www.upwork.com Open in urlscan Pro
104.18.90.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sompo.upwork.com/
Effective URL:
https://www.upwork.com/ent/portal/sompo/
Submission: On June 15 via api (June 15th 2024, 5:10:48 pm UTC) from US — Scanned from DE

Summary HTTP 114 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 18 domains to perform 114 HTTP transactions. The main IP is 104.18.90.237, located in and belongs to CLOUDFLARENET, US. The main domain is www.upwork.com. The Cisco Umbrella rank of the primary domain is 52599.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 1st 2024. Valid for: a year.

This is the only time www.upwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 56	104.18.90.237 104.18.90.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.92.227.98 52.92.227.98	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.129.66.124 52.129.66.124	16509 (AMAZON-02) (AMAZON-02)
4	54.228.71.178 54.228.71.178	16509 (AMAZON-02) (AMAZON-02)
1	54.171.39.250 54.171.39.250	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:235... 2600:9000:2359:1800:2:7cf7:d580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.16.17.72 104.16.17.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:264... 2600:9000:2644:1c00:f:1b37:e600:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f18:e8a... 2600:1f18:e8a:cd06:e361:a2ce:b047:17c	14618 (AMAZON-AES) (AMAZON-AES)
1	18.245.31.61 18.245.31.61	16509 (AMAZON-02) (AMAZON-02)
1 2	2600:9000:275... 2600:9000:275b:5c00:e:d088:5c40:93a1	16509 (AMAZON-02) (AMAZON-02)
5	34.192.191.43 34.192.191.43	14618 (AMAZON-AES) (AMAZON-AES)
3	13.225.78.129 13.225.78.129	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
1 2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
2	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
1	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
6	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.234.25.89 3.234.25.89	14618 (AMAZON-AES) (AMAZON-AES)
1	54.231.160.136 54.231.160.136	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:225... 2600:9000:2250:e800:1d:9f28:ff00:21	16509 (AMAZON-02) (AMAZON-02)
114	26

56 104.18.90.237 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

sompo.upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.92.227.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)

upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.129.66.124 (United States)

ASN16509 (AMAZON-02, US)

first.iovation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.228.71.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.39.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-39-250.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2359:1800:2:7cf7:d580:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.cityrobotflower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.17.72 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.static-upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:1c00:f:1b37:e600:93a1 (United States)

ASN16509 (AMAZON-02, US)

4c4cc75a16ed.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:e8a:cd06:e361:a2ce:b047:17c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cityrobotflower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-61.fra56.r.cloudfront.net

cdn123.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275b:5c00:e:d088:5c40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.192.191.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-191-43.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-129.fra2.r.cloudfront.net

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.196 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.25.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-25-89.compute-1.amazonaws.com

81522ed340604032ab2a34917fa8d957-4c4cc75a16ed.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.160.136 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2250:e800:1d:9f28:ff00:21 (United States)

ASN16509 (AMAZON-02, US)

duuytoqss3gu4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	upwork.com 5 redirects sompo.upwork.com www.upwork.com — Cisco Umbrella Rank: 52599	687 KB
13	forter.com 1 redirects 4c4cc75a16ed.cdn4.forter.com — Cisco Umbrella Rank: 124767 cdn123.forter.com — Cisco Umbrella Rank: 14465 cdn9.forter.com — Cisco Umbrella Rank: 5137 cdn0.forter.com — Cisco Umbrella Rank: 4640 cdn3.forter.com — Cisco Umbrella Rank: 4159 81522ed340604032ab2a34917fa8d957-4c4cc75a16ed.cdn.forter.com	204 KB
7	cityrobotflower.com ob.cityrobotflower.com — Cisco Umbrella Rank: 147478 obs.cityrobotflower.com — Cisco Umbrella Rank: 93232	41 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	139 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	6 KB
4	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 6192	22 KB
3	cloudfront.net duuytoqss3gu4.cloudfront.net	840 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	79 KB
3	iovation.com first.iovation.com — Cisco Umbrella Rank: 91544	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	310 KB
3	amazonaws.com upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 356269 s3.amazonaws.com	31 KB
2	google.de www.google.de — Cisco Umbrella Rank: 8196	128 B
2	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 5	48 B
2	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 63	48 B
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 135	2 KB
1	static-upwork.com assets.static-upwork.com — Cisco Umbrella Rank: 131765	1 KB
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 6066	91 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 638	295 B
114	18

	Domain	Requested by
55	www.upwork.com	4 redirects www.upwork.com
7	cdn.cookielaw.org	www.upwork.com cdn.cookielaw.org
6	www.facebook.com	www.upwork.com
6	obs.cityrobotflower.com	ob.cityrobotflower.com www.upwork.com
5	cdn0.forter.com
4	mpsnare.iesnare.com	www.upwork.com mpsnare.iesnare.com
3	duuytoqss3gu4.cloudfront.net
3	connect.facebook.net	ob.cityrobotflower.com connect.facebook.net
3	cdn3.forter.com
3	first.iovation.com	www.upwork.com
3	www.googletagmanager.com	www.upwork.com www.googletagmanager.com
2	www.google.de	www.upwork.com
2	www.google.com	2 redirects
2	googleads.g.doubleclick.net	2 redirects
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	cdn9.forter.com	1 redirects www.upwork.com
2	upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com	www.upwork.com
1	s3.amazonaws.com	www.upwork.com
1	81522ed340604032ab2a34917fa8d957-4c4cc75a16ed.cdn.forter.com
1	cdn123.forter.com
1	4c4cc75a16ed.cdn4.forter.com	www.upwork.com
1	assets.static-upwork.com	www.googletagmanager.com
1	ob.cityrobotflower.com	www.googletagmanager.com
1	w.usabilla.com	www.upwork.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	sompo.upwork.com	1 redirects
114	26

This site contains links to these domains. Also see Links.

Domain
hello.upwork.com
support.upwork.com
community.upwork.com
investors.upwork.com
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
*.upwork.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-01` - `2025-05-02`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-05-15` - `2025-05-13`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2024-05-06` - `2025-05-20`	a year	crt.sh
w.usabilla.com Amazon RSA 2048 M02	`2023-12-12` - `2025-01-09`	a year	crt.sh
*.cityrobotflower.com Amazon RSA 2048 M02	`2023-07-17` - `2024-08-15`	a year	crt.sh
static-upwork.com E6	`2024-06-09` - `2024-09-07`	3 months	crt.sh
*.cdn4.forter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-28` - `2024-12-15`	a year	crt.sh
cdn123.forter.com Amazon RSA 2048 M02	`2024-06-10` - `2025-07-09`	a year	crt.sh
cdn0.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-22`	a year	crt.sh
cdn3.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-25` - `2024-06-23`	3 months	crt.sh
*.googleadservices.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.cdn.forter.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-11-23` - `2024-07-22`	8 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.upwork.com/ent/portal/sompo/
Frame ID: CAAF714093C95FAD852FC14CD8F3BE3A
Requests: 110 HTTP requests in this frame

Frame: https://www.upwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: 6BA822F8710A1707433292E07206D7EE
Requests: 2 HTTP requests in this frame

Frame: https://w.usabilla.com/202452b9c34b.js?lv=1
Frame ID: D6ECDE0304D393B9CE18D32202EA2F18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Upwork Enterprise Portal

Page URL History Show full URLs

https://sompo.upwork.com/ HTTP 301
https://www.upwork.com/ent/portal/sompo/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

114
Requests

89 %
HTTPS

37 %
IPv6

18
Domains

26
Subdomains

26
IPs

4
Countries

1540 kB
Transfer

4820 kB
Size

29
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://hello.upwork.com/c/colinkruegerupwork-com
Title: Book time

Search URL Search Domain Scan URL

URL: https://support.upwork.com/hc/en-us
Title: Help & Support

Search URL Search Domain Scan URL

URL: https://community.upwork.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://investors.upwork.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.facebook.com/upwork
Title: Visit Upwork on Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/upwork
Title: Read Upwork company news on LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/Upwork
Title: Follow @Upwork on Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCvxGFOnwUBDHHcxuPqhe4CQ
Title: Watch Upwork videos on YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/upwork/
Title: Follow Upwork on Instagram

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/developer/upwork-global-inc/id329377609
Title: Download Upwork app from iTunes

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/dev?id=8802639270489632480
Title: Download Upwork app from Google Play

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sompo.upwork.com/ HTTP 301
https://www.upwork.com/ent/portal/sompo/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://www.upwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.upwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

Request Chain 53

https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Request Chain 65

https://www.upwork.com/iojs/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Request Chain 72

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/76be5f993e1f78783924b41a18ae05bda1e19c5a2d8c4f64bfb03057ebcdc713ac7f4acf6b1350e6ddf449d0a171

Request Chain 77

https://www.upwork.com/iojs/5.7.0/logo.js HTTP 301
https://first.iovation.com/5.7.0/logo.js

Request Chain 81

https://www.googleadservices.com/pagead/conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=223063109&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIpaSv_ozehgMVv_E7Ah0b9QSCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=223063109&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIpaSv_ozehgMVv_E7Ah0b9QSCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLeWAl0wKuoMJMw7pp9WQ62zVc0cfDPQ&random=1384773813 HTTP 302
https://www.google.de/pagead/1p-conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=223063109&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIpaSv_ozehgMVv_E7Ah0b9QSCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLeWAl0wKuoMJMw7pp9WQ62zVc0cfDPQ&random=1384773813&ipr=y

Request Chain 89

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1613276410&cv=11&fst=1718471441012&bg=ffffff&guid=ON&async=1&gtm=45be46c0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fsompo%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=1602459754.1718471441&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcjtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIr72z_ozehgMVqOg7Ah2YtgzkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/972598239/?random=1613276410&cv=11&fst=1718471441012&bg=ffffff&guid=ON&async=1&gtm=45be46c0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fsompo%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=1602459754.1718471441&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcjtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIr72z_ozehgMVqOg7Ah2YtgzkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLocvuTmbARmfZjf9Zo3BkNgM1DCGthQ&random=715359444 HTTP 302
https://www.google.de/pagead/1p-conversion/972598239/?random=1613276410&cv=11&fst=1718471441012&bg=ffffff&guid=ON&async=1&gtm=45be46c0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fsompo%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=1602459754.1718471441&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcjtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIr72z_ozehgMVqOg7Ah2YtgzkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLocvuTmbARmfZjf9Zo3BkNgM1DCGthQ&random=715359444&ipr=y

114 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.upwork.com/ent/portal/sompo/
Redirect Chain

https://sompo.upwork.com/
https://www.upwork.com/ent/portal/sompo/

391 KB
63 KB

435ms
425ms

Document
text/html

104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0a6f1d21ce58a788893c332bcf25e3cb1699cd6e7236dca66efad438fd61c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	https://feedback.usabilla.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89442cb77dc13671-FRA
content-encoding: br
content-security-policy-report-only: report-to csp-endpoint
content-type: text/html; charset=utf-8
date: Sat, 15 Jun 2024 17:10:38 GMT
referrer-policy: origin-when-cross-origin
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
server: cloudflare
server-timing: api;dur=83, app;dur=128
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding Accept-Encoding
vnd-eo-trace-id: 89442cb77dc13671-FRA
x-content-type-options: nosniff
x-frame-options: https://feedback.usabilla.com/
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 89442cb63c143671-FRA
content-length: 0
date: Sat, 15 Jun 2024 17:10:37 GMT
location: https://www.upwork.com/ent/portal/sompo/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 neue-montreal-variable.woff2
www.upwork.com/static/fonts-global/4.5.1/ 146 KB
146 KB 102ms
100ms Font
font/woff2 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/fonts-global/4.5.1/neue-montreal-variable.woff2

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5819f69ba452021469f51c1f676e0b084f1a419a9a8b95d52b4a9792e2ee1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 417131
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 149280
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 21 May 2024 11:37:05 GMT
server: cloudflare
vnd-eo-trace-id: 887c93fd8c967779-SJC
etag: "943fa01dcc256cd657ed3cff5967ede5"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89442cba49fd3671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 vue.runtime.2.7.18.min.js Show response
www.upwork.com/static/vue-libs/ 75 KB
28 KB 126ms
125ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vue.runtime.2.7.18.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c441b981fda3e107addae8e98379918bf5fc91853eb229245bccdbb1d2ad6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8070043
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 01 Mar 2024 07:26:03 GMT
server: cloudflare
vnd-eo-trace-id: 8632e4089962c3cb-SJC
etag: W/"125fd6ecc586077f6523320c15a7b40d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba4a003671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 vuex.3.6.2.min.js Show response
www.upwork.com/static/vue-libs/ 12 KB
4 KB 127ms
125ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vuex.3.6.2.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8123257
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 01 Mar 2024 07:26:03 GMT
server: cloudflare
vnd-eo-trace-id: 862d40856cb4173a-SJC
etag: W/"9190541d2b0b2827d8f9a2b436ffdc3f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba4a023671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 vue-i18n.8.28.2.min.js Show response
www.upwork.com/static/vue-libs/ 28 KB
9 KB 99ms
98ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vue-i18n.8.28.2.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4a16fa3036e271376d3ceeef56a5f49dff42ea2560c18099177be8d46fe076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 348232
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 27 Oct 2023 06:53:42 GMT
server: cloudflare
vnd-eo-trace-id: 81f3e61e5880156a-SJC
etag: W/"5d4375c9b8e7c9eada90983391b8ac24"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba4a043671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H/1.1 200
OK 4286ab41d9870a04a0f88d5f349f1572
upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com/enterprise-portal-logos/ 16 KB
17 KB 657ms
253ms Image
application/octet-stream 52.92.227.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com/enterprise-portal-logos/4286ab41d9870a04a0f88d5f349f1572?response-content-disposition=attachment%3B%20filename%3D%22enterprisePortalLogos1706663923556%22%3B%20filename%2A%3Dutf-8%27%27enterprisePortalLogos1706663923556&X-Amz-Security-Token=IQoJb3JpZ2luX2VjECkaCXVzLXdlc3QtMiJHMEUCIDJ08R6Q51nwt%2FU0zAwnZ8ba%2BtYH%2Bsk1x3zl%2B7EoBLRDAiEAj86d%2B%2FLPphG0IVtkluW%2F1P%2B4D%2BfFrUOOKrAlObc2Ekoq1gQIwv%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgw3Mzk5MzkxNzM4MTkiDOoGIP6rwMlQtakhpiqqBNq0btJRKQa%2Fjp2iEFyrvvNSuMmI9D9Vq2hcPaTK%2Fvcmnu602Czh0rP4GsKVNwdts9ebxdg%2B%2BFTJd7rkhkmMA4xf3j3fwZh3efVwQlPDIxhN%2Fnf%2BCh3e67Dv4v4ZaKWzBrJk6wEoCXoG2%2FrrIoqLqG6toYzNXEMxzl%2Bp6XRB9Ju9fOyNanPHFQ4w3Ctrv8rxyfnbmwU9Cujbb89lQdpex0dVVeSZMSo%2B2ICH7LdyfBfc%2F5gZcOab9HlkSpsOA0QpdTg5BZZdIwPNa%2FABfj5VILcc8OA2RUbmSiYvOvlgJLcS5LEhxmk0Voo1SwBn8S1C%2BXQfr1PAUGw38cMd8vhLAMZItrrVfYgQcMjD4gh91EsPBSCrGByxeTz2GlOr9vyf%2FfawpGGtcUt500rKcxNyafV4MZXgQwVtVz5P7FzGK%2B1IM%2FZPHYqPvfT%2F%2F1O6QhjubbKEBljxtBVktKncLgfe%2BZw6ROgdqpZBsOBF0GtKhwFVgd%2FLA5Zy2VSjPpw5DuJeteYOI6DJyNfBLscIF0VjpLxBO6gNGrwAyuuxy5jZ4%2BLZkqA559020TazsWre69MhLh6MD6bumoUOAR7qgb7wXbWHTmoK5sEUK38cA8gnEAOi02S6T2zaBsV33eo5avdwx8H8OI0t3xtkrRq5VAr1Trtz30dDvvuF0Y4o53rGzquVFQKkXmlxwJ03qdoZkeeo3q80HkeCvLP1lW7r8y1gm%2BaT%2BmeZQq0sO5edMPGKt7MGOqcBOruj1Vw85O%2FP2xT6w2kP0a05GHUoZVydmjqe%2BwX1WMeCxKUiFKOvaMS3lvGJF9RTqvuyX%2F0GP5rn7h9M2uLoXAY69v6%2Fqs0r%2F%2B3WkefidkcwLtzL1mRefdGA8j82mjOl2DxxTulMerNOEwvx%2BdmFIwii0gfrSFrsPyouJoCD1q8xj9%2BOa97omvgeFos01kpbrxfeTZjKJEqZFZdS5uV3jvOeJ72OdeU%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240615T171038Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Credential=ASIA2YR6PYW5ZBC62HOS%2F20240615%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Signature=2a6b6999ccfd5a6e7a269d0b60c3ae7a1c85cc7fb16119ca8f1699a311dc76f7
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.92.227.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6fde27822130e4f4b884c60fa1125f0841883a1dbbbd7ece8dc1c49c781d101

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 17:10:39 GMT
x-amz-version-id: n_2fcjCeLfZ8O2ppU5v.3paKmHVH_6Qm
Last-Modified: Wed, 31 Jan 2024 01:18:44 GMT
Server: AmazonS3
x-amz-request-id: JKMF6WCCKH3556TZ
ETag: "93c6368ba72e0f53365df40099b0a8bf"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Content-Disposition: attachment; filename="enterprisePortalLogos1706663923556"; filename*=utf-8''enterprisePortalLogos1706663923556
Accept-Ranges: bytes
Content-Length: 16783
x-amz-id-2: KyyLCqd0ce6FnH0FqmCjSQZYuar02gdS+/71z3HnlLZubSSwz06UiwAvipnpwExkl4O0BVCNdkU=

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 109ms
41ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 17:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OKrCs7nhvutcs03VCUskmw==
age: 73830
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:30 GMT
server: cloudflare
etag: 0x8DC8B517E123FAA
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ae3a10ff-301e-004b-7bac-bda210000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89442cbaec728f38-FRA

GET
H/1.1 200
OK 1dd29ffa5d6d6d7746ea1422da488951
upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com/enterprise-portal-support-persons/ 12 KB
13 KB 640ms
239ms Image
application/octet-stream 52.92.227.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com/enterprise-portal-support-persons/1dd29ffa5d6d6d7746ea1422da488951?response-content-disposition=attachment%3B%20filename%3D%22Colin.png%22%3B%20filename%2A%3Dutf-8%27%27Colin.png&X-Amz-Security-Token=IQoJb3JpZ2luX2VjECkaCXVzLXdlc3QtMiJHMEUCIDJ08R6Q51nwt%2FU0zAwnZ8ba%2BtYH%2Bsk1x3zl%2B7EoBLRDAiEAj86d%2B%2FLPphG0IVtkluW%2F1P%2B4D%2BfFrUOOKrAlObc2Ekoq1gQIwv%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgw3Mzk5MzkxNzM4MTkiDOoGIP6rwMlQtakhpiqqBNq0btJRKQa%2Fjp2iEFyrvvNSuMmI9D9Vq2hcPaTK%2Fvcmnu602Czh0rP4GsKVNwdts9ebxdg%2B%2BFTJd7rkhkmMA4xf3j3fwZh3efVwQlPDIxhN%2Fnf%2BCh3e67Dv4v4ZaKWzBrJk6wEoCXoG2%2FrrIoqLqG6toYzNXEMxzl%2Bp6XRB9Ju9fOyNanPHFQ4w3Ctrv8rxyfnbmwU9Cujbb89lQdpex0dVVeSZMSo%2B2ICH7LdyfBfc%2F5gZcOab9HlkSpsOA0QpdTg5BZZdIwPNa%2FABfj5VILcc8OA2RUbmSiYvOvlgJLcS5LEhxmk0Voo1SwBn8S1C%2BXQfr1PAUGw38cMd8vhLAMZItrrVfYgQcMjD4gh91EsPBSCrGByxeTz2GlOr9vyf%2FfawpGGtcUt500rKcxNyafV4MZXgQwVtVz5P7FzGK%2B1IM%2FZPHYqPvfT%2F%2F1O6QhjubbKEBljxtBVktKncLgfe%2BZw6ROgdqpZBsOBF0GtKhwFVgd%2FLA5Zy2VSjPpw5DuJeteYOI6DJyNfBLscIF0VjpLxBO6gNGrwAyuuxy5jZ4%2BLZkqA559020TazsWre69MhLh6MD6bumoUOAR7qgb7wXbWHTmoK5sEUK38cA8gnEAOi02S6T2zaBsV33eo5avdwx8H8OI0t3xtkrRq5VAr1Trtz30dDvvuF0Y4o53rGzquVFQKkXmlxwJ03qdoZkeeo3q80HkeCvLP1lW7r8y1gm%2BaT%2BmeZQq0sO5edMPGKt7MGOqcBOruj1Vw85O%2FP2xT6w2kP0a05GHUoZVydmjqe%2BwX1WMeCxKUiFKOvaMS3lvGJF9RTqvuyX%2F0GP5rn7h9M2uLoXAY69v6%2Fqs0r%2F%2B3WkefidkcwLtzL1mRefdGA8j82mjOl2DxxTulMerNOEwvx%2BdmFIwii0gfrSFrsPyouJoCD1q8xj9%2BOa97omvgeFos01kpbrxfeTZjKJEqZFZdS5uV3jvOeJ72OdeU%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240615T171038Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Credential=ASIA2YR6PYW5ZBC62HOS%2F20240615%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Signature=4898fbbfa86c7bf32f45b9aabae5da10e5e54fc108eab287cb2a4da8d6bfd105
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.227.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b5276791d5fdd0e32dd9a07b1023115ff21fea8f2cb701804396f81bae9da55

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 17:10:39 GMT
x-amz-version-id: qTFFheyaXKwFJ5b_OaqtSM._ikXjPaYk
Last-Modified: Tue, 30 Jan 2024 19:32:52 GMT
Server: AmazonS3
x-amz-request-id: JKM2AWZZDGMVCMMS
ETag: "43bd03596dff91737fc089ea6f68b97b"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Content-Disposition: attachment; filename="Colin.png"; filename*=utf-8''Colin.png
Accept-Ranges: bytes
Content-Length: 12735
x-amz-id-2: sK2W0S7xTz/r42Ao34haZZD3LFb9pEZdCm0HsBnfROemcmEepY5W4jD6eUHqjFNJlglpTbNN+PU=

GET
H3 200 runtime.ea045fce.js Show response
www.upwork.com/static/assets/Brontes/ 8 KB
4 KB 114ms
113ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/runtime.ea045fce.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a50f921558dfe4d6638266f6f7c41dfa15a7ff9df2d4cc1b43fe7fb38fe0542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 219971
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effc34de48697-SJC
etag: W/"bb6e1e25756702141512866867c55ed9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba7a5e3671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 ent-navigation.4539a60c.js Show response
www.upwork.com/static/assets/Brontes/ 20 KB
8 KB 114ms
113ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/ent-navigation.4539a60c.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6934d70efd6e83b536353799ac468ababe6d6352c27c156744bc605a3d1c3a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 40295
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:54 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a981ebf2-SJC
etag: W/"00ef23f2915acdd81ddd2202e132ef4d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba7a633671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 styles~ent-navigation~enterprise-portal-hero~enterprise-portal-signup~enterprise-portal-support~home~a587c8ba.84dc294a.js Show response
www.upwork.com/static/assets/Brontes/ 46 KB
3 KB 115ms
112ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~ent-navigation~enterprise-portal-hero~enterprise-portal-signup~enterprise-portal-support~home~a587c8ba.84dc294a.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bce9760e9f47ae9c4135502997f443cf5f3cdecc6734bb39f1e3a3c2c5ddbdb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 208703
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e309fa6813-SJC
etag: W/"ba57873f8e6d7c45acf50d9349cdebd5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8a6e3671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 styles~ent-navigation~enterprise-portal-hero~enterprise-portal-signup~enterprise-portal-support~home~9a4683d5.ba5ab67b.js Show response
www.upwork.com/static/assets/Brontes/ 47 KB
3 KB 145ms
141ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~ent-navigation~enterprise-portal-hero~enterprise-portal-signup~enterprise-portal-support~home~9a4683d5.ba5ab67b.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27c557391da7e4723af445651407dce1f66f7069aa554d51df97cfe75eb848a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 215501
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e309fd6813-SJC
etag: W/"b12ea0fa85685ae5813a5e2286f2396d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8a703671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 exp~abb523ad.62a129c3.js Show response
www.upwork.com/static/assets/Brontes/styles~ent-navigation~homepage-default~pages/ab/brontes/index~pages/ent/portal/_slug/index~pages/ 4 KB
1 KB 127ms
121ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~ent-navigation~homepage-default~pages/ab/brontes/index~pages/ent/portal/_slug/index~pages/exp~abb523ad.62a129c3.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

571e88386538309440861f725974c3bd1c593cb74f493ebba8ea3e59ac761d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 215431
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e32a1a6813-SJC
etag: W/"82732455b0591461b73797b1a8ab12da"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8a793671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 index.2e589861.js Show response
www.upwork.com/static/assets/Brontes/pages/ent/portal/_slug/ 11 KB
5 KB 789ms
782ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/pages/ent/portal/_slug/index.2e589861.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a63c38aeb0e60c313307151337f73293e78b9d987411423ef0f7e008a80dbee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a983ebf2-SJC
etag: W/"cae032e176cac9cd2cbbddebb8960c90"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8a7d3671-FRA
expires: Sun, 15 Jun 2025 17:10:39 GMT

GET
H3 200 index~pa~ba1b28bc.fb6ddde4.js Show response
www.upwork.com/static/assets/Brontes/styles~error-page-PPzLH~pages/ab/brontes/index~pages/ab/brontes/ofac~pages/ent/portal/_slug/ 44 KB
8 KB 913ms
906ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~error-page-PPzLH~pages/ab/brontes/index~pages/ab/brontes/ofac~pages/ent/portal/_slug/index~pa~ba1b28bc.fb6ddde4.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff44fe237fb9ca964a5e4e80cdeccf6a1ddab7e161b6e35144f5941e116de9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a984ebf2-SJC
etag: W/"6d9ff49157b4a39c06e6a4f3a84c5bf1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8a833671-FRA
expires: Sun, 15 Jun 2025 17:10:39 GMT

GET
H3 200 index~pa~ef91245b.95cb36a5.js Show response
www.upwork.com/static/assets/Brontes/styles~homepage-default~pages/ab/brontes/index~pages/ab/brontes/ofac~pages/ent/portal/_slug/ 3 KB
1 KB 118ms
111ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~homepage-default~pages/ab/brontes/index~pages/ab/brontes/ofac~pages/ent/portal/_slug/index~pa~ef91245b.95cb36a5.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb4bb552fcf97dcf9b12d78fd8a125d68c8e31e573f5debe29f7cc4bd3654a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 215290
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e309ff6813-SJC
etag: W/"f22e35f03e62591372c7a18dec500fda"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8a893671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 _.db5676e2.js Show response
www.upwork.com/static/assets/Brontes/styles~homepage-default~pages/ab/brontes/index~pages/ent/portal/_slug/index~pages/sitemaps/ 6 KB
1 KB 119ms
112ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~homepage-default~pages/ab/brontes/index~pages/ent/portal/_slug/index~pages/sitemaps/_.db5676e2.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

215c760526a46bf27d4f7244c855c94f3c30b3639327d660c82eb49b9be72b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 213428
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e33a306813-SJC
etag: W/"79135b8718c0c7c1670ea797bc63bf98"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8a8e3671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 index.ecf060da.js Show response
www.upwork.com/static/assets/Brontes/styles~homepage-default~pages/ent/portal/_slug/index~pages/exp/cl-fl-gateway/ 4 KB
1 KB 127ms
120ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~homepage-default~pages/ent/portal/_slug/index~pages/exp/cl-fl-gateway/index.ecf060da.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f321f18e92ae0e746ace9b37e81f0d47421415201a1784fb48321f4c31617823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 214916
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e3aada6813-SJC
etag: W/"7620969ab6e08eadcd6647d2395c2974"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8a903671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 index.20e9b52c.js Show response
www.upwork.com/static/assets/Brontes/styles~for-enterprise~pages/ent/portal/_slug/ 4 KB
1 KB 128ms
122ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~for-enterprise~pages/ent/portal/_slug/index.20e9b52c.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0383b340aa656f750d594eeee08f1b2b5770b020de08f6a9b0a157b9f62fee89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 214135
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e3aae46813-SJC
etag: W/"be14d8188ac52def71d03399dc46445d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8a923671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 enterprise-portal-hero.d866e72c.js Show response
www.upwork.com/static/assets/Brontes/ 9 KB
3 KB 301ms
294ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/enterprise-portal-hero.d866e72c.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c53efe1ae303545a95255a04a8ccc9ce1bfeb053600fdbe1dfeb5eb67030707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:54 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a985ebf2-SJC
etag: W/"8241ea23c12c852d6ee999872ef57f2b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8a973671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 enterprise-portal-stats.9054c5d6.js Show response
www.upwork.com/static/assets/Brontes/ 3 KB
1 KB 873ms
867ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/enterprise-portal-stats.9054c5d6.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d28d6068712685f27f00d5a66d34773e886ed42339fca1a0dd6d642344898739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 14 Jun 2024 20:29:38 GMT
server: cloudflare
vnd-eo-trace-id: 89442cba8a9a3671-SJC
etag: W/"dff139aee10c361278403d4246f6c152"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8a9a3671-FRA
expires: Sun, 15 Jun 2025 17:10:39 GMT

GET
H3 200 vendors~up-s-hiw.ded4083e.js Show response
www.upwork.com/static/assets/Brontes/ 55 KB
13 KB 169ms
163ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/vendors~up-s-hiw.ded4083e.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e66845d7ac7cacb62e3cf8282610af8a8789c5886a92d89869a00b2c399ed847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 40295
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a987ebf2-SJC
etag: W/"65b1a59fc6c896081c308acd8a70e956"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8a9d3671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 enterprise-portal-signup.c9eb7d35.js Show response
www.upwork.com/static/assets/Brontes/ 2 KB
2 KB 113ms
106ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/enterprise-portal-signup.c9eb7d35.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bd5827040c44da02b5dd0e8a65a0c0b9f575e50bbef40bffeae45c5e7c38a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 107305
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:54 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a989ebf2-SJC
etag: W/"9269707c1f5a6f22b91ced3ab7d597d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8aa13671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 styles~enterprise-portal-signup.c8c9ff0c.js Show response
www.upwork.com/static/assets/Brontes/ 4 KB
2 KB 130ms
124ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~enterprise-portal-signup.c8c9ff0c.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c75d2586cc7861790afac380c3ed98e57c42886475e9bd8b91fe7353c565f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 199098
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a98aebf2-SJC
etag: W/"93cb8a7cb33789618e99593f3c8d5e86"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8aa53671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 vendors~enterprise-portal-signup.d53672db.js Show response
www.upwork.com/static/assets/Brontes/ 46 KB
14 KB 940ms
934ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/vendors~enterprise-portal-signup.d53672db.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58f720be65aa95ebbc3d080e9f7efecb76925a6dd54364ab9efd2fad655dd63e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a98cebf2-SJC
etag: W/"ff1f4430125a514b49f945cc700d70fc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8aa83671-FRA
expires: Sun, 15 Jun 2025 17:10:39 GMT

GET
H3 200 enterprise-portal-support.23fcd27f.js Show response
www.upwork.com/static/assets/Brontes/ 6 KB
2 KB 126ms
119ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/enterprise-portal-support.23fcd27f.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

825265e880e41d25f1572eb13c759ce69b0e70af91993c41fec85a061b2728db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 199098
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:54 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a98eebf2-SJC
etag: W/"c09eaa2b5e5dd007fa63a5384590f6ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8aaa3671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 styles~context-switch-menu-rjGvQ~enterprise-portal-support.0826ced3.js Show response
www.upwork.com/static/assets/Brontes/ 2 KB
1 KB 279ms
273ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~context-switch-menu-rjGvQ~enterprise-portal-support.0826ced3.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61ff31d236d04726bb9ad035b273ccf29484b7b7957afb3fd5ae17360c8ae887

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a990ebf2-SJC
etag: W/"65a29832e68799c8614097a854dcbe79"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8aab3671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 social-facebook-9Tj8t.e4386291.js Show response
www.upwork.com/static/assets/Brontes/ 912 B
850 B 120ms
115ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-facebook-9Tj8t.e4386291.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be6858b057ea929df34884956ef16ca5cfdf4f01d6410022095e4165acff68c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 220026
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effd92a7a8697-SJC
etag: W/"0cda1c7e11e0d0e8688657b5c37786dd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8aac3671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 social-linkedin-9kqeO.b2fae6cd.js Show response
www.upwork.com/static/assets/Brontes/ 965 B
982 B 119ms
114ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-linkedin-9kqeO.b2fae6cd.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2889ddfb807b43af836d9c9d3d816ee8b702e24a93e07c19734572fd1f252bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 219283
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effd94abf8697-SJC
etag: W/"5a915362f321f0fc97f2dfe7e89bf228"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8aad3671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 social-twitter-BjOGL.bde84c8e.js Show response
www.upwork.com/static/assets/Brontes/ 757 B
888 B 121ms
116ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-twitter-BjOGL.bde84c8e.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc4c8be620adcda694c23b3a8c88a0c6b575d3387353c793c8153252beb0f7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 220028
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effda4ba98697-SJC
etag: W/"c05b106b64346dc460d575091a8d9cf9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8ab03671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 social-youtube-Dr8sz.50128738.js Show response
www.upwork.com/static/assets/Brontes/ 1 KB
1006 B 145ms
140ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-youtube-Dr8sz.50128738.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92dd6b57f96cdbd201ea941672aa4f9adcbe5cac987a0109c7404a722322db84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 219813
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effdb5ca68697-SJC
etag: W/"c889afed18126f1447b936e673b32767"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8ab23671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 social-instagram-nfzet.3e737fff.js Show response
www.upwork.com/static/assets/Brontes/ 1 KB
878 B 128ms
123ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-instagram-nfzet.3e737fff.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7211f3ec48a8322fe648f7a8b881b6516f9c1bc4198734a25659768b228f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 219917
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effdb9cf18697-SJC
etag: W/"28d559ad3a361861dd36291a307f0547"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8ab43671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 apple-G7MUs.a48db3d1.js Show response
www.upwork.com/static/assets/Brontes/ 1 KB
1 KB 119ms
114ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/apple-G7MUs.a48db3d1.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eacf2af43ae2529b027ba4d4d8704df19dd9473c6b2050376a24c0f2112dab0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 213586
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:54 GMT
server: cloudflare
vnd-eo-trace-id: 892effdc7dc48697-SJC
etag: W/"5405beecfa6192fabf89b34ddf1e2829"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8ab73671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 android-DSzT1.17aea9bc.js Show response
www.upwork.com/static/assets/Brontes/ 1 KB
972 B 141ms
137ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/android-DSzT1.17aea9bc.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f513a8559aa5882fa461f1a747dc1c870b29f1588ea76704817e7934763695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 206121
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:54 GMT
server: cloudflare
vnd-eo-trace-id: 892effddaf298697-SJC
etag: W/"eea20130533642cf9631ce80961fd619"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8ab83671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 commons~app.c80550a5.js Show response
www.upwork.com/static/assets/Brontes/ 66 KB
22 KB 142ms
138ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/commons~app.c80550a5.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d7b4e9996dbf6f168646ff68449ea1bc882989deefb7a5d4389684fc989c877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 204796
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:09 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e3baff6813-SJC
etag: W/"6a3721499de35c645fde7870e439e957"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8ab93671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 styles~app.d2a00eb0.js Show response
www.upwork.com/static/assets/Brontes/ 166 KB
21 KB 124ms
121ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~app.d2a00eb0.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38dd0648ac17136f937137513011ec98225d70ab908033987eed02c671dd1580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 211432
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effe0caaf8697-SJC
etag: W/"6391b8012868e7e7737dcf3ffc29db9d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8abe3671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H3 200 app.0e5035f9.js Show response
www.upwork.com/static/assets/Brontes/ 778 KB
212 KB 151ms
147ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/app.0e5035f9.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ade4f2d60b9e27248a06abe820ddd0d3504b2575a0ed2888bc5b25bc460f3140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 220028
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:54 GMT
server: cloudflare
vnd-eo-trace-id: 892effe0dab88697-SJC
etag: W/"39cfc519523a1fa11ee22a0aa7a36eb3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cba8ac23671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 243 KB
82 KB 114ms
59ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K7572X

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36b8ca6bb4bb17e2ce2455deb68e5379d85c761393ef788eec208165c1e83829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84021
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Jun 2024 17:10:38 GMT

GET
H3 200 xl.e9b4fd2.jpg
www.upwork.com/static/assets/Brontes/img/ 20 KB
20 KB 289ms
288ms Image
image/webp 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upwork.com/static/assets/Brontes/img/xl.e9b4fd2.jpg

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df91b64a90951856176812d4cd7753823fc6fd7d795ae29a1f205777892e7263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=83972
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="xl.webp"
alt-svc: h3=":443"; ma=86400
content-length: 20452
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Jun 2024 21:16:22 GMT
server: cloudflare
vnd-eo-trace-id: 88feaaab49d9b9fb-SJC
etag: "6ee53e1d5e308f043ec29a73ca99f26e"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89442cbb1b733671-FRA
expires: Sun, 15 Jun 2025 17:10:38 GMT

GET
H2 200 beb279fb-8702-46ec-a677-6f14e3828966.json Show response
cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/ 5 KB
2 KB 134ms
75ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/beb279fb-8702-46ec-a677-6f14e3828966.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9587b91572aefc39a177038bad16f4e39e948e8ae9ceb58cd1e08aec32831202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 17:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 19900
content-md5: sR4WvB0y0lbRPVnAbcaekA==
content-length: 1739
x-ms-lease-status: unlocked
last-modified: Thu, 30 Nov 2023 14:41:41 GMT
server: cloudflare
etag: 0x8DBF1B27778A621
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b5f593dd-b01e-009a-2f90-a0cdac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89442cbc1b1c9bbc-FRA
expires: Sun, 16 Jun 2024 17:10:38 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 109ms
50ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 89442cbcfc3c3a61-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/ 403 KB
97 KB 43ms
43ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 17:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fuN6EZWNAh2xn3yE+0HSRQ==
age: 1580
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99428
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:48 GMT
server: cloudflare
etag: 0x8DB81B7897E828A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bb61c14c-801e-006c-0ac6-0bd214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89442cbd4f238f38-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/afd6b9b0-8d93-441b-8b0d-2a49a9fc9965/ 107 KB
25 KB 79ms
78ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/afd6b9b0-8d93-441b-8b0d-2a49a9fc9965/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef7be6c99644d8250736cdef74476044c13f35c29096c151e1104260156a630e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 17:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 35770
content-md5: IN4ESRoVBVuc8Mbny2rHPQ==
content-length: 25298
x-ms-lease-status: unlocked
last-modified: Thu, 30 Nov 2023 14:41:53 GMT
server: cloudflare
etag: 0x8DBF1B27EBC3E9E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5591abf0-001e-0062-4e9b-23fba4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89442cbdcdb69bbc-FRA
expires: Sun, 16 Jun 2024 17:10:39 GMT

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 10 KB
3 KB 49ms
49ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b45c6cd9209d6f0f4c59e7a3b7db80a0f642898d4728fef9252155a6d264427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 17:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5i2GgzdnYr7xAXvUmxvWyw==
age: 2959
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2606
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:43 GMT
server: cloudflare
etag: 0x8DB81B78646D554
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 78efb154-701e-00a5-25f4-b57a70000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89442cbe7ebf9bbc-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 21 KB
4 KB 48ms
47ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 1550
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d288241b-d01e-0085-6d77-39145e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 89442cbe7ec19bbc-FRA

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
624 B 47ms
47ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 81368
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 0d8e53d5-e01e-00c1-2e41-bd1833000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 89442cbed9388f38-FRA

GET
H3 200 workbox-window.prod.es5-eZxxJ.928d88de.js Show response
www.upwork.com/static/assets/Brontes/ 5 KB
2 KB 56ms
55ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/workbox-window.prod.es5-eZxxJ.928d88de.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/runtime.ea045fce.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3ddc5791631b0b44abb81d8450d80b65ef74d17d5b790dc54e22d0956129a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 207952
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effe6493b8697-SJC
etag: W/"d7bcbf6e2f238895a45eebfe8af6f1e3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cc09c553671-FRA
expires: Sun, 15 Jun 2025 17:10:39 GMT

GET
H3

200

main.js Show response
www.upwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame 6BA8
Redirect Chain

https://www.upwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.upwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

8 KB
4 KB

63ms
63ms

Script
application/javascript

104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b04c3befc69593d33bb96cb16af0662cc9195e93fca92bab9c9b6bc9f95d29a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 89442cc19df53671-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
cache-control: max-age=300, public
cf-ray: 89442cc0bc8d3671-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 552 KB
137 KB 85ms
85ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7572X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4fc81efa26797c9ba0f4c622dcc1fb438f4f6bdeef0e072545352c3c4ce4985e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139579
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Jun 2024 17:10:39 GMT

POST
H3 202 v1
www.upwork.com/upi/metrics/rum/ 0
488 B 219ms
217ms Ping
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/upi/metrics/rum/v1

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/app.0e5035f9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: origin-when-cross-origin
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
vnd-eo-trace-id: 89442cc0fcf13671-FRA
x-powered-by: Express
cf-ray: 89442cc0fcf13671-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 200 loader.nuxt.js Show response
www.upwork.com/nx/suit2/ 1 KB
1 KB 486ms
485ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/suit2/loader.nuxt.js?t=1718471439503

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/app.0e5035f9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b357e7978dda3b6d62947687eb3e83ca11e32f328ad65eefc56b986a67ddff1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-to csp-endpoint, report-to csp-endpoint
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 27 Mar 2024 11:59:30 GMT
server: cloudflare
vnd-eo-trace-id: 89442cc0fcf53671-SJC
etag: W/"cd3c097277047563150c5e2bf330e1d5"
x-frame-options: SAMEORIGIN
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}, {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 89442cc0fcf53671-FRA
expires: Sat, 15 Jun 2024 21:10:39 GMT

GET
H3 200 loader_only.js Show response
www.upwork.com/static/iovation/5.2.2/ 4 KB
2 KB 66ms
65ms Script
application/x-javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/iovation/5.2.2/loader_only.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/app.0e5035f9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4181
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 27 Jul 2021 10:37:17 GMT
server: cloudflare
vnd-eo-trace-id: 862e0a9e1ed3f947-SJC
etag: W/"8422458b55fbda403437065dd5557abf"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 89442cc0fcff3671-FRA
x-amz-meta-last-modified: 1593693054000
expires: Sat, 15 Jun 2024 21:10:39 GMT

GET
H3 200 xl.e864ca5.jpg
www.upwork.com/static/assets/Brontes/img/ 22 KB
22 KB 251ms
250ms Image
image/webp 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upwork.com/static/assets/Brontes/img/xl.e864ca5.jpg

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965c2f6ab8a9bf139ab90bb61d3b04d76f6a53f020569057d5622aa5dc14da31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=86263
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="xl.webp"
alt-svc: h3=":443"; ma=86400
content-length: 22210
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Thu, 13 Jun 2024 23:22:55 GMT
server: cloudflare
vnd-eo-trace-id: 893706d24aca737d-SJC
etag: "8e87b1d32a5ae8e691a06dec3b170f9b"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89442cc18de63671-FRA
expires: Sun, 15 Jun 2025 17:10:39 GMT

GET
H3 200 ofac~up-s-hiw.274fcab1.js Show response
www.upwork.com/static/assets/Brontes/styles~error-page-PPzLH~homepage-default~modal-8bCAb~pages/ab/brontes/ 1 KB
862 B 57ms
56ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~error-page-PPzLH~homepage-default~modal-8bCAb~pages/ab/brontes/ofac~up-s-hiw.274fcab1.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/runtime.ea045fce.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe257ddd8219a79fda741b4cb6dd900d172acd25cb1f8fc6840fc3f23322b532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 219408
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e32a256813-SJC
etag: W/"70575dd2f27d0ee400b2a55fc629ddad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cc1ae153671-FRA
expires: Sun, 15 Jun 2025 17:10:39 GMT

GET
H/1.1

200
OK

static_wdp.js Show response
first.iovation.com/general5/
Redirect Chain

https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

40 KB
17 KB

156ms
46ms

Script
text/javascript

52.129.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7bdfd46cdac7d6e9a54b7e63d8c43cce2a82269cc72c3a2cb471eab955240a5b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 15 Jun 2024 17:10:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Expires: Mon, 15 Jul 2024 17:10:39 GMT

Redirect headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/html
location: https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
cache-control: max-age=3600
cf-ray: 89442cc1be333671-FRA
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Sat, 15 Jun 2024 18:10:39 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 42 KB
19 KB 227ms
62ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/iovation/5.2.2/loader_only.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fc90e3d3253bf3ce7c838b5af803bfabc79e239daca6e9d8780375bba2fd183a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 15 Jun 2024 17:10:39 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H3 200 snippet-HysiX.541a8e47.js Show response
www.upwork.com/static/assets/Brontes/ 7 KB
3 KB 101ms
101ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/snippet-HysiX.541a8e47.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/runtime.ea045fce.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31d274b93510b742cb3b453c56edaa03ec15348595499159452f62a039c03006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 214719
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:44:26 GMT
server: cloudflare
vnd-eo-trace-id: 892f9d1bae06bc0d-SJC
etag: W/"20e2e7d71026548e5541dae94cbd062e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cc1de513671-FRA
expires: Sun, 15 Jun 2025 17:10:39 GMT

GET
H2 204 202452b9c34b.js Show response
w.usabilla.com/ Frame D6EC 0
91 B 211ms
66ms Script
text/plain 54.171.39.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/202452b9c34b.js?lv=1
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.39.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-39-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 17:10:39 GMT
cache-control: public, max-age=60
x-widget-server: 2.1

POST
H3 200 89442cb77dc13671 Show response
www.upwork.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6BA8 0
436 B 67ms
64ms XHR
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/cdn-cgi/challenge-platform/h/g/jsd/r/89442cb77dc13671

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 89442cc3382c3671-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 516858f3f9efc799b493c6fec34c75df.js Show response
ob.cityrobotflower.com/i/ 102 KB
38 KB 86ms
27ms Script
text/javascript 2600:9000:2359:1800:2:7cf7:d580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7572X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:1800:2:7cf7:d580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 1e837eca11064539d74363456b3a205f2b0b27f381999b9b59c42263d91a14cb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:53:56 GMT
content-encoding: gzip
via: 1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA60-P10
age: 33403
etag: "198ec-Fd0ngLLY4CQS72euSVzmF4eRYJE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 38272
x-amz-cf-id: AH_fUDOoAnBsxeqOu-5athg5GTd3xnccnLlkhhp-gFzvLgezT3iqIA==
expires: Sat, 15 Jun 2024 19:53:56 GMT

GET
H3 200 gtm-snippet.min.js Show response
assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/ 1 KB
1 KB 93ms
45ms Script
application/x-javascript 104.16.17.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/gtm-snippet.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.17.72 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:39 GMT
x-amz-version-id: ZweJj09ERuB7hGd43xe8zP0W7iYDRk9P
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: B5MHC17P23T38GE1
age: 5705
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: auBLowDOkKaSoGeIYDu1S499Hl7/DOGjYBrsbgS/sLAo3EjqBcIbW+fVVtBTdoOMRcxS0C1hPCebXrgoQjSzTQ==
last-modified: Wed, 28 Jul 2021 04:55:45 GMT
server: cloudflare
etag: W/"f65b2f243a458c9aae9b29262e8b2877"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 89442cc3daf135e1-FRA
x-amz-meta-last-modified: 1532366449000
expires: Sat, 15 Jun 2024 21:10:39 GMT

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.7.0/ 505 B
1 KB 58ms
58ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.7.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

24ae002d9a3a1abaec8d4e3c1302e7635b0abe3bb15a31abae549027c4d03274

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 17:10:39 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Sun, 15 Jun 2025 17:10:39 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 101ms
48ms Media
audio/mpeg 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.850186712636763

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5d9f202846692c12f9e571baa447330c611e180cfdeb3ecb6479a59913d1fb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.upwork.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Pragma: public
Date: Sat, 15 Jun 2024 17:10:40 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 script.js Show response
4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/ 453 KB
200 KB 90ms
24ms Script
application/javascript 2600:9000:2644:1c00:f:1b37:e600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/script.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2644:1c00:f:1b37:e600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

08ee2ce16493a97b0f9c7c46570cf989757232ece682aaa921969c600a24eebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:40 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
via: 1.1 b2340053ff948864db4d5e3c0ab3f3ea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Jun 2024 14:02:06 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/4c4cc75a16ed/25086718486
etag: W/"a6af2843a97100cebdaebad2dc802cf4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, immutable, max-age=600
timing-allow-origin: *
x-amz-cf-id: LwRFk_i6gIt2xqmc-k_dBXsCsN534aXekD-BnG1_NbAtfUEw_g0P0w==

GET
H3 200 index.iife.min.js Show response
www.upwork.com/static/suit2-tracker/0.3.23/ 92 KB
35 KB 59ms
58ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/suit2-tracker/0.3.23/index.iife.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/suit2/loader.nuxt.js?t=1718471439503

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a132064ca587aaad8529b705c1b9d78a0d4575c5e735d7e2545ebcb052fd6ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 6925027
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 27 Mar 2024 07:40:18 GMT
server: cloudflare
vnd-eo-trace-id: 86af41fa1bfe682f-SJC
etag: W/"1194b63cbf7f83a6edd79e893888786d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89442cc409673671-FRA
expires: Sun, 15 Jun 2025 17:10:40 GMT

POST
H3 200 suit Show response
www.upwork.com/shitake/ 2 B
676 B 218ms
217ms XHR
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/shitake/suit

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/suit2-tracker/0.3.23/index.iife.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json; charset=UTF-8
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upwork.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 89442cc4da8c3671-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H/1.1

200
OK

dyn_wdp.js Show response
first.iovation.com/5.7.0/
Redirect Chain

https://www.upwork.com/iojs/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

2 KB
2 KB

384ms
384ms

Script
text/javascript

52.129.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6deb8252dfd0cb3f2e2adf2bc9ebddc9251a1683534633d1fdd3f58d109f6527

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: 2024-Jun-15 17:10:40
Content-Encoding: gzip
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
p3p: CP="NON DSP COR CURa"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, private
Keep-Alive: timeout=2, max=96
Content-Length: 1341
Expires: 0

Redirect headers

date: Sat, 15 Jun 2024 17:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/html
location: https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
cache-control: max-age=3600
cf-ray: 89442cc4faa83671-FRA
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Sat, 15 Jun 2024 18:10:40 GMT

GET
H2 200 ct Show response
obs.cityrobotflower.com/ 6 KB
3 KB 696ms
421ms Script
text/javascript 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/ct?id=35075&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fsompo%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1718471440170&hl=2&op=0&ag=3514327459&rand=040079002192992866021607016659829460004212252722720288626189231665298727922860685865&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDcwMDFdLFsiYWJuY2giLDIxXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMyLCItIl0sWy00MCwiMzMiXSxbLTUyLCItIl0sWy01MywiMTAwIl0sWy01OCwiLSJdLFstNjYsImdlb2xvY2F0aW9uLHN0b3JhZ2VhY2Nlc3MsZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixicm93c2luZ3RvcGljcyxwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LGxvY2FsZm9udHMsb3RwY3JlZGVudGlhbHMsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxzaGFyZWRzdG9yYWdlLGNoZG93bmxpbmssY2hwcmVmZXJzY29sb3JzY2hlbWUsc3luY3hocixjaHVhbW9kZWwsY2hwcmVmZXJzcmVkdWNlZHRyYW5zcGFyZW5jeSxzZXJpYWwsY2FtZXJhLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24scHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LGNodWFmdWxsdmVyc2lvbixmdWxsc2NyZWVuLGNoZHByLHVubG9hZCxrZXlib2FyZG1hcCxjaHVhcGxhdGZvcm0sc2hhcmVkc3RvcmFnZXNlbGVjdHVybCxneXJvc2NvcGUsaW50ZXJlc3Rjb2hvcnQsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEscHVibGlja2V5Y3JlZGVudGlhbHNjcmVhdGUsbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGNodWFmb3JtZmFjdG9ycyxpZGxlZGV0ZWN0aW9uLGNodWFwbGF0Zm9ybXZlcnNpb24sY2h3aWR0aCxjbGlwYm9hcmRyZWFkLGNodmlld3BvcnR3aWR0aCxjb21wdXRlcHJlc3N1cmUscGF5bWVudCxjaHZpZXdwb3J0aGVpZ2h0LGNocnR0LGF1dG9wbGF5LGNyb3Nzb3JpZ2luaXNvbGF0ZWQsaGlkLGNodWFiaXRuZXNzLHNjcmVlbndha2Vsb2NrLHByaXZhdGVhZ2dyZWdhdGlvbixjbGlwYm9hcmR3cml0ZSxhdHRyaWJ1dGlvbnJlcG9ydGluZyxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy0xLCItIl0sWy0yNywiWzEwMCwxMCwwLFwiNGdcIixudWxsXSJdLFstMzMsIi0iXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsNSx0cnVlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTQ0LCIwLDAsMCw1Il0sWy00OCwiMCwwIl0sWy01MCwiLSJdLFstNjIsIjgwIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy00LCI8aHRtbCBsYW5nPVwiZW4tdXNcIiB0aGVtZT1cImFpci0zLTBcIiBkYXRhLW4taGVhZD1cIiU3QiUyMmxhbmclMjI6JTdCJTIyc3NyJTIyOiUyMmVuLXVzJTIyJTdELCUyMnRoZW1lJTIyOiU3QiUyMnNzciUyMjolMjJhaXItMy0wJTIyJTdEJTdEXCIgZGF0YS1nbC1hcHA9XCJcIj48aGVhZD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBpZD1cImZ0cl9fc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovLzRjNGNjNzVhMTZlZC5jZG40LmZvcnRlci5jb20vc24vNGM0Y2M3NWExNmVkL3NjcmlwdC5qc1wiPjwvc2NyaXB0PjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly93d3cuZ29vZ2xldGFnbWFuYWdlci5jb20vZ3RtLmpzP2lkPUdUTS1XTlZGMlJCJmFtcDtsPWRhdGFMYXllclwiPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmM9XCJcIiBzcmM9XCIvL3d3dy5nb29nbGV0YWdtYW5hZ2VyLmNvbS9ndG0uanM%2FaWQ9R1RNLUs3NTcyWFwiPjwvc2NyaXB0PjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly9jZG4uY29va2llbGF3Lm9yZy9zY3JpcHR0ZW1wbGF0ZXMvb3RTREtTdHViLmpzXCIgZGF0YS1kb21haW4tc2NyaXB0PVwiYmViMjc5ZmItODcwMi00NmVjLWE2NzctNmYxNGUzODI4OTY2XCIgZGF0YS1kb2N1bWVudC1sYW5ndWFnZT1cInRydWVcIiBjaGFyc2V0PVwiVVRGLThcIj48L3NjcmlwdD48c2NyaXB0PmZ1bmN0aW9uIE9wdGFub25XcmFwcGVyKCkgeyB3aW5kb3cuJG51eHQgJiYgd2luZG93LiRudXh0LiRvdGJUcmFjayAmJiB3aW5kb3cuJG51eHQuJG90YlRyYWNrKCkgfTwvc2NyaXB0PlxuICAgIDxtZXRhIGRhdGEtbi1oZWFkPVwic3NyXCIgY2hhcnNldD1cInV0Zi04XCI%2BPG1ldGEgZGF0YS1uLWhlYWQ9XCJzc3JcIiBkYXRhLWhpZD1cInZpZXdwb3J0XCIgbmFtZT1cInZpZXdwb3J0XCIgY29udGVudD1cIndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLCB2aWV3cG9ydC1maXQ9Y292ZXJcIj48bWV0YSBkYXRhLW4taGVhZD1cInNzclwiIGh0dHAtZXF1aXY9XCJhY2NlcHQtY2hcIiBjb250ZW50PVwic2VjLWNoLXVhLWZ1bGwtdmVyc2lvbi1saXN0LCBzZWMtY2gtdmlld3BvcnQtd2lkdGgsIHNlYy1jaC13aWR0aCwgc2VjLWNoLXVhLW1vYmlsZVwiPjxtZXRhIGRhdGEtbi1oZWFkPVwic3NyXCIgZGF0YS1oaWQ9XCJyb2JvdHNcIiBuYW1lPVwicm9ib3RzXCIgY29udGVudD1cIm5vb2RwLG5vZGlyLG5veWRpclwiPjxtZXRhIGRhdGEtbi1oZWFkPVwic3NyXCIgZGF0YS1oaWQ9XCJodHRwLWVxdWl2XCIgaHR0cC1lcXVpdj1cIlgtVUEtQ29tcGF0aWJsZVwiIGNvbnRlbnQ9XCJJRT1lZGdlLGNocm9tZT0xXCI%2BPG1ldGEgZGF0YS1uLWhlYWQ9XCJzc3JcIiBkYXRhLWhpZD1cImdvb2dsZS1zaXRlLXZlcmlmaWNhdGlvblwiIG5hbWU9XCJnb29nbGUtc2l0ZS12ZXJpZmljYXRpb25cIiBjb250ZW50PVwiTi1fakN5RTFoNl9fSFJic1FYZWFDQVJ2QmdXSFNPY1d4ZTJPUGZvRXNSWVwiPjxtZXRhIGRhdGEtbi1oZWFkPVwic3NyXCIgZGF0YS1oaWQ9XCJvZzp0aXRsZVwiIHByb3BlcnR5PVwib2c6dGl0bGVcIiBjb250ZW50PVwiVXB3b3JrIEVudGVycHJpc2UgUG9ydGFsXCI%2BPG1ldGEgZGF0YS1uLWhlYWQ9XCJzc3JcIiBkYXRhLWhpZD1cIm9nOmltYWdlXCIgcHJvcGVydHk9XCJvZzppbWFnZVwiIGNvbnRlbnQ9XCJodHRwczovL3d3dy51cHdvcmsuY29tL3N0YXRpYy93LXBhY2thZ2VzL2Fzc2V0cy9vcGVuLWdyYXBoL3VwLW9wZW4tZ3JhcGgucG5nXCI%2BPG1ldGEgZGF0YS1uLWhlYWQ9XCJzc3JcIiBkYXRhLWhpZD1cIm9nOnVybFwiIHByb3BlcnR5PVwib2c6dXJsXCIgY29udGVudD1cImh0dHBzOi8vd3d3LnVwd29yay5jb20vZW50L3BvcnRhbC9zb21wby9cIj48bWV0YSBkYXRhLW4taGVhZD1cInNzclwiIGRhdGEtaGlkPVwib2c6c2l0ZV9uYW1lXCIgcHJvcGVydHk9XCJvZzpzaXRlX25hbWVcIiBjb250ZW50PVwiVXB3b3JrXCI%2BPG1ldGEgZGF0YS1uLWhlYWQ9XCJzc3JcIiBkYXRhLWhpZD1cIm9nOnR5cGVcIiBwcm9wZXJ0eT1cIm9nOnR5cGVcIiBjb250ZW50PVwid2Vic2l0ZVwiPjxtZXRhIGRhdGEtbi1oZWFkPVwic3NyXCIgZGF0YS1oaWQ9XCJ0d2l0dGVyOnVybFwiIG5hbWU9XCJ0d2l0dGVyOnVybFwiIGNvbnRlbnQ9XCJodHRwczoiXSxbLTgsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTM0LCItIl0sWy00NSwiLSJdLFstNDksIi0iXSxbLTY4LCItIl0sWy02LCJ7XCJ3XCI6W1wiMVwiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJvZzp0aXRsZVwiLFwidHdpdHRlcjp0aXRsZVwiLFwiZGVzY3JpcHRpb25cIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOmRlc2NyaXB0aW9uXCJdfSJdLFstMTksIlsxMTcwLDE1NzAsMTE3MCwxNTcwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTIxLCItIl0sWy0zMSwiZmFsc2UiXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMSJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRb0pBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkZlhCa1JVVTFOU1VvREZoWldXeGRhVUUxQVMxWmJWazFmVlZaT1hFc1hXbFpVRmxBV0RBZ1BBUXdCWHdwZkFGeGZXZzRBQUZzTkFBcGFEMTljV2dvTldnNE1YVjhYVTBvRENBTVBEZzBJRHhBVldFMFpTeGtSVVUxTlNVb0RGaFpXV3hkYVVFMUFTMVpiVmsxZlZWWk9YRXNYV2xaVUZsQVdEQWdQQVF3Qlh3cGZBRnhmV2c0QUFGc05BQXBhRDE5Y1dnb05XZzRNWFY4WFUwb0RDQT09Il0sWy02NCwiWzAsXCJXaW4zMlwiLFt7XCJiXCI6XCJHb29nbGUgQ2hyb21lXCIsXCJ2XCI6XCIxMjZcIn0se1wiYlwiOlwiTm90OkEtQnJhbmRcIixcInZcIjpcIjhcIn0se1wiYlwiOlwiQ2hyb21pdW1cIixcInZcIjpcIjEyNlwifV1dIl0sWy0xMiwibnVsbCJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy00MSwiLSJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMzczNzU1OTk4NlwiLFwiMzQxODQyMTcyMFwiLFwiMjQyNDg5NjUwMlwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy0yLCI1LGVBSFdYMS9mM3F6Q3Zia3V5bVF3Z2xJYUYzcEVzUkVFVHBvVmRGVkJRUXBSY1JCRlNLSUlnaVJJcjBLaEpScXBTQXRDQWtRSHBJenliYlhwbVpyLzUvZDk2YnpjdVNBUEovR3QiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMjYsIntcInRqaHNcIjozNzM2NTQ4MixcInVqaHNcIjoyODM1NzE2MixcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFstMzgsImksLTEsLTEsMjM2LDAsMCwwLDAsMCw0NzQsLTEsMCw4OTMuMiw4OTMuMiwyMzYwLDIzNjEiXSxbLTU5LCJkZWZhdWx0Il0sWy02MywiMCJdLFstMjUsIi0iXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcImludGVsIGluYy5cIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDEuMCAob3BlbmdsIGVzIGdsc2wgZXMgMS4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2ViZ2wgMS4wIChvcGVuZ2wgZXMgMi4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJiZW5cIjo2LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MTkzMDgyMDI3OSxcInNlY1wiOlwiXCJ9Il0sWy0xNiwiMCJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy01MSwiLSJdLFstNjAsMjA3XSxbLTEwLCItIl0sWy0yMCwiLSJdLFstMzUsIlsxNzE4NDcxNDQwMTM0LC0yXSJdLFstNDYsIjAiXSxbLTQ3LCJFdXJvcGUvQmVybGluLGRlLURFLGxhdG4sZ3JlZ29yeSJdLFstNSwiLSJdLFstOSwiKyJdLFstMTUsIi0iXSxbLTE3LCIxMiJdLFstMTgsIlswLDAsMCwxXSJdLFstNTUsIjEiXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJibmNoIiwxMTVdLFstNywiLSJdLFstMjQsIltdIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNjEsIntcIndnc2xcIjpcIjQ7cmVhZG9ubHlfYW5kX3JlYWR3cml0ZV9zdG9yYWdlX3RleHR1cmVzO3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFstNjUsIi0iXSxbLTY3LCIyNTMyMzEyODg4OjI4Il0sWyJkZGIiLCIxLDUsMCw0LDAsMiwwLDAsMCwwLDExLDAsMSwwLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDIsMSwwLDAsMCwwLDAsMCwzLDAsMCwzLDAsMSwwLDAsMCwwLDAsMCwxLDEsMiwwLDMsMCwxLDAsMCwwLDAsMjgsMSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwxLDAsMCwyLDAsMCw2LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsNiwwLDAsMCwwLDAsMCwwLDEsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=TnDazo7XEL&pto=2431&ver=61&gac=-&mei=&ap=&fe=1&duid=1.1718471440.6K92rehO3VDKkR03&suid=1.1718471440.nT8ejQWLyr4eBUHv&tuid=1.1718471440.4UswpN6LnFd9Jknw&fbc=-&gtm=WyJPbmVUcnVzdExvYWRlZCIsIk9wdGFub25Mb2FkZWQiLCJPbmVUcnVzdEdyb3Vwc1VwZGF0ZWQiXQ%3D%3D&it=69%2C2174%2C105&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=inp.1.0%3B&sck=-
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: f0e1409a962274db1a3f127a88bf56448c2204e5cc515103700b827fbed8b205

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript
pragma: no-cache
date: Sat, 15 Jun 2024 17:10:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 2554
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 5fceec8e-f944-46f0-857c-966f6943e223
https://www.upwork.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/5fceec8e-f944-46f0-857c-966f6943e223
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0df60163198d0100f1db18b35908e0932a1b5ab97c0c0bc9e88c9ef4696ac92b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 5305
Content-Type: application/javascript

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 80ms
79ms Media
audio/mpeg 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.03938978298884277

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5d9f202846692c12f9e571baa447330c611e180cfdeb3ecb6479a59913d1fb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.upwork.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Pragma: public
Date: Sat, 15 Jun 2024 17:10:40 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
cdn123.forter.com/ 34 B
336 B 114ms
44ms XHR
application/json 18.245.31.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn123.forter.com/?u=81522ed340604032ab2a34917fa8d957&v=2
Requested by: Host:
URL: (program):2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-61.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 553d3badc7c645be089ef70ca574890d8d6ea7ad8a9f4b71f66f35ead7ad9bb7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Jun 2024 17:10:40 GMT
via: 1.1 1e0f88a39289286be3e03ff93487da80.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 34
x-amz-cf-id: 9RVkprdPsmN6tVWWocM5VvYO8hgORc_BKiEfnU4PmOiq4l6VkoA69Q==

GET
BLOB 200
OK 75058a35-016c-4dd1-b5b8-074e5970814a
https://www.upwork.com/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/75058a35-016c-4dd1-b5b8-074e5970814a
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 116341e758cd57fd6290deaa09cba71b0b4c2b49118222f830ed0479369c05da

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 2372
Content-Type: application/javascript

POST
H3 200 suit Show response
www.upwork.com/shitake/ 2 B
672 B 208ms
206ms XHR
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/shitake/suit

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/suit2-tracker/0.3.23/index.iife.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json; charset=UTF-8
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upwork.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 89442cc69d233671-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H2

200

76be5f993e1f78783924b41a18ae05bda1e19c5a2d8c4f64bfb03057ebcdc713ac7f4acf6b1350e6ddf449d0a171 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/76be5f993e1f78783924b41a18ae05bda1e19c5a2d8c4f64bfb03057ebcdc713ac7f4acf6b1350e6ddf449d0a171

0
318 B

123ms
122ms

XHR
text/plain

2600:9000:275b:5c00:e:d088:5c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/76be5f993e1f78783924b41a18ae05bda1e19c5a2d8c4f64bfb03057ebcdc713ac7f4acf6b1350e6ddf449d0a171

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Server

2600:9000:275b:5c00:e:d088:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 15 Jun 2024 17:10:40 GMT
via: 1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA60-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
x-amz-cf-id: _VSW-qVWGnW0Ll0yL0GP4IW15_J8kUWmmhMrBmQecZtnO3ZBqMUOzw==

Redirect headers

date: Sat, 15 Jun 2024 17:10:40 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/76be5f993e1f78783924b41a18ae05bda1e19c5a2d8c4f64bfb03057ebcdc713ac7f4acf6b1350e6ddf449d0a171
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
x-amz-cf-id: R64t39lERuOfrf0NK2le5l6fvnz93wBCEx6s28iq3Cx5lfgP5nbMwQ==

GET
BLOB 200
OK d062c5b4-ef8f-45ce-b77f-478f4cf685c3
https://www.upwork.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/d062c5b4-ef8f-45ce-b77f-478f4cf685c3
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 724e80fc18a25fd67f9a3ea749a906c2467d1bf1b06dc190fb3e0f680cf8bc1c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 17453
Content-Type: application/javascript

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/81522ed340604032ab2a34917fa8d957/ 20 B
358 B 469ms
230ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/81522ed340604032ab2a34917fa8d957/prop.json?_=1718471440411
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 15 Jun 2024 17:10:40 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
BLOB 200
OK facf94b7-2912-4333-99de-b291fa6b62ff
https://www.upwork.com/ 68 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/facf94b7-2912-4333-99de-b291fa6b62ff
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aebf5e11b85a9ca6377b615fca84ca9c0db26ff5c81d59a985a864d5239926c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 68
Content-Type: application/javascript

POST
H2 200 events
cdn3.forter.com/ 0
414 B 186ms
124ms Ping
text/plain 13.225.78.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-129.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 17:10:40 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: Ular0oPo9sPzXPr7BXqkKvUUCDfABA2GzSDHeOWFYb2RFBLffg3QNg==
expires: -1

GET
H/1.1

200
OK

logo.js Show response
first.iovation.com/5.7.0/
Redirect Chain

https://www.upwork.com/iojs/5.7.0/logo.js
https://first.iovation.com/5.7.0/logo.js

505 B
1 KB

48ms
47ms

Script
text/javascript

52.129.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/5.7.0/logo.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 99e9bb7ddda8a0a021b30b88436de5758b84d575b7ea61f94a2232a54a53332a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 15 Jun 2024 17:10:40 GMT
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Content-Length: 505
Expires: Sun, 15 Jun 2025 17:10:40 GMT

Redirect headers

date: Sat, 15 Jun 2024 17:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/html
location: https://first.iovation.com/5.7.0/logo.js
cache-control: max-age=3600
cf-ray: 89442cc7cebc3671-FRA
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Sat, 15 Jun 2024 18:10:40 GMT

POST
H3 202 v1
www.upwork.com/upi/metrics/rum/ 0
488 B 347ms
345ms Ping
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/upi/metrics/rum/v1

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/app.0e5035f9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: origin-when-cross-origin
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
vnd-eo-trace-id: 89442cc7decb3671-FRA
x-powered-by: Express
cf-ray: 89442cc7decb3671-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 68ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 15 Jun 2024 17:10:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1297, tbw=2815, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: o+YrW+HUblvaSPK15KM6nqzIrAfjV87d0+0SOvIhGD/P2WgZMPZhulbSqxB02ffZ7AANslXSK7ctSaXs3OiPnA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
91 KB 56ms
56ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-972598239&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7572X

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7444b402988d1cb93adc61d820671f5d88e0d723af0c734aaf5a7dd3e3ae82c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93439
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Jun 2024 17:10:40 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/972598239/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=223063109&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnB...
https://www.google.com/pagead/1p-conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=223063109&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIpaSv_oz...
https://www.google.de/pagead/1p-conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=223063109&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIpaSv_oze...

42 B
64 B

73ms
39ms

Image
image/gif

172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=223063109&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIpaSv_ozehgMVv_E7Ah0b9QSCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLeWAl0wKuoMJMw7pp9WQ62zVc0cfDPQ&random=1384773813&ipr=y

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 17:10:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Jun 2024 17:10:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=223063109&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIpaSv_ozehgMVv_E7Ah0b9QSCMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLeWAl0wKuoMJMw7pp9WQ62zVc0cfDPQ&random=1384773813&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc_imp.gif
obs.cityrobotflower.com/tracker/ 43 B
102 B 684ms
683ms Image
image/gif 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cityrobotflower.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126be6c332eb438e9d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d148d6a2217071a10acf9f29f671ad186800e293a49ac7c700cd4688a6ac600320525c501035932000ec5b76c4e77be26bb25cb43e2913bf05365ad5f2b7a1bda53ec44f497d5db3dbb2b05fb79caa8556d8e0e3143714493d60264f660b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7928677a0ddc05afb35cd0e6f2094f79fb6f12a93daf07785715b90ebc33e1947f0623dafc21764b88bf9708c52ad45bad719c04998c82e963034959a718d778cc0b6a69de5e71a2bf333a4feb875433eae8b27d4f401b95a5946901a44c09096c5d1f5c931c5259d99b99e35fc716b2287766685999e5c2a9da83deb07e0d315c539ef6d454845c13aff558d96f531f886789f5cc1a89c95278e191c3eb31e03503e112889ec73b341d3dc9723b5de3dbdd0629a83e3be25cfb1ed5875289afb5f0495f7055916ffe9e122fd65c4f856fdbe3cae6ef760e60f8d4189ec4593082df6b3807a2d69327076520949ee98d87ed810aa5752516ba4a645b49b1b05e2bbddbca065c2ede5e08ff8aff257463cfb459ab7596e8343791ad7635d7270f77baf761fdeeac1638a67cb248bab2cc5a40c997b0c213c037c139fc1f8da3c7b5698044495d3ddbdaccb53059ab7a17c96cf767bc4d10e216af192c54b22b02e99429e19e7238611ddc80fe5bc32e38795d498430ff3f26f26db22b487a2aa089d6b351e0193694754b1bd59f4e51688ccc3b757abf3fc686c3744ac21b946ef0ce6936384335d20463b757be65b8a85334be70bc8f2af54beb304ce7026dd74046a8df4c34e1fb725e78402db1930074bb43f2b83abd368d5535bd9c253dfd9a1a1f616d3270e7c52e06b3710dcc61e56d151fbec8369d6c1e60e416ef63b645978904401a2c0b14673c535288cc9954bc8c8a89b0c60a83ab804634ade0e7e2ec7da055d9996be83a0a019e239af72c7659ccd10ceede43968acd511d094bfaed6ac959e61009eec265692238055de0da3f621a8d3df8432a08cd6f9fa467888f3bfbd3a8126d40d45394b369d8233608d39a90898&cri=TnDazo7XEL&ts=731&cb=1718471440901
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Sat, 15 Jun 2024 17:10:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK d1b20117-7ac5-425b-a0c9-5a9759353577
https://www.upwork.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/d1b20117-7ac5-425b-a0c9-5a9759353577
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16895ad651a19bef68c6ae0239e7690c4cf3bb52722683a8772a9e650460afc6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/81522ed340604032ab2a34917fa8d957/ 20 B
358 B 115ms
115ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/81522ed340604032ab2a34917fa8d957/prop.json?_=1718471440906
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 15 Jun 2024 17:10:40 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
BLOB 200
OK 7676248a-4ceb-48cb-81d7-fe043dcaf8ab
https://www.upwork.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/7676248a-4ceb-48cb-81d7-fe043dcaf8ab
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37fc958b2ebdaebb7e95f5477a737b20623301a9ef26969bc962d7037cef59e2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/972598239/ 3 KB
2 KB 71ms
71ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/972598239/?random=1718471441012&cv=11&fst=1718471441012&bg=ffffff&guid=ON&async=1&gtm=45be46c0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fsompo%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=1602459754.1718471441&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972598239&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

c72f695acce09061cc1decc8622bd74cb0fe1569017130380e2cd5d18d40dcff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 17:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1660
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 463930381624031 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 288ms
287ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/463930381624031?v=2.9.158&r=stable&domain=www.upwork.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2b768cf6560dc10972a9db5a62452801ccecd8bbc6712470b55dda6459683e77

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 15 Jun 2024 17:10:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=56, mss=1297, tbw=63575, tp=-1, tpl=-1, uplat=258, ullat=0
pragma: public
x-fb-debug: vpEXsOh8yxhUCOH7pKsMjspCQ5c3zR31TRNROTVU1MS08lunix7ocG6SY80RHH9w6aaPcxn3ZoFCrrcrtyeSUQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/81522ed340604032ab2a34917fa8d957/ 20 B
358 B 118ms
117ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/81522ed340604032ab2a34917fa8d957/prop.json?_=1718471441143
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 15 Jun 2024 17:10:41 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H3

200

/
www.google.de/pagead/1p-conversion/972598239/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1613276410&cv=11&fst=1718471441012&bg=ffffff&guid=ON&async=1&gtm=45be46c0v894577659za200zb71021727&gcd=13l3l3l2l1&...
https://www.google.com/pagead/1p-conversion/972598239/?random=1613276410&cv=11&fst=1718471441012&bg=ffffff&guid=ON&async=1&gtm=45be46c0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&...
https://www.google.de/pagead/1p-conversion/972598239/?random=1613276410&cv=11&fst=1718471441012&bg=ffffff&guid=ON&async=1&gtm=45be46c0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&t...

42 B
64 B

70ms
38ms

Image
image/gif

172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/972598239/?random=1613276410&cv=11&fst=1718471441012&bg=ffffff&guid=ON&async=1&gtm=45be46c0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fsompo%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=1602459754.1718471441&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcjtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIr72z_ozehgMVqOg7Ah2YtgzkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLocvuTmbARmfZjf9Zo3BkNgM1DCGthQ&random=715359444&ipr=y

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 17:10:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Jun 2024 17:10:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/972598239/?random=1613276410&cv=11&fst=1718471441012&bg=ffffff&guid=ON&async=1&gtm=45be46c0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fsompo%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=1602459754.1718471441&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcjtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIr72z_ozehgMVqOg7Ah2YtgzkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLocvuTmbARmfZjf9Zo3BkNgM1DCGthQ&random=715359444&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 816554411748126 Show response
connect.facebook.net/signals/config/ 39 KB
7 KB 161ms
160ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/816554411748126?v=2.9.158&r=stable&domain=www.upwork.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C119%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

2f579fe81f367a99c534f2fe2e24009c5cd8a57a24360ced683923fa1fae23eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 15 Jun 2024 17:10:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4336, tp=9, tpl=0, uplat=138, ullat=0
pragma: public
x-fb-debug: FrguBczugy4KDBbeCc8Z8XWwx3ie2F6wPnyHRS+V/eg2KPgPunjrK86tW3UeWi2r00T5RBCRD3SaMetlcgQojg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 78ms
27ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fsompo%2F&rl=&if=false&ts=1718471441383&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718471441382.978149795782573202&ler=empty&cdl=API_unavailable&it=1718471441033&coo=false&rqm=GET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 15 Jun 2024 17:10:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 259ms
209ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fsompo%2F&rl=&if=false&ts=1718471441383&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718471441382.978149795782573202&ler=empty&cdl=API_unavailable&it=1718471441033&coo=false&rqm=FGET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0c17a0af9b971eed","source_keys":["1","2"]},{"key_piece":"0x3492a73150c86b53","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 15 Jun 2024 17:10:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7380778639816460959", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1297, tbw=3483, tp=-1, tpl=-1, uplat=185, ullat=0
pragma: no-cache
x-fb-debug: 3BMO5mY02pSgNHfcxYS4tscPsmc8/VVoVg3zea7FhPQeCq7WN+ATai+xiKimj0LpfIzLdGvyR8JLb20ErQhbcA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7380778639816460959"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 events
cdn3.forter.com/ 0
412 B 161ms
160ms Ping
text/plain 13.225.78.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-129.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 17:10:41 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: mArAncF3FuZMHg0qvZQRGEe_-nj7lC9turN0zQHPECj6Nw5Iv00jqQ==
expires: -1

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/4c4cc75a16ed/81522ed340604032ab2a34917fa8d957/ 20 B
439 B 115ms
115ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/81522ed340604032ab2a34917fa8d957/wpt.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 15 Jun 2024 17:10:41 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=10
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/4c4cc75a16ed/81522ed340604032ab2a34917fa8d957/ Frame 0
0 118ms
118ms Preflight 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/81522ed340604032ab2a34917fa8d957/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.upwork.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Sat, 15 Jun 2024 17:10:41 GMT
Keep-Alive: timeout=10
Vary: Access-Control-Request-Headers

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 24ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fsompo%2F&rl=&if=false&ts=1718471441552&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.1.1718471441382.978149795782573202&ler=empty&cdl=API_unavailable&it=1718471441033&coo=false&rqm=GET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1297, tbw=3212, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 15 Jun 2024 17:10:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1021 B 148ms
148ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fsompo%2F&rl=&if=false&ts=1718471441552&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.1.1718471441382.978149795782573202&ler=empty&cdl=API_unavailable&it=1718471441033&coo=false&rqm=FGET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0c17a0af9b971eed","source_keys":["1","2"]},{"key_piece":"0x3492a73150c86b53","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 15 Jun 2024 17:10:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7380778638801527863", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=6682, tp=-1, tpl=-1, uplat=124, ullat=0
pragma: no-cache
x-fb-debug: IjCreMQWrTfKXg+LQmkiNTmHmc8pYExkYConaebHHdV3t6q//4BDATk0TIGd6NHspldqlxyPMbTgAzkiq7EXIg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7380778638801527863"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 24ms
23ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=816554411748126&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fsompo%2F&rl=&if=false&ts=1718471441553&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718471441382.978149795782573202&ler=empty&cdl=API_unavailable&it=1718471441033&coo=false&rqm=GET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1297, tbw=3328, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 15 Jun 2024 17:10:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 152ms
151ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=816554411748126&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fsompo%2F&rl=&if=false&ts=1718471441553&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718471441382.978149795782573202&ler=empty&cdl=API_unavailable&it=1718471441033&coo=false&rqm=FGET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe678bf3f0e126bd9","source_keys":["1","2"]},{"key_piece":"0x5422f7c4751d6dc4","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 15 Jun 2024 17:10:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7380778638345181393", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=7725, tp=-1, tpl=-1, uplat=129, ullat=0
pragma: no-cache
x-fb-debug: AmgL+5MJvZK/SkmWoKe5faYVdcBPzXxIR9iJYYJkWAR97K8PlIc94KudKptIuu61B8v0/Af5lB4y58Ek65q7LA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7380778638345181393"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK prop.json
81522ed340604032ab2a34917fa8d957-4c4cc75a16ed.cdn.forter.com/ 2 B
622 B 379ms
122ms Ping
application/json 3.234.25.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://81522ed340604032ab2a34917fa8d957-4c4cc75a16ed.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.234.25.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-25-89.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 15 Jun 2024 17:10:42 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Sat, 15 Jun 2024 11:07:13 GMT
Server: Apache
ETag: "2-61aebbbfcccb0"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK dsG.js Show response
s3.amazonaws.com/ki.js/58403/ 296 B
657 B 381ms
160ms Script
application/ecmascript 54.231.160.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/ki.js/58403/dsG.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/sompo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.231.160.136 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1c00966671ef5851364396ecc6e2059b5f87ff3194f2bbae4e21228e7b72605e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 17:10:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 16:39:17 GMT
Server: AmazonS3
x-amz-request-id: 49T8AZ1KH7M4Q5PV
ETag: "2ece22ece4801274933c42bf99e7d009"
Content-Type: application/ecmascript
Cache-Control: s-maxage=3600, max-age=0
Accept-Ranges: bytes
Content-Length: 223
x-amz-id-2: 90RlBMyqToplVIY10pnR7ZcadThqKHRv8kBWdKcA2zvEkOyz+UG5lAaLz2hmOmlqxrFyNlrxSuI=

GET
H3 200 favicon.ico
www.upwork.com/ 15 KB
3 KB 110ms
109ms Other
image/vnd.microsoft.icon 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf8e29a940d47777eaf58ccd7837be2c39f4c81692434e05decf2f446081aeeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 347900
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 23 Jun 2022 09:09:39 GMT
server: cloudflare
vnd-eo-trace-id: 83f24b35372c15e7-SJC
etag: W/"914a93c870abba6895860df36e002f26"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=31536000
cf-ray: 89442ccf59e33671-FRA
expires: Sun, 15 Jun 2025 17:10:41 GMT

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
147 B 597ms
596ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Sat, 15 Jun 2024 17:10:42 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
16 B 594ms
593ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Sat, 15 Jun 2024 17:10:42 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 logo_small.gif
duuytoqss3gu4.cloudfront.net/ 48 B
280 B 126ms
24ms Image
image/gif 2600:9000:2250:e800:1d:9f28:ff00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duuytoqss3gu4.cloudfront.net/logo_small.gif?dfpadname=&check=1718471442712
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e800:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:42 GMT
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: 11k4BZ9ngS8CXNvRsKUr1PRdtsS9nCtPzyHXg2Q812ua62aKJw9ZmA==

GET
H2 200 logo_medium.gif
duuytoqss3gu4.cloudfront.net/ 48 B
279 B 129ms
28ms Image
image/gif 2600:9000:2250:e800:1d:9f28:ff00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duuytoqss3gu4.cloudfront.net/logo_medium.gif?check=1718471442712&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e800:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:42 GMT
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: DoutPgy1j7HnQZpt-3x96edQlibWli-BlFFc6R3axM4pDBQCObOoIg==

GET
H2 200 logo_large.gif
duuytoqss3gu4.cloudfront.net/ 48 B
281 B 131ms
30ms Image
image/gif 2600:9000:2250:e800:1d:9f28:ff00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duuytoqss3gu4.cloudfront.net/logo_large.gif?1718471442712&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e800:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:42 GMT
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: pxv7GnMD_UItj7ntEA2lELeL3QNve4WpUMKVByBdBgk2mazSGP9qCQ==

POST
H3 202 v1
www.upwork.com/upi/metrics/rum/ 0
686 B 226ms
225ms Ping
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/upi/metrics/rum/v1

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/app.0e5035f9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: origin-when-cross-origin
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
vnd-eo-trace-id: 89442cd51a6d3671-FRA
x-powered-by: Express
cf-ray: 89442cd51a6d3671-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
39 B 445ms
444ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Sat, 15 Jun 2024 17:10:44 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
39 B 392ms
392ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Sat, 15 Jun 2024 17:10:46 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H3 200 events
cdn3.forter.com/ 0
307 B 121ms
120ms Ping
text/plain 13.225.78.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

QUIC, , AES_128_GCM

Server

13.225.78.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-129.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 17:10:46 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: cWN9Ss39NYDdR9vI0yC2qHHTJIAxl9xi84Op6r4NgPjdeJifTvUFvQ==
expires: -1

POST
H3 202 v1
www.upwork.com/upi/metrics/rum/ 0
488 B 221ms
220ms Ping
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/upi/metrics/rum/v1

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/app.0e5035f9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json
Referer: https://www.upwork.com/ent/portal/sompo/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 17:10:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: origin-when-cross-origin
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
vnd-eo-trace-id: 89442cec2c313671-FRA
x-powered-by: Express
cf-ray: 89442cec2c313671-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.upwork.com/	1969-12-31 23:59:59	Name: _cfuvid Value: nNIBhlOVtCpqnPp9leFXbKP1e9J8zb3LXDfIG6kmcvo-1718471437963-0.0.1.1-604800000
.upwork.com/	1969-12-31 23:59:59	Name: visitor_id Value: 217.114.218.29.1718471438154000
.upwork.com/	1970-01-20 21:22:37	Name: visitor_gql_token Value: oauth2v2_ca434a395e4178ff8987fe15b94cc451
.upwork.com/	1969-12-31 23:59:59	Name: country_code Value: DE
www.upwork.com/	1969-12-31 23:59:59	Name: cookie_prefix Value:
www.upwork.com/	1969-12-31 23:59:59	Name: cookie_domain Value: .upwork.com
www.upwork.com/	1970-01-20 21:31:16	Name: __cflb Value: 02DiuEXPXZVk436fJfSVuuwDqLqkhavJagNEqL4vmcV3h
.upwork.com/	1970-01-21 06:06:47	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sat+Jun+15+2024+19%3A10%3A39+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202305.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=364d1c49-6860-4443-a1fd-ad302ed4f741&interactionCount=0&landingPath=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fsompo%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.upwork.com/	1970-01-21 01:40:23	Name: umq Value: 1600
.upwork.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: umzPRC6yGvCbMWltV6fKxjS79mwHguJX
mpsnare.iesnare.com/	1970-01-21 06:06:47	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: /S/dOwiXi5LCS3rt/6kkSPVYIoMC85kFEzKCnnALYt0=
.upwork.com/	1970-01-21 06:06:47	Name: cf_clearance Value: K7fG1mg5Ix8_1OJwqUbbRVVkFq_d7uNjREETO_PU1o8-1718471439-1.0.1.1-cfsg0vR6VgRDl9pgIwE2v9wxgat7eL_LAnWqN23W_tlw50mCOtlE70iWasqho3asfzErzvG8vqEUyoaz8rBi9Q
.static-upwork.com/	1970-01-20 21:21:13	Name: __cf_bm Value: XvGXlUzWGN6uclEzH7U.g4GrbPxXishsaiqlGnIlXKw-1718471439-1.0.1.1-mnxlp6OX22FozOCpWD9rR4LQ8Nh8xzOX_vOucMq.8SirlWMXe0BooJ0V7M_UAUcodKEkugO.fb1HhmJ1UAz8WA
.upwork.com/	1970-01-20 21:21:13	Name: _upw_ses.5831 Value: *
.upwork.com/	1970-01-20 23:32:35	Name: _cq_duid Value: 1.1718471440.6K92rehO3VDKkR03
.upwork.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1718471440.nT8ejQWLyr4eBUHv
.upwork.com/	1970-01-21 06:57:11	Name: _upw_id.5831 Value: b1411818-4e29-42c3-9016-2297b5f9bf18.1718471440.1.1718471440..bfef8800-61fc-4c4b-80e4-f400e8975c4f..55cef113-6df9-4e2d-93a1-38d0d37a89b7.1718471440126.7
.upwork.com/	1970-01-21 06:06:47	Name: spt Value: 6c542ee9-b10a-43d3-b1e2-3e490886982a
.upwork.com/	1970-01-20 21:21:15	Name: ftr_blst_1h Value: 1718471440377
first.iovation.com/	1970-01-21 06:06:47	Name: fp_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: +AtslHOZUhljRAfUYk27lPOWw7svrFtcaFehypVcgRg=
www.upwork.com/	1970-01-20 21:31:16	Name: AWSALB Value: oX8DirPlSSEj4ZgiflokKIf5DOSyFqqOtMqwFiXg+MzW4sJfl71wfcGl4issnUKzXqX/qhkdsQA4Y80bP9KLyRuLsuoqdYs/myIXumgPftM4HK+YBqQkT4V/pm0f
www.upwork.com/	1970-01-20 21:31:16	Name: AWSALBCORS Value: oX8DirPlSSEj4ZgiflokKIf5DOSyFqqOtMqwFiXg+MzW4sJfl71wfcGl4issnUKzXqX/qhkdsQA4Y80bP9KLyRuLsuoqdYs/myIXumgPftM4HK+YBqQkT4V/pm0f
.upwork.com/	1970-01-21 06:57:11	Name: forterToken Value: 81522ed340604032ab2a34917fa8d957_1718471439925__UDF43-m4_14ck
obs.cityrobotflower.com/	1970-01-21 05:25:01	Name: cg_uuid Value: cc59955bb478cce814206fc3674a3971
.upwork.com/	1970-01-20 23:30:47	Name: _gcl_au Value: 1.1.1602459754.1718471441
.doubleclick.net/	1970-01-20 21:21:12	Name: test_cookie Value: CheckForPermission
.upwork.com/	1970-01-20 23:30:47	Name: _fbp Value: fb.1.1718471441382.978149795782573202
www.upwork.com/	1969-12-31 23:59:59	Name: enabled_ff Value: JPAir3,!RMTAir3Hired,!RMTAir3Offer,!RMTAir3Home,CI11132Air2Dot75,TONB2256Air3Migration,!CI12577UniversalSearch,!SSINavUser,air2Dot76,!RMTAir3Offers,OTBnrOn,SSINavUserBpa,!i18nGA,CI17409DarkModeUI,i18nOn,!MP16400Air3Migration,!CI10857Air3Dot0,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations,!RMTAir3Talent,!air2Dot76Qt
.upwork.com/	1970-01-20 21:21:13	Name: __cf_bm Value: VHq5SifQJhEeVEt_NRz9qmxRHxRekU1ectz_WR2Bt.c-1718471442-1.0.1.1-NvJhfJvGcOM7mdxofM7LIAigSKPkm9eNhsKhfT_DZkgp7VatCi05fxMb3eBZ5yC5dd2a2daG0KxTQaohxXvnYQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	verbose	URL: blob:https://www.upwork.com/d1b20117-7ac5-425b-a0c9-5a9759353577(Line 1) Message: Error
network	error	Message: A bad HTTP response code (403) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	https://feedback.usabilla.com/
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c4cc75a16ed.cdn4.forter.com
81522ed340604032ab2a34917fa8d957-4c4cc75a16ed.cdn.forter.com
assets.static-upwork.com
cdn.cookielaw.org
cdn0.forter.com
cdn123.forter.com
cdn3.forter.com
cdn9.forter.com
connect.facebook.net
duuytoqss3gu4.cloudfront.net
first.iovation.com
geolocation.onetrust.com
googleads.g.doubleclick.net
mpsnare.iesnare.com
ob.cityrobotflower.com
obs.cityrobotflower.com
s3.amazonaws.com
sompo.upwork.com
upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com
w.usabilla.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.upwork.com
104.16.17.72
104.18.90.237
13.225.78.129
142.250.184.196
142.250.184.232
142.250.186.98
157.240.251.9
172.217.16.130
172.217.18.99
18.245.31.61
2600:1f18:e8a:cd06:e361:a2ce:b047:17c
2600:9000:2250:e800:1d:9f28:ff00:21
2600:9000:2359:1800:2:7cf7:d580:93a1
2600:9000:2644:1c00:f:1b37:e600:93a1
2600:9000:275b:5c00:e:d088:5c40:93a1
2606:4700:4400::6812:2089
2606:4700::6813:b134
2a00:1450:4001:831::2008
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.234.25.89
34.192.191.43
52.129.66.124
52.92.227.98
54.171.39.250
54.228.71.178
54.231.160.136
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0383b340aa656f750d594eeee08f1b2b5770b020de08f6a9b0a157b9f62fee89
08ee2ce16493a97b0f9c7c46570cf989757232ece682aaa921969c600a24eebb
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5
0df60163198d0100f1db18b35908e0932a1b5ab97c0c0bc9e88c9ef4696ac92b
0fb4bb552fcf97dcf9b12d78fd8a125d68c8e31e573f5debe29f7cc4bd3654a1
116341e758cd57fd6290deaa09cba71b0b4c2b49118222f830ed0479369c05da
16895ad651a19bef68c6ae0239e7690c4cf3bb52722683a8772a9e650460afc6
1b5276791d5fdd0e32dd9a07b1023115ff21fea8f2cb701804396f81bae9da55
1be6858b057ea929df34884956ef16ca5cfdf4f01d6410022095e4165acff68c
1c00966671ef5851364396ecc6e2059b5f87ff3194f2bbae4e21228e7b72605e
1c441b981fda3e107addae8e98379918bf5fc91853eb229245bccdbb1d2ad6c8
1e837eca11064539d74363456b3a205f2b0b27f381999b9b59c42263d91a14cb
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
215c760526a46bf27d4f7244c855c94f3c30b3639327d660c82eb49b9be72b72
24ae002d9a3a1abaec8d4e3c1302e7635b0abe3bb15a31abae549027c4d03274
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27c557391da7e4723af445651407dce1f66f7069aa554d51df97cfe75eb848a1
2889ddfb807b43af836d9c9d3d816ee8b702e24a93e07c19734572fd1f252bdb
2a50f921558dfe4d6638266f6f7c41dfa15a7ff9df2d4cc1b43fe7fb38fe0542
2b768cf6560dc10972a9db5a62452801ccecd8bbc6712470b55dda6459683e77
2f579fe81f367a99c534f2fe2e24009c5cd8a57a24360ced683923fa1fae23eb
31d274b93510b742cb3b453c56edaa03ec15348595499159452f62a039c03006
36b8ca6bb4bb17e2ce2455deb68e5379d85c761393ef788eec208165c1e83829
37fc958b2ebdaebb7e95f5477a737b20623301a9ef26969bc962d7037cef59e2
38dd0648ac17136f937137513011ec98225d70ab908033987eed02c671dd1580
3b45c6cd9209d6f0f4c59e7a3b7db80a0f642898d4728fef9252155a6d264427
3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a7211f3ec48a8322fe648f7a8b881b6516f9c1bc4198734a25659768b228f32
4aebf5e11b85a9ca6377b615fca84ca9c0db26ff5c81d59a985a864d5239926c
4d7b4e9996dbf6f168646ff68449ea1bc882989deefb7a5d4389684fc989c877
4fc81efa26797c9ba0f4c622dcc1fb438f4f6bdeef0e072545352c3c4ce4985e
553d3badc7c645be089ef70ca574890d8d6ea7ad8a9f4b71f66f35ead7ad9bb7
571e88386538309440861f725974c3bd1c593cb74f493ebba8ea3e59ac761d6c
58f720be65aa95ebbc3d080e9f7efecb76925a6dd54364ab9efd2fad655dd63e
5a4a16fa3036e271376d3ceeef56a5f49dff42ea2560c18099177be8d46fe076
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
5d9f202846692c12f9e571baa447330c611e180cfdeb3ecb6479a59913d1fb41
61ff31d236d04726bb9ad035b273ccf29484b7b7957afb3fd5ae17360c8ae887
6934d70efd6e83b536353799ac468ababe6d6352c27c156744bc605a3d1c3a1c
6deb8252dfd0cb3f2e2adf2bc9ebddc9251a1683534633d1fdd3f58d109f6527
724e80fc18a25fd67f9a3ea749a906c2467d1bf1b06dc190fb3e0f680cf8bc1c
7444b402988d1cb93adc61d820671f5d88e0d723af0c734aaf5a7dd3e3ae82c2
7bdfd46cdac7d6e9a54b7e63d8c43cce2a82269cc72c3a2cb471eab955240a5b
825265e880e41d25f1572eb13c759ce69b0e70af91993c41fec85a061b2728db
8a63c38aeb0e60c313307151337f73293e78b9d987411423ef0f7e008a80dbee
8bd5827040c44da02b5dd0e8a65a0c0b9f575e50bbef40bffeae45c5e7c38a3d
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
91f513a8559aa5882fa461f1a747dc1c870b29f1588ea76704817e7934763695
92dd6b57f96cdbd201ea941672aa4f9adcbe5cac987a0109c7404a722322db84
9587b91572aefc39a177038bad16f4e39e948e8ae9ceb58cd1e08aec32831202
965c2f6ab8a9bf139ab90bb61d3b04d76f6a53f020569057d5622aa5dc14da31
97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99e9bb7ddda8a0a021b30b88436de5758b84d575b7ea61f94a2232a54a53332a
9a132064ca587aaad8529b705c1b9d78a0d4575c5e735d7e2545ebcb052fd6ff
9c53efe1ae303545a95255a04a8ccc9ce1bfeb053600fdbe1dfeb5eb67030707
9c75d2586cc7861790afac380c3ed98e57c42886475e9bd8b91fe7353c565f32
a5819f69ba452021469f51c1f676e0b084f1a419a9a8b95d52b4a9792e2ee1dc
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ade4f2d60b9e27248a06abe820ddd0d3504b2575a0ed2888bc5b25bc460f3140
b04c3befc69593d33bb96cb16af0662cc9195e93fca92bab9c9b6bc9f95d29a0
b357e7978dda3b6d62947687eb3e83ca11e32f328ad65eefc56b986a67ddff1a
bc4c8be620adcda694c23b3a8c88a0c6b575d3387353c793c8153252beb0f7c8
bce9760e9f47ae9c4135502997f443cf5f3cdecc6734bb39f1e3a3c2c5ddbdb6
bf8e29a940d47777eaf58ccd7837be2c39f4c81692434e05decf2f446081aeeb
c72f695acce09061cc1decc8622bd74cb0fe1569017130380e2cd5d18d40dcff
c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d28d6068712685f27f00d5a66d34773e886ed42339fca1a0dd6d642344898739
df91b64a90951856176812d4cd7753823fc6fd7d795ae29a1f205777892e7263
e0a6f1d21ce58a788893c332bcf25e3cb1699cd6e7236dca66efad438fd61c92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ddc5791631b0b44abb81d8450d80b65ef74d17d5b790dc54e22d0956129a25
e66845d7ac7cacb62e3cf8282610af8a8789c5886a92d89869a00b2c399ed847
e6fde27822130e4f4b884c60fa1125f0841883a1dbbbd7ece8dc1c49c781d101
eacf2af43ae2529b027ba4d4d8704df19dd9473c6b2050376a24c0f2112dab0b
ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7be6c99644d8250736cdef74476044c13f35c29096c151e1104260156a630e
f0e1409a962274db1a3f127a88bf56448c2204e5cc515103700b827fbed8b205
f321f18e92ae0e746ace9b37e81f0d47421415201a1784fb48321f4c31617823
fc90e3d3253bf3ce7c838b5af803bfabc79e239daca6e9d8780375bba2fd183a
fe257ddd8219a79fda741b4cb6dd900d172acd25cb1f8fc6840fc3f23322b532
ff44fe237fb9ca964a5e4e80cdeccf6a1ddab7e161b6e35144f5941e116de9d3

www.upwork.com Open in urlscan Pro 104.18.90.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

89 %HTTPS

37 %IPv6

18 Domains

26 Subdomains

26 IPs

4 Countries

1540 kBTransfer

4820 kBSize

29 Cookies

11 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.upwork.com Open in urlscan Pro
104.18.90.237 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

89 %
HTTPS

37 %
IPv6

18
Domains

26
Subdomains

26
IPs

4
Countries

1540 kB
Transfer

4820 kB
Size

29
Cookies

114 HTTP transactions
0 data transactions