www.upwork.com Open in urlscan Pro
104.18.90.237 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.upwork.com/nx/signup/?dest=home
Submission: On August 11 via manual (August 11th 2023, 5:03:53 pm UTC) from PH — Scanned from DE

Summary HTTP 115 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 22 domains to perform 115 HTTP transactions. The main IP is 104.18.90.237, located in and belongs to CLOUDFLARENET, US. The main domain is www.upwork.com. The Cisco Umbrella rank of the primary domain is 45194.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 24th 2023. Valid for: a year.

This is the only time www.upwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 41	104.18.90.237 104.18.90.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6812:aa72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1d26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	52.129.66.124 52.129.66.124	15301 (IOVATION) (IOVATION)
4	54.195.39.4 54.195.39.4	16509 (AMAZON-02) (AMAZON-02)
1	63.34.190.153 63.34.190.153	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.90 99.86.4.90	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:4600:2:7cf7:d580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a3a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:1f18:e8a... 2600:1f18:e8a:cd06:e361:a2ce:b047:17c	14618 (AMAZON-AES) (AMAZON-AES)
1	99.86.91.12 99.86.91.12	16509 (AMAZON-02) (AMAZON-02)
1 2	18.66.26.24 18.66.26.24	16509 (AMAZON-02) (AMAZON-02)
5	34.192.191.43 34.192.191.43	14618 (AMAZON-AES) (AMAZON-AES)
3	44.215.44.167 44.215.44.167	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1 2	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
5	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	52.222.206.22 52.222.206.22	16509 (AMAZON-02) (AMAZON-02)
1	54.81.184.157 54.81.184.157	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:225... 2600:9000:2251:cc00:7:bffe:c3c0:21	16509 (AMAZON-02) (AMAZON-02)
115	32

41 104.18.90.237 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.129.66.124 (United States)

ASN15301 (IOVATION, US)

first.iovation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.195.39.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.190.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-190-153.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-90.fra6.r.cloudfront.net

4c4cc75a16ed.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:4600:2:7cf7:d580:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.cityrobotflower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a3a4 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.static-upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:e8a:cd06:e361:a2ce:b047:17c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cityrobotflower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.91.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-12.cdg50.r.cloudfront.net

cdn123.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.26.24 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-26-24.vie50.r.cloudfront.net

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.192.191.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-191-43.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.215.44.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-44-167.compute-1.amazonaws.com

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

9982405.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-22.fra56.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.184.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-184-157.compute-1.amazonaws.com

15151255d263463886982dacc468df05-4c4cc75a16ed.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:cc00:7:bffe:c3c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3nocrch4qti4v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	upwork.com 3 redirects www.upwork.com — Cisco Umbrella Rank: 45194	745 KB
13	forter.com 1 redirects 4c4cc75a16ed.cdn4.forter.com — Cisco Umbrella Rank: 89765 cdn123.forter.com — Cisco Umbrella Rank: 25806 cdn9.forter.com — Cisco Umbrella Rank: 4538 cdn0.forter.com — Cisco Umbrella Rank: 4528 cdn3.forter.com — Cisco Umbrella Rank: 4165 15151255d263463886982dacc468df05-4c4cc75a16ed.cdn.forter.com	202 KB
7	cityrobotflower.com ob.cityrobotflower.com — Cisco Umbrella Rank: 95582 obs.cityrobotflower.com — Cisco Umbrella Rank: 67253	38 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 377	140 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	280 B
5	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 114 9982405.fls.doubleclick.net — Cisco Umbrella Rank: 99726 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	4 KB
4	cloudfront.net d6tizftlrpuof.cloudfront.net d3nocrch4qti4v.cloudfront.net	3 KB
4	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 5606	22 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 116	987 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	335 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 374	13 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	244 KB
3	iovation.com first.iovation.com — Cisco Umbrella Rank: 70969	20 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5933	626 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	21 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1486	637 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 150	2 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1335	8 KB
1	static-upwork.com assets.static-upwork.com — Cisco Umbrella Rank: 89556	1 KB
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 4413	13 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 641	304 B
0	Failed function sub() { [native code] }. Failed
115	22

	Domain	Requested by
41	www.upwork.com	3 redirects www.upwork.com
7	cdn.cookielaw.org	www.upwork.com cdn.cookielaw.org
6	obs.cityrobotflower.com	ob.cityrobotflower.com www.upwork.com
5	www.facebook.com	www.upwork.com
5	cdn0.forter.com
4	mpsnare.iesnare.com	www.upwork.com mpsnare.iesnare.com
4	www.googletagmanager.com	www.upwork.com ob.cityrobotflower.com www.googletagmanager.com
3	d3nocrch4qti4v.cloudfront.net
3	bat.bing.com	www.upwork.com bat.bing.com
3	connect.facebook.net	ob.cityrobotflower.com connect.facebook.net
3	cdn3.forter.com
3	first.iovation.com	www.upwork.com
3	www.google.de	www.upwork.com
3	www.google.com	1 redirects www.upwork.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	9982405.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	cdn9.forter.com	1 redirects www.upwork.com
2	www.google-analytics.com	www.upwork.com www.google-analytics.com
1	15151255d263463886982dacc468df05-4c4cc75a16ed.cdn.forter.com
1	d6tizftlrpuof.cloudfront.net	www.upwork.com
1	adservice.google.com	9982405.fls.doubleclick.net
1	alb.reddit.com	www.upwork.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.redditstatic.com	www.upwork.com
1	cdn123.forter.com
1	assets.static-upwork.com	www.googletagmanager.com
1	ob.cityrobotflower.com	www.googletagmanager.com
1	4c4cc75a16ed.cdn4.forter.com	www.upwork.com
1	w.usabilla.com	www.upwork.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	stats.g.doubleclick.net	www.google-analytics.com
0	mlomiejdfkolichcflejclcbmpeaniij Failed
0	ihcjicgdanjaechkgeegckofjjedodee Failed
0	gighmmpiobklfepjocnamgkkbiglidom Failed
115	34

This site contains no links.

Subject Issuer	Validity	Valid
*.upwork.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-24` - `2024-05-03`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2023-05-01` - `2024-05-29`	a year	crt.sh
w.usabilla.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-09`	a year	crt.sh
*.cdn4.forter.com GeoTrust RSA CA 2018	`2022-12-08` - `2024-01-08`	a year	crt.sh
*.cityrobotflower.com Amazon RSA 2048 M02	`2023-07-17` - `2024-08-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-12` - `2024-05-11`	a year	crt.sh
cdn123.forter.com Amazon RSA 2048 M01	`2023-05-11` - `2024-06-08`	a year	crt.sh
cdn0.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-22`	a year	crt.sh
cdn3.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-21` - `2023-08-19`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-12` - `2023-10-08`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.cdn.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-22`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.upwork.com/nx/signup/?dest=home
Frame ID: 7A8175311BEDB026ED9920799485C5B0
Requests: 101 HTTP requests in this frame

Frame: https://w.usabilla.com/202452b9c34b.js?lv=1
Frame ID: 2A66E30DC380DA2FBB0BF1B5D948D7BE
Requests: 1 HTTP requests in this frame

Frame: https://bat.bing.com/bat.js
Frame ID: 2B81DA9E89B7F18E8EFEEB2485E4DAD4
Requests: 6 HTTP requests in this frame

Frame: https://9982405.fls.doubleclick.net/activityi;dc_pre=CJnLwZGL1YADFQ0KaAgdl8wG3Q;src=9982405;type=conve0;cat=cheqi0;ord=6109920199354;auiddc=1373361390.1691773427;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome
Frame ID: 6CF5338A61634205A602C90E38F09BF3
Requests: 2 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
Frame ID: 93146242FE2FE7C02A21E29D2F21BE99
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://gighmmpiobklfepjocnamgkkbiglidom/icons/icon24.png
Frame ID: 80B291F9F49909BEE2C0A3BDE3BD99B8
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/assets/close-icon.svg
Frame ID: 3D3127FF68CF3432316223AD7ED83B1C
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://mlomiejdfkolichcflejclcbmpeaniij/app/images/icon16.png
Frame ID: 1412A1A3F917F3F3DAFD439C06762409
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Create an Account - Upwork

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

115
Requests

89 %
HTTPS

55 %
IPv6

22
Domains

34
Subdomains

32
IPs

6
Countries

1810 kB
Transfer

6244 kB
Size

34
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Request Chain 47

https://www.upwork.com/iojs/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Request Chain 57

https://www.upwork.com/iojs/5.7.0/logo.js HTTP 301
https://first.iovation.com/5.7.0/logo.js

Request Chain 60

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/7fba5b9e3d48297e6926b41918a805b7f8b597032cdc1736ebe26757eb92c211ac7f4bc7621050e4ddf24ed4a178

Request Chain 76

https://9982405.fls.doubleclick.net/activityi;src=9982405;type=conve0;cat=cheqi0;ord=6109920199354;auiddc=1373361390.1691773427;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome HTTP 302
https://9982405.fls.doubleclick.net/activityi;dc_pre=CJnLwZGL1YADFQ0KaAgdl8wG3Q;src=9982405;type=conve0;cat=cheqi0;ord=6109920199354;auiddc=1373361390.1691773427;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome

Request Chain 87

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1883768060&cv=11&fst=1691773427389&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Create%20an%20Account%20-%20Upwork&gtm_ee=1&auid=1373361390.1691773427&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=82nWZJmYHcmN7_UP06yFwA4&sscte=1&crd=&pscrd=Ek9DaEVJOExqWHBnWVFpLTdmNWJiMXFhLTdBUkltQU0tYXdSamM3TUFrTV8wVExoU0F3dWxkcDRFWVRNSXYzMEYxYUptV1M4cnlNUEVhUm9zGlhDaEFJOExqWHBnWVF0Y241NGF2ZmtzRWFFaTRBcHZWZnVHdU5MeDZ0WWM1Z3dLekJvWjdXcXUwZC1HU0wweDRaaExaWGpsRGpFMWM1cE9ibzNrd2wzM3hJIhMI2d29kYvVgAMVyca7CB1TVgHo HTTP 302
https://www.google.com/pagead/1p-conversion/972598239/?random=1883768060&cv=11&fst=1691773427389&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Create%20an%20Account%20-%20Upwork&gtm_ee=1&auid=1373361390.1691773427&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExqWHBnWVFpLTdmNWJiMXFhLTdBUkltQU0tYXdSamM3TUFrTV8wVExoU0F3dWxkcDRFWVRNSXYzMEYxYUptV1M4cnlNUEVhUm9zGlhDaEFJOExqWHBnWVF0Y241NGF2ZmtzRWFFaTRBcHZWZnVHdU5MeDZ0WWM1Z3dLekJvWjdXcXUwZC1HU0wweDRaaExaWGpsRGpFMWM1cE9ibzNrd2wzM3hJIhMI2d29kYvVgAMVyca7CB1TVgHo&is_vtc=1&ocp_id=82nWZJmYHcmN7_UP06yFwA4&cid=CAQSKQBpAlJWzzrtQ8228fdAy-xkqlFvDa582elNeB5wKi19xPMEnsIbWnKv&random=3675434530 HTTP 302
https://www.google.de/pagead/1p-conversion/972598239/?random=1883768060&cv=11&fst=1691773427389&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Create%20an%20Account%20-%20Upwork&gtm_ee=1&auid=1373361390.1691773427&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExqWHBnWVFpLTdmNWJiMXFhLTdBUkltQU0tYXdSamM3TUFrTV8wVExoU0F3dWxkcDRFWVRNSXYzMEYxYUptV1M4cnlNUEVhUm9zGlhDaEFJOExqWHBnWVF0Y241NGF2ZmtzRWFFaTRBcHZWZnVHdU5MeDZ0WWM1Z3dLekJvWjdXcXUwZC1HU0wweDRaaExaWGpsRGpFMWM1cE9ibzNrd2wzM3hJIhMI2d29kYvVgAMVyca7CB1TVgHo&is_vtc=1&ocp_id=82nWZJmYHcmN7_UP06yFwA4&cid=CAQSKQBpAlJWzzrtQ8228fdAy-xkqlFvDa582elNeB5wKi19xPMEnsIbWnKv&random=3675434530&ipr=y

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.upwork.com/nx/signup/ 202 KB
50 KB 417ms
355ms Document
text/html 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03a9b1ae4b7fa3e167857679ca4bea4dae608ee8851da817a2578f0c8d5fe469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f520dc738eb3636-FRA
content-encoding: br
content-security-policy-report-only: report-to csp-endpoint
content-type: text/html; charset=utf-8
date: Fri, 11 Aug 2023 17:03:46 GMT
referrer-policy: origin-when-cross-origin
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
server: cloudflare
server-timing: api;dur=83, app;dur=112
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
vnd-eo-trace-id: 7f520dc765be3636-FRA
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 neue-montreal-regular.woff2
www.upwork.com/static/fonts-global/4.0.1/ 23 KB
24 KB 48ms
45ms Font
font/woff2 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/fonts-global/4.0.1/neue-montreal-regular.woff2

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f11a5008f6b38a19dbdc4839557c62ce408d84885dc3e2e4eab7ba8bcdecd96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
Origin: https://www.upwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16542822
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 23912
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 09 Aug 2021 13:27:41 GMT
server: cloudflare
vnd-eo-trace-id: 7425b59c8a19a4f0-SJC
etag: "2e9d05ced4fddb6c67f1be57161a2668"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7f520dc98cbf3636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 neue-montreal-medium.woff2
www.upwork.com/static/fonts-global/4.0.1/ 25 KB
25 KB 70ms
66ms Font
font/woff2 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/fonts-global/4.0.1/neue-montreal-medium.woff2

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8392acacde68221a87fcd55491814d4b23cb35bc0c446b4814bd3617e7f1e276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
Origin: https://www.upwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16542822
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 25348
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 09 Aug 2021 13:27:41 GMT
server: cloudflare
vnd-eo-trace-id: 7425b59c9a48a4f0-SJC
etag: "f0728e66b926fbcc5376a1d55222e3a7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7f520dc98cca3636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 rza-regular.woff2
www.upwork.com/static/fonts-global/4.0.1/ 62 KB
63 KB 55ms
51ms Font
font/woff2 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/fonts-global/4.0.1/rza-regular.woff2

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e0fad370e50e89b4c84738050440070d6a9723aca47f1f6070b02ce21d22ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
Origin: https://www.upwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16542822
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 63800
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 09 Aug 2021 13:27:41 GMT
server: cloudflare
vnd-eo-trace-id: 742ea1e99c94c8fc-SEA
etag: "4c125a0993ca325b5cc5056afbdd58c7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7f520dc98ccf3636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 vue.runtime.2.6.12.min.js Show response
www.upwork.com/static/vue-libs/ 63 KB
24 KB 51ms
47ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vue.runtime.2.6.12.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be56f48eaba7008cd7b117d682e988d01217e87d9e99945b9027d05e4a8475bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 16542222
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 15 Dec 2021 09:34:11 GMT
server: cloudflare
vnd-eo-trace-id: 6f29ae6e3a77d3e7-SJC
etag: W/"e015490e6f946e556d466b835d529e25"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f520dc98cd23636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 vuex.3.6.2.min.js Show response
www.upwork.com/static/vue-libs/ 12 KB
4 KB 69ms
65ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vuex.3.6.2.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 16542927
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 15 Dec 2021 09:34:11 GMT
server: cloudflare
vnd-eo-trace-id: 6f29ae611bcdc928-SJC
etag: W/"9190541d2b0b2827d8f9a2b436ffdc3f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f520dc98cd53636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 vue-i18n.8.27.2.min.js Show response
www.upwork.com/static/vue-libs/ 27 KB
9 KB 69ms
65ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vue-i18n.8.27.2.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b85d251e335fc3bb8112d94ccb65c3d7bff639ade8ebb0b075ab0632c754729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 6229972
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 26 May 2023 16:21:55 GMT
server: cloudflare
vnd-eo-trace-id: 7cff61d419a629f2-SJC
etag: W/"1aae83b1a1aaf8143b94f0c89990574c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f520dc98cd73636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 runtime.212b5dca.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/ 59 KB
18 KB 71ms
67ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/runtime.212b5dca.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c7257d5dfe99e9bdbcba104866f42bf558c3d7b33e9bd13b602519ebfb5d8bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80417
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a608ad567020d-SJC
etag: W/"ea8c-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc98cda3636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 commons~app.1b573bda.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/ 173 KB
45 KB 76ms
72ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/commons~app.1b573bda.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28653b1ab9b6fe9e97f8803a991ace75146c67785a25b76a05ab2f11ba293db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80417
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a605cb28734b5-SJC
etag: W/"2b2da-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc98cdd3636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 styles~app.118d3f87.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/ 147 KB
23 KB 76ms
73ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~app.118d3f87.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6349f53683ee6158bb1e57e7018e43a68af50395d4f7fb562b68a4a93140db1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80417
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a608b0589020d-SJC
etag: W/"24d23-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc98ce03636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 app.689e0e11.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/ 2 MB
342 KB 117ms
114ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/app.689e0e11.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd24096665d3e547a9d541378c63fcbdc3267166703f03f1a761df6563c3932a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80417
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a603105bd61e2-SJC
etag: W/"189ca1-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc98ce33636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 index.0e5edb4e.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/pages/ 319 KB
55 KB 84ms
81ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/pages/index.0e5edb4e.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcb502c2f586e24fdec4571bd1e4f7f7a0daf0df388a1a7140b2668558494ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80417
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a60923151020d-SJC
etag: W/"4fb9e-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc9ad223636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 please-v~8070a817.c9d2a061.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~PreJobPostNotice-L2EFr~clob-registration-form~pages/ee/see-catalog~pages/index~pages/ 6 KB
2 KB 83ms
80ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~PreJobPostNotice-L2EFr~clob-registration-form~pages/ee/see-catalog~pages/index~pages/please-v~8070a817.c9d2a061.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e4f367dd0bc69022ec0eba167e432c0948199cb1ba0a74c478a5de87847418c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80417
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a603115c161e2-SJC
etag: W/"162b-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc9ad243636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 styles~PreJobPostModalContainer-PbIBG~PreJobPostV2-LQtmS~checkbox-iDTIr~clob-registration-form~dropd~32b6e93e.a370bddb.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/ 17 KB
2 KB 90ms
87ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~PreJobPostModalContainer-PbIBG~PreJobPostV2-LQtmS~checkbox-iDTIr~clob-registration-form~dropd~32b6e93e.a370bddb.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f38a957941217d4bcea3e410c2868f4f08732f84effc2f3d0df03fbbed042b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80417
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a61b646897e71-SJC
etag: W/"42e3-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc9ad253636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 c~bf4a8ded.a1eb38f1.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~PreJobPostModalContainer-PbIBG~PreJobPostV2-LQtmS~clob-registration-form~pages/company-size/ 1 KB
905 B 90ms
87ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~PreJobPostModalContainer-PbIBG~PreJobPostV2-LQtmS~clob-registration-form~pages/company-size/c~bf4a8ded.a1eb38f1.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

652d5292f001d89ab34709e9df7d50055dbf47fef34df630dba77f9a4f2b4004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80417
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a60f7b0c3d059-SJC
etag: W/"5c2-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc9ad273636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 ~4bf13c3d.b24bfbc9.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~PreJobPostModalContainer-PbIBG~PreJobPostV2-LQtmS~clob-registration-form~dropdown-menu~pages/ 3 KB
1 KB 84ms
81ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~PreJobPostModalContainer-PbIBG~PreJobPostV2-LQtmS~clob-registration-form~dropdown-menu~pages/~4bf13c3d.b24bfbc9.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4319bcfce65c20e24926487873996ad3f273d5fc57552967f3ae58da3690f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80417
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a60f7c0c6d059-SJC
etag: W/"c2f-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc9ad2a3636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 index~pa~37142081.5b521fed.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~clob-registration-form~pages/ee/see-catalog~pages/ee/see-talent~pages/ee/start~pages/ 2 KB
917 B 82ms
79ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~clob-registration-form~pages/ee/see-catalog~pages/ee/see-talent~pages/ee/start~pages/index~pa~37142081.5b521fed.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59acd2753eb417bad7ea798f0215b7771c3d47abb16dea16883f0cabce9f4cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80417
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a60f01679c477-SJC
etag: W/"742-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc9ad2b3636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 ~d546961c.cf705fad.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~illustration-g0ZkW~pages/access-blocked/index~pages/ee/see-catalog~pages/ee/see-talent~pages/ 1 KB
805 B 83ms
80ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~illustration-g0ZkW~pages/access-blocked/index~pages/ee/see-catalog~pages/ee/see-talent~pages/~d546961c.cf705fad.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a063c3b5d55e044db7df9a67af332df00ba2ccddd50e398f8e708c269dd86dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80417
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a60f0167cc477-SJC
etag: W/"5af-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc9ad2e3636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 ~989bba9f.35571385.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~clob-registration-form~dropdown-2D7kz~pages/index~pages/registration-modal-tests/index~pages/ 6 KB
2 KB 89ms
87ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~clob-registration-form~dropdown-2D7kz~pages/index~pages/registration-modal-tests/index~pages/~989bba9f.35571385.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86e0a220c696b59fc4842e76c209c3822d507f0acfb63a6033f036281871053b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80417
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a608bc5ee020d-SJC
etag: W/"1666-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc9ad2f3636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 ~7efdc0c6.30d7f56b.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~PreJobPostModalContainer-PbIBG~PreJobPostV2-LQtmS~pages/company-size/index~pages/index~pages/ 6 KB
2 KB 90ms
88ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~PreJobPostModalContainer-PbIBG~PreJobPostV2-LQtmS~pages/company-size/index~pages/index~pages/~7efdc0c6.30d7f56b.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a816f7b7ecdf8c93816331cf41ac7102d326149572b45d47b670fac50b50ac4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80417
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a609a351e020d-SJC
etag: W/"1756-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc9ad303636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 index.ac4cee67.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~pages/ 1 KB
680 B 84ms
81ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/styles~pages/index.ac4cee67.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0db350cff47a741cf1e0c07a9a8dc78b242272153ea8f23ed534868714d46fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80417
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a5ff9a30c4046-SJC
etag: W/"433-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc9ad313636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 hire-and-evaluate-s1y0d.7214f27c.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/ 15 KB
3 KB 83ms
81ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/hire-and-evaluate-s1y0d.7214f27c.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43afe04a9adacaa5ba2842a4c795de14cbfd890d096ae51a0a445240f2aea4aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 640758
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 04 Aug 2023 06:49:04 GMT
server: cloudflare
vnd-eo-trace-id: 7f14f0a0b4e99d46-SJC
etag: W/"3bb7-189bf4e8f00"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc9ad323636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 proposal-one-DaN0U.f40a7205.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/ 9 KB
3 KB 90ms
88ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/proposal-one-DaN0U.f40a7205.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf03a3d12f8121b459e562a52bfdb86ca836c5d3c463fc1dd5fc0e6b6aee72bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 640758
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 04 Aug 2023 06:49:04 GMT
server: cloudflare
vnd-eo-trace-id: 7f14f01213bfc545-SJC
etag: W/"2487-189bf4e8f00"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dc9ad333636-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 77ms
31ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 17:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: X1C0PY0lSDg1JSpsyFxfYA==
age: 77698
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6837
x-ms-lease-status: unlocked
last-modified: Wed, 09 Aug 2023 06:37:54 GMT
server: cloudflare
etag: 0x8DB98A3296B6A19
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5c9da7cf-b01e-0077-07fa-caec17000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f520dc9ff421d8e-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 11 Aug 2023 15:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4443
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 11 Aug 2023 17:49:43 GMT

GET
H2 200 beb279fb-8702-46ec-a677-6f14e3828966.json Show response
cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/ 4 KB
2 KB 90ms
44ms XHR
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/beb279fb-8702-46ec-a677-6f14e3828966.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f5616fe9643b8bdd0bc262f841e1a4aee2511ad0c18b15ca9c30b4054534a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 17:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7956
content-md5: OXAm5fEvYhaIQZUG2gRXYA==
content-length: 1687
x-ms-lease-status: unlocked
last-modified: Mon, 03 Jul 2023 14:47:00 GMT
server: cloudflare
etag: 0x8DB7BD45B889B8E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f9000553-201e-004a-4abd-ade881000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f520dca8b829125-FRA
expires: Sat, 12 Aug 2023 17:03:46 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 28ms
28ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=78107507&t=pageview&_s=1&dl=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&ul=en-us&de=UTF-8&dt=Create%20an%20Account%20-%20Upwork&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2095843045&gjid=1702564666&cid=920246322.1691773426&tid=UA-62227314-1&_gid=200624451.1691773426&_r=1&_slc=1&z=571646212

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 17:03:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 87ms
28ms XHR
text/plain 2a00:1450:400c:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-62227314-1&cid=920246322.1691773426&jid=2095843045&gjid=1702564666&_gid=200624451.1691773426&_u=IEBAAEAAAAAAACAAI~&z=629829496

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 11 Aug 2023 17:03:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 workbox-window.prod.es5-eZxxJ.e03537e2.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/ 6 KB
3 KB 75ms
75ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/workbox-window.prod.es5-eZxxJ.e03537e2.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/runtime.212b5dca.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acc9f5350986947bbc0cfae4764907c534701ed02ab59aa1131dcfe7d1b47fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80403
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a6117b2e66283-SJC
etag: W/"1647-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dcabac2915c-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H3 200 loader_only.js Show response
www.upwork.com/static/iovation/5.2.2/ 4 KB
2 KB 51ms
51ms Script
application/x-javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/iovation/5.2.2/loader_only.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/app.689e0e11.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 6857
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 27 Jul 2021 10:37:17 GMT
server: cloudflare
vnd-eo-trace-id: 7ba171242b7d15a4-SJC
etag: W/"8422458b55fbda403437065dd5557abf"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7f520dcacb16915c-FRA
x-amz-meta-last-modified: 1593693054000
expires: Fri, 11 Aug 2023 21:03:46 GMT

GET
H3 200 loader.nuxt.js Show response
www.upwork.com/nx/suit2/ 1 KB
1 KB 316ms
316ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/suit2/loader.nuxt.js?t=1691773426416

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/app.689e0e11.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5689956d22df09be972afc553aa17ce3b8b6f19568efce19d892a817a3890088

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-to csp-endpoint, report-to csp-endpoint
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 10:08:39 GMT
server: cloudflare
vnd-eo-trace-id: 7f520dcb2b98915c-SJC
etag: W/"9142ef1defbae92d2b50251c450eef2b"
x-frame-options: SAMEORIGIN
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}, {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 7f520dcb2b98915c-FRA
expires: Fri, 11 Aug 2023 21:03:46 GMT

POST
H3 202 psmetrics
www.upwork.com/upi/ 25 B
514 B 232ms
232ms Ping
text/html 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/upi/psmetrics

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/app.689e0e11.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

86b54313a0e50541ddf8d31208d59dbc3ff8e193b82d18b2bced19a6a85f675c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: origin-when-cross-origin
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
vnd-eo-trace-id: 7f520dcb2b99915c-FRA
x-powered-by: Express
etag: W/"19-S1EsuAtdTdtkjGJWTLFLKUdoXrc"
content-type: text/html; charset=utf-8
cf-ray: 7f520dcb2b99915c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 490 KB
117 KB 118ms
68ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/app.689e0e11.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76a16f61a15a3a76e468a521423c21b932c5c4db53f88489978a065aa1637043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119512
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Aug 2023 17:03:46 GMT

POST
H3 200 v1 Show response
www.upwork.com/api/graphql/ 110 B
802 B 298ms
298ms Fetch
application/x-thrift+json 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/api/graphql/v1

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/app.689e0e11.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af96b325fb4eff58553edf8924fdc4368c83ff3be39d5d21904db9d1b4e9c770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
vnd-eo-trace-id: 7f520dc765be3636-FRA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Authorization: Bearer oauth2v2_16c04666253272f9e44a8c4ae249a383
sec-ch-viewport-width: 1600
Content-Type: application/json
X-Upwork-Accept-Language: en-US
Referer: https://www.upwork.com/nx/signup/?dest=home
vnd-eo-parent-span-id: 97de39a0-7739-402d-98e7-7ac86e6d095b
vnd-eo-span-id: a4ffdb77-0c66-415b-b24c-3317b5e9f374

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
vnd.eo.parent-span-id: 7f520dcb7be8915c-FRA
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
vnd.eo.request-id: 698f0eb8-51f1-4557-81e2-ccfb6046687b
cf-cache-status: DYNAMIC
vnd.eo.span-id: 1dac9ae6-d53c-49ed-96a7-ba6af7f37829
vnd.odesk.request-id: 698f0eb8-51f1-4557-81e2-ccfb6046687b
vnd-eo-prana-client-receive: 2023-08-11T17:03:46.663Z
vnd-eo-parent-span-id: 7f520dcb7be8915c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 110
vnd-eo-span-id: 1dac9ae6-d53c-49ed-96a7-ba6af7f37829
x-upwork-target-status: true
x-xss-protection: 1; mode=block
vnd-eo-server-ss: 2023-08-11T17:03:46.662Z
referrer-policy: origin-when-cross-origin
server: cloudflare
vnd-eo-trace-id: 7f520dcb7be8915c-FRA, 7f520dcb7be8915c-FRA
vary: Origin
content-type: application/x-thrift+json
access-control-allow-origin: https://www.upwork.com
access-control-expose-headers: vnd-eo-trace-id
access-control-allow-credentials: true
vnd-eo-server-sr: 2023-08-11T17:03:46.595Z
cf-ray: 7f520dcb7be8915c-FRA
vnd.eo.trace-id: 7f520dcb7be8915c-FRA

POST
H3 200 v1 Show response
www.upwork.com/api/graphql/ 56 B
745 B 276ms
276ms Fetch
application/x-thrift+json 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/api/graphql/v1

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/app.689e0e11.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2584d2b2839d3a1c894bc5aba458bff979aebe16a68b622087eae9273672ac17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
vnd-eo-trace-id: 7f520dc765be3636-FRA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Authorization: Bearer oauth2v2_16c04666253272f9e44a8c4ae249a383
sec-ch-viewport-width: 1600
Content-Type: application/json
X-Upwork-Accept-Language: en-US
Referer: https://www.upwork.com/nx/signup/?dest=home
vnd-eo-parent-span-id: 97de39a0-7739-402d-98e7-7ac86e6d095b
vnd-eo-span-id: 00713f02-7ffc-40c9-96fb-257019fda8ce

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
vnd.eo.parent-span-id: 7f520dcb7bea915c-FRA
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
vnd.eo.request-id: 4a5a4002-4dcb-406c-ab00-3727ad07269c
cf-cache-status: DYNAMIC
vnd.eo.span-id: 5f7b8604-63ad-47a2-a2f3-e37d9b40f9f5
vnd.odesk.request-id: 4a5a4002-4dcb-406c-ab00-3727ad07269c
vnd-eo-prana-client-receive: 2023-08-11T17:03:46.637Z
vnd-eo-parent-span-id: 7f520dcb7bea915c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 56
vnd-eo-span-id: 5f7b8604-63ad-47a2-a2f3-e37d9b40f9f5
x-upwork-target-status: true
x-xss-protection: 1; mode=block
vnd-eo-server-ss: 2023-08-11T17:03:46.636Z
referrer-policy: origin-when-cross-origin
server: cloudflare
vnd-eo-trace-id: 7f520dcb7bea915c-FRA, 7f520dcb7bea915c-FRA
vary: Origin
content-type: application/x-thrift+json
access-control-allow-origin: https://www.upwork.com
access-control-expose-headers: vnd-eo-trace-id
access-control-allow-credentials: true
vnd-eo-server-sr: 2023-08-11T17:03:46.582Z
cf-ray: 7f520dcb7bea915c-FRA
vnd.eo.trace-id: 7f520dcb7bea915c-FRA

POST
H3 200 v1 Show response
www.upwork.com/api/graphql/ 52 B
743 B 298ms
298ms Fetch
application/x-thrift+json 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/api/graphql/v1

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/app.689e0e11.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f2e8329573a5ba7a99220626918cb16f798005b28e2f02ae1003664a9e78c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
vnd-eo-trace-id: 7f520dc765be3636-FRA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Authorization: Bearer oauth2v2_16c04666253272f9e44a8c4ae249a383
sec-ch-viewport-width: 1600
Content-Type: application/json
X-Upwork-Accept-Language: en-US
Referer: https://www.upwork.com/nx/signup/?dest=home
vnd-eo-parent-span-id: 97de39a0-7739-402d-98e7-7ac86e6d095b
vnd-eo-span-id: ee4a08f7-411b-4f7b-8868-e8de0e6e68df

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
vnd.eo.parent-span-id: 7f520dcb7bfd915c-FRA
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
vnd.eo.request-id: e137e31f-8015-4e1d-b493-80cae03c5988
cf-cache-status: DYNAMIC
vnd.eo.span-id: 6f62943b-a96c-4750-8ff3-7643c020fedf
vnd.odesk.request-id: e137e31f-8015-4e1d-b493-80cae03c5988
vnd-eo-prana-client-receive: 2023-08-11T17:03:46.675Z
vnd-eo-parent-span-id: 7f520dcb7bfd915c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 52
vnd-eo-span-id: 6f62943b-a96c-4750-8ff3-7643c020fedf
x-upwork-target-status: true
x-xss-protection: 1; mode=block
vnd-eo-server-ss: 2023-08-11T17:03:46.674Z
referrer-policy: origin-when-cross-origin
server: cloudflare
vnd-eo-trace-id: 7f520dcb7bfd915c-FRA, 7f520dcb7bfd915c-FRA
vary: Origin
content-type: application/x-thrift+json
access-control-allow-origin: https://www.upwork.com
access-control-expose-headers: vnd-eo-trace-id
access-control-allow-credentials: true
vnd-eo-server-sr: 2023-08-11T17:03:46.609Z
cf-ray: 7f520dcb7bfd915c-FRA
vnd.eo.trace-id: 7f520dcb7bfd915c-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 94ms
45ms XHR
application/json 2606:4700::6812:1d26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7f520dcbd812bb8f-FRA
access-control-allow-headers: Content-Type

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 113ms
59ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-62227314-1&cid=920246322.1691773426&jid=2095843045&_u=IEBAAEAAAAAAACAAI~&z=768782810

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 113ms
60ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-62227314-1&cid=920246322.1691773426&jid=2095843045&_u=IEBAAEAAAAAAACAAI~&z=768782810

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

static_wdp.js Show response
first.iovation.com/general5/
Redirect Chain

https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

40 KB
17 KB

165ms
48ms

Script
text/javascript

52.129.66.124
IOVATION

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN15301 (IOVATION, US),
Reverse DNS
Software: /
Resource Hash: 7bdfd46cdac7d6e9a54b7e63d8c43cce2a82269cc72c3a2cb471eab955240a5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 17:03:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Expires: Sun, 10 Sep 2023 17:03:46 GMT

Redirect headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
cache-control: max-age=3600
cf-ray: 7f520dcb8c10915c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 11 Aug 2023 18:03:46 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 42 KB
20 KB 176ms
52ms Script
text/javascript 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/iovation/5.2.2/loader_only.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8a67fe47930ed9118fd3e2536afa7e3f33458f62813fb661cc8d01cabf047448

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Aug 2023 17:03:46 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H3 200 snippet-xndwY.1d37596f.js Show response
www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/ 8 KB
4 KB 45ms
45ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/snippet-xndwY.1d37596f.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/runtime.212b5dca.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03608ccd6358815ed0eb5c46658a5482f2f3bfbbd8779eda562daa2255b07de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 80403
content-security-policy-report-only: report-to csp-endpoint
server-timing: app;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 18:28:30 GMT
server: cloudflare
vnd-eo-trace-id: 7f4a61a887980792-SJC
etag: W/"1ed4-189e0b510b0"
vary: Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
cf-ray: 7f520dcb8c13915c-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 202452b9c34b.js Show response
w.usabilla.com/ Frame 2A66 44 KB
13 KB 169ms
50ms Script
text/javascript 63.34.190.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/202452b9c34b.js?lv=1
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.190.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-190-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5e5971384f7fc04c29dc7ca15e6af61f528587f0d05afeeec5c26fcf4beeeedb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 17:03:46 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "fded31a1a75e8bef08f2b8575d75ff6b"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 12902

GET
H2 200 script.js Show response
4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/ 440 KB
198 KB 101ms
27ms Script
application/javascript 99.86.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/script.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-90.fra6.r.cloudfront.net

Software

Resource Hash

4011b414009c3d354ac57c07ace4ec680974d91f140b3733f1445b251d9e0c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: gzip
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 22 Jun 2023 12:02:38 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/4c4cc75a16ed/79017856831
etag: W/"b2cbd534b6051bffdd7ab906ae5b43e0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, immutable, max-age=600
timing-allow-origin: *
x-amz-cf-id: Bk6B0Gk1PuXJShtPBXZY5-qUuhmQJCHp3ofVFGlMkzX1r_61gfzJtw==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/ 403 KB
97 KB 34ms
34ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 17:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fuN6EZWNAh2xn3yE+0HSRQ==
age: 30422
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99428
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:48 GMT
server: cloudflare
etag: 0x8DB81B7897E828A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 144c20d3-601e-002b-3b0c-b4ac5e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f520dcc1a5f1d8e-FRA

GET
H2 200 516858f3f9efc799b493c6fec34c75df.js Show response
ob.cityrobotflower.com/i/ 95 KB
35 KB 105ms
25ms Script
text/javascript 2600:9000:2156:4600:2:7cf7:d580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4600:2:7cf7:d580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 892978f7274c2fb041821160388ba9276ed5c61732cc79fc8a31587727b7ebb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 09:16:42 GMT
content-encoding: gzip
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA50-C1
age: 28024
etag: "17c30-kvh2uvVXOnMVdAOw1w3NLQxSQQ0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 35260
x-amz-cf-id: FPtQhN7xzXFOCInUUWtHLFwdngvZogYMfo0EytK4nzeeD13dZU4zxw==
expires: Fri, 11 Aug 2023 21:16:42 GMT

GET
H2 200 gtm-snippet.min.js Show response
assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/ 1 KB
1 KB 96ms
31ms Script
application/x-javascript 2606:4700::6810:a3a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/gtm-snippet.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a3a4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
x-amz-version-id: ZweJj09ERuB7hGd43xe8zP0W7iYDRk9P
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 947P0VYB0PEQD14B
age: 5617
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: D4dHLmow4rRVPZT44wbwt3FGN9s8m7cg2VWiZHWi3HMiPDmxAXvCL0YUUO6AedWj0S8L01HZh+K8CTfGnDyw+w==
last-modified: Wed, 28 Jul 2021 04:55:45 GMT
server: cloudflare
etag: W/"f65b2f243a458c9aae9b29262e8b2877"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7f520dccda7e3810-FRA
x-amz-meta-last-modified: 1532366449000
expires: Fri, 11 Aug 2023 21:03:46 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/d354acbd-fb36-489c-82bd-26b614bd786e/ 137 KB
26 KB 43ms
43ms Fetch
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/d354acbd-fb36-489c-82bd-26b614bd786e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c9217d3c5db14ae809d3d33808d564972d119b91bb2e721da6fe97ea0b01df2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 17:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7885
content-md5: q+MnSUnftS9Tsb2/ioV7lg==
content-length: 26218
x-ms-lease-status: unlocked
last-modified: Mon, 03 Jul 2023 14:47:11 GMT
server: cloudflare
etag: 0x8DB7BD46240D731
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bd7e2b1f-801e-012e-5cbd-ad1e74000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f520dcc9e789125-FRA
expires: Sat, 12 Aug 2023 17:03:46 GMT

GET
H/1.1

200
OK

dyn_wdp.js Show response
first.iovation.com/5.7.0/
Redirect Chain

https://www.upwork.com/iojs/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

2 KB
2 KB

48ms
47ms

Script
text/javascript

52.129.66.124
IOVATION

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN15301 (IOVATION, US),
Reverse DNS
Software: /
Resource Hash: 889dc8858eb3c66749b4b7a71c92acbaca2aeb2d3a4b34fc36c79a64f557767a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: 2023-Aug-11 17:03:46
Content-Encoding: gzip
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
p3p: CP="NON DSP COR CURa"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, private
Keep-Alive: timeout=2, max=96
Content-Length: 1361
Expires: 0

Redirect headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
cache-control: max-age=3600
cf-ray: 7f520dccddce915c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 11 Aug 2023 18:03:46 GMT

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 10 KB
3 KB 32ms
31ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b45c6cd9209d6f0f4c59e7a3b7db80a0f642898d4728fef9252155a6d264427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 17:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5i2GgzdnYr7xAXvUmxvWyw==
age: 27308
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2606
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:43 GMT
server: cloudflare
etag: 0x8DB81B78646D554
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8c46793c-b01e-00c7-22d4-b3a427000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f520dccff049125-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 21 KB
4 KB 41ms
41ms Fetch
text/css 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 29407
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 17b86691-801e-006e-6ed4-b371cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7f520dccff079125-FRA

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.7.0/ 505 B
1 KB 50ms
49ms Script
text/javascript 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.7.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6052343eb24ee5704f5a342d1f8fdf849f97666ba9367236211f132b89f576e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 17:03:46 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
BLOB 200
OK 611ee5fb-61db-465a-9bba-3175a8e8e078
https://www.upwork.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/611ee5fb-61db-465a-9bba-3175a8e8e078
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ff3cce51d2589f2288391c152c93cd3aa195b3071c2e78aab24633e4a639ef9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 5305
Content-Type: application/javascript

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 81ms
49ms Media
audio/mpeg 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.23979966111296558

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f4ab147daac0b8df43fabb8361f0e3b10efea54c6ab65db997211dd5c2af80f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.upwork.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Fri, 11 Aug 2023 17:03:46 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 index.iife.min.js Show response
www.upwork.com/static/suit2-tracker/0.3.9/ 79 KB
30 KB 52ms
52ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/suit2-tracker/0.3.9/index.iife.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/suit2/loader.nuxt.js?t=1691773426416

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b32665b2a5080b999f273b7d160cf89398c6855bc10dd2f2e357ab0230006993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600

Response headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 109074
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 10 Aug 2023 09:45:54 GMT
server: cloudflare
vnd-eo-trace-id: 7f477a708e0430ab-SJC
etag: W/"de79ec5bec8d170d6ea7fb8f647c0f08"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f520dcd7eac915c-FRA
expires: Sat, 10 Aug 2024 17:03:46 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 33ms
33ms Image
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 40985
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2023 03:24:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 538b0311-c01e-0052-3458-cb456b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7f520dcd8c231d8e-FRA

GET
H2 200 ct Show response
obs.cityrobotflower.com/ 6 KB
3 KB 372ms
129ms Script
text/javascript 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/ct?id=35075&url=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1691773426889&hl=2&op=0&ag=3141356402&rand=84872557221218117190191098500657142705308622602320712720011053292621701022286005012&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDE1ODRdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjUsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDYsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsOCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCw3LDEsMCwwLDAsMCwwLDAsMyJdLFstMSwiLSJdLFstMiwiNixlY1hHWDE5bm5ydlZPMkpkbE5oeEJLUWtMdlNGZEFRQkNsaDE0VlVWRkFsRjcrQ0FJcVhSQkZDRTE2Rllrb1ZVcEFXaEFTSUQya1o1TnRVKzY5Yi8xKzU4N2N6V1JKQVBsR2w5Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCIsMTYwMCwxMjAwXSJdLFstMjAsIjkyMDI0NjMyMi4xNjkxNzczNDI2Il0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjM3MzAwMDAwLFwidWpoc1wiOjMxMjAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsOS4xLDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY5MTc3MzQyNjg0OCwtMl0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsMCwwLDEsMCwxNiw0NywzNzgsLTEsMCw1MDAuNCw1MDAuNCwxMTI1LDExMjUiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsMyxmYWxzZSx0cnVlLG51bGwsMF0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsNjc3LDAsMCwwLDU2MiwwLDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjEwMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMzczNzU1OTk4NlwiLFwiMzQxODQyMTcyMFwiLFwiOTQwMzg0NDMyXCJdLFwiZFwiOltdLFwiYlwiOltdLFwic1wiOjF9Il0sWy01NSwiMSJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1E0SUFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmROWEJrUlVVMU5TVW9ERmhaV1d4ZGFVRTFBUzFaYlZrMWZWVlpPWEVzWFdsWlVGbEFXREFnUEFRd0JYd3BmQUZ4ZldnNEFBRnNOQUFwYUQxOWNXZ29OV2c0TVhWOFhVMG9EQ0FNUERRQUFDUkFWV0UwWlRSZGNRVWxXUzAxS0dSRlJUVTFKU2dNV0ZsWmJGMXBRVFVCTFZsdFdUVjlWVms1Y1N4ZGFWbFFXVUJZTUNBOEJEQUZmQ2w4QVhGOWFEZ0FBV3cwQUNsb1BYMXhhQ2cxYURnPT0iXSxbLTU4LCItIl0sWy01OSwiZGVmYXVsdCJdLFstNjAsMjIyXSxbLTYxLCJ7XCJ3Z3NsXCI6XCIwO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWyJkZGIiLCIwLDcsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwxLDAsMSwwLDAsMCwxLDIsMTAsMCwxNSwxLDAsMCwwLDAsMCwxLDAsMCwwLDEsMCw2LDAiXSxbImJuY2giLDgxXSxbImFibmNoIiw4MV1d&dep=0&pre=0&sdd=%7B%7D&cri=lmImtGRdTs&pto=1166&ver=56&gac=920246322.1691773426&mei=&ap=&fe=1&duid=1.1691773426.5TDgPC775gvlOg78&suid=1.1691773426.1tazCGd7GDmV3UcY&tuid=1.1691773426.PkdEL1AquA1TsjIh&fbc=-&gtm=WyJPbmVUcnVzdExvYWRlZCIsIk9wdGFub25Mb2FkZWQiLCJPbmVUcnVzdEdyb3Vwc1VwZGF0ZWQiXQ%3D%3D&it=52%2C895%2C122&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 711c4262bb6b81b4b2a1074b2977a4cf3a9ffce614269c0fa69db6cda7de4126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Fri, 11 Aug 2023 17:03:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 2480
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 51ms
50ms Media
audio/mpeg 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.8674252587616433

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f4ab147daac0b8df43fabb8361f0e3b10efea54c6ab65db997211dd5c2af80f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.upwork.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Fri, 11 Aug 2023 17:03:46 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

logo.js Show response
first.iovation.com/5.7.0/
Redirect Chain

https://www.upwork.com/iojs/5.7.0/logo.js
https://first.iovation.com/5.7.0/logo.js

505 B
1 KB

47ms
46ms

Script
text/javascript

52.129.66.124
IOVATION

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/5.7.0/logo.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN15301 (IOVATION, US),
Reverse DNS
Software: /
Resource Hash: 05ab2f2a99874f27152b8136763f2a2fa6d7703ba922d8273581cbf3e0e4641a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 17:03:47 GMT
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Content-Length: 505
Expires: Sat, 10 Aug 2024 17:03:47 GMT

Redirect headers

date: Fri, 11 Aug 2023 17:03:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://first.iovation.com/5.7.0/logo.js
cache-control: max-age=3600
cf-ray: 7f520dcea805915c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 11 Aug 2023 18:03:46 GMT

GET
BLOB 200
OK 85d37fb6-1cf1-4e7f-8601-e208843d2b96
https://www.upwork.com/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/85d37fb6-1cf1-4e7f-8601-e208843d2b96
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3209f3d5a6ca288070838e54eb088847db3827c63d4553e00ebb6bedfb6f16f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 2311
Content-Type: application/javascript

GET
H2 200 / Show response
cdn123.forter.com/ 66 B
369 B 143ms
55ms XHR
application/json 99.86.91.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn123.forter.com/?u=15151255d263463886982dacc468df05
Requested by: Host:
URL: (program):2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-12.cdg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 47ecddc294cb89b4dea40c82374531583b28f03643d988d450e2b768dc026234

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Aug 2023 17:03:47 GMT
via: 1.1 71f0499d67f94a76491d9f85d44030d8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 66
x-amz-cf-id: VYnL9d3oMHH5omcBNi963FypVWqSDGNNa3QkiAxV8Cs0Xhhiw4t6RQ==

GET
H2

200

7fba5b9e3d48297e6926b41918a805b7f8b597032cdc1736ebe26757eb92c211ac7f4bc7621050e4ddf24ed4a178 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/7fba5b9e3d48297e6926b41918a805b7f8b597032cdc1736ebe26757eb92c211ac7f4bc7621050e4ddf24ed4a178

0
323 B

142ms
142ms

XHR
text/plain

18.66.26.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/7fba5b9e3d48297e6926b41918a805b7f8b597032cdc1736ebe26757eb92c211ac7f4bc7621050e4ddf24ed4a178

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Server

18.66.26.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-26-24.vie50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 17:03:47 GMT
via: 1.1 745bd6e0dfe1d054bf9397c4a6fbc612.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: Tt4tYmbEM0b9cN_jBB9b6Thiq3JFKJC8ul1wqNMK5-_AE3DTWln_Fw==

Redirect headers

date: Fri, 11 Aug 2023 17:03:47 GMT
via: 1.1 745bd6e0dfe1d054bf9397c4a6fbc612.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/7fba5b9e3d48297e6926b41918a805b7f8b597032cdc1736ebe26757eb92c211ac7f4bc7621050e4ddf24ed4a178
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: s8Y9Z07bEJCXT7PmwQ1jkkALDLZTTFqHK34Co-AuslOQhd-OJIf45w==

GET
BLOB 200
OK 7b3b95ea-afee-445d-97f9-641307b8f4b5
https://www.upwork.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/7b3b95ea-afee-445d-97f9-641307b8f4b5
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33749d1ae9b380e1ded9a55d8386b68602c4494f7a76b87696739ec89cae549e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 17365
Content-Type: application/javascript

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/15151255d263463886982dacc468df05/ 20 B
358 B 475ms
230ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/15151255d263463886982dacc468df05/prop.json?_=1691773426994
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Aug 2023 17:03:47 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
BLOB 200
OK 4c39f287-62de-40eb-975d-c3203c82e0f5
https://www.upwork.com/ 68 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/4c39f287-62de-40eb-975d-c3203c82e0f5
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aebf5e11b85a9ca6377b615fca84ca9c0db26ff5c81d59a985a864d5239926c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 68
Content-Type: application/javascript

POST
H3 200 suit Show response
www.upwork.com/shasta/ 2 B
672 B 217ms
217ms XHR
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/shasta/suit

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/suit2-tracker/0.3.9/index.iife.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 11 Aug 2023 17:03:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upwork.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 7f520dcf5907915c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

POST
H3 200 jslogger Show response
www.upwork.com/upi/ 2 B
692 B 233ms
233ms Fetch
text/html 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/upi/jslogger

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/app.689e0e11.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-odesk-user-agent: oDesk LM
accept-language: de-DE,de;q=0.9
vnd-eo-trace-id: 7f520dc765be3636-FRA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/x-www-form-urlencoded
X-Upwork-Accept-Language: en-US
Accept: application/json, text/plain, */*
Referer: https://www.upwork.com/nx/signup/?dest=home
x-requested-with: XMLHttpRequest
vnd-eo-parent-span-id: 97de39a0-7739-402d-98e7-7ac86e6d095b
vnd-eo-span-id: 2d9c0210-2798-452f-99af-b350698bf089

Response headers

date: Fri, 11 Aug 2023 17:03:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: report-to csp-endpoint
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: cloudflare
vnd-eo-trace-id: 7f520dcf690e915c-FRA
etag: W/"2-sKmCFqMkJrnmakrB623y6W4bSVw"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.upwork.com
report-to: {"endpoints":[{"url":"https://www.upwork.com/ab/csp/index"}],"group":"csp-endpoint","max-age": 10886400}
access-control-allow-credentials: true
cf-ray: 7f520dcf690e915c-FRA
access-control-allow-headers: X-Requested-With,content-type

POST
H2 200 events
cdn3.forter.com/ 0
241 B 349ms
113ms Ping
text/plain 44.215.44.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.215.44.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-44-167.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 17:03:47 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Origin
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
expires: -1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 91ms
28ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Aug 2023 17:03:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47151
x-xss-protection: 0
pragma: public
x-fb-debug: Hy8XLsmlaOMIeYUTBwuICfsE/TT8l7oyMlrUu1VOTx/68RDhU3Ux9nQ9s2uMaWmo9Fa191dbd3O9G4/0Ctx3qQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
77 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-972598239

Requested by

Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b932601cfc2915b78438ce90348ebefd41cb150234632e0b6b7a05496da7da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 17:03:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79106
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Aug 2023 17:03:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
77 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-972598239&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26545ac02e20f6a9cf4a5e17c81957c92b88c1ee2c0be4c2cf1153e46695ccc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 17:03:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79145
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Aug 2023 17:03:47 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 2B81 42 KB
13 KB 96ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 11 Aug 2023 17:03:46 GMT
last-modified: Fri, 28 Jul 2023 18:19:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6B4BE3A3D79F479D95CFA8824A1A9F34 Ref B: FRA31EDGE0721 Ref C: 2023-08-11T17:03:47Z
etag: "806f3b1280c1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12472

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 2B81 169 KB
63 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9982405

Requested by

Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a42c83db117abb927c84bfb3e8c682efbcea4f9dc34577074a199af00dcb371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 17:03:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63962
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Aug 2023 17:03:47 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ Frame 2B81 23 KB
8 KB 89ms
22ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 17:03:47 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 tc_imp.gif
obs.cityrobotflower.com/tracker/ 43 B
79 B 108ms
107ms Image
image/gif 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cityrobotflower.com/tracker/tc_imp.gif?e=37dfbd8ee84e001363efc032e943889a9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d148d6a2217071a10acf9f29f6718d681db562d6a13f92e22038538d836c05133052ac555520a35525fc2bc634f77be26bb25cb43e2913bf05365ad5f2b7a1bdb53ed46f497d7df3ebb2907fe7fcaa95364dd0e3910734093d05066f760b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a4918677a0d8d953eb489d5f3e72aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7daf971464bbd8fe718f57aa4ee0854b944f98997e973d60c39d23d93398d3bbf19df3f1477fe425b2b8fb2c4d26f9913f82be50eb0102419457459a9796dd8deb9725c53ad9d2b48577a370617995732e988383037ad6ef62bd5eed9e429137e13d444c149465f14dccc0ad6eb58b789f4db6d4929b66ce01044bda1e5a137e092694e223a3469494d16ae58e62f9973cca85f9be25cff0a91f6774c8b11e45d1b01a0c10e6eda27ab664cbac05b8b16aeb23fe239f418a06cbba6b96697bbdfbcc22466b720938025e17a8e58a6fd000a944484a28ffb34cdb9a1e1ee2aa89e8cf309bb8bab8ffacbdfb59522ee755c4ea4b64e85e6c1bd762417270eb7dae7005dfe8c9609663d52397a82fc4a4109a730e3d3d017b1a80dde2db3d67489c184189cedabdb0d64e039eb2d061849b36228cc0182e68e790df5f20b020865b9d1cfd3aff668ca860ffbd37b5ddd4adcf406afdfc2920c72ff29fbab917826d321f04936f4054b3a5418ea84580eaec9c53baf3da550d5214d72fb717ee10ebd57b9c20423f403c747ee65d8d853153a70f9bf38049d8be0cc90572cb522655c7facd1818ae27e7847bb71b23420ee5292682b3c53c9a136fe6da40f09b84a0de208f0a0c7d4be07d244e8ec4591ea836e4fdc8319d93b15f4f76a3763248598d055ab8dcb2440d823d3280c6954bc8c8a8901a71f822b1592f0a9052312696a94433d789b08dbbec44f330f03f896694c2&cri=lmImtGRdTs&ts=391&cb=1691773427280
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Fri, 11 Aug 2023 17:03:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK d462dc47-43c9-413d-b2a7-628bbf5aef2c
https://www.upwork.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/d462dc47-43c9-413d-b2a7-628bbf5aef2c
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7bf3441d07cea251d2d56a765f3b13169d1cbc01b158a82867d5cfb4170a9b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 261
Content-Type

POST
H3 200 suit Show response
www.upwork.com/shasta/ 2 B
670 B 218ms
218ms XHR
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/shasta/suit

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/suit2-tracker/0.3.9/index.iife.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 11 Aug 2023 17:03:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upwork.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 7f520dd0bac8915c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H2

200

activityi;dc_pre=CJnLwZGL1YADFQ0KaAgdl8wG3Q;src=9982405;type=conve0;cat=cheqi0;ord=6109920199354;auiddc=1373361390.1691773427;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~ore... Show response
9982405.fls.doubleclick.net/ Frame 6CF5
Redirect Chain

https://9982405.fls.doubleclick.net/activityi;src=9982405;type=conve0;cat=cheqi0;ord=6109920199354;auiddc=1373361390.1691773427;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~o...
https://9982405.fls.doubleclick.net/activityi;dc_pre=CJnLwZGL1YADFQ0KaAgdl8wG3Q;src=9982405;type=conve0;cat=cheqi0;ord=6109920199354;auiddc=1373361390.1691773427;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=...

474 B
387 B

197ms
197ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9982405.fls.doubleclick.net/activityi;dc_pre=CJnLwZGL1YADFQ0KaAgdl8wG3Q;src=9982405;type=conve0;cat=cheqi0;ord=6109920199354;auiddc=1373361390.1691773427;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9982405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

983cb221c33e41e4eea8c2f5c15af847fa5119c7368b909c8d03f73153d89738

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upwork.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 277
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 17:03:47 GMT
expires: Fri, 11 Aug 2023 17:03:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 17:03:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9982405.fls.doubleclick.net/activityi;dc_pre=CJnLwZGL1YADFQ0KaAgdl8wG3Q;src=9982405;type=conve0;cat=cheqi0;ord=6109920199354;auiddc=1373361390.1691773427;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/ 3 KB
2 KB 112ms
62ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1691773427375&cv=11&fst=1691773427375&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&hn=www.googleadservices.com&frm=0&tiba=Create%20an%20Account%20-%20Upwork&auid=1373361390.1691773427&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972598239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db74e5260a8995388b5528e8bc8585822fe50eab6586bcff7ddae2521d441135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1340
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/972598239/ 3 KB
2 KB 106ms
36ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/972598239/?random=1691773427389&cv=11&fst=1691773427389&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Create%20an%20Account%20-%20Upwork&gtm_ee=1&auid=1373361390.1691773427&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972598239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

019198ad9c3f864554abb2c8a6b43e9e4dbeab2cf7040996c5cd7572fef6fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1583
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ Frame 2B81 42 B
637 B 175ms
119ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1691773427401&id=t2_j0i56&event=Search&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=99cd58b2-bf49-4f17-8159-1a658c1a9c07&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 17:03:47 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 204 331000128.js Show response
bat.bing.com/p/action/ Frame 2B81 0
117 B 46ms
46ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/331000128.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 11 Aug 2023 17:03:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9B711AF3C09843FAB50A7FAD8257C5F3 Ref B: FRA31EDGE0721 Ref C: 2023-08-11T17:03:47Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 2B81 0
285 B 103ms
103ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=331000128&Ver=2&mid=05e75957-80e6-4747-a238-29a59cda2db2&sid=0950aa10386911eeb1ce29a8616e7a44&vid=0950d030386911ee986973832386f3ed&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&r=&lt=0&evt=pageLoad&ifm=1&sv=1&rn=736987

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 11 Aug 2023 17:03:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AF45A3DA4D224775B7D1A3F642B123B2 Ref B: FRA31EDGE0721 Ref C: 2023-08-11T17:03:47Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 463930381624031 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 28ms
27ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/463930381624031?v=2.9.121&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1294d922db30f1c180ccef326186aa1b01178e3746b4aa50545c1f52a5fa523b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Aug 2023 17:03:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89220
x-xss-protection: 0
pragma: public
x-fb-debug: hup7fFk3Wckp+5T1TZLV9E2i3FUcHCkeF64uB9hveUTnhtfn8DU8n7gIJ/XDzcKrxQQHVyO3/OXeNTMcFhYhJA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 202 psmetrics
www.upwork.com/upi/ 25 B
514 B 238ms
237ms Ping
text/html 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/upi/psmetrics

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/app.689e0e11.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

86b54313a0e50541ddf8d31208d59dbc3ff8e193b82d18b2bced19a6a85f675c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 11 Aug 2023 17:03:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: origin-when-cross-origin
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
vnd-eo-trace-id: 7f520dd1cc2f915c-FRA
x-powered-by: Express
etag: W/"19-S1EsuAtdTdtkjGJWTLFLKUdoXrc"
content-type: text/html; charset=utf-8
cf-ray: 7f520dd1cc2f915c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/15151255d263463886982dacc468df05/ 20 B
358 B 115ms
115ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/15151255d263463886982dacc468df05/prop.json?_=1691773427482
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Aug 2023 17:03:47 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H3 200 816554411748126 Show response
connect.facebook.net/signals/config/ 383 KB
109 KB 28ms
28ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/816554411748126?v=2.9.121&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e64eb86d1cdd50442fc6cbe35eafa1c9a6221abbb86ee90d86e49f21c499c29

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Aug 2023 17:03:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 111750
x-xss-protection: 0
pragma: public
x-fb-debug: wY6hUYD5+cfzCZ15Y+ovwBuvOn1YNSaxNk1uV9Y6Bu6E6bravofqgsIGLJfmQg4/mXEkvCLOnUfmkxgwyWsxfg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 83ms
27ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&rl=&if=false&ts=1691773427494&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.1.1691773427492.1187297567&it=1691773427423&coo=false&exp=a1&rqm=GET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 17:03:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/972598239/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1883768060&cv=11&fst=1691773427389&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
https://www.google.com/pagead/1p-conversion/972598239/?random=1883768060&cv=11&fst=1691773427389&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsig...
https://www.google.de/pagead/1p-conversion/972598239/?random=1883768060&cv=11&fst=1691773427389&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsign...

42 B
64 B

37ms
37ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/972598239/?random=1883768060&cv=11&fst=1691773427389&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Create%20an%20Account%20-%20Upwork&gtm_ee=1&auid=1373361390.1691773427&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExqWHBnWVFpLTdmNWJiMXFhLTdBUkltQU0tYXdSamM3TUFrTV8wVExoU0F3dWxkcDRFWVRNSXYzMEYxYUptV1M4cnlNUEVhUm9zGlhDaEFJOExqWHBnWVF0Y241NGF2ZmtzRWFFaTRBcHZWZnVHdU5MeDZ0WWM1Z3dLekJvWjdXcXUwZC1HU0wweDRaaExaWGpsRGpFMWM1cE9ibzNrd2wzM3hJIhMI2d29kYvVgAMVyca7CB1TVgHo&is_vtc=1&ocp_id=82nWZJmYHcmN7_UP06yFwA4&cid=CAQSKQBpAlJWzzrtQ8228fdAy-xkqlFvDa582elNeB5wKi19xPMEnsIbWnKv&random=3675434530&ipr=y

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 17:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 17:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/972598239/?random=1883768060&cv=11&fst=1691773427389&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Create%20an%20Account%20-%20Upwork&gtm_ee=1&auid=1373361390.1691773427&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExqWHBnWVFpLTdmNWJiMXFhLTdBUkltQU0tYXdSamM3TUFrTV8wVExoU0F3dWxkcDRFWVRNSXYzMEYxYUptV1M4cnlNUEVhUm9zGlhDaEFJOExqWHBnWVF0Y241NGF2ZmtzRWFFaTRBcHZWZnVHdU5MeDZ0WWM1Z3dLekJvWjdXcXUwZC1HU0wweDRaaExaWGpsRGpFMWM1cE9ibzNrd2wzM3hJIhMI2d29kYvVgAMVyca7CB1TVgHo&is_vtc=1&ocp_id=82nWZJmYHcmN7_UP06yFwA4&cid=CAQSKQBpAlJWzzrtQ8228fdAy-xkqlFvDa582elNeB5wKi19xPMEnsIbWnKv&random=3675434530&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/972598239/ 42 B
154 B 36ms
35ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/972598239/?random=1691773427375&cv=11&fst=1691773200000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&frm=0&tiba=Create%20an%20Account%20-%20Upwork&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3493086369&rmt_tld=0&ipr=y

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 17:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/972598239/ 42 B
154 B 35ms
34ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/972598239/?random=1691773427375&cv=11&fst=1691773200000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&frm=0&tiba=Create%20an%20Account%20-%20Upwork&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3493086369&rmt_tld=1&ipr=y

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 17:03:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 29ms
28ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&rl=&if=false&ts=1691773427584&sw=1600&sh=1200&v=2.9.121&r=stable&ec=1&o=30&fbp=fb.1.1691773427492.1187297567&it=1691773427423&coo=false&exp=a1&rqm=GET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 17:03:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 28ms
28ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=816554411748126&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&rl=&if=false&ts=1691773427585&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.1.1691773427492.1187297567&it=1691773427423&coo=false&exp=a1&rqm=GET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 17:03:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/15151255d263463886982dacc468df05/ 20 B
358 B 116ms
115ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/15151255d263463886982dacc468df05/prop.json?_=1691773427714
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Aug 2023 17:03:47 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H2 200 dc_pre=CJnLwZGL1YADFQ0KaAgdl8wG3Q;src=9982405;type=conve0;cat=cheqi0;ord=6109920199354;auiddc=*;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com...
adservice.google.com/ddm/fls/z/ Frame 6CF5 42 B
401 B 182ms
129ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJnLwZGL1YADFQ0KaAgdl8wG3Q;src=9982405;type=conve0;cat=cheqi0;ord=6109920199354;auiddc=*;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome

Requested by

Host: 9982405.fls.doubleclick.net
URL: https://9982405.fls.doubleclick.net/activityi;dc_pre=CJnLwZGL1YADFQ0KaAgdl8wG3Q;src=9982405;type=conve0;cat=cheqi0;ord=6109920199354;auiddc=1373361390.1691773427;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9982405.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 17:03:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events
cdn3.forter.com/ 0
240 B 1354ms
1353ms Ping
text/plain 44.215.44.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.215.44.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-44-167.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 17:03:49 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Origin
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
expires: -1

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/4c4cc75a16ed/15151255d263463886982dacc468df05/ 20 B
415 B 117ms
116ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/15151255d263463886982dacc468df05/wpt.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 11 Aug 2023 17:03:48 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/4c4cc75a16ed/15151255d263463886982dacc468df05/ Frame 0
0 116ms
116ms Preflight 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/15151255d263463886982dacc468df05/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.upwork.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Fri, 11 Aug 2023 17:03:48 GMT
Vary: Access-Control-Request-Headers

GET
H/1.1 200
OK upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 9314 2 KB
2 KB 85ms
23ms Image
image/png 52.222.206.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/?dest=home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-22.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fa952d9b6d3e241177a6da103960eb749e30d3e84c25f1d98fb1b2219ab1864

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 14 May 2023 01:50:40 GMT
x-amz-version-id: d6N_UYHUv2f.lf8yVQQ3CdauiMsM0ICM
Via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Jun 2021 18:49:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P3
Age: 7744389
ETag: "ff48a3c94b69990d5044c0b3b202dd9e"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=315360000, no-transform, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1678
X-Amz-Cf-Id: RYKuJrd1U-C-l9F7eYugnecAUbZ4TupfLKMIwwk3Q3HKYOooBLjwYQ==

POST
H/1.1 200
OK prop.json
15151255d263463886982dacc468df05-4c4cc75a16ed.cdn.forter.com/ 2 B
622 B 379ms
114ms Ping
application/json 54.81.184.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://15151255d263463886982dacc468df05-4c4cc75a16ed.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 54.81.184.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-184-157.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 11 Aug 2023 17:03:48 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Fri, 14 Jul 2023 11:08:10 GMT
Server: Apache
ETag: "2-6007076d366bb"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
147 B 110ms
109ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Fri, 11 Aug 2023 17:03:48 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
16 B 110ms
109ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Fri, 11 Aug 2023 17:03:48 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET icon24.png
gighmmpiobklfepjocnamgkkbiglidom/icons/ Frame 80B2 0
0

GET close-icon.svg
ihcjicgdanjaechkgeegckofjjedodee/app/assets/ Frame 3D31 0
0

GET
H2 200 logo_small.gif
d3nocrch4qti4v.cloudfront.net/ 43 B
385 B 87ms
21ms Image
image/gif 2600:9000:2251:cc00:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_small.gif?dfpadname=&check=1691773429002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:cc00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 15:24:59 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 956331
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: jzg2njK_66O5MhCiWz8B7EZGHIRbArKQ9RikvBvsIgvJKt4U5mPmFw==

GET
H2 200 logo_medium.gif
d3nocrch4qti4v.cloudfront.net/ 43 B
384 B 88ms
21ms Image
image/gif 2600:9000:2251:cc00:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_medium.gif?check=1691773429002&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:cc00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 12:09:43 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 1227247
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 3b2XTNcIvsiWCLWJJV4ceCQ2vO_zC3TU4cFBlUBVHvI3AAQr2njEBQ==

GET
H2 200 logo_large.gif
d3nocrch4qti4v.cloudfront.net/ 43 B
383 B 88ms
22ms Image
image/gif 2600:9000:2251:cc00:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_large.gif?1691773429002&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:cc00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 23:52:43 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 148267
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: zZ1M2jcOeCtN-hhLw5YEa7XghGrVZ2o3kbB5-00hBODfR8pIkV5wYQ==

POST
H3 202 psmetrics
www.upwork.com/upi/ 25 B
711 B 209ms
208ms Ping
text/html 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/upi/psmetrics

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/app.689e0e11.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

86b54313a0e50541ddf8d31208d59dbc3ff8e193b82d18b2bced19a6a85f675c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 11 Aug 2023 17:03:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: origin-when-cross-origin
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
vnd-eo-trace-id: 7f520ddb5828915c-FRA
x-powered-by: Express
etag: W/"19-S1EsuAtdTdtkjGJWTLFLKUdoXrc"
content-type: text/html; charset=utf-8
cf-ray: 7f520ddb5828915c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25
x-xss-protection: 1; mode=block

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 28ms
28ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463930381624031&ev=Microdata&dl=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&rl=&if=false&ts=1691773429008&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Create%20an%20Account%20-%20Upwork%22%2C%22meta%3Adescription%22%3A%22Upwork%20is%20where%20the%20world%20goes%20to%20work!%20We%20are%20a%20leading%20online%20workplace%2C%20%20%20%20%20%20%20%20%20%20%20where%20savvy%20businesses%20hire%2C%20manage%2C%20and%20pay%20an%20on-demand%20workforce%20of%20talented%20freelancers.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.121&r=stable&ec=2&o=30&fbp=fb.1.1691773427492.1187297567&it=1691773427423&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 17:03:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET icon16.png
mlomiejdfkolichcflejclcbmpeaniij/app/images/ Frame 1412 0
0

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 28ms
28ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=816554411748126&ev=Microdata&dl=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&rl=&if=false&ts=1691773429087&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Create%20an%20Account%20-%20Upwork%22%2C%22meta%3Adescription%22%3A%22Upwork%20is%20where%20the%20world%20goes%20to%20work!%20We%20are%20a%20leading%20online%20workplace%2C%20%20%20%20%20%20%20%20%20%20%20where%20savvy%20businesses%20hire%2C%20manage%2C%20and%20pay%20an%20on-demand%20workforce%20of%20talented%20freelancers.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.121&r=stable&ec=1&o=30&fbp=fb.1.1691773427492.1187297567&it=1691773427423&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 17:03:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
39 B 110ms
110ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Fri, 11 Aug 2023 17:03:50 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 events
cdn3.forter.com/ 0
240 B 116ms
114ms Ping
text/plain 44.215.44.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.215.44.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-44-167.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 17:03:50 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Origin
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
expires: -1

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
39 B 111ms
111ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Fri, 11 Aug 2023 17:03:52 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H3 202 psmetrics
www.upwork.com/upi/ 25 B
514 B 225ms
225ms Ping
text/html 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/upi/psmetrics

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/signup/ab/assets/Signup/signup-nuxt/app.689e0e11.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

86b54313a0e50541ddf8d31208d59dbc3ff8e193b82d18b2bced19a6a85f675c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upwork.com/nx/signup/?dest=home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 11 Aug 2023 17:03:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: origin-when-cross-origin
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
vnd-eo-trace-id: 7f520df12dc5915c-FRA
x-powered-by: Express
etag: W/"19-S1EsuAtdTdtkjGJWTLFLKUdoXrc"
content-type: text/html; charset=utf-8
cf-ray: 7f520df12dc5915c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gighmmpiobklfepjocnamgkkbiglidom
URL: chrome-extension://gighmmpiobklfepjocnamgkkbiglidom/icons/icon24.png

Domain: ihcjicgdanjaechkgeegckofjjedodee
URL: chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/assets/close-icon.svg

Domain: mlomiejdfkolichcflejclcbmpeaniij
URL: chrome-extension://mlomiejdfkolichcflejclcbmpeaniij/app/images/icon16.png

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.upwork.com/	1969-12-31 23:59:59	Name: visitor_id Value: 217.114.215.133.1691773425923000
.upwork.com/	1970-01-20 13:57:39	Name: visitor_signup_gql_token Value: oauth2v2_16c04666253272f9e44a8c4ae249a383
.upwork.com/	1969-12-31 23:59:59	Name: country_code Value: DE
www.upwork.com/	1969-12-31 23:59:59	Name: cookie_prefix Value:
www.upwork.com/	1969-12-31 23:59:59	Name: cookie_domain Value: .upwork.com
www.upwork.com/	1970-01-20 14:06:18	Name: __cflb Value: 02DiuEXPXZVk436fJfSVuuwDqLqkhavJbwdaSiWWgX3Dd
.upwork.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Ggucg_xZmcelhCGGNzCjZcphpdz3ndQiwYW3n.RD.o4-1691773426131-0-604800000
.upwork.com/	1970-01-20 23:32:13	Name: _ga Value: GA1.2.920246322.1691773426
.upwork.com/	1970-01-20 13:57:39	Name: _gid Value: GA1.2.200624451.1691773426
.upwork.com/	1970-01-20 13:56:13	Name: _gat Value: 1
.upwork.com/	1970-01-20 18:15:25	Name: umq Value: 1600
mpsnare.iesnare.com/	1970-01-20 22:41:49	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: y2TNGXy0ZCWzyYy4KYX1NwOk2OZX5rVv1zpqKsc4ebM=
.static-upwork.com/	1970-01-20 13:56:15	Name: __cf_bm Value: 6VJVKbQRWw3EO6hCx74Ms7DIdok2vcWZiXlC7zFJRNo-1691773426-0-AXnUY856XZJO2jkM48iSxIJ4og2HyfEYp7JE9I8kkJXgrUnQyDh4LyLEzV3NAmjhtt/Ju3glTGjYheOTX+QUryA=
.upwork.com/	1970-01-20 22:41:49	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Aug+11+2023+19%3A03%3A46+GMT%2B0200+(Central+European+Summer+Time)&version=202305.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=b96331b1-891a-4c02-9053-05d741296806&interactionCount=0&landingPath=https%3A%2F%2Fwww.upwork.com%2Fnx%2Fsignup%2F%3Fdest%3Dhome&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
first.iovation.com/	1970-01-20 22:41:49	Name: fp_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: qniwoYCSlqKODmNpckwplMHRpEuJw4wf8YJHyZrd70U=
.upwork.com/	1970-01-20 16:07:37	Name: _cq_duid Value: 1.1691773426.5TDgPC775gvlOg78
.upwork.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1691773426.1tazCGd7GDmV3UcY
.upwork.com/	1970-01-20 13:56:17	Name: ftr_blst_1h Value: 1691773426949
.upwork.com/	1970-01-20 13:56:15	Name: _upw_ses.5831 Value: *
.upwork.com/	1970-01-20 23:32:13	Name: _upw_id.5831 Value: 667ac735-a3d1-4328-ad83-b6f373b678c8.1691773427.1.1691773427..c3570452-2d3c-4aaa-8ec1-a25438fd4562..cd8d6aa3-9d79-4f78-a455-3c1e5035dcf9.1691773427086.4
obs.cityrobotflower.com/	1970-01-20 22:00:03	Name: cg_uuid Value: ad2ba1e87fe7237d7e309f7be0f04280
.upwork.com/	1970-01-20 22:41:49	Name: spt Value: 4065fd8b-8f85-4960-b163-e92fb13a8662
.upwork.com/	1970-01-20 16:05:49	Name: _gcl_au Value: 1.1.1373361390.1691773427
.upwork.com/	1970-01-20 16:05:49	Name: _rdt_uuid Value: 1691773427400.99cd58b2-bf49-4f17-8159-1a658c1a9c07
.upwork.com/	1970-01-20 13:57:39	Name: _uetsid Value: 0950aa10386911eeb1ce29a8616e7a44
.upwork.com/	1970-01-20 23:17:49	Name: _uetvid Value: 0950d030386911ee986973832386f3ed
.upwork.com/	1970-01-20 16:05:49	Name: _fbp Value: fb.1.1691773427492.1187297567
.bing.com/	1970-01-20 23:17:49	Name: MUID Value: 241817335321605C2F850459528D61D5
www.upwork.com/	1970-01-20 14:06:18	Name: AWSALB Value: gGhYd+zdQGRQcYVn//U/qKir2nQzwlN/mocjabe1q9ysLI7J7xkjdbvALM0udcMKFG42JkNL9PGbtYEFTnYxPlH0ZcHSAtIRLs4Iaux399IyfKkp2Egtr0TfJ63i
www.upwork.com/	1970-01-20 14:06:18	Name: AWSALBCORS Value: gGhYd+zdQGRQcYVn//U/qKir2nQzwlN/mocjabe1q9ysLI7J7xkjdbvALM0udcMKFG42JkNL9PGbtYEFTnYxPlH0ZcHSAtIRLs4Iaux399IyfKkp2Egtr0TfJ63i
.doubleclick.net/	1970-01-20 23:17:49	Name: IDE Value: AHWqTUm6ZJRH0UMqTS04LUvh28HMFqKJKLDPHeA6ZsNLjK7uIM6j3gM2kQOEcjbf
.upwork.com/	1970-01-20 23:32:13	Name: forterToken Value: 15151255d263463886982dacc468df05_1691773426525__UDF43-m4_14ck
www.upwork.com/	1969-12-31 23:59:59	Name: enabled_ff Value: i18nOn,!CI10857Air3Dot0,!pxBPA3,!SSINavUser,!MP16400Air3Migration,!pxFAA3,CI11132Air2Dot75,pxTHA3,!pxGPA3,TONB2256Air3Migration,OTBnrOn,!JPAir3,!TONB3476Air3Migration,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations,!pxWTA3,air2Dot76,!CI12577UniversalSearch,!air2Dot76Qt
.upwork.com/	1970-01-20 13:56:15	Name: __cf_bm Value: jBxexUznq4AB8YenseRf3_fBLKcjO9c3wARXjwYcKtA-1691773429-0-AV45v8Bes+451F4AOMcaisynl3vqgPyg6uaapT/HIALlpQlROhll6paof4xPMhyu/O7+oMoVx4d+K3G8GS57wkQ=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	verbose	URL: blob:https://www.upwork.com/d462dc47-43c9-413d-b2a7-628bbf5aef2c(Line 1) Message: Error
network	error	Message: A bad HTTP response code (403) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15151255d263463886982dacc468df05-4c4cc75a16ed.cdn.forter.com
4c4cc75a16ed.cdn4.forter.com
9982405.fls.doubleclick.net
adservice.google.com
alb.reddit.com
assets.static-upwork.com
bat.bing.com
cdn.cookielaw.org
cdn0.forter.com
cdn123.forter.com
cdn3.forter.com
cdn9.forter.com
connect.facebook.net
d3nocrch4qti4v.cloudfront.net
d6tizftlrpuof.cloudfront.net
first.iovation.com
geolocation.onetrust.com
gighmmpiobklfepjocnamgkkbiglidom
googleads.g.doubleclick.net
ihcjicgdanjaechkgeegckofjjedodee
mlomiejdfkolichcflejclcbmpeaniij
mpsnare.iesnare.com
ob.cityrobotflower.com
obs.cityrobotflower.com
stats.g.doubleclick.net
w.usabilla.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
www.upwork.com
gighmmpiobklfepjocnamgkkbiglidom
ihcjicgdanjaechkgeegckofjjedodee
mlomiejdfkolichcflejclcbmpeaniij
104.18.90.237
142.250.186.66
151.101.1.140
18.66.26.24
216.58.206.38
2600:1f18:e8a:cd06:e361:a2ce:b047:17c
2600:9000:2156:4600:2:7cf7:d580:93a1
2600:9000:2251:cc00:7:bffe:c3c0:21
2606:4700::6810:a3a4
2606:4700::6812:1d26
2606:4700::6812:aa72
2620:1ec:c11::200
2a00:1450:4001:803::2008
2a00:1450:4001:80b::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c03::9c
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a04:4e42:200::396
34.192.191.43
44.215.44.167
52.129.66.124
52.222.206.22
54.195.39.4
54.81.184.157
63.34.190.153
99.86.4.90
99.86.91.12
019198ad9c3f864554abb2c8a6b43e9e4dbeab2cf7040996c5cd7572fef6fe6e
03608ccd6358815ed0eb5c46658a5482f2f3bfbbd8779eda562daa2255b07de4
03a9b1ae4b7fa3e167857679ca4bea4dae608ee8851da817a2578f0c8d5fe469
05ab2f2a99874f27152b8136763f2a2fa6d7703ba922d8273581cbf3e0e4641a
0f2e8329573a5ba7a99220626918cb16f798005b28e2f02ae1003664a9e78c6c
1294d922db30f1c180ccef326186aa1b01178e3746b4aa50545c1f52a5fa523b
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2584d2b2839d3a1c894bc5aba458bff979aebe16a68b622087eae9273672ac17
26545ac02e20f6a9cf4a5e17c81957c92b88c1ee2c0be4c2cf1153e46695ccc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28653b1ab9b6fe9e97f8803a991ace75146c67785a25b76a05ab2f11ba293db6
2b932601cfc2915b78438ce90348ebefd41cb150234632e0b6b7a05496da7da7
2f11a5008f6b38a19dbdc4839557c62ce408d84885dc3e2e4eab7ba8bcdecd96
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
2fa952d9b6d3e241177a6da103960eb749e30d3e84c25f1d98fb1b2219ab1864
3209f3d5a6ca288070838e54eb088847db3827c63d4553e00ebb6bedfb6f16f7
33749d1ae9b380e1ded9a55d8386b68602c4494f7a76b87696739ec89cae549e
3b45c6cd9209d6f0f4c59e7a3b7db80a0f642898d4728fef9252155a6d264427
3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c
3f38a957941217d4bcea3e410c2868f4f08732f84effc2f3d0df03fbbed042b6
4011b414009c3d354ac57c07ace4ec680974d91f140b3733f1445b251d9e0c06
43afe04a9adacaa5ba2842a4c795de14cbfd890d096ae51a0a445240f2aea4aa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47ecddc294cb89b4dea40c82374531583b28f03643d988d450e2b768dc026234
4aebf5e11b85a9ca6377b615fca84ca9c0db26ff5c81d59a985a864d5239926c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5689956d22df09be972afc553aa17ce3b8b6f19568efce19d892a817a3890088
59acd2753eb417bad7ea798f0215b7771c3d47abb16dea16883f0cabce9f4cfe
5a42c83db117abb927c84bfb3e8c682efbcea4f9dc34577074a199af00dcb371
5e0fad370e50e89b4c84738050440070d6a9723aca47f1f6070b02ce21d22ef5
5e5971384f7fc04c29dc7ca15e6af61f528587f0d05afeeec5c26fcf4beeeedb
5ff3cce51d2589f2288391c152c93cd3aa195b3071c2e78aab24633e4a639ef9
6052343eb24ee5704f5a342d1f8fdf849f97666ba9367236211f132b89f576e3
6349f53683ee6158bb1e57e7018e43a68af50395d4f7fb562b68a4a93140db1f
652d5292f001d89ab34709e9df7d50055dbf47fef34df630dba77f9a4f2b4004
6b85d251e335fc3bb8112d94ccb65c3d7bff639ade8ebb0b075ab0632c754729
711c4262bb6b81b4b2a1074b2977a4cf3a9ffce614269c0fa69db6cda7de4126
76a16f61a15a3a76e468a521423c21b932c5c4db53f88489978a065aa1637043
7bdfd46cdac7d6e9a54b7e63d8c43cce2a82269cc72c3a2cb471eab955240a5b
7c9217d3c5db14ae809d3d33808d564972d119b91bb2e721da6fe97ea0b01df2
7f5616fe9643b8bdd0bc262f841e1a4aee2511ad0c18b15ca9c30b4054534a1e
8392acacde68221a87fcd55491814d4b23cb35bc0c446b4814bd3617e7f1e276
843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86b54313a0e50541ddf8d31208d59dbc3ff8e193b82d18b2bced19a6a85f675c
86e0a220c696b59fc4842e76c209c3822d507f0acfb63a6033f036281871053b
889dc8858eb3c66749b4b7a71c92acbaca2aeb2d3a4b34fc36c79a64f557767a
892978f7274c2fb041821160388ba9276ed5c61732cc79fc8a31587727b7ebb6
8a063c3b5d55e044db7df9a67af332df00ba2ccddd50e398f8e708c269dd86dc
8a67fe47930ed9118fd3e2536afa7e3f33458f62813fb661cc8d01cabf047448
8e4f367dd0bc69022ec0eba167e432c0948199cb1ba0a74c478a5de87847418c
8e64eb86d1cdd50442fc6cbe35eafa1c9a6221abbb86ee90d86e49f21c499c29
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144
983cb221c33e41e4eea8c2f5c15af847fa5119c7368b909c8d03f73153d89738
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
9c7257d5dfe99e9bdbcba104866f42bf558c3d7b33e9bd13b602519ebfb5d8bc
a816f7b7ecdf8c93816331cf41ac7102d326149572b45d47b670fac50b50ac4e
acc9f5350986947bbc0cfae4764907c534701ed02ab59aa1131dcfe7d1b47fac
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af96b325fb4eff58553edf8924fdc4368c83ff3be39d5d21904db9d1b4e9c770
b32665b2a5080b999f273b7d160cf89398c6855bc10dd2f2e357ab0230006993
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
bcb502c2f586e24fdec4571bd1e4f7f7a0daf0df388a1a7140b2668558494ebe
bd24096665d3e547a9d541378c63fcbdc3267166703f03f1a761df6563c3932a
be56f48eaba7008cd7b117d682e988d01217e87d9e99945b9027d05e4a8475bf
c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029
cf03a3d12f8121b459e562a52bfdb86ca836c5d3c463fc1dd5fc0e6b6aee72bd
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d0db350cff47a741cf1e0c07a9a8dc78b242272153ea8f23ed534868714d46fe
db74e5260a8995388b5528e8bc8585822fe50eab6586bcff7ddae2521d441135
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bf3441d07cea251d2d56a765f3b13169d1cbc01b158a82867d5cfb4170a9b3
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4319bcfce65c20e24926487873996ad3f273d5fc57552967f3ae58da3690f25
f4ab147daac0b8df43fabb8361f0e3b10efea54c6ab65db997211dd5c2af80f0

www.upwork.com Open in urlscan Pro 104.18.90.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

115 Requests

89 %HTTPS

55 %IPv6

22 Domains

34 Subdomains

32 IPs

6 Countries

1810 kBTransfer

6244 kBSize

34 Cookies

0 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.upwork.com Open in urlscan Pro
104.18.90.237 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

89 %
HTTPS

55 %
IPv6

22
Domains

34
Subdomains

32
IPs

6
Countries

1810 kB
Transfer

6244 kB
Size

34
Cookies

115 HTTP transactions
0 data transactions