvjo2FP.8kQcmwNvV.
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e7197ff9d2-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 186 KB
58 KB 37ms
15ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

69c4844db0b454d8653aa0a2e31a8d3555fa9a75b8fbbb9cc3d43d637ef649ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59286
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Oct 2021 11:10:18 GMT

GET
H3 200 init.js Show response
www.upwork.com/Ss13U803/ 101 KB
35 KB 126ms
125ms Script
application/javascript 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/Ss13U803/init.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8df0adcd17deadc1556b5f0859ff08a024917c91cd772346e8a7d1356b6a70d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /Ss13U803/init.js
pragma: no-cache
cookie: _pxhd=HFLocusL-0e/fR8uUZIClS8c6wQe7lSZm/rQqQBSosilhkpPbKmCQGTGqC0-qw/qaU9vgA570krc4LTieasTCw==:vZ2ZVjK4f-UbgBZbbLvNCF26W23IwjNQingktsr5/uYYc08rPe8oM/3uSO2Jfvldl6vfbrAr5gaqUjxlEkyp5WwbqvhtTdXDXGOKqKVMrGM=; __cf_bm=6cdca70024f949bed07a73998b4b643de4b288cd-1634814618-0-AUiNs4wYk7tIO4FYyNo0T2+vCLycu047Ecwe7eqEg1vGKgyWR54Lxq1I4cF/NNqjyr9lBmMA7RHPFDeGUBg9yeo=; visitor_id=216.131.114.72.1634814618256000; enabled_ff=CI11132Air2Dot75,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations,!CI10857Air3Dot0; __cfruid=12be4d84fdfedac4aed4c8e4ca1dd22327a1a68c-1634814618; XSRF-TOKEN=54317fe1b068299d169669ff6245fac5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.upwork.com
referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
expires: Thu, 21 Oct 2021 15:10:18 GMT
x-px-hash: NTYxMDI0N2FmNTk1OTRlYTVlYTc0Mjg5ODJmNjQxYzFiMjFmYTY5MDgxNzhhZGI2MjgyOGYzZmE1OGRmYjdhMw==
server: cloudflare
vnd-eo-trace-id: 6a18ec892caeed8f-SJC
active-cdn: fastly
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
etag: W/"19491-czTfQPRWzv4Le0Yxsb9JcPVALkg"
cf-ray: 6a1a09e76c534138-PRG
access-control-expose-headers: active-cdn,x-served-by

GET
DATA 200
OK truncated
/ 1003 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a968e6a78d18dace88b8a14a6bb48eeb0a449994f2b9fd3c38e01026e634120

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 neue-montreal-regular.woff2
assets.static-upwork.com/fonts-global/3.3.0/ 23 KB
24 KB 37ms
20ms Font
binary/octet-stream 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/fonts-global/3.3.0/neue-montreal-regular.woff2

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/fonts-global/3.3.0/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f11a5008f6b38a19dbdc4839557c62ce408d84885dc3e2e4eab7ba8bcdecd96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.static-upwork.com/fonts-global/3.3.0/fonts.css
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5004
content-length: 23912
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 803H79XHTTMAD0JP
x-amz-id-2: OOeA7MAmPiP979qm/paT4U+Vc/TPICYOBT9dgT7AsEMMMDX3NHGYcES4RKJCPOoMVWDiBkjr3DQ=
last-modified: Tue, 04 May 2021 21:58:19 GMT
server: cloudflare
etag: "2e9d05ced4fddb6c67f1be57161a2668"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
x-amz-version-id: MwEuRUGfHiomC.gIi60Ps9zUu__QUJFa
accept-ranges: bytes
cf-ray: 6a1a09e78e7c2788-PRG
expires: Thu, 21 Oct 2021 15:10:18 GMT

GET
H3 200 neue-montreal-medium.woff2
assets.static-upwork.com/fonts-global/3.3.0/ 25 KB
25 KB 52ms
36ms Font
binary/octet-stream 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/fonts-global/3.3.0/neue-montreal-medium.woff2

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/fonts-global/3.3.0/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8392acacde68221a87fcd55491814d4b23cb35bc0c446b4814bd3617e7f1e276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.static-upwork.com/fonts-global/3.3.0/fonts.css
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5004
content-length: 25348
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: TKVWH4E969GJX7WR
x-amz-id-2: 7aqDJsabgQ5eGE2hlVOmg8PzmIqJmOzNU+LrbsnInRdgU6JzRnmLao9rt0Rxlmb53AF8U5XOQm0=
last-modified: Tue, 04 May 2021 21:58:20 GMT
server: cloudflare
etag: "f0728e66b926fbcc5376a1d55222e3a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
x-amz-version-id: hHgF.LyelL9MtAh63angmA8v2a7ry6_o
accept-ranges: bytes
cf-ray: 6a1a09e78e7f2788-PRG
expires: Thu, 21 Oct 2021 15:10:18 GMT

GET
H3 200 ugc.tyya4s3a.js Show response
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/ 28 KB
12 KB 48ms
48ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/ugc.tyya4s3a.js

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68c118794fe9632be0ea809ef037c29205568bbcea47843cc5a8de4ce4e40307

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14548063
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: Q8CGAB9FQKC4G34E
x-amz-id-2: wKYC3tpVXBD4i6hKmFkCnJiWaZbG/MPLT/4F6e2ldndEnrVR7DPvVp3yMsOyucbXjqLgQT/cqxE=
last-modified: Tue, 16 Mar 2021 17:53:29 GMT
server: cloudflare
etag: W/"b58c9ae12dc0667fba6628a0aac4e7bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: cO7otqamQI05dcSNfLBm.3qt0_G.RoeC
cf-ray: 6a1a09e78e812788-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 855 B
943 B 38ms
16ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=explicit

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/20d438a/js/vendor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

GSE /

Resource Hash

544f5c53a23ca1eb409eb316f684f611bad4d9a00c9e6117557a4b47826e5630

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 559
x-xss-protection: 1; mode=block
expires: Thu, 21 Oct 2021 11:10:18 GMT

GET
H3 200 666.js Show response
assets.static-upwork.com/assets/AccountSecurity/20d438a/js/ 640 B
997 B 40ms
21ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/assets/AccountSecurity/20d438a/js/666.js

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/20d438a/js/login.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f1e3435e4093a90a84e35db146bae47ef1879fa37db7031ac37cdcfd59ff505

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272873
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 6VFAAJNPP5TB1PA9
x-amz-id-2: cU8vdnFasnGMVlzgq5geVWZoTmKxpI7rm40HiSv50Pb9bDQnpQ7/KyRtXDXHi8riTuAx2ns3xT8=
last-modified: Fri, 15 Oct 2021 10:10:59 GMT
server: cloudflare
etag: W/"b03bc856947630ac4c05a47c851940b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: a.lh8E.cmqJ76TAqkWiybXzOv8kzKhm2
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e81c16410e-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H3 200 4.css
assets.static-upwork.com/assets/AccountSecurity/20d438a/css/ 277 B
656 B 37ms
22ms Stylesheet
text/css 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/assets/AccountSecurity/20d438a/css/4.css

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/20d438a/js/login.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30f37eb0dac0c0d6f41ae2ca2386b4f64cc04c9d3e3e4e17779f405d1f043933

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272873
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 6VFC5GHDC4W5J2Z7
x-amz-id-2: utUuBfF3Sb4iPQS+Ih4DbhV7scpKnrG7V/RbONnzx7BZbbU11DCnbhdSnGUY0hePbw+cn/gpk9U=
last-modified: Fri, 15 Oct 2021 10:10:54 GMT
server: cloudflare
etag: W/"b8951fe13e2829b53e008f0d49779f1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: j4ZwRCisIt_9sh49PNV9lZzjUZQU2ti8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e81c19410e-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H3 200 4.js Show response
assets.static-upwork.com/assets/AccountSecurity/20d438a/js/ 888 B
1 KB 39ms
25ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/assets/AccountSecurity/20d438a/js/4.js

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/20d438a/js/login.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

286fb7118a36643b062f60a1b3d4bac01d40414af8a2c302fe10da8224a6b517

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272873
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 6VFEGHDMCPVC9QEQ
x-amz-id-2: IAqSAGCfvQ09gJbTQycEO4xg9tVn6f2y+VypurSlsYZ5yYUrymU9jBYnbdKMXjVzXG32T8H6ygQ=
last-modified: Fri, 15 Oct 2021 10:10:57 GMT
server: cloudflare
etag: W/"01c15060fad7dca2f0bc1cd94267ebf5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: aVCn4yPrpuAedRi8.9xVe.hz6zjQPrfo
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e81c18410e-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ 13 KB
6 KB 78ms
57ms Script
application/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/20d438a/js/login.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

47242723acf0b6efbba2fa7d7adb0f73f548cb5b1db2f9b3cda0bbf230de21e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EYug/Q7IaXSmTEYZbA+olg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "3d0445ddaedf4197c82f80fdfe585b3c"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-EYug/Q7IaXSmTEYZbA+olg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Thu, 21 Oct 2021 11:10:18 GMT

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 42 KB
17 KB 91ms
8ms Script
application/javascript 104.111.230.79
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/20d438a/js/login.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.230.79 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-230-79.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Mon, 11 Oct 2021 17:22:51 GMT
Server: Apple
ETag: W/"42671-1633972971084"
Vary: accept-encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Date: Thu, 21 Oct 2021 11:10:18 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17247

GET
H3 200 loader_only.js Show response
assets.static-upwork.com/iovation/5.2.2/ 4 KB
2 KB 27ms
23ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/iovation/5.2.2/loader_only.js

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/20d438a/js/vendor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14547684
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: BRQ92QRXP6RE19SN
x-amz-id-2: oCRe9gmoEQ1SbVaJnKPFar6MJTPBbUcIMb7fAB4wB5Cb3zi7xKssMBbJ98BSutU4d7m37TFBaxo=
last-modified: Thu, 02 Jul 2020 12:30:54 GMT
server: cloudflare
etag: W/"8422458b55fbda403437065dd5557abf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: null
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e81c17410e-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 18ea09da.js Show response
bcdn.upwork.com/scripts/18ea09da/ 605 KB
113 KB 41ms
9ms Script
application/javascript 13.225.78.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcdn.upwork.com/scripts/18ea09da/18ea09da.js
Requested by: Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/20d438a/js/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-112.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ebd1d02be294fdfa1eb56006326951209a4e2eae73d6c1556ad9442d0d41e4b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 13:57:00 GMT
content-encoding: gzip
last-modified: Sun, 13 Jun 2021 07:00:38 GMT
server: AmazonS3
age: 76399
etag: "d962922d43be4a7de913635ef53662c6"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 115285
x-amz-cf-id: U1N17XkVPAp-zxKW3RXpjL4VZpmEW5k5eymLsieiqCwPGbYkbMjcig==

GET
DATA 200
OK truncated
/ 855 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7caf751ab1de54c4cca3e86eab021b3efe4c02cfdda86319d5d084fddfe18c7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 SFProText-Medium.woff
assets.static-upwork.com/assets/AccountSecurity/20d438a/fonts/ 5 KB
6 KB 23ms
22ms Font
application/font-woff 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/assets/AccountSecurity/20d438a/fonts/SFProText-Medium.woff

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/assets/AccountSecurity/20d438a/css/login.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58dcdc6a8ea111ea6e48841e189dcdb20b3d99200a1f75eb34d43d869941f551

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.static-upwork.com/assets/AccountSecurity/20d438a/css/login.css
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 272874
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 6VF89R3KNJ5KT08C
x-amz-id-2: a4NT+qCCAV6kkp78SnoImxqRMM/JToUksC/0VUhhW4QOsDtkGCenaEe6T9AZLWpXmX12trNqdcc=
last-modified: Fri, 15 Oct 2021 10:10:54 GMT
server: cloudflare
etag: W/"83b478be12abf0ca955063c24a48d5cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: cTur4BHTTmJxsSA0.jyHUICrwe4PIItR
cf-ray: 6a1a09e81fb72788-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H/1.1

200
OK

static_wdp.js Show response
first.iovation.com/general5/
Redirect Chain

https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

39 KB
40 KB

82ms
30ms

Script
text/javascript

80.252.88.155
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.252.88.155 , Netherlands, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

80.252.88.155.telecityredbus.nl

Software

Resource Hash

9a184c870b25bf7b299f7fb8bd05d7d2d4e3964b581d07dde036f9083ddfd431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Date: Thu, 21 Oct 2021 11:10:19 GMT
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Content-Length: 40133
Expires: Sat, 20 Nov 2021 11:10:19 GMT

Redirect headers

date: Thu, 21 Oct 2021 11:10:18 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
vary: Accept-Encoding
cache-control: max-age=3600
cf-ray: 6a1a09e85ded4138-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 21 Oct 2021 12:10:18 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 44 KB
20 KB 167ms
61ms Script
text/javascript 54.216.48.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/iovation/5.2.2/loader_only.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.48.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-48-107.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b33c0a1d4b30d0363b39c038d71339ac6dee9c6b0ca96dd9f0f44c765a0f77dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Oct 2021 11:10:19 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: 0

GET
H3 200 sb4xy2sv.entry.js Show response
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/ 643 B
948 B 34ms
33ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/sb4xy2sv.entry.js

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/ugc.tyya4s3a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40b555bd39cbf37d89c88494291e802ac7db5cfcb6269cef7869eb1d467bea9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2356889
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: JZD5NMGFC3214Z96
x-amz-id-2: mJlQyaxDjKtsgoI1XeDwEI8B4KQyoYAhLPFw4nYxul4Wrdf0Nf35Yl7Q0kf+CVQmGGoHgHXDH/U=
last-modified: Tue, 16 Mar 2021 17:53:28 GMT
server: cloudflare
etag: W/"b01e3163649522ae7889b5446ab2cc9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: bIMcgW6BVvXUGbo1.JO7OwCreJcsoAwY
cf-ray: 6a1a09e868442788-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H3 200 uyxe51gv.entry.js Show response
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/ 364 B
815 B 35ms
33ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/uyxe51gv.entry.js

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/ugc.tyya4s3a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca0459ee200a8d22d2629fd2a7b91ab11f948e90f50061b5acbfd5416763c572

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14547684
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: BRQE8MTSG5Q4W9WR
x-amz-id-2: Req6F80unRPGFmawzQCsg1nx0nznc2rq1bH7roRO/IZGPT0in0Www+4mMhY+2Mb7jXJZ7bzZ8l4=
last-modified: Tue, 16 Mar 2021 17:53:29 GMT
server: cloudflare
etag: W/"b98c5ee75815ea7c23295669eb6993bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: MRgGdbsQHiinynkXiJ93acKsK7zQVV8U
cf-ray: 6a1a09e868452788-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H3 200 vs0iedso.entry.js Show response
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/ 7 KB
3 KB 35ms
33ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/vs0iedso.entry.js

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/ugc.tyya4s3a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25e678f80e1b9c84e8898113f85ad591fab958bca711e2baf3d09137705550fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1185989
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: C4SB1X096FK1RJGB
x-amz-id-2: cxSl04ZTo9w9mIKbS99Bs1PgtlfH8lCtVS2wJgotYAFrAb7S1viqcPbtIcmy6ZwgM2tiJTC6wq0=
last-modified: Tue, 16 Mar 2021 17:53:30 GMT
server: cloudflare
etag: W/"bd2d2210348e314ff24ff275cbe9e7ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: chi8VPf7iwejXmMqEHNbm7JIsCQM2Ile
cf-ray: 6a1a09e868472788-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ 346 KB
135 KB 29ms
7ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upwork.com/
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 10:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137921
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 04:21:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Fri, 21 Oct 2022 10:20:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 4152
date: Thu, 21 Oct 2021 10:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Thu, 21 Oct 2021 12:01:06 GMT

GET
H3 200 gtm-snippet.min.js Show response
assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.4/ 1 KB
1 KB 21ms
21ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.4/gtm-snippet.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c26f87a1bf525c267cbbc6ecff527a18231ec6f6c5355f13fc1558f182571bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14547804
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 15ZTS6G5GX16N9KX
x-amz-id-2: IdovsV6gu6Qy6hru6Ecsa+W/LHChS8JiXaFm2iQ7CiSs1L52D0rFBM1JINGFa3gU9Dj6BWN6XZc=
last-modified: Mon, 23 Jul 2018 06:19:39 GMT
server: cloudflare
etag: W/"8eb9fff8420cfc5ba23afbd9a4e6649a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: null
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a1a09e87cb9410e-PRG
expires: Fri, 21 Oct 2022 11:10:18 GMT

GET
H/1.1 200
OK UP4R77Y9Z.js Show response
fyrsbckgi-c.global.ssl.fastly.net/ 137 KB
60 KB 30ms
6ms Script
application/x-javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fyrsbckgi-c.global.ssl.fastly.net/UP4R77Y9Z.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

120f7db62fa3a56d2a197ddc1d1b717bd975b2be00298f4af2b4d2dc187f64c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
ETag: "afeb916b65f896175f3e8eca58bcb7ae"
Age: 2562
X-Cache: HIT
Connection: keep-alive
Content-Length: 60529
X-Served-By: cache-hhn4032-HHN
Access-Control-Allow-Origin: *
Last-Modified: Thu, 21 Oct 2021 09:27:34 GMT
X-Timer: S1634814619.979903,VS0,VE0
Date: Thu, 21 Oct 2021 11:10:18 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish
cache-control: max-age=3600
Accept-Ranges: bytes
X-Cache-Hits: 97

GET
H3 200 6wbLCwJ51XyBMi45LjA.js Show response
assets.static-upwork.com/suit/ 74 KB
26 KB 26ms
26ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/suit/6wbLCwJ51XyBMi45LjA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3626
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XXFQCQZZJWKM58KG
x-amz-id-2: Xs8Ynrfe/pfsDu8/krFwzehmJrWvoWQwgdX/TiVe6fWShQrcuZGNBE4JUWKNIQEsszVfkh15YUw=
last-modified: Thu, 21 Mar 2019 17:10:30 GMT
server: cloudflare
etag: W/"2f70fa2239343e20deb5c199873fbed1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: null
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 6a1a09e87cbc410e-PRG
expires: Thu, 21 Oct 2021 15:10:18 GMT

GET
H2 200 heap-2858077939.js Show response
cdn.heapanalytics.com/js/ 109 KB
43 KB 38ms
8ms Script
application/javascript 13.225.78.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2858077939.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.89 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-89.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

4b85b57657e69f2662bff1ca26a0a3a5d8c517f2e6633b006b5cce01f1639e79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:09:58 GMT
content-encoding: gzip
server: nginx
age: 20
etag: W/"1b3e5-ulVXP2jL7nYovnJYos5wIg"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA2-C2
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: EPuv3Z_8nFcpekH0uAJa_-KjlycxUEPcZE2Wekpq55CkQJ2esWUUAQ==

GET
H2 200 A2798569-68a2-43d5-98ff-96c66d56992b1.js Show response
d.impactradius-event.com/ 41 KB
13 KB 57ms
17ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A2798569-68a2-43d5-98ff-96c66d56992b1.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f45d4beb1cef13741c1d9a6a286ebae588c1f11df59d2f1e56a8daa9c0117c6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:09:43 GMT
content-encoding: gzip
age: 36
x-guploader-uploadid: ADPycdsTlEk3aFBY3Sn6GCWutu50vmyqsAkKnDIoh_niiz3WsqaTQag8kXTi7Ql3MDTLoyn8lW-CiL8oYnuzloVv2i7tWz0qig
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 12929
last-modified: Wed, 22 Sep 2021 21:02:04 GMT
server: UploadServer
etag: "dff23e9ccecab872b8048aaa6fac0745"
vary: Accept-Encoding
x-goog-hash: crc32c=5PhO/A==, md5=3/I+nM7KuHK4BIqqb6wHRQ==
x-goog-generation: 1632344524264191
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 12929
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Thu, 21 Oct 2021 11:14:43 GMT

POST
H2 200 collector Show response
collector-pxss13u803.px-cloud.net/api/v2/ 789 B
1010 B 107ms
90ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxss13u803.px-cloud.net/api/v2/collector
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: a03a837649599540e37f536e7c9ad3e2fce77a9ad160f1737d164ff981270f16

Request headers

Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Oct 2021 11:10:18 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.upwork.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 789

GET
BLOB 200
OK 76e30fce-cfa3-450f-900f-b9b507c8b63c
https://www.upwork.com/ 165 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/76e30fce-cfa3-450f-900f-b9b507c8b63c
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25e521f17135f161c1f02f0555af227292ab009967c461380e3135c414f288e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 169098

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 308 KB
104 KB 53ms
18ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

6d41e75ec664442d97f945f549b384ac4326157341418cb7dd32061377aabfd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 21:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 106949
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 19 Oct 2022 21:44:54 GMT

GET
H3 200 chunk-6133ee7c.js Show response
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/ 297 B
764 B 20ms
20ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/chunk-6133ee7c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5351498935ff16c8551109da3eb037d0f3e44aa8e3611b5f7430388f942a5265

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/vs0iedso.entry.js
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2356889
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 7Q3750CS0ZBWW3TQ
x-amz-id-2: qpNcYfK1jj3ttiDS8KeIY01YZniOyG3urXk+Zl/p1qyAs601dEF7F+ZDFam+aEFZrskjPwliyPw=
last-modified: Tue, 16 Mar 2021 17:53:12 GMT
server: cloudflare
etag: W/"bca27c11d131bfc8e44f9e4bdbd42599"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: XigCFZhKlbcxtc9Wg.wLuT_oeJCTEaZc
cf-ray: 6a1a09e919662788-PRG
expires: Fri, 21 Oct 2022 11:10:19 GMT

GET
H3 200 chunk-d22bbcbe.js Show response
assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/ 31 KB
11 KB 22ms
22ms Script
application/javascript 104.16.252.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/chunk-d22bbcbe.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.252.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5d510467fef93e3cd58b3eb0d1e1270ddd456db641bbbd6cb143b551664ce68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.static-upwork.com/ui-packages/@upwork/global-components/1.34.1/ugc/vs0iedso.entry.js
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14547684
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: WTP5Q6KVT90QJY05
x-amz-id-2: D7PkuXkiIrU1plNm0KanL3lU7JvB4DVSjedE3iOnfvbKxuxxLlmmIP/Njbf2NOfVrsqDXNS0FaI=
last-modified: Tue, 16 Mar 2021 17:53:18 GMT
server: cloudflare
etag: W/"e4c1609ae4f66ad5a36fced728060146"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31536000
x-amz-version-id: WCxJB2YtdOwSfSk7jkURb_z.cMc2tHkr
cf-ray: 6a1a09e919682788-PRG
expires: Fri, 21 Oct 2022 11:10:19 GMT

OPTIONS
H2 200 tp2
shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/ Frame 0
0 293ms
257ms Preflight 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2

Protocol

Server

104.18.90.237 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 21 Oct 2021 11:10:19 GMT
content-length: 0
access-control-allow-origin: https://www.upwork.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6a1a09e97e19f9ce-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 tp2 Show response
shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/ 2 B
771 B 778ms
777ms XHR
text/plain 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

cf-ray: 6a1a09eb1a4d4138-PRG
date: Thu, 21 Oct 2021 11:10:20 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.upwork.com
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
24ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1061813575&t=pageview&_s=1&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&ul=en-us&de=UTF-8&dt=Log%20In%20-%20Upwork&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=963087398&gjid=810726765&cid=96603994.1634814619&tid=UA-62227314-1&_gid=421270395.1634814619&_r=1&gtm=2wgak0PCHCB8L&cd18=AccountSecurity&cd19=20d438a64700a74f14b8a6507e16f1b523dd92f7&cd20=prod&cd21=0&cd22=0&cd23=0&cd27=false&cd35=onsite&cd39=216.131.114.72.1634814618256000&cd40=216.131.114.72.1634814618256000&cd41=GTM-PCHCB8L&cd69=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&cd115=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&z=2038011055

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 11:10:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
258 B 315ms
103ms Image
image/gif 3.225.25.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=2858077939&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=2&st=1634814619117&hv=4.15.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.25.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-25-49.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 11:10:19 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 276ms
103ms Image
image/gif 3.225.25.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2858077939&u=8149107516610479&v=192798940210301&s=4212767355364216&b=web&tv=4.0&z=0&h=%2Fab%2Faccount-security%2Flogin&q=%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&d=www.upwork.com&t=Log%20In%20-%20Upwork&k=user_logged_in&k=false&k=User%20Agent&k=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&k=Site%20Language&k=en&k=GTM%20Container&k=GTM-PCHCB8L&ts=1634814619154&st=1634814619155

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.25.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-25-49.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 11:10:19 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 add_user_properties_v3
heapanalytics.com/api/ 37 B
259 B 275ms
102ms Image
image/gif 3.225.25.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/add_user_properties_v3?a=2858077939&u=8149107516610479&v=192798940210301&s=4212767355364216&b=web&tv=4.0&_visitor_id=216.131.114.72.1634814618256000&st=1634814619156

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.25.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-25-49.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 11:10:19 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
411 B 43ms
15ms XHR
text/plain 74.125.140.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-62227314-1&cid=96603994.1634814619&jid=963087398&gjid=810726765&_gid=421270395.1634814619&_u=YEBAAEAAAAAAAC~&z=1907883248

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Oct 2021 11:10:19 GMT
content-type: text/plain
access-control-allow-origin: https://www.upwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.4.0/ 477 B
907 B 31ms
30ms Script
text/javascript 54.216.48.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.4.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.48.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-48-107.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f2f53fc750b532cac175e72141b1f941724c61b6950300e2a25358615096f52a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 11:10:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 21 Oct 2022 11:10:19 GMT

GET
H/1.1

200
OK

dyn_wdp.js Show response
first.iovation.com/5.4.0/
Redirect Chain

https://www.upwork.com/iojs/5.4.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
https://first.iovation.com/5.4.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

2 KB
3 KB

17ms
17ms

Script
text/javascript

80.252.88.155
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://first.iovation.com/5.4.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.252.88.155 , Netherlands, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

80.252.88.155.telecityredbus.nl

Software

Resource Hash

58d089fe8590f86372f01bc42ca563d0457dc2d6b62c541e1ec0d0426a9b4a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubdomains
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Date: 2021-Oct-21 11:10:19
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=2, max=96
Content-Length: 2291
Expires: 0

Redirect headers

date: Thu, 21 Oct 2021 11:10:19 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://first.iovation.com/5.4.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
vary: Accept-Encoding
cache-control: max-age=3600
cf-ray: 6a1a09ea08d44138-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 21 Oct 2021 12:10:19 GMT

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame 63D5 382 B
1020 B 38ms
16ms Document
text/html 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

sffe /

Resource Hash

6aae029753f9c0f0d80655d2fd6309da9448dae9b983d847b56b807fd9856feb

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-XA2wex_uOTz1v3cNcB1tsQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: content.googleapis.com
:scheme: https
:path: /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.upwork.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-XA2wex_uOTz1v3cNcB1tsQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 271
date: Thu, 21 Oct 2021 11:10:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Fri, 17 Jul 2020 22:45:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 37DA 513 B
874 B 40ms
17ms Document
text/html 142.250.186.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.77 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f13.1e100.net

Software

ESF /

Resource Hash

d2ffc57bd32a7a732ea8740461eac920b2716a1a8c8f06424125a34b2c317a08

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZA4wHu5SIe+6IpzBoz8i0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.upwork.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=WO83vsZZWfXG2zevo9Z_u5ERzIZlu3uaApOGauDrJ5WAhgXVRx7hzf84g-z4Oavi5t8ebqnXRVwyL3ECsdCZq9sokHOYu-0wmEuvpVgHppWp8YLF4vC0k7WqBGOZSaa8sXGNEBuuUujYxH7Qqqf3z9ZZwdmXylx-Bzm_8SveAjQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 21 Oct 2021 11:10:19 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-ZA4wHu5SIe+6IpzBoz8i0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 30ms
30ms Media
audio/mpeg 54.216.48.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.5072803739515435

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.48.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-48-107.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9b93f35755f47723ab5732139af0634c5fbed85a82428b6d32f1fdcb23ea6736

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.upwork.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Thu, 21 Oct 2021 11:10:19 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
472 B 84ms
43ms Image
image/gif 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-62227314-1&cid=96603994.1634814619&jid=963087398&_u=YEBAAEAAAAAAAC~&z=1328458781

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 11:10:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame 63D5 13 KB
5 KB 67ms
66ms Script
application/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

9a10f338a3973174620e2c834e60543cf61dde8b35f404860be57e1523d9d30b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z4q2BrI3htd6RKYIeCPXOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "5f6ec8207c3d792403eaa4739c057053"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-z4q2BrI3htd6RKYIeCPXOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Thu, 21 Oct 2021 11:10:19 GMT

GET
H2 200 1524891944-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame 37DA 114 KB
40 KB 30ms
8ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1524891944-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

f68a7087c8e16af35d54d34e77a08c1b32bc1953336178cb015f2db3acf78de6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 16:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40191
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 04:07:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="federated-signon-mpm-access"
expires: Mon, 17 Oct 2022 16:41:14 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 30ms
30ms Media
audio/mpeg 54.216.48.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.8984904730171259

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.48.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-48-107.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9b93f35755f47723ab5732139af0634c5fbed85a82428b6d32f1fdcb23ea6736

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.upwork.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Thu, 21 Oct 2021 11:10:19 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

logo.js Show response
first.iovation.com/5.4.0/
Redirect Chain

https://www.upwork.com/iojs/5.4.0/logo.js
https://first.iovation.com/5.4.0/logo.js

477 B
898 B

18ms
18ms

Script
text/javascript

80.252.88.155
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://first.iovation.com/5.4.0/logo.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

80.252.88.155 , Netherlands, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

80.252.88.155.telecityredbus.nl

Software

Resource Hash

89fe8d66b03aaff29c451fc9597cc2201ee56fdf458d13461500d01a6f90ffe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Date: Thu, 21 Oct 2021 11:10:19 GMT
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Content-Length: 477
Expires: Fri, 21 Oct 2022 11:10:19 GMT

Redirect headers

date: Thu, 21 Oct 2021 11:10:19 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://first.iovation.com/5.4.0/logo.js
vary: Accept-Encoding
cache-control: max-age=3600
cf-ray: 6a1a09eab9ce4138-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 21 Oct 2021 12:10:19 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 37DA 14 B
58 B 36ms
18ms XHR
application/json 142.250.186.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.upwork.com&client_id=936450902531-r6k5fu4tni53b4f0o2r8e2ck49egnok0.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1524891944-idpiframe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.77 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f13.1e100.net

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Thu, 21 Oct 2021 12:10:19 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame 63D5 63 KB
22 KB 18ms
18ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

7104f7cdb53c20667315a85ded0882caf6bdc65a390adaad547c4cac890ac8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 22362
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 19 Oct 2022 05:01:44 GMT

GET
H3 200 rest Show response
content.googleapis.com/discovery/v1/apis/people/v1/ Frame 63D5 43 KB
6 KB 37ms
22ms XHR
application/json 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/discovery/v1/apis/people/v1/rest?pp=0&fields=kind%2Cname%2Cversion%2CrootUrl%2CservicePath%2Cresources%2Cparameters%2Cmethods%2CbatchPath%2Cid

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

9ff19c2a6d195a950db2dca374b03c01c0c4056702968fa9a32d2573f6edcf87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://www.upwork.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Referer: https://www.upwork.com

Response headers

date: Thu, 21 Oct 2021 11:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 6428
x-xss-protection: 0

GET
H2 200 nr-1211.min.js Show response
js-agent.newrelic.com/ 33 KB
13 KB 31ms
9ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1211.min.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: yf8j0EL0OxPIPTHd.58X6iFExO4xIT0R
content-encoding: gzip
etag: "3ad2268e635f4d033b0062f582c5b85a"
x-amz-request-id: AVTH4FS16E8233K7
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12477
x-amz-id-2: 2tuSKKHgv0Gnez3uDvObk6hLwQ8iuD9gc7ol0THBhcBhUhhziKcdH9SFph396VEKpqK2bwfbwRs=
x-served-by: cache-hhn4072-HHN
last-modified: Mon, 27 Sep 2021 20:46:50 GMT
server: AmazonS3
x-timer: S1634814619.465644,VS0,VE0
date: Thu, 21 Oct 2021 11:10:19 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 32008

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 70ms
31ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14435
x-xss-protection: 0
server: cafe
etag: 3499052782129861849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Oct 2021 11:10:19 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 23ms
6ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:19 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra: DE-BB
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100178-IAD, cache-fra19123-FRA

GET
H2 200 tr
www.facebook.com/ 44 B
313 B 23ms
8ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=463930381624031&ev=PageView&cd[order_id]=216.131.114.72.1634814618256000&gtmcb=1479911953

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 21 Oct 2021 11:10:19 GMT

GET
H/1.1 200
OK /
d.agkn.com/iframe/10922/ 0
0 30ms
8ms Image
text/html 18.184.251.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/iframe/10922/?gauid=216.131.114.72.1634814618256000&che=1633830590
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.251.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-251-131.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 200
OK 8e23a381b9 Show response
bam-cell.nr-data.net/1/ 49 B
715 B 913ms
878ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/8e23a381b9?a=524523012&v=1211.ba193a8&to=NVxRMRBYVhBXUhBQDAwWcgYWUFcNGV4AXBAJZlIGAVZNDUJuF1wAF0taERsXVAxRWAo%3D&rst=2785&ck=1&ref=https://www.upwork.com/ab/account-security/login&ap=40&be=1992&fe=2742&dc=2189&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1634814616696,%22n%22:0,%22f%22:1654,%22dn%22:1654,%22dne%22:1654,%22c%22:1654,%22s%22:1654,%22ce%22:1654,%22rq%22:1655,%22rp%22:1967,%22rpe%22:1985,%22dl%22:1971,%22di%22:2188,%22ds%22:2188,%22de%22:2189,%22dc%22:2742,%22l%22:2742,%22le%22:2744%7D,%22navigation%22:%7B%7D%7D&fp=2103&fcp=2103&at=GRtSR1hCRR4%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1211.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 11:10:20 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6a1a09ec08214114-PRG

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
675 B 141ms
124ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o692s&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=be0757d5-8b4b-4311-b5f3-760c56e1914f&tw_document_href=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Thu, 21 Oct 2021 11:10:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 106244a2390c3533145b607d2d20e40958de11627758c88337bb7565d599111f
x-transaction: 3629c2b6dccb34cd
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
469 B 126ms
111ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o692s&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=be0757d5-8b4b-4311-b5f3-760c56e1914f&tw_document_href=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 104
pragma: no-cache
last-modified: Thu, 21 Oct 2021 11:10:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f16c67c01170f3656315a2c96e6ab211cb1651cc7d05ca5027ca5b9baba7ca3b
x-transaction: d917fff8e3d367ea
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK LUP4R77Y9Z.json Show response
wkxppshj-qx.global.ssl.fastly.net/ 14 KB
10 KB 29ms
6ms Script
application/x-javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wkxppshj-qx.global.ssl.fastly.net/LUP4R77Y9Z.json

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b00715bdb37d7d053092a868c1fefc3db3e67f38d3b7b46d3a05dbc0039eff1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
ETag: "c1d39b609769913bda3672f79cdf9af4"
Age: 2562
X-Cache: HIT
Connection: keep-alive
Content-Length: 9639
X-Served-By: cache-hhn4022-HHN
Access-Control-Allow-Origin: *
Last-Modified: Thu, 21 Oct 2021 09:27:33 GMT
X-Timer: S1634814620.537902,VS0,VE0
Date: Thu, 21 Oct 2021 11:10:19 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish
cache-control: max-age=3600
Accept-Ranges: bytes
X-Cache-Hits: 53

GET
H2 200 referrer Show response
colres.sitelabweb.com/ 20 B
98 B 315ms
101ms Script
text/plain 34.238.185.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://colres.sitelabweb.com/referrer
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.185.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-185-203.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 15971bae84a18f790ed6d3842f47d5c3097a44e43f2f891a8571f3273ce25b24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:10:19 GMT
server: nginx
content-length: 20
content-type: text/plain

GET
H2 200 ads.js Show response
cdn.480app.com/ 21 B
325 B 47ms
17ms Script
application/x-javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.480app.com/ads.js?r=8602180237428361

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
etag: "8a68886c66c8ca4dccac563705f5891c"
age: 1825
x-cache: HIT
content-length: 41
x-served-by: cache-hhn4069-HHN
access-control-allow-origin: *
last-modified: Tue, 23 Jun 2015 06:50:40 GMT
x-timer: S1634814620.568920,VS0,VE0
date: Thu, 21 Oct 2021 11:10:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 446

GET
H/1.1 200
OK /
colrep.sitelabweb.com/rp/ 42 B
271 B 40ms
7ms Image
image/gif 52.59.36.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colrep.sitelabweb.com/rp/?d=OF0-II92FRdWkvuR1~dGYUayGjuVN9GT1xJ430PAcLInUgPUgzfjA50mcvdoj9NzYE6CZSdT0wqfZvcHUUPWezqFJpJF_0J3rwczN9OTXUc3R0hDg24ioyZ479ODA3M3JXZIkuhDZqbGmXbmkntFF46VWQNY23NkkLVirlZYI9eDUu3DjlY3n9OjIM8CZRYz-xfRM1ODXmNjx5cCUG0nWhPmnveUl6aGXTMlY1dUAl3jQnVLTu_G9MNyUfMU4UbAIxMTTeMCBzfhUF3Fepb0I0JANSITadeEY0cCUy3EVvcZelW2V-C2ljJiIGfAM4LjeoJT-w_DtaCE2MJl3DJAIAaG2ZZTUye~dlF27uKkByNEN5Nm9aZhTyjRk~LjTeNDB3cx4L3yVyMY7hZUFC_SmfRkUzfi4z4ionYp4FfHR2MnNXbI39evZ2dW2VPT-0clQL5DV5NL6xMgVyNWnTOHNmeUgz32Y4M0x1PDcD3nNXZT0kewRnY2nSYjLibCML5TZ2Z0WkMUYHXjTeOEQwfDJkFSovd0jxKmhFJWYsaXQ0v~MmM0XWMkFlbjZML3dudpx3bmJ5KmfcbTUyjXFi0TZFYo4jc3VBOC1gZlM1vUl1eSmiRmevo1lB0TOGc3FkaEI-L0iTMkUyjXFi0TY0M1Gqc2IANG9gdSTyfAJHbmnpJT-1b-Z0LGFlM0EzRzJHcHjcbkEleUUy4nk-bnszc3VFI2UTMzTzj~Jmc3Ufbn45sxUF4TJ2dpBtXl1-YG2kbTUyfDNEGWHgaodlNjUF7nVjbk8jqD1xYW2YbiBycSNX3TlwOnvSQk9TSFSEZXxjuo1lE1ZNUYsS_WJFIW5SZlPmwzVocjKfJmTzhV53GWO0ZoA9ZUF6b2mUY3xprG50B2kycLTvckl19TIeNy3xegEvMTXmLjKyaiEL3zR4MlA2MAgCMTqdMEAmqoEx6UtAMknyMjQF6TImMTL5f94yNjemODx0ciEO0mOhM0nHQAE8LiNoNkYwejk54CKwN030PDEJ7jEoJ0wzhERzdWmXcn39olF9K2Vmb432PAA0bmndb4J0hCZyITGw&c=213
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.36.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-36-213.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 11:10:19 GMT
Last-Modified: Tue, 13 Jul 2021 10:02:51 GMT
Server: nginx
ETag: "60ed64cb-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/428342732/ 2 KB
1 KB 35ms
17ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/428342732/?random=1634814619544&cv=9&fst=1634814619544&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&tiba=Log%20In%20-%20Upwork&auid=627242148.1634814619&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0599adfb7363f35b3794cb18075a23c8440f898313ba647d2b93424895b1a578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 11:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/428342732/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/428342732/?random=1847255531&cv=9&fst=1634814619544&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
https://www.google.com/pagead/1p-conversion/428342732/?random=1847255531&cv=9&fst=1634814619544&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
64 B

44ms
27ms

Image
image/gif

142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/428342732/?random=1847255531&cv=9&fst=1634814619544&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&tiba=Log%20In%20-%20Upwork&auid=627242148.1634814619&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=m0pxYbmbI-PFx_APn4GGuAo&eitems=ChEI8J_EiwYQ6Muc1qf6oJuxARIdAKULEUOz1Ok3pT4VQ1kkrjDi8xnxtVDNPutyyZM&random=194183803&resp=GooglemKTybQhCsO

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 11:10:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Oct 2021 11:10:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/428342732/?random=1847255531&cv=9&fst=1634814619544&num=1&value=0&label=wGPYCP2ykfYBEMz7n8wB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&tiba=Log%20In%20-%20Upwork&auid=627242148.1634814619&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=m0pxYbmbI-PFx_APn4GGuAo&eitems=ChEI8J_EiwYQ6Muc1qf6oJuxARIdAKULEUOz1Ok3pT4VQ1kkrjDi8xnxtVDNPutyyZM&random=194183803&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collector Show response
collector-pxss13u803.px-cloud.net/api/v2/ 423 B
488 B 68ms
68ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxss13u803.px-cloud.net/api/v2/collector
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 471e5c677981ca1d9196892f936c7e811598c21701f536c11fc550ecb1d2ae15

Request headers

Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Oct 2021 11:10:19 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.upwork.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 423

OPTIONS
H3 200 tp2
shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/ Frame 0
0 247ms
229ms Preflight 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2

Protocol

Server

104.18.90.237 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 21 Oct 2021 11:10:20 GMT
content-length: 0
access-control-allow-origin: https://www.upwork.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6a1a09f00c58411f-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 tp2 Show response
shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/ 2 B
766 B 215ms
215ms XHR
text/plain 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

cf-ray: 6a1a09f17ce74138-PRG
date: Thu, 21 Oct 2021 11:10:20 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.upwork.com
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2

POST
H3 200 216.131.114.72.1634814618256000.json
www.upwork.com/api/o2/v1/logging/ 101 B
0 264ms
263ms Fetch
application/json 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/api/o2/v1/logging/216.131.114.72.1634814618256000.json

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
x-odesk-referrer: desktop
origin: https://www.upwork.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: _pxhd=HFLocusL-0e/fR8uUZIClS8c6wQe7lSZm/rQqQBSosilhkpPbKmCQGTGqC0-qw/qaU9vgA570krc4LTieasTCw==:vZ2ZVjK4f-UbgBZbbLvNCF26W23IwjNQingktsr5/uYYc08rPe8oM/3uSO2Jfvldl6vfbrAr5gaqUjxlEkyp5WwbqvhtTdXDXGOKqKVMrGM=; __cf_bm=6cdca70024f949bed07a73998b4b643de4b288cd-1634814618-0-AUiNs4wYk7tIO4FYyNo0T2+vCLycu047Ecwe7eqEg1vGKgyWR54Lxq1I4cF/NNqjyr9lBmMA7RHPFDeGUBg9yeo=; visitor_id=216.131.114.72.1634814618256000; enabled_ff=CI11132Air2Dot75,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations,!CI10857Air3Dot0; __cfruid=12be4d84fdfedac4aed4c8e4ca1dd22327a1a68c-1634814618; XSRF-TOKEN=54317fe1b068299d169669ff6245fac5; _gcl_au=1.1.627242148.1634814619; bmuid=1634814619013-23BD807A-2304-4032-AB46-E5E831FEB5AD; upwork_bc=1634814619014_216.131.114.72.1634814618256000; cdContextId=2; _sp_ses.2a16=*; _ga=GA1.2.96603994.1634814619; _gid=GA1.2.421270395.1634814619; _gat_UA-62227314-1=1; _hp2_props.2858077939=%7B%22user_logged_in%22%3Afalse%7D; pxcts=79e47520-325f-11ec-bc83-83376df8ed13; _pxvid=794724b0-325f-11ec-9aa2-706f70456b6c; _pxff_fp=1; _hp2_id.2858077939=%7B%22userId%22%3A%228149107516610479%22%2C%22pageviewId%22%3A%22192798940210301%22%2C%22sessionId%22%3A%224212767355364216%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; G_ENABLED_IDPS=google; _hp2_ses_props.2858077939=%7B%22ts%22%3A1634814619154%2C%22d%22%3A%22www.upwork.com%22%2C%22h%22%3A%22%2Fab%2Faccount-security%2Flogin%22%2C%22q%22%3A%22%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded%22%7D; IR_gbd=upwork.com; IR_13634=1634814619140%7C0%7C1634814619140%7C%7C; cdSNum=1634814619539-sjn0000235-48264d07-3a90-45a4-b2fe-04ff9487cd2e; spt=e4068658-46b9-46db-80e3-4064b1f683e9; _px3=e6b76b4152925d3b6d2f3a480427887d62fb284479a33170f313515d77416aa3:tJ60WAYy8cO2xIhFXe0fcRZPqsFyR2fPzm3z5dkVGKh1j3n0BpZrr1jIqeF4zVFqInW9UiCSf9Ji0iVB8sLUjQ==:1000:fA2NOIL8CQLXFlevv3klWYdgKACAYGQAM1BikB+sundQC2W03AbSk6yD1ApoP4iZ/8fTjUgRe4akOkavCgGJsRXKMvygmd14m+Dt5T1t8/+ihTlD3XRykQ5aWgYTHtRIkgbzh9ZnCGgRLmCd8QKfopJ+/vJpGYGsCrAxcbX9+W12LL2ST2s51FGt6CuWCLxmhwUiXH3AGIAGaDrm8ckqJg==; _sp_id.2a16=da1e4cdb-8152-44a4-b27d-34467fcdabc4.1634814619.1.1634814620.1634814619.d941ebfe-c10a-4831-8e23-31fe0e0b3afb
content-length: 620
x-odesk-visitor: 669b3e511689603bd3d207312c2f0f3b
:path: /api/o2/v1/logging/216.131.114.72.1634814618256000.json
pragma: no-cache
x-odesk-user-agent: oDesk LM
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: www.upwork.com
referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
:scheme: https
sec-fetch-site: same-origin
:method: POST
X-Odesk-Referrer: desktop
x-odesk-user-agent: oDesk LM
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
x-requested-with: XMLHttpRequest
X-Odesk-Visitor: 669b3e511689603bd3d207312c2f0f3b

Response headers

date: Thu, 21 Oct 2021 11:10:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: report-uri /ab/csp/index; report-to csp-endpoint
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin-when-cross-origin
last-modified: Thu, 21 Oct 2021 11:10:20 GMT
server: cloudflare
vnd-eo-trace-id: 6a1a09f0ab664138-PRG
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https://www.upwork.com/ab/csp/index"}],"group":"csp-endpoint","max-age": 10886400}
content-type: application/json
access-control-allow-origin: https://www.upwork.com
vary: Cookie
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 6a1a09f0ab664138-PRG
access-control-allow-headers: origin, content-type, accept, authorization, x-odesk-user-agent, x-requested-with
expires: Fri, 13 Oct 2000 05:00:00 GMT

GET
H2 200 dpm_pixel_min.js Show response
c.tvpixel.com/js/current/ 103 KB
32 KB 53ms
7ms Script
application/javascript 13.225.78.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=upwork-22294895-87a4-487e-a3e2-e0600ba62e35
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
server: AmazonS3
age: 67221
etag: W/"08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
date: Wed, 20 Oct 2021 16:29:59 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: VSURfQatqseyq8NLkd7DB8h768ZBXs-gw_PUbdaQq9aqtmEy6M6OFw==

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/container/18442;121244;12954;iframe/ Frame 8ABD 3 KB
4 KB 37ms
15ms Document
text/html 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/container/18442;121244;12954;iframe/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.upwork.com/ab/account-security/login%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&ns=&cb=644396.7438665143
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app35.frk11 /
Resource Hash: 27e067c670a117c7acdcd2a6aafdc440464f05db9534df51edf743a272a75baa

Request headers

Host: servedby.flashtalking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.upwork.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/

Response headers

Date: Thu, 21 Oct 2021 11:10:20 GMT
Connection: close
Cache-Control: no-cache, no-store
Content-Type: text/html
Server: prod-xre-app35.frk11
Pragma: no-cache
X-HW: 1634814620.dop230.fr8.t,1634814620.cds254.fr8.shn,1634814620.dop230.fr8.t,1634814620.cds269.fr8.sc,1634814620.cds269.fr8.p

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 59ms
18ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 10:48:05 GMT
content-encoding: gzip
age: 1335
x-guploader-uploadid: ADPycduHbSXsluvzmW2bEARd9JCs5s6HFdgzWgLOdrUrP0fcRyp9VTUUEzxPY9Re7h-85fVrvZq-Pn1vtf-u7lFuW0FivK0yXg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Thu, 21 Oct 2021 11:48:05 GMT

GET
H2 200 beacon
r.turn.com/r/ 43 B
407 B 347ms
117ms Image
image/gif 50.116.194.21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=TJhd3q3XuRUwQqBwz96_-zVNHqnYOaIYhAQobq5rJCuSbPlR19X41jj3I3RocldVy4lvM2FB1CR5zTfcPGPjBg&cid=&gtmcb=2136197672
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.194.21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS: presentation-atl1.turn.com
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 11:10:20 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK /
servedby.flashtalking.com/spot/8/18442;121984;12954/ Frame 8ABD 42 B
355 B 24ms
13ms Image
image/gif 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/spot/8/18442;121984;12954/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.upwork.com/ab/account-security/login%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&ns=&cb=644396.7438665143
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18442;121244;12954;iframe/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.upwork.com/ab/account-security/login%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&ns=&cb=644396.7438665143
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app18.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedby.flashtalking.com/container/18442;121244;12954;iframe/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.upwork.com/ab/account-security/login%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&ns=&cb=644396.7438665143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Oct 2021 11:10:20 GMT
Server: prod-xre-app18.frk11
X-HW: 1634814620.dop230.fr8.shc,1634814620.dop230.fr8.t,1634814620.cds287.fr8.sc,1634814620.cds287.fr8.p
Content-Type: image/gif
Cache-Control: no-cache,no-store
Connection: Keep-Alive
Content-Length: 42

GET
H/1.1 200
OK /
servedby.flashtalking.com/segment/2/read/a;;pixel/ Frame 8ABD 42 B
496 B 23ms
11ms Image
image/gif 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/segment/2/read/a;;pixel/?s=12954&d=www.upwork.com&r=ab/account-security/login
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18442;121244;12954;iframe/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.upwork.com/ab/account-security/login%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&ns=&cb=644396.7438665143
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app30.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedby.flashtalking.com/container/18442;121244;12954;iframe/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.upwork.com/ab/account-security/login%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded&ns=&cb=644396.7438665143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Oct 2021 11:10:20 GMT
Server: prod-xre-app30.frk11
X-HW: 1634814620.dop230.fr8.shc,1634814620.dop230.fr8.t,1634814620.cds284.fr8.sc,1634814620.cds284.fr8.p
Content-Type: image/gif
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 42

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 293ms
93ms Preflight 34.206.110.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Server: 34.206.110.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-110-32.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 21 Oct 2021 11:10:20 GMT
content-length: 0
access-control-allow-origin: https://www.upwork.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
336 B 291ms
97ms XHR
text/plain 34.206.110.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.110.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-110-32.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.upwork.com
date: Thu, 21 Oct 2021 11:10:21 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 257ms
127ms Preflight
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Server: 216.239.36.54 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: h3bl9jkuv8m4
x-powered-by: Express
x-cloud-trace-context: e037e54d8ee4a94d04362f061f58d431
content-encoding: gzip
date: Thu, 21 Oct 2021 11:10:20 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H3 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 174ms
159ms Fetch
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Fjob-post%2Fnew%3Fcta%3Dbutton1%26utm_source%3Dresponsys%26utm_medium%3Demail%26utm_campaign%3D1909_RC_CL_Welcome_RNP_Rebranded
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.36.54 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Oct 2021 11:10:20 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Google Frontend
access-control-allow-headers: Content-Type, Accept
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: b9a548d96d73f1f7b883d1d472b1b759
function-execution-id: 6njqblbfa852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0

POST
H3 200 tp2 Show response
shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/ 2 B
767 B 754ms
753ms XHR
text/plain 104.18.89.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.89.237 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

cf-ray: 6a1a09f479d84138-PRG
date: Thu, 21 Oct 2021 11:10:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.upwork.com
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2

OPTIONS
H3 200 tp2
shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/ Frame 0
0 257ms
257ms Preflight 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2

Protocol

Server

104.18.90.237 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 21 Oct 2021 11:10:20 GMT
content-length: 0
access-control-allow-origin: https://www.upwork.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6a1a09f2d8d3411f-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK /
colrep.sitelabweb.com/rp/ 42 B
271 B 7ms
7ms Image
image/gif 52.59.36.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colrep.sitelabweb.com/rp/?d=x2pRQQeM2gJdviv1J1OVXsHJQOh3rEoGT3nJ6Fy2dlRZmgScbRynIUcNSveQMRynMRZZWgPbMRynIUcNSveQMRynNNP_3oPbh2zk2IbGTomJ6aCk2Ib_2wZchiv1NNsZ3wUdrRynIUcNTfLNfNlobQPJknLMNG0z5cPJjjLMfBlobIPJjkZZAKz059Y_yvYMMRzr1UiNivYMRKl2eNTZ2XZQh611NQPJjjLMfBxk2dtGT3pJ6GDk2IbV3kVciJlnJIPJ0fLNfFlnJJcWXoZa96u2YUbJivZQ5R3rIUbJnoLciKp1d5cN2acbRNlnJIPJ0fXJ6aEk2JsGTjYa92m~5NfWWs2ZAKz059Y_yvYMMRzr1UiNivYMQizt55QWWobZ9OM06NfGTjYJ6KBk2VrJCvcRrR3snUbNyvYMRKo1eB_YWXNXhS43rVY_2BVbRJlnJIPJ0fLNfFlnJJLamgZduKh~MV3_mBJZ7S43qNP_3oPbh2zurlcaCvYMMRzr1UgNjbLN7NlnKMPJjkObh2l43VjaFoLciKp1d5cQGBZdrRynIUcNSvcQN7lo3QPJknLMNGz0r9_aGgYZfS43qNP_3oPbh2zurlcaCvYMMRzr1UgNjbLN7NlnKMPJjkLYQC0~6NubHs2ZAKz059Y_0NPciNlnJIPJ0fLN7Fwk2VtGTkoJ6Fy3dlVYWkce7S43qNP_3oPbh2zurlcaCvYMMRzr1UgNjbLN7NlnKMPJjkWcQij~6NNZ3wbRAe0vdVc_2BVbRKM06NfGTjYJ6KBk2VrJCvcRrRyrYUbJnoObi8w~6JubHs2ZAKz059Y_0NPciNlnJIPJ0fLN7Fwk2VtGTkoJ6FyzdVYaGNgRAe0vdVc_2BVbRKM06NfGTjYJ6KBk2VrJCvcRrR3snUiOCveRrR3snZYZW3bY9_9w4AfRj2eW6iakNZP_jSXN51wo1ZMZjSdMN_4kMNMMTfdMcN4n2QhJTAbN6Jm35EoQWaha9usz1UbOjvUMrRynnhAYWXKbiazk2I_QlrLMN7xnn4_GTonJ6FwwdlYKjrLMfFlnJBjKjrPJ6Fwr6B_ZGw6Z9GL06QPJkzcMc_unZYPJjbOSfeUu3wPJknLMN8s05tPGTjWRhSj0d8TGTjWQhey1d1PGTkrO6Junn4fKT2eLNVzk2I_R2gMYAGpk2JvKTneLNJ2kMhL_0wfdvSu2dlZZjSWJRe135lOMWvgY6F4oJRQKj6gYhR5nJhMJzwLNc_z~oIgWTAgYNd2kNVgYWrkMNN2~oYjKTAeYcBzo5IkWWvfYhVypoMcVjAYM6R4oZAQ_2BKP9NworZNWWgINhFwnZYkKj~MO9Ny~JVMJDffNs71nMRLGncdP6Bm0sJPWjTOdwOw2YUcNSvYRMRysNdiayXccwav2MsYV2aTJ6GGz5IPJk~HYhKv355fIXoLYiSy06RkGTkrbv6n054PJ0~YZ9Op2IUcOCvYN6GGz5IPJjvYRQmvzI1_Z3obJ6F1nKZYWX2LMNRzsMNfVSvYN6KEzNVfaGaUM5Ryo2IhaXsTXiKv36JNWSvYN6KE2MVc_GaUciizk2IgJj~cdv~f15VOYXwTJ6F1nbRPZWgPbrRyo2IhaXsTXhKh16BLYW3UJ6F1nbQaLTbgXgGDybN-U13LbvKv15VJRkX-XgGlzNJLZmsLZrW0~5dbMW_MaAKJ1MZPV3sLZs~mz5xcWS~Jbvil1NR6WXoZa96ut5QoJjfdLNBzn14aJTrUNcFun2YcKD6XNsVxpoIgKjbWMrWjz2EoO0fXLNFuooIaJj2WMch1mJEhJzrfM6N2n2kQV2fYP7aBn14bIjAdNN7zp2kfIjfdMcN4n2QhJTAMcQh9n1Z_WnrkNsB_&c=213
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.36.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-36-213.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 11:10:22 GMT
Last-Modified: Tue, 13 Jul 2021 10:02:51 GMT
Server: nginx
ETag: "60ed64cb-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.upwork.com/pub	1970-01-20 15:38:06	Name: 6.interact5.Mp2.....N.N... Value: _ri_=X0Gzc2X%3DAQpglLjHJlYQGNjbOlC4Dna18zdAaAAmIe5inzbnJgRozauAszf6zfLGzeq7Jb3h5zdjNUvqumOaBY4gy6zffBeo2RVXtpKX%3DDYSWCSCY&_ei_=Eq2tf9zs59idfPO1Sc_9BbneXOOu9R3fu3pJL4btlJIHmdXkmKExhHOjjbo0cBFrc7Eisw7McsX5pD_8wrQ0DTFhiaiqulLJbbvOxKaOtOleDHLZObhLDcI
www.upwork.com/	1970-01-20 06:52:30	Name: _pxhd Value: HFLocusL-0e/fR8uUZIClS8c6wQe7lSZm/rQqQBSosilhkpPbKmCQGTGqC0-qw/qaU9vgA570krc4LTieasTCw==:vZ2ZVjK4f-UbgBZbbLvNCF26W23IwjNQingktsr5/uYYc08rPe8oM/3uSO2Jfvldl6vfbrAr5gaqUjxlEkyp5WwbqvhtTdXDXGOKqKVMrGM=
.upwork.com/	1970-01-19 22:06:56	Name: __cf_bm Value: 6cdca70024f949bed07a73998b4b643de4b288cd-1634814618-0-AUiNs4wYk7tIO4FYyNo0T2+vCLycu047Ecwe7eqEg1vGKgyWR54Lxq1I4cF/NNqjyr9lBmMA7RHPFDeGUBg9yeo=
.upwork.com/	1970-01-20 06:52:30	Name: visitor_id Value: 216.131.114.72.1634814618256000
www.upwork.com/	1969-12-31 23:59:59	Name: enabled_ff Value: CI11132Air2Dot75,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations,!CI10857Air3Dot0
.upwork.com/	1969-12-31 23:59:59	Name: __cfruid Value: 12be4d84fdfedac4aed4c8e4ca1dd22327a1a68c-1634814618
.upwork.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 54317fe1b068299d169669ff6245fac5
.upwork.com/	1970-01-20 00:16:30	Name: _gcl_au Value: 1.1.627242148.1634814619
.google.com/	1970-01-20 02:30:25	Name: NID Value: 511=WO83vsZZWfXG2zevo9Z_u5ERzIZlu3uaApOGauDrJ5WAhgXVRx7hzf84g-z4Oavi5t8ebqnXRVwyL3ECsdCZq9sokHOYu-0wmEuvpVgHppWp8YLF4vC0k7WqBGOZSaa8sXGNEBuuUujYxH7Qqqf3z9ZZwdmXylx-Bzm_8SveAjQ
.upwork.com/	1970-01-20 06:52:30	Name: bmuid Value: 1634814619013-23BD807A-2304-4032-AB46-E5E831FEB5AD
www.upwork.com/	1970-01-19 22:06:58	Name: upwork_bc Value: 1634814619014_216.131.114.72.1634814618256000
.upwork.com/	1969-12-31 23:59:59	Name: cdContextId Value: 2
www.upwork.com/	1970-01-19 22:06:56	Name: _sp_ses.2a16 Value: *
.upwork.com/	1970-01-20 15:38:06	Name: _ga Value: GA1.2.96603994.1634814619
.upwork.com/	1970-01-19 22:08:21	Name: _gid Value: GA1.2.421270395.1634814619
.upwork.com/	1970-01-19 22:06:54	Name: _gat_UA-62227314-1 Value: 1
mpsnare.iesnare.com/	1970-01-20 06:52:30	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: OT2CQPLIrGfM268YN3YVJoH7w2mZOl3N1gfSlYOGpdo=
.upwork.com/	1970-01-20 07:34:52	Name: _hp2_props.2858077939 Value: %7B%22user_logged_in%22%3Afalse%7D
www.upwork.com/	1969-12-31 23:59:59	Name: pxcts Value: 79e47520-325f-11ec-bc83-83376df8ed13
www.upwork.com/	1970-01-20 06:52:30	Name: _pxvid Value: 794724b0-325f-11ec-9aa2-706f70456b6c
www.upwork.com/	1970-01-19 22:06:54	Name: _pxff_fp Value: 1
.upwork.com/	1970-01-20 07:34:52	Name: _hp2_id.2858077939 Value: %7B%22userId%22%3A%228149107516610479%22%2C%22pageviewId%22%3A%22192798940210301%22%2C%22sessionId%22%3A%224212767355364216%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.www.upwork.com/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
first.iovation.com/	1970-01-20 06:52:30	Name: fp_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: e/t4QpGTB3pFQxA4x152afXVGaHJ6ry5li720UPGkH0=
.upwork.com/	1970-01-19 22:06:56	Name: _hp2_ses_props.2858077939 Value: %7B%22ts%22%3A1634814619154%2C%22d%22%3A%22www.upwork.com%22%2C%22h%22%3A%22%2Fab%2Faccount-security%2Flogin%22%2C%22q%22%3A%22%3Fredir%3D%252Fab%252Fjob-post%252Fnew%253Fcta%253Dbutton1%2526utm_source%253Dresponsys%2526utm_medium%253Demail%2526utm_campaign%253D1909_RC_CL_Welcome_RNP_Rebranded%22%7D
.upwork.com/	1969-12-31 23:59:59	Name: IR_gbd Value: upwork.com
.upwork.com/	1969-12-31 23:59:59	Name: IR_13634 Value: 1634814619140%7C0%7C1634814619140%7C%7C
.agkn.com/	1970-01-20 06:52:30	Name: ab Value: 0001%3AUsaToc%2FHpZi6KlcEfR%2B3yS2vzEJRL00a
.agkn.com/	1970-01-20 06:52:30	Name: u Value: C\|0CAApBAcbKQQHGwAAAAAAAUDlAAAAAA
.upwork.com/	1970-01-20 06:52:30	Name: cdSNum Value: 1634814619539-sjn0000235-48264d07-3a90-45a4-b2fe-04ff9487cd2e
.twitter.com/	1970-01-20 15:38:06	Name: personalization_id Value: "v1_f/YIjPbhfvHF1hIFLm3hlQ=="
.doubleclick.net/	1970-01-19 22:06:55	Name: test_cookie Value: CheckForPermission
.upwork.com/	1970-01-20 06:52:30	Name: spt Value: e4068658-46b9-46db-80e3-4064b1f683e9
www.upwork.com/	1970-01-19 22:09:47	Name: _px3 Value: e6b76b4152925d3b6d2f3a480427887d62fb284479a33170f313515d77416aa3:tJ60WAYy8cO2xIhFXe0fcRZPqsFyR2fPzm3z5dkVGKh1j3n0BpZrr1jIqeF4zVFqInW9UiCSf9Ji0iVB8sLUjQ==:1000:fA2NOIL8CQLXFlevv3klWYdgKACAYGQAM1BikB+sundQC2W03AbSk6yD1ApoP4iZ/8fTjUgRe4akOkavCgGJsRXKMvygmd14m+Dt5T1t8/+ihTlD3XRykQ5aWgYTHtRIkgbzh9ZnCGgRLmCd8QKfopJ+/vJpGYGsCrAxcbX9+W12LL2ST2s51FGt6CuWCLxmhwUiXH3AGIAGaDrm8ckqJg==
www.upwork.com/	1970-01-20 15:38:06	Name: _sp_id.2a16 Value: da1e4cdb-8152-44a4-b27d-34467fcdabc4.1634814619.1.1634814620.1634814619.d941ebfe-c10a-4831-8e23-31fe0e0b3afb
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 2b4b43fb607e9053
.upwork.com/	1970-01-19 22:06:56	Name: _dpm_ses.5831 Value: *
.upwork.com/	1970-01-20 06:52:30	Name: _dpm_id.5831 Value: 1de72e7b-ea05-4686-bd84-baeefff67652.1634814621.1.1634814621.1634814621.411e39e2-70b3-47dd-9681-3fcdcddca87d
www.upwork.com/	1970-01-20 06:52:30	Name: __pdst Value: f9ebc81fe2904fe5a5d1b153a508eaae
.flashtalking.com/	1970-01-20 15:38:06	Name: flashtalkingad1 Value: "GUID=5042D2319D5B9D"
.turn.com/	1970-01-20 02:26:06	Name: uid Value: 7823148226417381294
.tvpixel.com/	1970-01-20 06:52:30	Name: sp Value: b745d5e3-85ab-4cde-8828-80f08fa04ab6
shasta-collector-production.upwork.com/	1970-01-19 22:16:59	Name: AWSALB Value: bYRzia8VDc0OiPl47itf2P1uQQ+OVkYjMGLMCbK6mU6ids9dra4RVXRsvgRDCuZA0HWHg6WN/Mbhhj67/Ye3hgQc8m4tiMirbQ34yJMNWPp7U0UZPRIOe56oD/nB
shasta-collector-production.upwork.com/	1970-01-19 22:16:59	Name: AWSALBCORS Value: bYRzia8VDc0OiPl47itf2P1uQQ+OVkYjMGLMCbK6mU6ids9dra4RVXRsvgRDCuZA0HWHg6WN/Mbhhj67/Ye3hgQc8m4tiMirbQ34yJMNWPp7U0UZPRIOe56oD/nB

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.twitter.com
apis.google.com
appleid.cdn-apple.com
assets.static-upwork.com
bam-cell.nr-data.net
bcdn.upwork.com
c.tvpixel.com
cdn.480app.com
cdn.heapanalytics.com
cdn.pdst.fm
collector-pxss13u803.px-cloud.net
colrep.sitelabweb.com
colres.sitelabweb.com
content.googleapis.com
d.agkn.com
d.impactradius-event.com
e.upwork.com
first.iovation.com
fyrsbckgi-c.global.ssl.fastly.net
googleads.g.doubleclick.net
heapanalytics.com
js-agent.newrelic.com
mpsnare.iesnare.com
p.tvpixel.com
r.turn.com
servedby.flashtalking.com
shasta-collector-production.upwork.com
ssl.gstatic.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
us-central1-adaptive-growth.cloudfunctions.net
wkxppshj-qx.global.ssl.fastly.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
www.upwork.com
104.111.230.79
104.16.252.149
104.18.89.237
104.18.90.237
104.244.42.67
104.244.42.69
13.225.78.112
13.225.78.2
13.225.78.89
142.250.181.226
142.250.181.227
142.250.185.174
142.250.185.72
142.250.186.110
142.250.186.131
142.250.186.74
142.250.186.77
142.250.186.98
142.250.74.196
151.101.12.157
151.101.130.137
151.101.194.217
151.101.65.194
162.223.232.234
162.247.243.147
18.184.251.131
185.60.216.35
209.197.3.19
216.239.36.54
3.225.25.49
34.206.110.32
34.238.185.203
35.186.220.184
35.186.249.72
35.244.142.80
50.116.194.21
52.59.36.213
54.216.48.107
74.125.140.156
80.252.88.155
0599adfb7363f35b3794cb18075a23c8440f898313ba647d2b93424895b1a578
06ae2adf234e8f79b9bf04e49617173ace87d022897c5436a855b8b8d74c0737
0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
120f7db62fa3a56d2a197ddc1d1b717bd975b2be00298f4af2b4d2dc187f64c0
15971bae84a18f790ed6d3842f47d5c3097a44e43f2f891a8571f3273ce25b24
24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407
25e521f17135f161c1f02f0555af227292ab009967c461380e3135c414f288e6
25e678f80e1b9c84e8898113f85ad591fab958bca711e2baf3d09137705550fc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27e067c670a117c7acdcd2a6aafdc440464f05db9534df51edf743a272a75baa
286fb7118a36643b062f60a1b3d4bac01d40414af8a2c302fe10da8224a6b517
2b10cf7d4f51fffa163623e2e9e508b731a96817c79ffcec26bf472b27a9c69e
2ca331f82a4dd7bd618b96c2f4384e5794529977ffce47bb4a35c915a12d9d5d
2f11a5008f6b38a19dbdc4839557c62ce408d84885dc3e2e4eab7ba8bcdecd96
2f1e3435e4093a90a84e35db146bae47ef1879fa37db7031ac37cdcfd59ff505
30f37eb0dac0c0d6f41ae2ca2386b4f64cc04c9d3e3e4e17779f405d1f043933
3ae6a88b479a8b53bdf15d0c7eb9dd55444a202cb1e5d7fd475adf8ba9702a7e
40b555bd39cbf37d89c88494291e802ac7db5cfcb6269cef7869eb1d467bea9b
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
471e5c677981ca1d9196892f936c7e811598c21701f536c11fc550ecb1d2ae15
47242723acf0b6efbba2fa7d7adb0f73f548cb5b1db2f9b3cda0bbf230de21e4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b85b57657e69f2662bff1ca26a0a3a5d8c517f2e6633b006b5cce01f1639e79
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b
4f079bb1c57b80e4915b1b9673a78ad0246d0330d900e2299e9ab0f05dba6516
5351498935ff16c8551109da3eb037d0f3e44aa8e3611b5f7430388f942a5265
544f5c53a23ca1eb409eb316f684f611bad4d9a00c9e6117557a4b47826e5630
5718c45c887b088e69f39849d1f3fbb0f677dff0d1f17488eceab37f6871cb44
58d089fe8590f86372f01bc42ca563d0457dc2d6b62c541e1ec0d0426a9b4a3c
58dcdc6a8ea111ea6e48841e189dcdb20b3d99200a1f75eb34d43d869941f551
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
648be4b03f38aff2e09c64d70bee266c070aa071eed70f44761a566a30ecd5d4
68c118794fe9632be0ea809ef037c29205568bbcea47843cc5a8de4ce4e40307
69c4844db0b454d8653aa0a2e31a8d3555fa9a75b8fbbb9cc3d43d637ef649ee
6aae029753f9c0f0d80655d2fd6309da9448dae9b983d847b56b807fd9856feb
6d41e75ec664442d97f945f549b384ac4326157341418cb7dd32061377aabfd6
6f32cb63f3194e4806059b63b4fc9091bce9e7741f36f40318a7b4c9fd3c3588
7104f7cdb53c20667315a85ded0882caf6bdc65a390adaad547c4cac890ac8af
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
75f714e52efb1636d5f73a0dfba846ba5ec7c98b92425259f88d62a22df3f15d
7630082d74db78951af0f13dab15ecfe5b20b769efb0da71dd81eafd4853346a
7caf751ab1de54c4cca3e86eab021b3efe4c02cfdda86319d5d084fddfe18c7b
81f148fc6d78ad2231e9802f93f3dad52407c55b7f89dec610d5ed998def20a3
8392acacde68221a87fcd55491814d4b23cb35bc0c446b4814bd3617e7f1e276
89fe8d66b03aaff29c451fc9597cc2201ee56fdf458d13461500d01a6f90ffe0
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8df0adcd17deadc1556b5f0859ff08a024917c91cd772346e8a7d1356b6a70d3
97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144
9a10f338a3973174620e2c834e60543cf61dde8b35f404860be57e1523d9d30b
9a184c870b25bf7b299f7fb8bd05d7d2d4e3964b581d07dde036f9083ddfd431
9a968e6a78d18dace88b8a14a6bb48eeb0a449994f2b9fd3c38e01026e634120
9b93f35755f47723ab5732139af0634c5fbed85a82428b6d32f1fdcb23ea6736
9ff19c2a6d195a950db2dca374b03c01c0c4056702968fa9a32d2573f6edcf87
a03a837649599540e37f536e7c9ad3e2fce77a9ad160f1737d164ff981270f16
a090e6daf090d8799d0176483bc0577f6534086b753c8dc9baa85eaaae3ad203
a5d510467fef93e3cd58b3eb0d1e1270ddd456db641bbbd6cb143b551664ce68
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b00715bdb37d7d053092a868c1fefc3db3e67f38d3b7b46d3a05dbc0039eff1d
b33c0a1d4b30d0363b39c038d71339ac6dee9c6b0ca96dd9f0f44c765a0f77dd
b3850422856d94f393a062b09fcf5235c20d1a58c9db04988c164a450daf19ea
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c26f87a1bf525c267cbbc6ecff527a18231ec6f6c5355f13fc1558f182571bd3
ca0459ee200a8d22d2629fd2a7b91ab11f948e90f50061b5acbfd5416763c572
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
d2ffc57bd32a7a732ea8740461eac920b2716a1a8c8f06424125a34b2c317a08
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e447bb24eea310c4ca34db92b3ebadee638dc1dcfa5bbafdaf7256768e788cb0
ebd1d02be294fdfa1eb56006326951209a4e2eae73d6c1556ad9442d0d41e4b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f53fc750b532cac175e72141b1f941724c61b6950300e2a25358615096f52a
f45d4beb1cef13741c1d9a6a286ebae588c1f11df59d2f1e56a8daa9c0117c6a
f68a7087c8e16af35d54d34e77a08c1b32bc1953336178cb015f2db3acf78de6
f995a86be3b899dd063d55ea4786ddc24f7d8b89907e0bce9490e66a14a8e577
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

www.upwork.com Open in urlscan Pro 104.18.89.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

99 %HTTPS

0 %IPv6

31 Domains

42 Subdomains

39 IPs

4 Countries

1272 kBTransfer

4047 kBSize

44 Cookies

0 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.upwork.com Open in urlscan Pro
104.18.89.237 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

99 %
HTTPS

0 %
IPv6

31
Domains

42
Subdomains

39
IPs

4
Countries

1272 kB
Transfer

4047 kB
Size

44
Cookies

98 HTTP transactions
2 data transactions