www.upwork.com Open in urlscan Pro
104.18.90.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.upwork.com/ab/reports/client/timesheet/?companyReference=881683933189431296&range=20231002-20231008&hours_l...
Effective URL:
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881...
Submission: On October 09 via manual (October 9th 2023, 2:22:32 pm UTC) from US — Scanned from DE

Summary HTTP 130 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 27 domains to perform 130 HTTP transactions. The main IP is 104.18.90.237, located in and belongs to CLOUDFLARENET, US. The main domain is www.upwork.com. The Cisco Umbrella rank of the primary domain is 52963.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 24th 2023. Valid for: a year.

This is the only time www.upwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 44	104.18.90.237 104.18.90.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:ddbf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	52.129.66.1 52.129.66.1	16509 (AMAZON-02) (AMAZON-02)
4	54.195.39.4 54.195.39.4	16509 (AMAZON-02) (AMAZON-02)
1	52.17.203.67 52.17.203.67	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.56 99.86.4.56	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	184.30.208.159 184.30.208.159	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:215... 2600:9000:2156:fa00:2:7cf7:d580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.49 143.204.215.49	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.98.77 143.204.98.77	16509 (AMAZON-02) (AMAZON-02)
5	34.192.191.43 34.192.191.43	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:1f18:e8a... 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200d	15169 (GOOGLE) (GOOGLE)
3	143.204.98.111 143.204.98.111	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2011	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	52.222.206.19 52.222.206.19	16509 (AMAZON-02) (AMAZON-02)
1	100.26.87.64 100.26.87.64	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:225... 2600:9000:2251:3400:10:f40e:dd80:21	16509 (AMAZON-02) (AMAZON-02)
130	38

44 104.18.90.237 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

www.upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:ddbf (United States)

ASN13335 (CLOUDFLARENET, US)

assets.static-upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.129.66.1 (United States)

ASN16509 (AMAZON-02, US)

first.iovation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.195.39.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.203.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-203-67.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-56.fra6.r.cloudfront.net

4c4cc75a16ed.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.208.159 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-208-159.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:fa00:2:7cf7:d580:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.cityrobotflower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-49.fra53.r.cloudfront.net

cdn123.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.77 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-77.fra50.r.cloudfront.net

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.192.191.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-191-43.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cityrobotflower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-111.fra50.r.cloudfront.net

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

9982405.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-19.fra56.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.26.87.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-87-64.compute-1.amazonaws.com

0aa9109d66ab4fbda1784c71bb6de1fb-4c4cc75a16ed.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:3400:10:f40e:dd80:21 (United States)

ASN16509 (AMAZON-02, US)

df45ay5pw60dy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	upwork.com 4 redirects www.upwork.com — Cisco Umbrella Rank: 52963	708 KB
13	forter.com 1 redirects 4c4cc75a16ed.cdn4.forter.com — Cisco Umbrella Rank: 105899 cdn123.forter.com — Cisco Umbrella Rank: 27833 cdn9.forter.com — Cisco Umbrella Rank: 4950 cdn0.forter.com — Cisco Umbrella Rank: 5021 cdn3.forter.com — Cisco Umbrella Rank: 4584 0aa9109d66ab4fbda1784c71bb6de1fb-4c4cc75a16ed.cdn.forter.com	203 KB
10	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 125 accounts.google.com — Cisco Umbrella Rank: 32 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 118	154 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 385	140 KB
6	cityrobotflower.com ob.cityrobotflower.com — Cisco Umbrella Rank: 126247 obs.cityrobotflower.com — Cisco Umbrella Rank: 84022	39 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	493 KB
4	cloudfront.net d6tizftlrpuof.cloudfront.net df45ay5pw60dy.cloudfront.net	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	278 B
4	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 9982405.fls.doubleclick.net — Cisco Umbrella Rank: 116500	4 KB
4	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 6110	22 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 427	14 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	125 KB
3	iovation.com first.iovation.com — Cisco Umbrella Rank: 72476	20 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6147	563 B
2	googleapis.com content.googleapis.com — Cisco Umbrella Rank: 2269	7 KB
2	gstatic.com www.gstatic.com	222 KB
2	static-upwork.com assets.static-upwork.com — Cisco Umbrella Rank: 111074	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 153	2 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1613	637 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1380	8 KB
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 508
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	254 B
1	cdn-apple.com appleid.cdn-apple.com — Cisco Umbrella Rank: 3927	17 KB
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 4735	13 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 655	312 B
1	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1528	1 KB
0	Failed function sub() { [native code] }. Failed
130	27

	Domain	Requested by
44	www.upwork.com	4 redirects www.upwork.com
7	cdn.cookielaw.org	www.upwork.com cdn.cookielaw.org
6	www.googletagmanager.com	www.upwork.com www.googletagmanager.com ob.cityrobotflower.com
5	obs.cityrobotflower.com	ob.cityrobotflower.com www.upwork.com
5	cdn0.forter.com
4	www.facebook.com	www.upwork.com
4	apis.google.com	www.upwork.com apis.google.com content.googleapis.com
4	mpsnare.iesnare.com	assets.static-upwork.com mpsnare.iesnare.com www.upwork.com
3	df45ay5pw60dy.cloudfront.net
3	bat.bing.com	www.upwork.com bat.bing.com
3	connect.facebook.net	ob.cityrobotflower.com connect.facebook.net
3	cdn3.forter.com
3	accounts.google.com	apis.google.com www.upwork.com www.gstatic.com
3	first.iovation.com	www.upwork.com
2	www.google.de	www.upwork.com
2	www.google.com	1 redirects www.upwork.com
2	9982405.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	content.googleapis.com	apis.google.com
2	cdn9.forter.com	1 redirects www.upwork.com
2	www.gstatic.com	www.recaptcha.net accounts.google.com
2	assets.static-upwork.com	www.upwork.com www.googletagmanager.com
1	0aa9109d66ab4fbda1784c71bb6de1fb-4c4cc75a16ed.cdn.forter.com
1	d6tizftlrpuof.cloudfront.net	www.upwork.com
1	adservice.google.com	9982405.fls.doubleclick.net
1	www.googleadservices.com	www.googletagmanager.com
1	alb.reddit.com	www.upwork.com
1	www.redditstatic.com	www.upwork.com
1	csp.withgoogle.com	www.upwork.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn123.forter.com
1	ob.cityrobotflower.com	www.googletagmanager.com
1	appleid.cdn-apple.com	www.upwork.com
1	4c4cc75a16ed.cdn4.forter.com	www.upwork.com
1	w.usabilla.com	www.upwork.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.recaptcha.net	www.upwork.com
0	mlomiejdfkolichcflejclcbmpeaniij Failed
0	ihcjicgdanjaechkgeegckofjjedodee Failed
0	gighmmpiobklfepjocnamgkkbiglidom Failed
130	40

This site contains no links.

Subject Issuer	Validity	Valid
*.upwork.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-24` - `2024-05-03`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
misc.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-12` - `2024-05-11`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2023-05-01` - `2024-05-29`	a year	crt.sh
w.usabilla.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-09`	a year	crt.sh
*.cdn4.forter.com GeoTrust RSA CA 2018	`2022-12-08` - `2024-01-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2023-09-27` - `2023-12-26`	3 months	crt.sh
*.cityrobotflower.com Amazon RSA 2048 M02	`2023-07-17` - `2024-08-15`	a year	crt.sh
cdn123.forter.com Amazon RSA 2048 M01	`2023-05-11` - `2024-06-08`	a year	crt.sh
cdn0.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn3.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-03`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-17` - `2023-10-15`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.cdn.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-22`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Frame ID: AD302F64935947522431013176B70274
Requests: 108 HTTP requests in this frame

Frame: https://w.usabilla.com/202452b9c34b.js?lv=1
Frame ID: 0532D5764301B16F4C5866D2FF93F2CB
Requests: 1 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.B-JjfXXjM2M.O%2Fd%3D1%2Frs%3DAHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ%2Fm%3D__features__
Frame ID: 7771BE9CEC0E1C7391ACF36040F2C8A6
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: E618898FA12056A02E0354AAD516D25A
Requests: 4 HTTP requests in this frame

Frame: https://bat.bing.com/bat.js
Frame ID: 727C92F592723986D6BF43116D46F435
Requests: 6 HTTP requests in this frame

Frame: https://9982405.fls.doubleclick.net/activityi;dc_pre=COzO7Y6V6YEDFf8MogMdc_MLMQ;src=9982405;type=conve0;cat=cheqi0;ord=710347346351;auiddc=770014414.1696861347;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams
Frame ID: F3731BF687654EC39C005C4A9D021FB5
Requests: 2 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
Frame ID: 67C62E18B173126AF50FA382447E6B8A
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://gighmmpiobklfepjocnamgkkbiglidom/icons/icon24.png
Frame ID: 7384538E06A27A41863B179945DEFFC3
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/assets/close-icon.svg
Frame ID: E5A9C435DC0184B7F1AFDBB20D7AEA73
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://mlomiejdfkolichcflejclcbmpeaniij/app/images/icon16.png
Frame ID: 00AA00DCAE3462D9D9EF560E7E819E0F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Upwork Login - Log in to your Upwork account

Page URL History Show full URLs

https://www.upwork.com/ab/reports/client/timesheet/?companyReference=881683933189431296&range=20231... HTTP 302
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3Fco... Page URL

Detected technologies

Apple Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

appleid\.auth\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

130
Requests

88 %
HTTPS

59 %
IPv6

27
Domains

40
Subdomains

38
IPs

4
Countries

2194 kB
Transfer

6790 kB
Size

35
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.upwork.com/ab/reports/client/timesheet/?companyReference=881683933189431296&range=20231002-20231008&hours_logged=hours_online,hours_offline&team=all_teams HTTP 302
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Request Chain 55

https://www.upwork.com/iojs/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Request Chain 58

https://www.upwork.com/iojs/5.7.0/logo.js HTTP 301
https://first.iovation.com/5.7.0/logo.js

Request Chain 68

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/7eee0b923d4a252f3b22e34818f854eba1b299032adb4164eab4670beac59446ac7f4bc7651f51e6daf44fd2a676

Request Chain 103

https://9982405.fls.doubleclick.net/activityi;src=9982405;type=conve0;cat=cheqi0;ord=710347346351;auiddc=770014414.1696861347;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams HTTP 302
https://9982405.fls.doubleclick.net/activityi;dc_pre=COzO7Y6V6YEDFf8MogMdc_MLMQ;src=9982405;type=conve0;cat=cheqi0;ord=710347346351;auiddc=770014414.1696861347;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams

Request Chain 109

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1810910708&cv=11&fst=1696861347419&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&gtm_ee=1&auid=770014414.1696861347&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=owwkZbrRILOK7_UPo4qbmA8&sscte=1&crd=&pscrd=Ek5DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUklsQUp0c0ZwYjRwT2NFa0hBOEF6UmxUMldjbmlSWWx1V0NST2JmMXdxQ2xaRW1Cb3Q0dkEaWENoRUk4TW1PcVFZUTlmVDloWWE5NjlqZUFSSXRBTUFZSHlNQlZfRHdocndQQnd3M1NyTGgtUEJxaE9KaWJrMVRORkZHekJrY2VnYWpyRk52TDBNNFJXcnoiEwj6rumOlemBAxUzxbsIHSPFBvM HTTP 302
https://www.google.com/pagead/1p-conversion/972598239/?random=1810910708&cv=11&fst=1696861347419&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&gtm_ee=1&auid=770014414.1696861347&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUklsQUp0c0ZwYjRwT2NFa0hBOEF6UmxUMldjbmlSWWx1V0NST2JmMXdxQ2xaRW1Cb3Q0dkEaWENoRUk4TW1PcVFZUTlmVDloWWE5NjlqZUFSSXRBTUFZSHlNQlZfRHdocndQQnd3M1NyTGgtUEJxaE9KaWJrMVRORkZHekJrY2VnYWpyRk52TDBNNFJXcnoiEwj6rumOlemBAxUzxbsIHSPFBvM&is_vtc=1&ocp_id=owwkZbrRILOK7_UPo4qbmA8&cid=CAQSKQDICaaNEHqXC2V0X5PpJqG0IhHuCykAhGJBHYeh4jaGXEzPAt8UkRHG&random=2808730571 HTTP 302
https://www.google.de/pagead/1p-conversion/972598239/?random=1810910708&cv=11&fst=1696861347419&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&gtm_ee=1&auid=770014414.1696861347&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUklsQUp0c0ZwYjRwT2NFa0hBOEF6UmxUMldjbmlSWWx1V0NST2JmMXdxQ2xaRW1Cb3Q0dkEaWENoRUk4TW1PcVFZUTlmVDloWWE5NjlqZUFSSXRBTUFZSHlNQlZfRHdocndQQnd3M1NyTGgtUEJxaE9KaWJrMVRORkZHekJrY2VnYWpyRk52TDBNNFJXcnoiEwj6rumOlemBAxUzxbsIHSPFBvM&is_vtc=1&ocp_id=owwkZbrRILOK7_UPo4qbmA8&cid=CAQSKQDICaaNEHqXC2V0X5PpJqG0IhHuCykAhGJBHYeh4jaGXEzPAt8UkRHG&random=2808730571&ipr=y&ezwbk=AZuM4hAKBHlXD4K8A6Z1PjOaFSjE7P0bPzRZdHiLB0egSXYMRgoXEgme3IuZP7quvBSFssrTp-6aunEwzOK96d1peW1r

130 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
www.upwork.com/ab/account-security/
Redirect Chain

https://www.upwork.com/ab/reports/client/timesheet/?companyReference=881683933189431296&range=20231002-20231008&hours_logged=hours_online,hours_offline&team=all_teams
https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252C...

156 KB
31 KB

373ms
372ms

Document
text/html

104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4ec7bd4031c9bff1c87fda651fb21aca8924995eacb86bc973bf75506c998c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 81374690af1892b3-FRA
content-encoding: br
content-security-policy-report-only: report-to csp-endpoint
content-type: text/html; charset=utf-8
date: Mon, 09 Oct 2023 14:22:25 GMT
referrer-policy: origin-when-cross-origin
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
server: cloudflare
server-timing: api;dur=42, app;dur=107
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding Accept-Encoding
vnd-eo-trace-id: 81374690af1892b3-FRA
x-auth-status: Access
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-upwork-authentication: unauthenticated
x-xss-protection: 1; mode=block

Redirect headers

access-control-expose-headers: vnd-eo-trace-id
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8137468f2d3392b3-FRA
content-length: 0
content-type: text/html
date: Mon, 09 Oct 2023 14:22:25 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: /ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
referrer-policy: origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vnd-eo-parent-span-id: 08863cd8-9e72-45b9-aff9-88f683d03112
vnd-eo-prana-client-receive: 2023-10-09T14:22:25.285Z
vnd-eo-span-id: 933dec77-d02d-4429-9bd7-0516848e220f
vnd-eo-trace-id: 8137468f2d3392b3-FRA 8137468f2d3392b3-FRA
vnd.eo.parent-span-id: 08863cd8-9e72-45b9-aff9-88f683d03112
vnd.eo.request-id: 2b52f431-5105-4fff-a41c-dc02e4f2b646
vnd.eo.span-id: 933dec77-d02d-4429-9bd7-0516848e220f
vnd.eo.trace-id: 8137468f2d3392b3-FRA
vnd.odesk.error-code: 302
vnd.odesk.error-message: HTTP 302 Found
vnd.odesk.request-id: 2b52f431-5105-4fff-a41c-dc02e4f2b646
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-upwork-target-status: false
x-xss-protection: 1; mode=block

GET
H3 200 neue-montreal-regular.woff2
www.upwork.com/static/fonts-global/4.0.1/ 23 KB
24 KB 32ms
31ms Font
font/woff2 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/fonts-global/4.0.1/neue-montreal-regular.woff2

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f11a5008f6b38a19dbdc4839557c62ce408d84885dc3e2e4eab7ba8bcdecd96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Origin: https://www.upwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14260147
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 23912
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 09 Aug 2021 13:27:41 GMT
server: cloudflare
vnd-eo-trace-id: 7425b59c8a19a4f0-SJC
etag: "2e9d05ced4fddb6c67f1be57161a2668"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813746930b6b3764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 neue-montreal-medium.woff2
www.upwork.com/static/fonts-global/4.0.1/ 25 KB
25 KB 116ms
109ms Font
font/woff2 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/fonts-global/4.0.1/neue-montreal-medium.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8392acacde68221a87fcd55491814d4b23cb35bc0c446b4814bd3617e7f1e276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Origin: https://www.upwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21637330
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 25348
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 09 Aug 2021 13:27:41 GMT
server: cloudflare
vnd-eo-trace-id: 7425b59c9a48a4f0-SJC
etag: "f0728e66b926fbcc5376a1d55222e3a7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813746931b7c3764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 rza-regular.woff2
www.upwork.com/static/fonts-global/4.0.1/ 62 KB
63 KB 57ms
50ms Font
font/woff2 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/fonts-global/4.0.1/rza-regular.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e0fad370e50e89b4c84738050440070d6a9723aca47f1f6070b02ce21d22ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Origin: https://www.upwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21638395
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 63800
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 09 Aug 2021 13:27:41 GMT
server: cloudflare
vnd-eo-trace-id: 742ea1e99c94c8fc-SEA
etag: "4c125a0993ca325b5cc5056afbdd58c7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813746931b7e3764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 vue.runtime.2.7.14.min.js Show response
www.upwork.com/static/vue-libs/ 74 KB
28 KB 39ms
32ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vue.runtime.2.7.14.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72e9e3a3d67504b4790f56d7a644cb1417b421f2f08aa4be9757f0cfabbe1edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 21638022
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Nov 2022 16:24:53 GMT
server: cloudflare
vnd-eo-trace-id: 76d8a9db1e173362-SJC
etag: W/"4e644343c0055d4cdf6879735f2c69ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b813764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 vuex.3.6.2.min.js Show response
www.upwork.com/static/vue-libs/ 12 KB
4 KB 113ms
106ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vuex.3.6.2.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 21638329
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 15 Dec 2021 09:34:11 GMT
server: cloudflare
vnd-eo-trace-id: 6f29ae611bcdc928-SJC
etag: W/"9190541d2b0b2827d8f9a2b436ffdc3f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b833764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 vue-i18n.8.28.2.min.js Show response
www.upwork.com/static/vue-libs/ 28 KB
9 KB 67ms
61ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vue-i18n.8.28.2.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4a16fa3036e271376d3ceeef56a5f49dff42ea2560c18099177be8d46fe076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 11314921
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 26 May 2023 16:21:55 GMT
server: cloudflare
vnd-eo-trace-id: 7cfe9cb82c198e78-SJC
etag: W/"5d4375c9b8e7c9eada90983391b8ac24"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b853764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 runtime.13b6f4c8.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 68 KB
21 KB 64ms
57ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/runtime.13b6f4c8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fcc7290edee7f7bbfd33c1d9b87e29dbb8a621716a50901fb442ba60b40bae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 404272
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 04 Oct 2023 21:17:43 GMT
server: cloudflare
vnd-eo-trace-id: 81108f872c6927ad-SJC
etag: W/"eb112812b8ba8aac8e73f4542361c35e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b873764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 commons~app.75cb54c6.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 65 KB
22 KB 46ms
40ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/commons~app.75cb54c6.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eff53a84e6cab9f5c6c47d38692f3474795fec852e24f91c0a2c1b70e28d2eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 621394
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 29 Sep 2023 20:36:23 GMT
server: cloudflare
vnd-eo-trace-id: 80f75c26affbc270-SJC
etag: W/"587745a607d706cc1bcbb3af04f8717b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b883764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~app.ae15d4e9.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 51 KB
9 KB 57ms
51ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~app.ae15d4e9.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a24997a7d87de464160e9a840d0edef880d6714ba52e14143f1ff6dcaa159d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 621394
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 29 Sep 2023 20:36:30 GMT
server: cloudflare
vnd-eo-trace-id: 80f75c26b823c270-SJC
etag: W/"9d8c5a0400ca200b904f74694d3c711e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b8a3764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 app.2bcc00a3.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 1 MB
283 KB 69ms
63ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/app.2bcc00a3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b7dd38f34642aa965663deaaff1c9908a7e64dbe29c304bf93245a3cb7eac8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 04 Oct 2023 09:28:23 GMT
server: cloudflare
vnd-eo-trace-id: 810c73efac44c390-SJC
etag: W/"d2564f3a6269fb9587080abfcca5a602"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b8c3764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 login-air-3.c9143fb9.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/pages/ 443 KB
108 KB 64ms
58ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/pages/login-air-3.c9143fb9.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce2aaad7dccffb5a5a713eff553e8c46df7e5af5e57948af3c39cb59f410feac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 04 Oct 2023 09:28:29 GMT
server: cloudflare
vnd-eo-trace-id: 810c73efac45c390-SJC
etag: W/"f66ddb8643d6902945f6cb95722e845e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b8f3764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~8268aae5.a320b24c.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 1 KB
858 B 76ms
70ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~8268aae5.a320b24c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51a4efb0190a90c41634786089e3d7ac6505ab713494735c400fa1c0baf276ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc85247fe230e1-SJC
etag: W/"b61cbea08f9a56ab63f8a4e9dee52177"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b913764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~34214bff.af296e22.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 50 KB
9 KB 47ms
41ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~34214bff.af296e22.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edca229525f5ad52ee9522961d15a7a5a30558ec4f860bcb343042e71c0a4f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc8524bf15279c-SJC
etag: W/"de667f3924f83643a972bc63fbc6e0da"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b933764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~fe4ffddb.581812a0.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 13 KB
2 KB 79ms
73ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~fe4ffddb.581812a0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2748946e225bc1f48d56081c7cb2725c44887982d353814f3a0e4f68d7a33082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 04 Oct 2023 09:28:29 GMT
server: cloudflare
vnd-eo-trace-id: 810d187cb84b2e86-SJC
etag: W/"b7ad0f222049608c01d7c413c978894a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b943764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~73c36951.d62a1495.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 16 KB
3 KB 80ms
74ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~73c36951.d62a1495.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

067c626e1e8cceceeb670a4973a49c3b4e505c65372e63af26ad5242ae0d8cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 03 Oct 2023 12:44:44 GMT
server: cloudflare
vnd-eo-trace-id: 810558228fb9c36b-SJC
etag: W/"a69025a6944aa80abca6b51ec5781ca8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b953764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~adcac5aa.1487dbc2.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 3 KB
1 KB 80ms
74ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~adcac5aa.1487dbc2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0de91372f759ab1696cd7131b3a4e3eb7f1e3f03fdeb703041afdd31aaac1887

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc8525bfd2279c-SJC
etag: W/"616a6f17e227286b97f1277d4027d97f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b963764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~28a25188.a3dc7128.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 928 B
792 B 81ms
75ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~28a25188.a3dc7128.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13b7791c9d1babb39da7bfc4b5ece67f9af35abafc7b2523ff0cda81c4dec6c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc85268879279c-SJC
etag: W/"1d96f6ec3d396ead0fe2f56bc2c6afca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b973764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~c926bd4d.73a0184d.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 995 B
851 B 81ms
74ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~c926bd4d.73a0184d.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfa40a7e1a1a68593dc4b35bf6eafa143b8b1247c38661f41c492a42c643296d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc852699b5c75a-SJC
etag: W/"ccbbd2e63e9cf6e4a2d6eb05bb246391"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b983764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~c52a1688.8b1e2d99.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 901 B
833 B 81ms
74ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~c52a1688.8b1e2d99.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5922eb32f48e966d41e775f09b1945cc20c3ef920121964e0258d95f44a1f753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc8526a8c4c731-SJC
etag: W/"cf8f467900ca1466bcae482cf6445e75"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b9b3764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~a7e99353.dff65311.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 5 KB
2 KB 81ms
75ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~a7e99353.dff65311.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

989fb15fdaa724bb1826f080b3481d8c48fa759ac8f465377608a78ed61fd484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc8526ae85680b-SJC
etag: W/"f1fea06020bcf2e1f82615881f9a5f6a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931b9d3764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~4cebbcb2.412aae64.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 2 KB
911 B 82ms
75ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-push~add-totp~change-fido2~change-fido2-app~change-phon~4cebbcb2.412aae64.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bc5ebd1927dd5e7cb42cb9bd957ab0af80263e096ae6165a6708abad541c4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc8c492991279c-SJC
etag: W/"6220319dc72c0b1a8596e381b0e5d723"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931ba03764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~air3~db9de1b0.4ae0341b.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 6 KB
2 KB 82ms
75ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~air3~db9de1b0.4ae0341b.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

962e6b70624f65fde720ccc3028916c847a3991be416d2af4eddc63a8ee76816

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc8526c91030e1-SJC
etag: W/"dc92d25419dde41d140d3c4fe9dab8a8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931ba23764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~air3~b367a506.2d6b7bb1.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 5 KB
2 KB 82ms
76ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~air3~b367a506.2d6b7bb1.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35f45da8f88cbc7d99ae51c09fca29733f4f031d4b2cfcd62f5510454e05b8c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442207
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 04 Oct 2023 09:28:29 GMT
server: cloudflare
vnd-eo-trace-id: 810d187ce86d2e86-SJC
etag: W/"9654e2c6c88761c4211e536f34b3494d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931ba33764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~62804b9d.8a3321f0.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 4 KB
1 KB 83ms
76ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~anno~62804b9d.8a3321f0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8463eb516facb61e3a1a4aa9bf9c1830723e7371186f600f17a1c3743c75103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc85274921c731-SJC
etag: W/"83324fd9ca8721926d21d0acd35fd305"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931ba53764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~af93fb16.e3877743.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 1 KB
902 B 84ms
77ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~af93fb16.e3877743.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01abb26cf10b2693f130f6445800248cfd88b5ba4fd384745022ea40fb9aa11b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc85275a3dc75a-SJC
etag: W/"8786d611d2a09700c190de9571ced05b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931ba93764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~620f08af.9febaa91.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 6 KB
2 KB 109ms
102ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~620f08af.9febaa91.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af732d3734b7440bc30acae4db343a038c88f49f7cd817ebf5e174e8a253bb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc8527793f279c-SJC
etag: W/"a735d8173bf649054c4543db2b74a76a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931baa3764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~7b6122c8.8926bb23.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 2 KB
1 KB 84ms
77ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~add-fido2-app~add-phone~add-phone-v2~add-push~add-push-v2~add-totp~add-totp-v2~chan~7b6122c8.8926bb23.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5769ac850e7ea786e67148267ccded182fff0134a22c8890ebb18594e071c2cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc85278f3f680b-SJC
etag: W/"15c12bc877006011e61c7e749b7a03f7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931bad3764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 logout-air~9046407f.250d562d.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/clear-cookies-air-3~pages/device-authorization-air-3~pages/login-air-3~pages/ 4 KB
1 KB 84ms
78ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/clear-cookies-air-3~pages/device-authorization-air-3~pages/login-air-3~pages/logout-air~9046407f.250d562d.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da516ca4ab4573b94b0608a79aba072f4e8b8237b482ab27a750516a7c060d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc8527d9b530e1-SJC
etag: W/"25bb8b52e24615297ce7f6a5226b1ae5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931baf3764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 logout-air~e9d773de.5aa547e3.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/clear-cookies-air-3~pages/device-authorization-air-3~pages/login-air-3~pages/ 1 KB
1 KB 85ms
78ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/clear-cookies-air-3~pages/device-authorization-air-3~pages/login-air-3~pages/logout-air~e9d773de.5aa547e3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a3b2912b30926fea8e9ef820c051ba782a775a3b173a4999bb7dd61f619cd83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc8d689851c731-SJC
etag: W/"d6a3909f601bf4b2887300e6791f56e1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931bb23764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 push-notification~a2b0fd78.67a9eb35.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/device-authorization-air-3~pages/login-air-3~pages/oauth2-air-3~pages/ 930 B
790 B 91ms
85ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~pages/device-authorization-air-3~pages/login-air-3~pages/oauth2-air-3~pages/push-notification~a2b0fd78.67a9eb35.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb0f4bdb007423042bd58e6b18ed58943b6c8c44a129eda79d26294b69e7dbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc8d83682b30e1-SJC
etag: W/"ecba9455aa39eab69dd99eca48b99ad7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931bb43764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H3 200 password-and-security-air-3.1eec2ecc.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~change-fido2~enrollment~pages/login-air-3~pages/ 4 KB
1 KB 92ms
85ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/styles~add-fido2~change-fido2~enrollment~pages/login-air-3~pages/password-and-security-air-3.1eec2ecc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da27b74e59c9c1b13cd910c5c3746fd2b68d6e503549d5af50a53b8143e2052f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442209
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc8527fcd0c36f-SJC
etag: W/"6139659151e49121542e3c115fc62ca8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746931bb63764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 47ms
24ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 09 Oct 2023 14:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: h6ThlO7ea17v6JNPXbI1zQ==
age: 67958
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6822
x-ms-lease-status: unlocked
last-modified: Thu, 05 Oct 2023 06:23:34 GMT
server: cloudflare
etag: 0x8DBC56B9A6B87F1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 97221694-301e-000b-33c5-f7c2e8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 813746938eeebbc1-FRA

GET
DATA 200
OK truncated
/ 855 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7caf751ab1de54c4cca3e86eab021b3efe4c02cfdda86319d5d084fddfe18c7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 SFProText-Medium.db9b552.woff
www.upwork.com/static/assets/AccountSecurityNuxt/fonts/ 5 KB
6 KB 86ms
63ms Font
font/woff 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/fonts/SFProText-Medium.db9b552.woff

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58dcdc6a8ea111ea6e48841e189dcdb20b3d99200a1f75eb34d43d869941f551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Origin: https://www.upwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14222349
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 5548
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 17 Apr 2023 16:28:44 GMT
server: cloudflare
vnd-eo-trace-id: 7ba1a53eaf1515d2-SJC
etag: "83b478be12abf0ca955063c24a48d5cb"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81374693bca53764-FRA
expires: Tue, 08 Oct 2024 14:22:25 GMT

GET
H2 200 beb279fb-8702-46ec-a677-6f14e3828966.json Show response
cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/ 4 KB
2 KB 48ms
33ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/beb279fb-8702-46ec-a677-6f14e3828966.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f5616fe9643b8bdd0bc262f841e1a4aee2511ad0c18b15ca9c30b4054534a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 09 Oct 2023 14:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 84384
content-md5: OXAm5fEvYhaIQZUG2gRXYA==
content-length: 1687
x-ms-lease-status: unlocked
last-modified: Mon, 03 Jul 2023 14:47:00 GMT
server: cloudflare
etag: 0x8DB7BD45B889B8E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f9000553-201e-004a-4abd-ade881000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8137469408de925b-FRA
expires: Tue, 10 Oct 2023 14:22:25 GMT

GET
H3 200 workbox-window.prod.es5-eZxxJ.6e419292.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 5 KB
2 KB 52ms
51ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/workbox-window.prod.es5-eZxxJ.6e419292.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/runtime.13b6f4c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

346d5450ced0fe2d0927cf36ea963827348811fbeed3f0a1e82654430b136b5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 621329
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 29 Sep 2023 20:36:30 GMT
server: cloudflare
vnd-eo-trace-id: 80f75c320fb0c270-SJC
etag: W/"8f6ccc3f82d1d0f3212b01460854f952"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746947dcf3764-FRA
expires: Tue, 08 Oct 2024 14:22:26 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 1 KB
1 KB 150ms
48ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=explicit

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/pages/login-air-3.c9143fb9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9381678f627e59b81b52c75e63849296b455eadac7575b4f92d2d352768bc5d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 09 Oct 2023 14:22:26 GMT

GET
H2 200 loader_only.js Show response
assets.static-upwork.com/iovation/5.2.2/ 4 KB
2 KB 52ms
21ms Script
application/x-javascript 2606:4700::6810:ddbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/iovation/5.2.2/loader_only.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.2bcc00a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddbf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
x-amz-version-id: HskTff9TjeJIN57gDYa1bi2_LbMU_02X
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: W0YHJC3Y7BS1J0KR
age: 1142
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ODLGUTwxzBN771LdHkuAZmske3pOGdCWyh5CfrmQN6EV8bxvnIwnzJ0DOs9krY36jARZ6G+RnKKhrUDj/8Zo/g==
last-modified: Tue, 27 Jul 2021 10:37:17 GMT
server: cloudflare
etag: W/"8422458b55fbda403437065dd5557abf"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 813746951f679b45-FRA
x-amz-meta-last-modified: 1593693054000
expires: Mon, 09 Oct 2023 18:22:26 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 73ms
42ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 813746953ac635f7-FRA
access-control-allow-headers: Content-Type

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 182 KB
64 KB 125ms
46ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.2bcc00a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb44a0e302a5ed9a18ebb001b18c125a1f66f0ba8357e76c7bcdbdf563ec903e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65151
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 14:22:26 GMT

GET
H3 200 loader.nuxt.js Show response
www.upwork.com/nx/suit2/ 1 KB
1 KB 293ms
293ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/suit2/loader.nuxt.js?t=1696861346126

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.2bcc00a3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acef66aedae7e0afd63e2ccff87ded4a6698196eac30ca48a84e2df2bb96a7dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-to csp-endpoint, report-to csp-endpoint
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 26 Sep 2023 13:21:48 GMT
server: cloudflare
vnd-eo-trace-id: 813746955f033764-SJC
etag: W/"cdd01ab26854f04c31f4a5af44ebccf0"
x-frame-options: SAMEORIGIN
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}, {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 813746955f033764-FRA
expires: Mon, 09 Oct 2023 18:22:26 GMT

POST
H3 200 visitor-gql-token Show response
www.upwork.com/ab/account-security/ 77 B
808 B 271ms
270ms Fetch
application/json 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/ab/account-security/visitor-gql-token

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/app.2bcc00a3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d23dd5abe73f0b6fd94843e4f84186209ac872dc9c334313dad352d915d74888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
vnd-eo-parent-span-id: 039f72cd-c340-4e25-b0be-246fe5c93b26
vnd-eo-trace-id: 81374690af1892b3-FRA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
vnd-eo-span-id: c1bc71a5-a70c-4c77-83c5-6bb4a63041d6
sec-ch-viewport-width: 1600
accept-language: de-DE,de;q=0.9

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-security-policy-report-only: report-to csp-endpoint
server-timing: api;dur=46, app;dur=47
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: cloudflare
vnd-eo-trace-id: 813746955f0c3764-FRA
x-frame-options: SAMEORIGIN
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/json
vary: Accept-Encoding
cf-ray: 813746955f0c3764-FRA

GET
H/1.1

200
OK

static_wdp.js Show response
first.iovation.com/general5/
Redirect Chain

https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

40 KB
17 KB

120ms
33ms

Script
text/javascript

52.129.66.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: HTTP/1.1
Server: 52.129.66.1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7bdfd46cdac7d6e9a54b7e63d8c43cce2a82269cc72c3a2cb471eab955240a5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 14:22:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Expires: Wed, 08 Nov 2023 14:22:26 GMT

Redirect headers

date: Mon, 09 Oct 2023 14:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
cache-control: max-age=3600
cf-ray: 813746955f133764-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 09 Oct 2023 15:22:26 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 42 KB
20 KB 110ms
32ms Script
text/javascript 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: assets.static-upwork.com
URL: https://assets.static-upwork.com/iovation/5.2.2/loader_only.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c9bb09945dc01e8d0ca3c6ee341c234c9ad5d39c4c3a995bf8b2e2ea02b542e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 14:22:26 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H3 200 snippet-xndwY.8e876122.js Show response
www.upwork.com/static/assets/AccountSecurityNuxt/ 7 KB
3 KB 41ms
41ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/AccountSecurityNuxt/snippet-xndwY.8e876122.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/runtime.13b6f4c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c68762d35c507541d82f7f052279a5d8d94dbfb22fd8104578b917528c1a861a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 442208
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 11:07:42 GMT
server: cloudflare
vnd-eo-trace-id: 80fc852d5eb0279c-SJC
etag: W/"a694ea113af731e9b08efbddbb25229c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746956f313764-FRA
expires: Tue, 08 Oct 2024 14:22:26 GMT

GET
H2 200 202452b9c34b.js Show response
w.usabilla.com/ Frame 0532 46 KB
13 KB 96ms
28ms Script
text/javascript 52.17.203.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/202452b9c34b.js?lv=1
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.203.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-203-67.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 011839fcf77e3ad7530712fc8e93cdb7bcfcd803522d7b1547d35b0da4bf5515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:22:26 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "0530841aaedd243d77e6ba18231dc613"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 13168

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/ 403 KB
97 KB 17ms
16ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 09 Oct 2023 14:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fuN6EZWNAh2xn3yE+0HSRQ==
age: 20683
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99428
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:48 GMT
server: cloudflare
etag: 0x8DB81B7897E828A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 144c20d3-601e-002b-3b0c-b4ac5e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 813746958a8bbbc1-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/d354acbd-fb36-489c-82bd-26b614bd786e/ 137 KB
26 KB 27ms
26ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/d354acbd-fb36-489c-82bd-26b614bd786e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c9217d3c5db14ae809d3d33808d564972d119b91bb2e721da6fe97ea0b01df2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 09 Oct 2023 14:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 84101
content-md5: q+MnSUnftS9Tsb2/ioV7lg==
content-length: 26218
x-ms-lease-status: unlocked
last-modified: Mon, 03 Jul 2023 14:47:11 GMT
server: cloudflare
etag: 0x8DB7BD46240D731
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bd7e2b1f-801e-012e-5cbd-ad1e74000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81374695cabd925b-FRA
expires: Tue, 10 Oct 2023 14:22:26 GMT

GET
H2 200 script.js Show response
4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/ 440 KB
199 KB 88ms
11ms Script
application/javascript 99.86.4.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-56.fra6.r.cloudfront.net

Software

Resource Hash

4011b414009c3d354ac57c07ace4ec680974d91f140b3733f1445b251d9e0c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: gzip
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Sep 2023 10:32:46 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/4c4cc75a16ed/42033753516
etag: W/"b2cbd534b6051bffdd7ab906ae5b43e0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, immutable, max-age=600
timing-allow-origin: *
x-amz-cf-id: Jcay_FlNPWx8tf78QO1BENQSZ5_a8GXnlEUYwh-J2aaGY7cokEjGfg==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ 466 KB
187 KB 126ms
38ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upwork.com/
Origin: https://www.upwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 20:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Oct 2024 20:06:12 GMT

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 10 KB
3 KB 20ms
19ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b45c6cd9209d6f0f4c59e7a3b7db80a0f642898d4728fef9252155a6d264427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 09 Oct 2023 14:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5i2GgzdnYr7xAXvUmxvWyw==
age: 16413
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2606
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:43 GMT
server: cloudflare
etag: 0x8DB81B78646D554
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8c46793c-b01e-00c7-22d4-b3a427000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 813746960b08925b-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 21 KB
4 KB 18ms
18ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 09 Oct 2023 14:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 19368
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 17b86691-801e-006e-6ed4-b371cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 813746960b0b925b-FRA

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 47ms
47ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 09 Oct 2023 14:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 31241
x-ms-lease-status: unlocked
last-modified: Thu, 05 Oct 2023 06:23:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9b314a72-701e-0025-6059-f790ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 813746963ba1bbc1-FRA

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.7.0/ 505 B
1 KB 31ms
31ms Script
text/javascript 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.7.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

da63d99ef1b1247b3c0d31767ee3f94a9a0685a78c13dc13ba50c061aa253eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 14:22:26 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Tue, 08 Oct 2024 14:22:26 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 55ms
30ms Media
audio/mpeg 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.636979732489148

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c20fa71c32d2c6bbeda3b4b1f528362badd6d234ca3c0d54e13754c4aa20e2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.upwork.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Mon, 09 Oct 2023 14:22:26 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

dyn_wdp.js Show response
first.iovation.com/5.7.0/
Redirect Chain

https://www.upwork.com/iojs/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

2 KB
2 KB

30ms
30ms

Script
text/javascript

52.129.66.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: HTTP/1.1
Server: 52.129.66.1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a167c9bf00b158439b44263cfc210918b0b44ebf83f1b7487a60b1c26c28508f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: 2023-Oct-09 14:22:26
Content-Encoding: gzip
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
p3p: CP="NON DSP COR CURa"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, private
Keep-Alive: timeout=2, max=96
Content-Length: 1362
Expires: 0

Redirect headers

date: Mon, 09 Oct 2023 14:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
cache-control: max-age=3600
cf-ray: 81374696589c3764-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 09 Oct 2023 15:22:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 511 KB
122 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32d3c18a9fe3d6105b750e0d35ad3d7484b3a66ce533ef9e8df894ec3cc1034a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125032
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 14:22:26 GMT

GET
BLOB 200
OK 2979c6cd-7ff9-4631-b04a-ab9e04d1e90c
https://www.upwork.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/2979c6cd-7ff9-4631-b04a-ab9e04d1e90c
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ff3cce51d2589f2288391c152c93cd3aa195b3071c2e78aab24633e4a639ef9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 5305
Content-Type: application/javascript

GET
H/1.1

200
OK

logo.js Show response
first.iovation.com/5.7.0/
Redirect Chain

https://www.upwork.com/iojs/5.7.0/logo.js
https://first.iovation.com/5.7.0/logo.js

505 B
1 KB

31ms
31ms

Script
text/javascript

52.129.66.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/5.7.0/logo.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: HTTP/1.1
Server: 52.129.66.1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b79b40b0e06d3ec3e87f261726393afd0dc984a3025f89b692f0672f72a58959

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 14:22:26 GMT
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Content-Length: 505
Expires: Tue, 08 Oct 2024 14:22:26 GMT

Redirect headers

date: Mon, 09 Oct 2023 14:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://first.iovation.com/5.7.0/logo.js
cache-control: max-age=3600
cf-ray: 81374696a91a3764-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 09 Oct 2023 15:22:26 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 39ms
38ms Media
audio/mpeg 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.6298640023823079

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c20fa71c32d2c6bbeda3b4b1f528362badd6d234ca3c0d54e13754c4aa20e2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.upwork.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Mon, 09 Oct 2023 14:22:26 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ 18 KB
8 KB 162ms
47ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/pages/login-air-3.c9143fb9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7ae37c4da26c58fbc7e2fc594d22f56f4ad35c1ebf60808fb597640060eac4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 09 Oct 2023 14:22:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7118
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "fd7c054f832daeb0"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 14:22:26 GMT

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 42 KB
17 KB 54ms
17ms Script
application/javascript 184.30.208.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/AccountSecurityNuxt/pages/login-air-3.c9143fb9.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.30.208.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-208-159.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Mon, 09 Oct 2023 14:22:26 GMT
Last-Modified: Wed, 04 Oct 2023 17:53:51 GMT
Server: Apple
ETag: W/"43171-1696442031034"
Vary: accept-encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17356

GET
H3 200 index.iife.min.js Show response
www.upwork.com/static/suit2-tracker/0.3.12/ 80 KB
30 KB 28ms
28ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/suit2-tracker/0.3.12/index.iife.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/suit2/loader.nuxt.js?t=1696861346126

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44044aa7e92e15c4dd67e41310e05a71d0c3f87be7cb33fa23c1752e8e6afc0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1053582
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 26 Sep 2023 13:08:52 GMT
server: cloudflare
vnd-eo-trace-id: 80cbd9d34adcc374-SJC
etag: W/"e92d3b34ce7e218d5224c4f7b0a77986"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 813746983b873764-FRA
expires: Tue, 08 Oct 2024 14:22:26 GMT

GET
H2 200 516858f3f9efc799b493c6fec34c75df.js Show response
ob.cityrobotflower.com/i/ 97 KB
36 KB 66ms
8ms Script
text/javascript 2600:9000:2156:fa00:2:7cf7:d580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:fa00:2:7cf7:d580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 89ae04fd8bea45575af55e23ccf41fad3bf1e4c91d0837caae9875d7c9549764

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:13:42 GMT
content-encoding: gzip
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA50-C1
age: 40124
etag: "184f9-H7+cBgon9qLRN4bN6i6Tii4H7LM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 36123
x-amz-cf-id: S0pYdIrGHZ9NKnYf-51wmU6ZEJ2lIFTXFdflK8G4rvd3oR8csNTjJA==
expires: Mon, 09 Oct 2023 15:13:42 GMT

GET
H2 200 gtm-snippet.min.js Show response
assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/ 1 KB
841 B 21ms
20ms Script
application/x-javascript 2606:4700::6810:ddbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/gtm-snippet.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ddbf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
x-amz-version-id: ZweJj09ERuB7hGd43xe8zP0W7iYDRk9P
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 6XZWEPAJ0F2FWS31
age: 3928
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: d58E841oK3NFzSsenknJ4rI+1/c1NL7mBfoKeChR5goKFBpoTxlqjFes2mgfrA2AClJ4pTqX9JA=
last-modified: Wed, 28 Jul 2021 04:55:45 GMT
server: cloudflare
etag: W/"f65b2f243a458c9aae9b29262e8b2877"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 813746986c1c9b45-FRA
x-amz-meta-last-modified: 1532366449000
expires: Mon, 09 Oct 2023 18:22:26 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 224 KB
81 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-KSM221PNDX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b83fa7957f3a8e96e662474645ef5e6011220e1a69a480d88d3cdb5585476313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82478
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Oct 2023 14:22:26 GMT

GET
BLOB 200
OK 2b82ac55-61b0-4ffb-97a1-911bdff13f8f
https://www.upwork.com/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/2b82ac55-61b0-4ffb-97a1-911bdff13f8f
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3209f3d5a6ca288070838e54eb088847db3827c63d4553e00ebb6bedfb6f16f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 2311
Content-Type: application/javascript

GET
H2 200 / Show response
cdn123.forter.com/ 66 B
368 B 75ms
32ms XHR
application/json 143.204.215.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn123.forter.com/?u=0aa9109d66ab4fbda1784c71bb6de1fb
Requested by: Host:
URL: (program):2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-49.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9c4423aa9fe28c73080872ebf0985614b442ef149c86719cb297ad79e5720693

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 66
x-amz-cf-id: 8F8yUaHxVwMZ75_cR2m_SUHBB0itFMKSI0aKB_iq72R5YGvUOFhlrA==

GET
H2

200

7eee0b923d4a252f3b22e34818f854eba1b299032adb4164eab4670beac59446ac7f4bc7651f51e6daf44fd2a676 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/7eee0b923d4a252f3b22e34818f854eba1b299032adb4164eab4670beac59446ac7f4bc7651f51e6daf44fd2a676

0
323 B

112ms
109ms

XHR
text/plain

143.204.98.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/7eee0b923d4a252f3b22e34818f854eba1b299032adb4164eab4670beac59446ac7f4bc7651f51e6daf44fd2a676

Requested by

Protocol

Server

143.204.98.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-77.fra50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:22:26 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: -WP9Fue_OZlzj1HNSxEEe73jK2_mG_9J9VdIxuTN3ntZq4coDgX24w==

Redirect headers

date: Mon, 09 Oct 2023 14:22:26 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/7eee0b923d4a252f3b22e34818f854eba1b299032adb4164eab4670beac59446ac7f4bc7651f51e6daf44fd2a676
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: pim5f7ynV4bhpR60q5sNW_nGF0VjgTXynsMDwAZfeeqaaaMb_Sq51Q==

GET
BLOB 200
OK 25184b03-3af3-4d1f-adcd-754b23c3bb04
https://www.upwork.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/25184b03-3af3-4d1f-adcd-754b23c3bb04
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33749d1ae9b380e1ded9a55d8386b68602c4494f7a76b87696739ec89cae549e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 17365
Content-Type: application/javascript

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/0aa9109d66ab4fbda1784c71bb6de1fb/ 20 B
358 B 463ms
213ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/0aa9109d66ab4fbda1784c71bb6de1fb/prop.json?_=1696861346663
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 14:22:26 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/ 317 KB
109 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39166f9f7b0a8618f04679da1d2f6bb89ea613ce9fb2cd91d40470521cf4f226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:32:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110680
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 17:32:32 GMT

GET
H2 200 ct Show response
obs.cityrobotflower.com/ 7 KB
3 KB 368ms
126ms Script
text/javascript 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/ct?id=35075&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1696861346837&hl=2&op=0&ag=604957648&rand=537189658112295201258666017618108478263000192224250155969252042026005128280829526598&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDE1MTVdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjUsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDYsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsOSwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCw3LDAsMCwwLDAsMCwwLDAsMywwIl0sWy0xLCItIl0sWy0yLCI5LGVjWEdYMTlubnJ2Vk8ySmRsTmh4QktRa0x2U0ZkQVFCQ2xoMTRWVVZGQWxGNytDQUlxWFJCRkNFMTZGWWtvVlVwQVdoQVNJRDJrWjVOdFUrNjliLzErNTg3Y3pXUkpBUGxHbDkiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjozMzEwMDAwMCxcInVqaHNcIjoyNjAwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDkuMiwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2OTY4NjEzNDY3ODUsLTJdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDI3NCwyNzQsMCwwLDAsMCw0MDcsLTEsMCw4MzguMyw4MzguMywxNjc4LDE2NzkiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsMyxmYWxzZSx0cnVlLG51bGwsMCx0cnVlLHRydWVdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwMTAxMTAxMDAwMDAxIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIjYyMCw2NzcsMCwwLDAsNTYyLDAsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCw2ODQsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiRXVyb3BlL0Jlcmxpbixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMTAwIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCIsXCIzNDE4NDIxNzIwXCIsXCIyNDI0ODk2NTAyXCJdLFwiZFwiOltdLFwiYlwiOltdLFwic1wiOjF9Il0sWy01NSwiMSJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1E0SUFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRMWEJrUlVVMU5TVW9ERmhaV1d4ZGFVRTFBUzFaYlZrMWZWVlpPWEVzWFdsWlVGbEFXREFnUEFRd0JYd3BmQUZ4ZldnNEFBRnNOQUFwYUQxOWNXZ29OV2c0TVhWOFhVMG9EQ0FNUERBME9EUkFWV0UwWlRSZGNRVWxXUzAxS0dSRlJUVTFKU2dNV0ZsWmJGMXBRVFVCTFZsdFdUVjlWVms1Y1N4ZGFWbFFXVUJZTUNBOEJEQUZmQ2w4QVhGOWFEZ0FBV3cwQUNsb1BYMXhhQ2cxYURnPT0iXSxbLTU4LCItIl0sWy01OSwiZGVmYXVsdCJdLFstNjAsMjIzXSxbLTYxLCJ7XCJ3Z3NsXCI6XCIwO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy02MiwiODAiXSxbLTYzLCIwIl0sWy02NCwiWzAsXCJcIixbXV0iXSxbLTY1LCItIl0sWy02NiwiZ2VvbG9jYXRpb24sZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixsb2NhbGZvbnRzLHBpY3R1cmVpbnBpY3R1cmUscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsb3RwY3JlZGVudGlhbHMsY2h1YWZvcm1mYWN0b3IsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxjaGRvd25saW5rLGNocHJlZmVyc2NvbG9yc2NoZW1lLHN5bmN4aHIsY2h1YW1vZGVsLHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsa2V5Ym9hcmRtYXAsY2h1YXBsYXRmb3JtLGd5cm9zY29wZSx3aW5kb3dwbGFjZW1lbnQsY2h1YW1vYmlsZSxjaHVhLG1hZ25ldG9tZXRlcixhY2NlbGVyb21ldGVyLHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixjaHVhYXJjaCx4cnNwYXRpYWx0cmFja2luZyxpZGxlZGV0ZWN0aW9uLGNodWFwbGF0Zm9ybXZlcnNpb24sY2h3aWR0aCxjbGlwYm9hcmRyZWFkLGNodmlld3BvcnR3aWR0aCxwYXltZW50LGNodmlld3BvcnRoZWlnaHQsY2hydHQsYXV0b3BsYXksY3Jvc3NvcmlnaW5pc29sYXRlZCxoaWQsY2h1YWJpdG5lc3Msc2NyZWVud2FrZWxvY2ssY2xpcGJvYXJkd3JpdGUsY2hkZXZpY2VtZW1vcnksbWljcm9waG9uZSJdLFsiZGRiIiwiMCw5LDAsMCwxLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDEsMCwzLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwwLDAsMSwyLDE4LDAsMTgsMSwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsNiwxLDAsMCwwLDAsMCJdLFsiYm5jaCIsOTldLFsiYWJuY2giLDEwMF1d&dep=0&pre=0&sdd=%7B%7D&cri=yWHwHJLTw0&pto=1732&ver=56&gac=-&mei=&ap=&fe=1&duid=1.1696861346.GsrpNdUhXdDD5i13&suid=1.1696861346.edfEkZS6kOm6U8qJ&tuid=1.1696861346.lGM7JnnzGvaj6JKt&fbc=-&gtm=WyJPbmVUcnVzdExvYWRlZCIsIk9wdGFub25Mb2FkZWQiLCJPbmVUcnVzdEdyb3Vwc1VwZGF0ZWQiXQ%3D%3D&it=66%2C1512%2C72&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 5f6bda4a05d6929bafb354245eb9affb57e9a0ffd57b9592fb4e9c8b60e12ed1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Mon, 09 Oct 2023 14:22:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 2774
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 suit Show response
www.upwork.com/shasta/ 2 B
674 B 188ms
187ms XHR
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/shasta/suit

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/suit2-tracker/0.3.12/index.iife.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 09 Oct 2023 14:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upwork.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 8137469a0e6f3764-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 49ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KSM221PNDX&gtm=45je3a40&_p=996951922&cid=1887377686.1696861347&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696861346&sct=1&seg=0&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&dt=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&en=OneTrustGroupsUpdated&_fv=1&_nsi=1&_ss=1&ep.consent_flag=%2CC0001%2C
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-KSM221PNDX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:22:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK a47da2b6-ac5b-4c81-919a-d9bdbb20bb91
https://www.upwork.com/ 68 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/a47da2b6-ac5b-4c81-919a-d9bdbb20bb91
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aebf5e11b85a9ca6377b615fca84ca9c0db26ff5c81d59a985a864d5239926c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 68
Content-Type: application/javascript

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame 7771 382 B
1 KB 147ms
48ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.B-JjfXXjM2M.O%2Fd%3D1%2Frs%3DAHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a5a4406a6c4ae86c2eb8246034ac115370123a2736930e47c9cf98f4373bb9

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-BC3S7bz1mUz_rWvPitF9eA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upwork.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 274
content-security-policy: script-src 'nonce-BC3S7bz1mUz_rWvPitF9eA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 14:22:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame E618 280 B
1 KB 902ms
818ms Document
text/html 2a00:1450:4001:830::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

555acbb4422e7c335dd5494e2dedaaf94b1d0392e08a257fe961746da959986e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-5RJExPOz5mn_fuoGBcf5iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upwork.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-5RJExPOz5mn_fuoGBcf5iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 14:22:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 events
cdn3.forter.com/ 0
421 B 145ms
102ms Ping
text/plain 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:22:27 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dSqayWxlmdvPenpSfNANppMOHvURnRF6s4Vcn-f5jGeDdUx5IuGECw==
expires: -1

POST
H3 200 suit Show response
www.upwork.com/shasta/ 2 B
678 B 198ms
198ms XHR
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/shasta/suit

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/suit2-tracker/0.3.12/index.iife.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 09 Oct 2023 14:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upwork.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 8137469b381c3764-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

POST
H2 204 apiserving
csp.withgoogle.com/csp/ Frame 7771 0
0 142ms
52ms Other
text/html 2a00:1450:4001:82f::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/apiserving
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://content.googleapis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame 7771 18 KB
7 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.B-JjfXXjM2M.O%2Fd%3D1%2Frs%3DAHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ddfbce1effe89b3ae8d0ec2ae7a3c8a890400c7f7bd8d9347f6a372bcbf1bd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 09 Oct 2023 14:22:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7121
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "1707644a8163dc5f"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 14:22:27 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/0aa9109d66ab4fbda1784c71bb6de1fb/ 20 B
358 B 107ms
107ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/0aa9109d66ab4fbda1784c71bb6de1fb/prop.json?_=1696861347141
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 14:22:27 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/ Frame 7771 77 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19a775d860b05ea4477bd4b9a8b4905b1c7f5198b0afcf0b33733d4a153f1c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27781
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 09:18:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 28ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 09 Oct 2023 14:22:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: n8dgVLkMazgzOoW0gRJ3SPnUk34tq4/l8rQQKN8QkAJynjRQeg/44o3GBlWovU2kb2hidj34nNebQiU2A+S4jQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
80 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-972598239

Requested by

Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27459d1efc877d849741d0bdc53bfab9efd7114acffe2ea18d5e22c8e91c65f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:22:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81912
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 14:22:27 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
80 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-972598239&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCHCB8L

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

600a1007d4331b1103b1f366b3773800d9e00c14f53d2de247e61404cef3aef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:22:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81901
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 14:22:27 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 727C 44 KB
13 KB 56ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 09 Oct 2023 14:22:26 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 518E775C38B5447CB1A85B91D4ABA8C0 Ref B: FRAEDGE1312 Ref C: 2023-10-09T14:22:27Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 727C 179 KB
66 KB 77ms
76ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9982405

Requested by

Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80173918c42ce35aca5ec759a27961ab722e080f9f78daf8a5fab1c0af5fdf69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:22:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67215
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 14:22:27 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ Frame 727C 23 KB
8 KB 62ms
1ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:22:27 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 tc_imp.gif
obs.cityrobotflower.com/tracker/ 43 B
79 B 108ms
107ms Image
image/gif 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cityrobotflower.com/tracker/tc_imp.gif?e=37dfbd8ee84e001363e8cf33eb448e9a9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d148d6a2217071a10acf9f29f674186d6df517a3f18f67b7356d433da63c056305027c65a560e31555fc0bc6b4f77be26bb25cb43e2916af05165ad5f2f7a1bda53ec40f4c1d7de3cbb2807ff7ecaa8556d8e0e3143714493d60267a060b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a4938677a0d8d759e3489d5c3772aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7dab934564e78eaf278d57ff17bb8c1c974a9ac978976934929d2f8c67c4d3eda59df3f1477fe425b2b8fb2c4d26f9913f82be50eb0102419457459a9796dd8deb9725c53ad9d2b48577a37f7b7987792a99839d5868c1ef72bc11ec8556db79a278494709dc31b906cc98e92f9c8438804cc39fdbc96a9e4f552aad7a155d754e72d1eb339053dfc38035af9962ebd77cfec5b8da7c82bff55c6a65b8ee5a43cbb0055b05b3bdc46eac3b9ce25fe6e32db374a9359652d61dd1bd3ec15876baf9c7733c4b620328085d17aae3916ed200b4444e4321edb64987c75d4ebdd783e5eb3b97b9f1fff2a0f0b4090c53a419daef073b96416019a43b02342eb514f0204f9eb29f369f62d161defa71d8bb79c827534e64572d4edfd2f8c9682e4790195987918ceaf3950d1794b3be748add2069d2c066497be5838b442bb63b971ace08e93b8700999d45adf870b7d99ad88a557efdb363718864f5d5e5ea12dc2c67041986361216e8f40ecbb54b948b91da0adf9b95645f441be768f541d301a08b7b8b205f3317680e23b80fd0c54a01ab65d2bae729cb8d119e7e18ae0d612a9eeecd1759e672e98d12dc1b320343a0262f8aaecb75c85037869815a1dec1e28642de41482113f26b38549c921041bb3ce7fec13192d2ec0e5d7fbe77210804cf134cfb98ee1811977e6cd2978741c1c8a7ce5922b838a71a6b56cc4d2263c8d1044188d4ffcbe3b213e23dba73d425c18c0ad8f0f92b37ea862dde8ceaf79da7c4c7264392e7235c9d37940b9e5ae7fa5ceb8d8dab25d7debdac8f327ecde0e5ec5fd317cd0b4270187acb8e3830d563e25bd48932ab097db63b2b955ad088240bf861151904e6e6c43fc19e07766b4d3ed1c1dcbc9b2e9e13baaf363888de61750c3b3767759465e2a17d2d85e3c2d9f6e4e6faaec5438fe9985d6e24556875367409db4a0674aae0bcb02eb2930817ddcf13f2855c8689d19cc9afa216e516d05de06ef285bec8c26161898dc9ae63255a3a82948caf7c53f081436602b830e5732b0cef13a430944a37c959388fe9e7b2c696c9a6872ddb1399827c83a8&cri=yWHwHJLTw0&ts=399&cb=1696861347236
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Mon, 09 Oct 2023 14:22:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK 143d9024-6362-406e-96e9-e701c40ab6ee
https://www.upwork.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/143d9024-6362-406e-96e9-e701c40ab6ee
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 185731d68bc60d6e409e9406b50eb9d453a0f5b3f917dc54c4ad2162419e64ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK 8ea0ccd7-14e9-4fa7-911c-59d77d7a35eb
https://www.upwork.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/8ea0ccd7-14e9-4fa7-911c-59d77d7a35eb
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdff908bb718cee97033acb8c0289a9f1067c63cdd15c59e927783f077cc25a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H2 200 463930381624031 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/463930381624031?v=2.9.132&r=stable&domain=www.upwork.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5af59f8334b7310c84b9d29cd88f9bf022763cf593aca57d5446d018be1f9d0b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 09 Oct 2023 14:22:27 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 34873
x-xss-protection: 0
pragma: public
x-fb-debug: n+47O1/DFZjs2rpusdigjbp2r85yPKvbrw7vlsoHn++3t4G7YNGkd4aoYq6RWNMRoOJf42g6iTfWdxcDXOvzUg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 331000128.js Show response
bat.bing.com/p/action/ Frame 727C 0
115 B 32ms
32ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/331000128.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 09 Oct 2023 14:22:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 55B397852ED743CEA10421D89201645A Ref B: FRAEDGE1312 Ref C: 2023-10-09T14:22:27Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 727C 0
285 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=331000128&Ver=2&mid=cd849a14-27c4-4d0c-9ae0-8cd5b6a73810&sid=45eea44066af11ee93783d485b8e886f&vid=45eed1f066af11eeb73dbbb3969918b4&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&r=&lt=1&evt=pageLoad&ifm=1&sv=1&rn=213920

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 09 Oct 2023 14:22:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 68DB15D288354F4E86A927931E8CBD56 Ref B: FRAEDGE1312 Ref C: 2023-10-09T14:22:27Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rest Show response
content.googleapis.com/discovery/v1/apis/people/v1/ Frame 7771 44 KB
6 KB 82ms
82ms XHR
application/json 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/discovery/v1/apis/people/v1/rest?pp=0&fields=kind%2Cname%2Cversion%2CrootUrl%2CservicePath%2Cresources%2Cparameters%2Cmethods%2CbatchPath%2Cid

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91dfe859023049b211cd23fdafae6933653bf9a708783911c673d9d0772eda7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://www.upwork.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.149%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.149%20Safari%2F537.36
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.B-JjfXXjM2M.O%2Fd%3D1%2Frs%3DAHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Referer: https://www.upwork.com

Response headers

date: Mon, 09 Oct 2023 14:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5931
x-xss-protection: 0

GET
H2 200 rp.gif
alb.reddit.com/ Frame 727C 42 B
637 B 42ms
7ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1696861347386&id=t2_j0i56&event=Search&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=beb3011d-99d1-4f11-9293-c4547e4d3e03&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:22:27 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/0aa9109d66ab4fbda1784c71bb6de1fb/ 20 B
358 B 107ms
107ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/0aa9109d66ab4fbda1784c71bb6de1fb/prop.json?_=1696861347369
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 14:22:27 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/ 3 KB
2 KB 142ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1696861347400&cv=11&fst=1696861347400&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&auid=770014414.1696861347&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972598239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d37997a258c80fa2630f6a7a00fa9621e487fecec0b8a6c4b1288f0cbdc9ce6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:22:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1447
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/972598239/ 3 KB
2 KB 146ms
50ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/972598239/?random=1696861347419&cv=11&fst=1696861347419&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&gtm_ee=1&auid=770014414.1696861347&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972598239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

4c211133c8440d594631f97771f1b90f6edc2623e9d35a140d112e79e21c9378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:22:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1697
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 816554411748126 Show response
connect.facebook.net/signals/config/ 146 KB
37 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/816554411748126?v=2.9.132&r=stable&domain=www.upwork.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9ed6b2b3c72bba3119ab55ef96c1357cf95fe98c3db97cd69728ec151b6cb6d7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 09 Oct 2023 14:22:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37999
x-xss-protection: 0
pragma: public
x-fb-debug: QH/otJRuHR6cLnGj0JXlsoG6JKoizN327N/XYlIfZfEBjGdIAySRgLi/47gUW9mM9Oe31h4UmKA/Rn2DfiyV1Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 29ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&rl=&if=false&ts=1696861347441&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696861347440.42141835&ler=empty&it=1696861347323&coo=false&exp=a0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 09 Oct 2023 14:22:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

activityi;dc_pre=COzO7Y6V6YEDFf8MogMdc_MLMQ;src=9982405;type=conve0;cat=cheqi0;ord=710347346351;auiddc=770014414.1696861347;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=... Show response
9982405.fls.doubleclick.net/ Frame F373
Redirect Chain

https://9982405.fls.doubleclick.net/activityi;src=9982405;type=conve0;cat=cheqi0;ord=710347346351;auiddc=770014414.1696861347;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~ore...
https://9982405.fls.doubleclick.net/activityi;dc_pre=COzO7Y6V6YEDFf8MogMdc_MLMQ;src=9982405;type=conve0;cat=cheqi0;ord=710347346351;auiddc=770014414.1696861347;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;...

687 B
487 B

85ms
83ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9982405.fls.doubleclick.net/activityi;dc_pre=COzO7Y6V6YEDFf8MogMdc_MLMQ;src=9982405;type=conve0;cat=cheqi0;ord=710347346351;auiddc=770014414.1696861347;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9982405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f6.1e100.net

Software

cafe /

Resource Hash

51af888476b4e66680e0b2631078ee5e9bcb89a141fb00f8dfd7dbf37335854c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upwork.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 377
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 14:22:27 GMT
expires: Mon, 09 Oct 2023 14:22:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 14:22:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9982405.fls.doubleclick.net/activityi;dc_pre=COzO7Y6V6YEDFf8MogMdc_MLMQ;src=9982405;type=conve0;cat=cheqi0;ord=710347346351;auiddc=770014414.1696861347;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 12ms
11ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&rl=&if=false&ts=1696861347498&sw=1600&sh=1200&v=2.9.132&r=stable&ec=1&o=30&fbp=fb.1.1696861347440.42141835&ler=empty&it=1696861347323&coo=false&exp=a0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 09 Oct 2023 14:22:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 12ms
11ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=816554411748126&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&rl=&if=false&ts=1696861347500&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696861347440.42141835&ler=empty&it=1696861347323&coo=false&exp=a0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 09 Oct 2023 14:22:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 12ms
12ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=816554411748126&ev=Microdata&dl=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&rl=&if=false&ts=1696861347503&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account%22%2C%22meta%3Adescription%22%3A%22Log%20in%20to%20your%20Upwork%20account%20to%20post%20a%20job%2C%20find%20freelance%20work%2C%20and%20connect%20with%20talent%20around%20the%20globe.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.132&r=stable&ec=1&o=30&fbp=fb.1.1696861347440.42141835&ler=empty&it=1696861347323&coo=false&es=automatic&tm=3&exp=a0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 09 Oct 2023 14:22:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/972598239/ 42 B
108 B 286ms
86ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/972598239/?random=1696861347400&cv=11&fst=1696860000000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3049928061&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:22:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/972598239/ 42 B
455 B 250ms
50ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/972598239/?random=1696861347400&cv=11&fst=1696860000000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3049928061&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:22:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/972598239/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1810910708&cv=11&fst=1696861347419&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
https://www.google.com/pagead/1p-conversion/972598239/?random=1810910708&cv=11&fst=1696861347419&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Facc...
https://www.google.de/pagead/1p-conversion/972598239/?random=1810910708&cv=11&fst=1696861347419&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Facco...

42 B
108 B

52ms
51ms

Image
image/gif

2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/972598239/?random=1810910708&cv=11&fst=1696861347419&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&gtm_ee=1&auid=770014414.1696861347&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUklsQUp0c0ZwYjRwT2NFa0hBOEF6UmxUMldjbmlSWWx1V0NST2JmMXdxQ2xaRW1Cb3Q0dkEaWENoRUk4TW1PcVFZUTlmVDloWWE5NjlqZUFSSXRBTUFZSHlNQlZfRHdocndQQnd3M1NyTGgtUEJxaE9KaWJrMVRORkZHekJrY2VnYWpyRk52TDBNNFJXcnoiEwj6rumOlemBAxUzxbsIHSPFBvM&is_vtc=1&ocp_id=owwkZbrRILOK7_UPo4qbmA8&cid=CAQSKQDICaaNEHqXC2V0X5PpJqG0IhHuCykAhGJBHYeh4jaGXEzPAt8UkRHG&random=2808730571&ipr=y&ezwbk=AZuM4hAKBHlXD4K8A6Z1PjOaFSjE7P0bPzRZdHiLB0egSXYMRgoXEgme3IuZP7quvBSFssrTp-6aunEwzOK96d1peW1r

Requested by

Protocol

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:22:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:22:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/972598239/?random=1810910708&cv=11&fst=1696861347419&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Login%20-%20Log%20in%20to%20your%20Upwork%20account&gtm_ee=1&auid=770014414.1696861347&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUklsQUp0c0ZwYjRwT2NFa0hBOEF6UmxUMldjbmlSWWx1V0NST2JmMXdxQ2xaRW1Cb3Q0dkEaWENoRUk4TW1PcVFZUTlmVDloWWE5NjlqZUFSSXRBTUFZSHlNQlZfRHdocndQQnd3M1NyTGgtUEJxaE9KaWJrMVRORkZHekJrY2VnYWpyRk52TDBNNFJXcnoiEwj6rumOlemBAxUzxbsIHSPFBvM&is_vtc=1&ocp_id=owwkZbrRILOK7_UPo4qbmA8&cid=CAQSKQDICaaNEHqXC2V0X5PpJqG0IhHuCykAhGJBHYeh4jaGXEzPAt8UkRHG&random=2808730571&ipr=y&ezwbk=AZuM4hAKBHlXD4K8A6Z1PjOaFSjE7P0bPzRZdHiLB0egSXYMRgoXEgme3IuZP7quvBSFssrTp-6aunEwzOK96d1peW1r
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events
cdn3.forter.com/ 0
421 B 132ms
131ms Ping
text/plain 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:22:27 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: lhU6BlEW8m1XFSp6gAbsrHmiykvF4Xzqag78o4UyFyxNFkSdQXBedw==
expires: -1

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/4c4cc75a16ed/0aa9109d66ab4fbda1784c71bb6de1fb/ 20 B
415 B 107ms
107ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/0aa9109d66ab4fbda1784c71bb6de1fb/wpt.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 14:22:27 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/4c4cc75a16ed/0aa9109d66ab4fbda1784c71bb6de1fb/ Frame 0
0 107ms
106ms Preflight 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/0aa9109d66ab4fbda1784c71bb6de1fb/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.upwork.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Mon, 09 Oct 2023 14:22:27 GMT
Vary: Access-Control-Request-Headers

GET
H2 200 dc_pre=COzO7Y6V6YEDFf8MogMdc_MLMQ;src=9982405;type=conve0;cat=cheqi0;ord=710347346351;auiddc=*;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%...
adservice.google.com/ddm/fls/z/ Frame F373 42 B
401 B 164ms
80ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COzO7Y6V6YEDFf8MogMdc_MLMQ;src=9982405;type=conve0;cat=cheqi0;ord=710347346351;auiddc=*;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams

Requested by

Host: 9982405.fls.doubleclick.net
URL: https://9982405.fls.doubleclick.net/activityi;dc_pre=COzO7Y6V6YEDFf8MogMdc_MLMQ;src=9982405;type=conve0;cat=cheqi0;ord=710347346351;auiddc=770014414.1696861347;gtm=45fe3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9982405.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:22:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame E618 2 KB
916 B 56ms
55ms Other
text/html 2a00:1450:4001:830::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9bb13c4c58527fc60f20e49112406bbdcf7985babe47ccef445c62e942f2db9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.7_x-ro0mjKY.es5.O/d=1/rs=AOaEmlHQl78lNZJzyh0jTIy5vjCy1SCJig/ Frame E618 103 KB
35 KB 110ms
37ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.7_x-ro0mjKY.es5.O/d=1/rs=AOaEmlHQl78lNZJzyh0jTIy5vjCy1SCJig/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

411df6283c93c77b1475d79c2c4b19bb31e92d7b28c4c64761be36ddceb64e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36083
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 02:45:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 09:10:25 GMT

GET
H/1.1 200
OK upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 67C6 2 KB
2 KB 42ms
9ms Image
image/png 52.222.206.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ab/account-security/login?redir=%2Fab%2Freports%2Fclient%2Ftimesheet%2F%3FcompanyReference%3D881683933189431296%26range%3D20231002-20231008%26hours_logged%3Dhours_online%252Chours_offline%26team%3Dall_teams
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-19.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fa952d9b6d3e241177a6da103960eb749e30d3e84c25f1d98fb1b2219ab1864

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 13:16:38 GMT
x-amz-version-id: d6N_UYHUv2f.lf8yVQQ3CdauiMsM0ICM
Via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Jun 2021 18:49:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P3
Age: 2336751
ETag: "ff48a3c94b69990d5044c0b3b202dd9e"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=315360000, no-transform, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1678
X-Amz-Cf-Id: IvLogLUYfINWuJ1LVeZyAB-_QpYk2C1FJ0NkghEiYgA6d4TixxFYyw==

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame E618 49 B
94 B 39ms
38ms XHR
application/json 2a00:1450:4001:830::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.upwork.com&client_id=936450902531-r6k5fu4tni53b4f0o2r8e2ck49egnok0.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.7_x-ro0mjKY.es5.O/d=1/rs=AOaEmlHQl78lNZJzyh0jTIy5vjCy1SCJig/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bxkV6nmrzx3-iCZK0nWPZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-bxkV6nmrzx3-iCZK0nWPZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
x-content-type-options: nosniff
date: Mon, 09 Oct 2023 13:38:55 GMT
content-encoding: gzip
age: 2613
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 09 Oct 2023 14:38:55 GMT

POST
H/1.1 200
OK prop.json
0aa9109d66ab4fbda1784c71bb6de1fb-4c4cc75a16ed.cdn.forter.com/ 2 B
622 B 421ms
101ms Ping
application/json 100.26.87.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://0aa9109d66ab4fbda1784c71bb6de1fb-4c4cc75a16ed.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 100.26.87.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-87-64.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 09 Oct 2023 14:22:28 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Mon, 09 Oct 2023 12:07:35 GMT
Server: Apache
ETag: "2-607476f8bf8ee"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
147 B 110ms
110ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Mon, 09 Oct 2023 14:22:28 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
16 B 109ms
109ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Mon, 09 Oct 2023 14:22:28 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET icon24.png
gighmmpiobklfepjocnamgkkbiglidom/icons/ Frame 7384 0
0

GET close-icon.svg
ihcjicgdanjaechkgeegckofjjedodee/app/assets/ Frame E5A9 0
0

GET
H2 200 logo_small.gif
df45ay5pw60dy.cloudfront.net/ 43 B
384 B 48ms
8ms Image
image/gif 2600:9000:2251:3400:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_small.gif?dfpadname=&check=1696861349054
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3400:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 11:06:48 GMT
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 1134942
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 3tK9UZp3-Xr5hxYKe2CFeKNct9wA6M8BnlS6BBnVSkINAsYUFI6REQ==

GET
H2 200 logo_medium.gif
df45ay5pw60dy.cloudfront.net/ 43 B
383 B 49ms
9ms Image
image/gif 2600:9000:2251:3400:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_medium.gif?check=1696861349054&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3400:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 04:37:26 GMT
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 985504
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: Ai9EALvqa9pxibvNHowUpSKbjrkd3ruyWphMTjkgO2J1aIcKq-dRkQ==

GET
H2 200 logo_large.gif
df45ay5pw60dy.cloudfront.net/ 43 B
383 B 49ms
9ms Image
image/gif 2600:9000:2251:3400:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_large.gif?1696861349054&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3400:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:31:06 GMT
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 525084
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 7y4tt3GrRVl91ZYA_IzW_VMlV-5beI-hh6BOwcBjbL3DI0fDhgtNEA==

GET icon16.png
mlomiejdfkolichcflejclcbmpeaniij/app/images/ Frame 00AA 0
0

POST
H3 200 events
cdn3.forter.com/ 0
308 B 102ms
101ms Ping
text/plain 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

QUIC, , AES_128_GCM

Server

143.204.98.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-111.fra50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 14:22:30 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: e7t8z98-ff6lLXJl7wAOE0yzyDDxA9ZBFPzFIlxMnzxVnFdB6xjdPQ==
expires: -1

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
39 B 115ms
114ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Mon, 09 Oct 2023 14:22:30 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST mon
obs.cityrobotflower.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gighmmpiobklfepjocnamgkkbiglidom
URL: chrome-extension://gighmmpiobklfepjocnamgkkbiglidom/icons/icon24.png

Domain: ihcjicgdanjaechkgeegckofjjedodee
URL: chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/assets/close-icon.svg

Domain: mlomiejdfkolichcflejclcbmpeaniij
URL: chrome-extension://mlomiejdfkolichcflejclcbmpeaniij/app/images/icon16.png

Domain: obs.cityrobotflower.com
URL: https://obs.cityrobotflower.com/mon

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.upwork.com/	1970-01-21 00:08:03	Name: visitor_id Value: 185.213.155.157.1696861345279000
www.upwork.com/	1970-01-20 15:31:06	Name: __cflb Value: 02DiuEXPXZVk436fJfSVuuwDqLqkhavJavQHML5ufEFtw
.upwork.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: ab851c3e6f24c9cc93b793e093f81613
www.upwork.com/	1969-12-31 23:59:59	Name: cookie_prefix Value:
www.upwork.com/	1969-12-31 23:59:59	Name: cookie_domain Value: .upwork.com
.static-upwork.com/	1970-01-20 15:21:03	Name: __cf_bm Value: O_YVYvkIthCJFlUzRPuKV1UWw7v8cZclsoIWiH7sEoA-1696861346-0-AWp3QY2rPud2I56LO6mjHmNRPx+BIV0z0FMyAFMKpVWqs5gsL2xuLqyLugeAVqV+TLessE3o8OzYuau8Lxlu1LA=
.upwork.com/	1970-01-20 19:40:13	Name: umq Value: 1600
mpsnare.iesnare.com/	1970-01-21 00:06:37	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: et7PWMXif4J69KMYHWlXbf7+YSUgjSta2rolWPGyBls=
.upwork.com/	1970-01-21 00:06:37	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Oct+09+2023+16%3A22%3A26+GMT%2B0200+(Central+European+Summer+Time)&version=202305.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=d3025c07-ce27-4622-b136-e6084e131c3d&interactionCount=0&landingPath=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fab%252Freports%252Fclient%252Ftimesheet%252F%253FcompanyReference%253D881683933189431296%2526range%253D20231002-20231008%2526hours_logged%253Dhours_online%25252Chours_offline%2526team%253Dall_teams&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
first.iovation.com/	1970-01-21 00:06:37	Name: fp_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: xncr48GthEZNIpYiYTXK4mmDyH0NUrqLMIJiAt2ykzk=
www.upwork.com/	1969-12-31 23:59:59	Name: enabled_ff Value: CI11132Air2Dot75,!CLOBJNAIR3,!CI10270Air2Dot5QTAllocations,!pxFAA3,!CLOBSNAIR3,air2Dot76,!RMTAir3Home,!i18nGA,CI9570Air2Dot5,TONB2256Air3Migration,i18nOn,!TONB3476Air3Migration,!JPAir3,!CI10857Air3Dot0,OTBnrOn,!CI12577UniversalSearch,!FLSAir3,!MP16400Air3Migration,!air2Dot76Qt,!RMTAir3Talent,!RMTAir3Hired,!SSINavUser
.upwork.com/	1970-01-20 15:22:27	Name: asct_vt Value: oauth2v2_9f4d2c00a0a945750069a13026ddda76
.upwork.com/	1970-01-20 15:21:05	Name: ftr_blst_1h Value: 1696861346582
.google.com/	1970-01-20 19:44:32	Name: NID Value: 511=E7A-XHk02LLq5aBbucDzSee_UQykXgSHwuBTpicOdS-DmQBoDNldX34CwaAmoQdlg-ehPfJV1Eanjgj7aJME_J1Ga-HX--W_bScbxNSA0oy4N2hj1WsanSAXq_ElEwuk8AzizqpPN8yCE3xeJC7X9CMXG7oJqhBV4CFGiQQhBto
.upwork.com/	1970-01-20 15:21:03	Name: _upw_ses.5831 Value: *
.upwork.com/	1970-01-20 17:32:25	Name: _cq_duid Value: 1.1696861346.GsrpNdUhXdDD5i13
.upwork.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1696861346.edfEkZS6kOm6U8qJ
.upwork.com/	1970-01-21 00:57:01	Name: _upw_id.5831 Value: c14b69df-4f67-49da-8bfb-4a69ee977fbc.1696861347.1.1696861347..55bd661c-fc46-4faf-88d5-f068de951551..0a68ca72-776d-4eb9-9b56-054ec856afb7.1696861346874.3
.upwork.com/	1970-01-21 00:57:01	Name: _ga_KSM221PNDX Value: GS1.1.1696861346.1.0.1696861346.0.0.0
.upwork.com/	1970-01-21 00:57:01	Name: _ga Value: GA1.1.1887377686.1696861347
.www.upwork.com/	1970-01-21 00:57:01	Name: G_ENABLED_IDPS Value: google
.upwork.com/	1970-01-21 00:06:37	Name: spt Value: f7a4e33d-359d-4143-b9dd-84e5ff946a1d
obs.cityrobotflower.com/	1970-01-20 23:24:51	Name: cg_uuid Value: 84efff03834bc8517b0e4e8fa4a06200
www.upwork.com/	1970-01-20 15:31:06	Name: AWSALB Value: WovSK3zdNsd7gL9ZLtEUHEuQwc/d0nzrrQQ67Q6+6SsvdETyQ+ZmnVREjLAIp/XJtIUtV2J5sJeyW3F+oDrWIpCyGenW0J6GpgTl5CO9EYhUhz++wSHadZIZgqs3
www.upwork.com/	1970-01-20 15:31:06	Name: AWSALBCORS Value: WovSK3zdNsd7gL9ZLtEUHEuQwc/d0nzrrQQ67Q6+6SsvdETyQ+ZmnVREjLAIp/XJtIUtV2J5sJeyW3F+oDrWIpCyGenW0J6GpgTl5CO9EYhUhz++wSHadZIZgqs3
.upwork.com/	1970-01-21 00:57:01	Name: forterToken Value: 0aa9109d66ab4fbda1784c71bb6de1fb_1696861346188__UDF43-m4_14ck
.upwork.com/	1970-01-20 15:22:27	Name: _uetsid Value: 45eea44066af11ee93783d485b8e886f
.upwork.com/	1970-01-21 00:42:37	Name: _uetvid Value: 45eed1f066af11eeb73dbbb3969918b4
.upwork.com/	1970-01-20 17:30:37	Name: _rdt_uuid Value: 1696861347385.beb3011d-99d1-4f11-9293-c4547e4d3e03
.bing.com/	1970-01-21 00:42:37	Name: MUID Value: 324668F88121631E3DD57B5D80F36237
.upwork.com/	1970-01-20 17:30:37	Name: _gcl_au Value: 1.1.770014414.1696861347
.upwork.com/	1970-01-20 17:30:37	Name: _fbp Value: fb.1.1696861347440.42141835
.doubleclick.net/	1970-01-21 00:42:37	Name: IDE Value: AHWqTUktlqg4jFHBfoB2uOKMcUMzW4g79pJ0v2l12DfqLpJzyWBPMX_Fk8ifwu1l
.upwork.com/	1970-01-20 15:21:03	Name: __cf_bm Value: 07TO_Onai2tpfcsujQCPidEgQtth1VGIyRnkR1hrRKU-1696861348-0-AW6pBuO4tjA1AHFtqaZGTtZB9vZkFI/1cBqwWCNE9ABD3Bi4f0NAsiU5GthOZPWGdXtpHdBYlVP6CFszL0DlMUc=
.upwork.com/	1969-12-31 23:59:59	Name: _cfuvid Value: HzgqB3IqlZz.NzIbeKfsrbnVnQYYUG0KEJ_BGC6KNdc-1696861348294-0-604800000

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs(Line 186) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
worker	verbose	URL: blob:https://www.upwork.com/143d9024-6362-406e-96e9-e701c40ab6ee(Line 1) Message: Error
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0aa9109d66ab4fbda1784c71bb6de1fb-4c4cc75a16ed.cdn.forter.com
4c4cc75a16ed.cdn4.forter.com
9982405.fls.doubleclick.net
accounts.google.com
adservice.google.com
alb.reddit.com
apis.google.com
appleid.cdn-apple.com
assets.static-upwork.com
bat.bing.com
cdn.cookielaw.org
cdn0.forter.com
cdn123.forter.com
cdn3.forter.com
cdn9.forter.com
connect.facebook.net
content.googleapis.com
csp.withgoogle.com
d6tizftlrpuof.cloudfront.net
df45ay5pw60dy.cloudfront.net
first.iovation.com
geolocation.onetrust.com
gighmmpiobklfepjocnamgkkbiglidom
googleads.g.doubleclick.net
ihcjicgdanjaechkgeegckofjjedodee
mlomiejdfkolichcflejclcbmpeaniij
mpsnare.iesnare.com
ob.cityrobotflower.com
obs.cityrobotflower.com
region1.google-analytics.com
w.usabilla.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
www.redditstatic.com
www.upwork.com
gighmmpiobklfepjocnamgkkbiglidom
ihcjicgdanjaechkgeegckofjjedodee
mlomiejdfkolichcflejclcbmpeaniij
obs.cityrobotflower.com
100.26.87.64
104.18.90.237
143.204.215.49
143.204.98.111
143.204.98.77
151.101.65.140
172.217.16.194
172.217.18.6
184.30.208.159
2001:4860:4802:34::36
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:2156:fa00:2:7cf7:d580:93a1
2600:9000:2251:3400:10:f40e:dd80:21
2606:4700:4400::ac40:9b77
2606:4700::6810:ddbf
2606:4700::6812:83ec
2620:1ec:c11::200
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2011
2a00:1450:4001:830::2008
2a00:1450:4001:830::200d
2a00:1450:4001:831::200e
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42::396
34.192.191.43
52.129.66.1
52.17.203.67
52.222.206.19
54.195.39.4
99.86.4.56
011839fcf77e3ad7530712fc8e93cdb7bcfcd803522d7b1547d35b0da4bf5515
01abb26cf10b2693f130f6445800248cfd88b5ba4fd384745022ea40fb9aa11b
067c626e1e8cceceeb670a4973a49c3b4e505c65372e63af26ad5242ae0d8cbb
0da516ca4ab4573b94b0608a79aba072f4e8b8237b482ab27a750516a7c060d9
0de91372f759ab1696cd7131b3a4e3eb7f1e3f03fdeb703041afdd31aaac1887
13b7791c9d1babb39da7bfc4b5ece67f9af35abafc7b2523ff0cda81c4dec6c5
185731d68bc60d6e409e9406b50eb9d453a0f5b3f917dc54c4ad2162419e64ec
19a775d860b05ea4477bd4b9a8b4905b1c7f5198b0afcf0b33733d4a153f1c5e
1a24997a7d87de464160e9a840d0edef880d6714ba52e14143f1ff6dcaa159d8
1bc5ebd1927dd5e7cb42cb9bd957ab0af80263e096ae6165a6708abad541c4f2
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27459d1efc877d849741d0bdc53bfab9efd7114acffe2ea18d5e22c8e91c65f0
2748946e225bc1f48d56081c7cb2725c44887982d353814f3a0e4f68d7a33082
2f11a5008f6b38a19dbdc4839557c62ce408d84885dc3e2e4eab7ba8bcdecd96
2fa952d9b6d3e241177a6da103960eb749e30d3e84c25f1d98fb1b2219ab1864
3209f3d5a6ca288070838e54eb088847db3827c63d4553e00ebb6bedfb6f16f7
32d3c18a9fe3d6105b750e0d35ad3d7484b3a66ce533ef9e8df894ec3cc1034a
33749d1ae9b380e1ded9a55d8386b68602c4494f7a76b87696739ec89cae549e
346d5450ced0fe2d0927cf36ea963827348811fbeed3f0a1e82654430b136b5e
35f45da8f88cbc7d99ae51c09fca29733f4f031d4b2cfcd62f5510454e05b8c0
39166f9f7b0a8618f04679da1d2f6bb89ea613ce9fb2cd91d40470521cf4f226
3b45c6cd9209d6f0f4c59e7a3b7db80a0f642898d4728fef9252155a6d264427
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c
4011b414009c3d354ac57c07ace4ec680974d91f140b3733f1445b251d9e0c06
411df6283c93c77b1475d79c2c4b19bb31e92d7b28c4c64761be36ddceb64e2b
44044aa7e92e15c4dd67e41310e05a71d0c3f87be7cb33fa23c1752e8e6afc0d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4aebf5e11b85a9ca6377b615fca84ca9c0db26ff5c81d59a985a864d5239926c
4c211133c8440d594631f97771f1b90f6edc2623e9d35a140d112e79e21c9378
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51a4efb0190a90c41634786089e3d7ac6505ab713494735c400fa1c0baf276ca
51af888476b4e66680e0b2631078ee5e9bcb89a141fb00f8dfd7dbf37335854c
555acbb4422e7c335dd5494e2dedaaf94b1d0392e08a257fe961746da959986e
5769ac850e7ea786e67148267ccded182fff0134a22c8890ebb18594e071c2cd
58dcdc6a8ea111ea6e48841e189dcdb20b3d99200a1f75eb34d43d869941f551
5922eb32f48e966d41e775f09b1945cc20c3ef920121964e0258d95f44a1f753
5a4a16fa3036e271376d3ceeef56a5f49dff42ea2560c18099177be8d46fe076
5af59f8334b7310c84b9d29cd88f9bf022763cf593aca57d5446d018be1f9d0b
5b7dd38f34642aa965663deaaff1c9908a7e64dbe29c304bf93245a3cb7eac8e
5e0fad370e50e89b4c84738050440070d6a9723aca47f1f6070b02ce21d22ef5
5f6bda4a05d6929bafb354245eb9affb57e9a0ffd57b9592fb4e9c8b60e12ed1
5ff3cce51d2589f2288391c152c93cd3aa195b3071c2e78aab24633e4a639ef9
600a1007d4331b1103b1f366b3773800d9e00c14f53d2de247e61404cef3aef3
71ddfbce1effe89b3ae8d0ec2ae7a3c8a890400c7f7bd8d9347f6a372bcbf1bd
72a5a4406a6c4ae86c2eb8246034ac115370123a2736930e47c9cf98f4373bb9
72e9e3a3d67504b4790f56d7a644cb1417b421f2f08aa4be9757f0cfabbe1edc
7a3b2912b30926fea8e9ef820c051ba782a775a3b173a4999bb7dd61f619cd83
7bdfd46cdac7d6e9a54b7e63d8c43cce2a82269cc72c3a2cb471eab955240a5b
7c9217d3c5db14ae809d3d33808d564972d119b91bb2e721da6fe97ea0b01df2
7caf751ab1de54c4cca3e86eab021b3efe4c02cfdda86319d5d084fddfe18c7b
7e7ae37c4da26c58fbc7e2fc594d22f56f4ad35c1ebf60808fb597640060eac4
7f5616fe9643b8bdd0bc262f841e1a4aee2511ad0c18b15ca9c30b4054534a1e
80173918c42ce35aca5ec759a27961ab722e080f9f78daf8a5fab1c0af5fdf69
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
8392acacde68221a87fcd55491814d4b23cb35bc0c446b4814bd3617e7f1e276
89ae04fd8bea45575af55e23ccf41fad3bf1e4c91d0837caae9875d7c9549764
8fcc7290edee7f7bbfd33c1d9b87e29dbb8a621716a50901fb442ba60b40bae8
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
91dfe859023049b211cd23fdafae6933653bf9a708783911c673d9d0772eda7f
9381678f627e59b81b52c75e63849296b455eadac7575b4f92d2d352768bc5d5
962e6b70624f65fde720ccc3028916c847a3991be416d2af4eddc63a8ee76816
97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144
989fb15fdaa724bb1826f080b3481d8c48fa759ac8f465377608a78ed61fd484
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9bb13c4c58527fc60f20e49112406bbdcf7985babe47ccef445c62e942f2db9a
9c4423aa9fe28c73080872ebf0985614b442ef149c86719cb297ad79e5720693
9ed6b2b3c72bba3119ab55ef96c1357cf95fe98c3db97cd69728ec151b6cb6d7
a167c9bf00b158439b44263cfc210918b0b44ebf83f1b7487a60b1c26c28508f
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
acef66aedae7e0afd63e2ccff87ded4a6698196eac30ca48a84e2df2bb96a7dd
af732d3734b7440bc30acae4db343a038c88f49f7cd817ebf5e174e8a253bb76
b79b40b0e06d3ec3e87f261726393afd0dc984a3025f89b692f0672f72a58959
b83fa7957f3a8e96e662474645ef5e6011220e1a69a480d88d3cdb5585476313
bdff908bb718cee97033acb8c0289a9f1067c63cdd15c59e927783f077cc25a3
c20fa71c32d2c6bbeda3b4b1f528362badd6d234ca3c0d54e13754c4aa20e2a1
c68762d35c507541d82f7f052279a5d8d94dbfb22fd8104578b917528c1a861a
c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029
c8463eb516facb61e3a1a4aa9bf9c1830723e7371186f600f17a1c3743c75103
c9bb09945dc01e8d0ca3c6ee341c234c9ad5d39c4c3a995bf8b2e2ea02b542e8
cb0f4bdb007423042bd58e6b18ed58943b6c8c44a129eda79d26294b69e7dbc1
cb44a0e302a5ed9a18ebb001b18c125a1f66f0ba8357e76c7bcdbdf563ec903e
ce2aaad7dccffb5a5a713eff553e8c46df7e5af5e57948af3c39cb59f410feac
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d23dd5abe73f0b6fd94843e4f84186209ac872dc9c334313dad352d915d74888
d37997a258c80fa2630f6a7a00fa9621e487fecec0b8a6c4b1288f0cbdc9ce6e
da27b74e59c9c1b13cd910c5c3746fd2b68d6e503549d5af50a53b8143e2052f
da63d99ef1b1247b3c0d31767ee3f94a9a0685a78c13dc13ba50c061aa253eac
dfa40a7e1a1a68593dc4b35bf6eafa143b8b1247c38661f41c492a42c643296d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594
edca229525f5ad52ee9522961d15a7a5a30558ec4f860bcb343042e71c0a4f2d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff53a84e6cab9f5c6c47d38692f3474795fec852e24f91c0a2c1b70e28d2eaa
f4ec7bd4031c9bff1c87fda651fb21aca8924995eacb86bc973bf75506c998c3
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

www.upwork.com Open in urlscan Pro 104.18.90.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

88 %HTTPS

59 %IPv6

27 Domains

40 Subdomains

38 IPs

4 Countries

2194 kBTransfer

6790 kBSize

35 Cookies

0 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.upwork.com Open in urlscan Pro
104.18.90.237 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

88 %
HTTPS

59 %
IPv6

27
Domains

40
Subdomains

38
IPs

4
Countries

2194 kB
Transfer

6790 kB
Size

35
Cookies

130 HTTP transactions
1 data transactions