www.upwork.com Open in urlscan Pro
104.18.90.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tiktok.upwork.com/
Effective URL:
https://www.upwork.com/ent/portal/tiktok/
Submission: On June 20 via api (June 20th 2024, 12:17:44 pm UTC) from US — Scanned from DE

Summary HTTP 108 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 18 domains to perform 108 HTTP transactions. The main IP is 104.18.90.237, located in and belongs to CLOUDFLARENET, US. The main domain is www.upwork.com. The Cisco Umbrella rank of the primary domain is 53284.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 1st 2024. Valid for: a year.

This is the only time www.upwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 52	104.18.90.237 104.18.90.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.92.208.114 52.92.208.114	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.129.66.124 52.129.66.124	16509 (AMAZON-02) (AMAZON-02)
4	54.195.39.4 54.195.39.4	16509 (AMAZON-02) (AMAZON-02)
1	54.171.39.250 54.171.39.250	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:244... 2600:9000:2447:800:2:7cf7:d580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.16.16.72 104.16.16.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:262... 2600:9000:262a:b400:f:1b37:e600:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.215.68 143.204.215.68	16509 (AMAZON-02) (AMAZON-02)
1 2	2600:9000:20b... 2600:9000:20b4:b800:e:d088:5c40:93a1	16509 (AMAZON-02) (AMAZON-02)
5	54.243.108.33 54.243.108.33	14618 (AMAZON-AES) (AMAZON-AES)
3	18.239.94.23 18.239.94.23	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
2	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
6	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	100.26.87.64 100.26.87.64	14618 (AMAZON-AES) (AMAZON-AES)
1	54.231.224.208 54.231.224.208	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20a... 2600:9000:20ab:ea00:7:bffe:c3c0:21	16509 (AMAZON-02) (AMAZON-02)
108	26

52 104.18.90.237 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

tiktok.upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.208.114 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.129.66.124 (United States)

ASN16509 (AMAZON-02, US)

first.iovation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.195.39.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.39.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-39-250.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2447:800:2:7cf7:d580:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.cityrobotflower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.16.72 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.static-upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:262a:b400:f:1b37:e600:93a1 (United States)

ASN16509 (AMAZON-02, US)

4c4cc75a16ed.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cityrobotflower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-68.fra53.r.cloudfront.net

cdn123.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20b4:b800:e:d088:5c40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.243.108.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-108-33.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.94.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-23.ams1.r.cloudfront.net

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.196 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f196.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.26.87.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-87-64.compute-1.amazonaws.com

983ec030004f48d1ae4f5abc3e243caf-4c4cc75a16ed.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.224.208 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20ab:ea00:7:bffe:c3c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3nocrch4qti4v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	upwork.com 5 redirects tiktok.upwork.com www.upwork.com — Cisco Umbrella Rank: 53284	725 KB
13	forter.com 1 redirects 4c4cc75a16ed.cdn4.forter.com — Cisco Umbrella Rank: 134916 cdn123.forter.com — Cisco Umbrella Rank: 13286 cdn9.forter.com — Cisco Umbrella Rank: 5192 cdn0.forter.com — Cisco Umbrella Rank: 4656 cdn3.forter.com — Cisco Umbrella Rank: 4145 983ec030004f48d1ae4f5abc3e243caf-4c4cc75a16ed.cdn.forter.com	204 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	139 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	6 KB
6	cityrobotflower.com ob.cityrobotflower.com — Cisco Umbrella Rank: 163039 obs.cityrobotflower.com — Cisco Umbrella Rank: 109595	41 KB
4	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 6066	22 KB
3	cloudfront.net d3nocrch4qti4v.cloudfront.net	840 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	79 KB
3	iovation.com first.iovation.com — Cisco Umbrella Rank: 95195	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	311 KB
2	google.de www.google.de — Cisco Umbrella Rank: 8088	128 B
2	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 5	48 B
2	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 70	48 B
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 133	2 KB
2	amazonaws.com upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 357341 s3.amazonaws.com	436 KB
1	static-upwork.com assets.static-upwork.com — Cisco Umbrella Rank: 142382	1 KB
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 6156	91 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 653	303 B
108	18

	Domain	Requested by
51	www.upwork.com	4 redirects www.upwork.com
7	cdn.cookielaw.org	www.upwork.com cdn.cookielaw.org
6	www.facebook.com	www.upwork.com
5	cdn0.forter.com
5	obs.cityrobotflower.com	ob.cityrobotflower.com www.upwork.com
4	mpsnare.iesnare.com	www.upwork.com mpsnare.iesnare.com
3	d3nocrch4qti4v.cloudfront.net
3	connect.facebook.net	ob.cityrobotflower.com connect.facebook.net
3	cdn3.forter.com
3	first.iovation.com	www.upwork.com
3	www.googletagmanager.com	www.upwork.com www.googletagmanager.com
2	www.google.de	www.upwork.com
2	www.google.com	2 redirects
2	googleads.g.doubleclick.net	2 redirects
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	cdn9.forter.com	1 redirects www.upwork.com
1	s3.amazonaws.com	www.upwork.com
1	983ec030004f48d1ae4f5abc3e243caf-4c4cc75a16ed.cdn.forter.com
1	cdn123.forter.com
1	4c4cc75a16ed.cdn4.forter.com	www.upwork.com
1	assets.static-upwork.com	www.googletagmanager.com
1	ob.cityrobotflower.com	www.googletagmanager.com
1	w.usabilla.com	www.upwork.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com	www.upwork.com
1	tiktok.upwork.com	1 redirects
108	26

This site contains links to these domains. Also see Links.

Domain
hello.upwork.com
support.upwork.com
community.upwork.com
investors.upwork.com
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
*.upwork.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-01` - `2025-05-02`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-05-15` - `2025-05-13`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2024-05-06` - `2025-05-20`	a year	crt.sh
w.usabilla.com Amazon RSA 2048 M02	`2023-12-12` - `2025-01-09`	a year	crt.sh
*.cityrobotflower.com Amazon RSA 2048 M02	`2024-06-17` - `2025-07-16`	a year	crt.sh
static-upwork.com E6	`2024-06-09` - `2024-09-07`	3 months	crt.sh
*.cdn4.forter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-28` - `2024-12-15`	a year	crt.sh
cdn123.forter.com Amazon RSA 2048 M02	`2024-06-10` - `2025-07-09`	a year	crt.sh
cdn0.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-22`	a year	crt.sh
cdn3.forter.com Amazon RSA 2048 M02	`2024-06-19` - `2025-07-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-29` - `2024-06-27`	3 months	crt.sh
*.googleadservices.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.cdn.forter.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-11-23` - `2024-07-22`	8 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.upwork.com/ent/portal/tiktok/
Frame ID: 19AB8B83EA9D05634091C744F346B363
Requests: 104 HTTP requests in this frame

Frame: https://www.upwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: DE7C53ACB7EB64FAE0186D5DB3718B7E
Requests: 2 HTTP requests in this frame

Frame: https://w.usabilla.com/202452b9c34b.js?lv=1
Frame ID: 970FA3AAC9A434CB010E6FF5E86DFBEC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Upwork Enterprise Portal

Page URL History Show full URLs

https://tiktok.upwork.com/ HTTP 301
https://www.upwork.com/ent/portal/tiktok/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

108
Requests

88 %
HTTPS

37 %
IPv6

18
Domains

26
Subdomains

26
IPs

4
Countries

1984 kB
Transfer

5264 kB
Size

29
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://hello.upwork.com/c/nidhichaudharyupwork-com
Title: Book time

Search URL Search Domain Scan URL

URL: https://support.upwork.com/hc/en-us
Title: Help & Support

Search URL Search Domain Scan URL

URL: https://community.upwork.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://investors.upwork.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.facebook.com/upwork
Title: Visit Upwork on Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/upwork
Title: Read Upwork company news on LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/Upwork
Title: Follow @Upwork on Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCvxGFOnwUBDHHcxuPqhe4CQ
Title: Watch Upwork videos on YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/upwork/
Title: Follow Upwork on Instagram

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/developer/upwork-global-inc/id329377609
Title: Download Upwork app from iTunes

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/dev?id=8802639270489632480
Title: Download Upwork app from Google Play

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tiktok.upwork.com/ HTTP 301
https://www.upwork.com/ent/portal/tiktok/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://www.upwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.upwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

Request Chain 51

https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Request Chain 63

https://www.upwork.com/iojs/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Request Chain 67

https://www.upwork.com/iojs/5.7.0/logo.js HTTP 301
https://first.iovation.com/5.7.0/logo.js

Request Chain 70

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/77b759ce6f4a2f7b3d24b64c18a652bea1e69a5d2bd91436bbb3635bbc979342ac7f4acf6b1f5fe2d1f540d6a279

Request Chain 78

https://www.googleadservices.com/pagead/conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=1491086306&sscte=1&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIo_y86JTqhgMVOmceAh0HOgrfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=1491086306&sscte=1&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIo_y86JTqhgMVOmceAh0HOgrfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLeYEljE-cFxMy7XCFfE6awvIGYI4Fwg&random=2324452156 HTTP 302
https://www.google.de/pagead/1p-conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=1491086306&sscte=1&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIo_y86JTqhgMVOmceAh0HOgrfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLeYEljE-cFxMy7XCFfE6awvIGYI4Fwg&random=2324452156&ipr=y

Request Chain 91

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=2110514148&cv=11&fst=1718885859453&bg=ffffff&guid=ON&async=1&gtm=45be46h0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Ftiktok%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=175858148.1718885859&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2UsIHRyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIo63B6JTqhgMVVGceAh1d-xuUMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/972598239/?random=2110514148&cv=11&fst=1718885859453&bg=ffffff&guid=ON&async=1&gtm=45be46h0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Ftiktok%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=175858148.1718885859&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2UsIHRyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIo63B6JTqhgMVVGceAh1d-xuUMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLq9SkZnvPBL7wHdQ-IxVM268KhGmXtw&random=3119431812 HTTP 302
https://www.google.de/pagead/1p-conversion/972598239/?random=2110514148&cv=11&fst=1718885859453&bg=ffffff&guid=ON&async=1&gtm=45be46h0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Ftiktok%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=175858148.1718885859&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2UsIHRyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIo63B6JTqhgMVVGceAh1d-xuUMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLq9SkZnvPBL7wHdQ-IxVM268KhGmXtw&random=3119431812&ipr=y

108 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.upwork.com/ent/portal/tiktok/
Redirect Chain

https://tiktok.upwork.com/
https://www.upwork.com/ent/portal/tiktok/

385 KB
61 KB

390ms
381ms

Document
text/html

104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db6e8ff050cd93f60e1150776c215da17ac6cfc4d1ecfdb60f4feb90640a29eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	https://feedback.usabilla.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 896bb2602cc4a05e-FRA
content-encoding: br
content-security-policy-report-only: report-to csp-endpoint
content-type: text/html; charset=utf-8
date: Thu, 20 Jun 2024 12:17:37 GMT
referrer-policy: origin-when-cross-origin
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
server: cloudflare
server-timing: api;dur=78, app;dur=115
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding
vnd-eo-trace-id: 896bb2602cc4a05e-FRA
x-content-type-options: nosniff
x-frame-options: https://feedback.usabilla.com/
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 896bb25f1b08a05e-FRA
content-length: 0
date: Thu, 20 Jun 2024 12:17:37 GMT
location: https://www.upwork.com/ent/portal/tiktok/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 neue-montreal-variable.woff2
www.upwork.com/static/fonts-global/4.5.1/ 146 KB
146 KB 80ms
79ms Font
font/woff2 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/fonts-global/4.5.1/neue-montreal-variable.woff2

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5819f69ba452021469f51c1f676e0b084f1a419a9a8b95d52b4a9792e2ee1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2507264
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 149280
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 21 May 2024 11:37:05 GMT
server: cloudflare
vnd-eo-trace-id: 887c93fd8c967779-SJC
etag: "943fa01dcc256cd657ed3cff5967ede5"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 896bb26288f2a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 vue.runtime.2.7.18.min.js Show response
www.upwork.com/static/vue-libs/ 75 KB
28 KB 99ms
98ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vue.runtime.2.7.18.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c441b981fda3e107addae8e98379918bf5fc91853eb229245bccdbb1d2ad6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8484462
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 01 Mar 2024 07:26:03 GMT
server: cloudflare
vnd-eo-trace-id: 8632e4089962c3cb-SJC
etag: W/"125fd6ecc586077f6523320c15a7b40d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb26288f6a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 vuex.3.6.2.min.js Show response
www.upwork.com/static/vue-libs/ 12 KB
4 KB 100ms
99ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vuex.3.6.2.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8537676
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 01 Mar 2024 07:26:03 GMT
server: cloudflare
vnd-eo-trace-id: 862d40856cb4173a-SJC
etag: W/"9190541d2b0b2827d8f9a2b436ffdc3f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb26288f9a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 vue-i18n.8.28.2.min.js Show response
www.upwork.com/static/vue-libs/ 28 KB
9 KB 101ms
101ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vue-i18n.8.28.2.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4a16fa3036e271376d3ceeef56a5f49dff42ea2560c18099177be8d46fe076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 762651
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 27 Oct 2023 06:53:42 GMT
server: cloudflare
vnd-eo-trace-id: 81f3e61e5880156a-SJC
etag: W/"5d4375c9b8e7c9eada90983391b8ac24"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb26288fba05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 404 undefined
www.upwork.com/ 64 KB
64 KB 281ms
280ms Image
text/html 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upwork.com/undefined

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bf31f1837a16bf1908a7ae2ece613fe80760ac29d18113ca5315e88c2187728

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vnd-eo-trace-id: 896bb262d96da05e-FRA
content-type: text/html
cf-ray: 896bb262d96da05e-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 56ms
34ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jun 2024 12:17:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ceCldLDyZN6bSQL6yyKLMg==
age: 56244
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Wed, 19 Jun 2024 02:33:16 GMT
server: cloudflare
etag: 0x8DC90082CE6C842
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dcb52db7-a01e-00a0-4c63-c25cec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 896bb262fe279756-FRA
expires: Thu, 20 Jun 2024 20:40:13 GMT

GET
H/1.1 200
OK d3f3cfba533b89771c92a0cbb82df8b5
upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com/enterprise-portal-support-persons/ 435 KB
435 KB 674ms
283ms Image
application/octet-stream 52.92.208.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com/enterprise-portal-support-persons/d3f3cfba533b89771c92a0cbb82df8b5?response-content-disposition=attachment%3B%20filename%3D%22Nidhi.png%22%3B%20filename%2A%3Dutf-8%27%27Nidhi.png&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEJz%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLXdlc3QtMiJHMEUCIQCpXaveAkohPr09V4EhNuGJ64lgvLApUnEGUxftaBHGGQIgf1wBxWQ%2FWZdZkhU58qJsk0FRUs3EPZw3ZGq%2Bo9dFERcqzQQIRRAAGgw3Mzk5MzkxNzM4MTkiDOszV38kPohru20poSqqBNtKFi7Ah74KTI35agM22XRzPHxLb2%2BfHdmi0AyEmYWBXB7motfMfRJxxw1FptZtJY1pOxcWulghQUmutZiNCYmXaN067D9uVK%2F%2FesyYdigX8ENXXMzFm%2FibUaGXmOSO75NhBzo87bEScRUzdXPp%2ByRcTtoDQrkIKgwx2us%2BznqLQICFxPESZ3ZJomPe6jAs3uMn%2FWxsX1qHJW8%2B7tYxe5DLUpvLKR%2FgqGSVy5AW2%2F2Vn3i8orozXMgT%2F2kqx4ai%2Fc05qIGGbgyw3ow2TJY0gxzNvIIBieLCaKycLR3B3IFA0XUq0bzceJFV8O4StsXWsa85HpumjiKqWheyALwS6Wb%2BIcC1mpp%2B8xKBeXIvI5bfb83LMzGLHRZ3eyXcSuouRhQDIQX2DssI%2BUZWxE8llPjtybmQtbkR6nAqBNApmp2p%2BcaKYfsH085E5E8CbvfuDUmjl1jmAZVY3LImeiLrtz86WrvXq727vkJylULrsz3%2BHXQJlS0IrJYO2TnBmdxtE6r3YQ5SwU0IJlSjeb6AFecNPVLloKuw7qAXcUnRq0KMWNLJCv4qtkLrBpLBqv9z3JjUZAOSWiGGngFYqNOnbAguMXMXzkVxjPWNvScgRHTLnRXi8g3vAAoCsI3FbJ3fQj72NoFy7z81G0UBTAY3XK2AaxcLma9kCfXrFO9EuJivLq5DgUh4MSfZCjRIhyKYU3sYRxBv%2Fvcpy5W0Gt%2BQQxOEEtcbHOxddm8%2BMPSk0LMGOqcB%2BUGMRO9rVUZhMZQiwMLwmfF3OK7tnJhgwsjqCI9q8ZyyszGydwzERtthmG5lEcJ2oyjSck%2FL%2FFZXYktVYfK6FtRCGpmie6zSuj%2BikPnTyDBid6RvtykIP7bir73Zr2Osdbpgwd1upqptE%2BBOIfux8RyIRd%2FAekcDxc2BpER7uxEMRUqOqQ2Ie3bHfY1D0JtZ1AT4qhT80lyvj%2BFUfRgoB6kQhuSPgg4%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240620T121737Z&X-Amz-SignedHeaders=host&X-Amz-Expires=899&X-Amz-Credential=ASIA2YR6PYW52XCRTWHP%2F20240620%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Signature=ba47ecf0183b2cd25d08135b7e51a9ff6bb86a56336d0315882b8fc3356eab5d
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.208.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 157a61adbce226271c92c36b62260ef2cb096bdf8b242406f382b7a10cf7dc12

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 20 Jun 2024 12:17:39 GMT
x-amz-version-id: j3gTDza8fqGT6ryIUDvVLKNyNDFWUCzH
Last-Modified: Thu, 13 Jun 2024 20:09:27 GMT
Server: AmazonS3
x-amz-request-id: 2B189P7MYRP0ZK35
ETag: "1525f987c21f331e76242d819dca6d5a"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
x-amz-storage-class: INTELLIGENT_TIERING
Content-Disposition: attachment; filename="Nidhi.png"; filename*=utf-8''Nidhi.png
Accept-Ranges: bytes
Content-Length: 445047
x-amz-id-2: bie8IyOzowOLPLDLy0/2+IlG43cG3fIz3YNX8Ravcr2bMk3cSMErnyR3QMBGo1C29TS7WdpQmb0=

GET
H3 200 runtime.d064014d.js Show response
www.upwork.com/static/assets/Brontes/ 8 KB
4 KB 139ms
138ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/runtime.d064014d.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d325c2808c93b5b4ca3d854a494e98adf57cc2023681a1392f41103ea3fc7bf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 239077
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 14 Jun 2024 17:03:02 GMT
server: cloudflare
vnd-eo-trace-id: 89524723387b9b78-SJC
etag: W/"833d12598032241b6f59543d6199237c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d97aa05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 ent-navigation.4539a60c.js Show response
www.upwork.com/static/assets/Brontes/ 20 KB
8 KB 281ms
280ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/ent-navigation.4539a60c.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6934d70efd6e83b536353799ac468ababe6d6352c27c156744bc605a3d1c3a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:54 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a981ebf2-SJC
etag: W/"00ef23f2915acdd81ddd2202e132ef4d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d980a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 styles~ent-navigation~enterprise-portal-hero~enterprise-portal-signup~enterprise-portal-support~home~a587c8ba.84dc294a.js Show response
www.upwork.com/static/assets/Brontes/ 46 KB
3 KB 85ms
83ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~ent-navigation~enterprise-portal-hero~enterprise-portal-signup~enterprise-portal-support~home~a587c8ba.84dc294a.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bce9760e9f47ae9c4135502997f443cf5f3cdecc6734bb39f1e3a3c2c5ddbdb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 538043
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e309fa6813-SJC
etag: W/"ba57873f8e6d7c45acf50d9349cdebd5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d982a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 styles~ent-navigation~enterprise-portal-hero~enterprise-portal-signup~enterprise-portal-support~home~9a4683d5.ba5ab67b.js Show response
www.upwork.com/static/assets/Brontes/ 47 KB
3 KB 86ms
84ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~ent-navigation~enterprise-portal-hero~enterprise-portal-signup~enterprise-portal-support~home~9a4683d5.ba5ab67b.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27c557391da7e4723af445651407dce1f66f7069aa554d51df97cfe75eb848a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 629920
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e309fd6813-SJC
etag: W/"b12ea0fa85685ae5813a5e2286f2396d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d983a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 exp~abb523ad.62a129c3.js Show response
www.upwork.com/static/assets/Brontes/styles~ent-navigation~homepage-default~pages/ab/brontes/index~pages/ent/portal/_slug/index~pages/ 4 KB
1 KB 119ms
116ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~ent-navigation~homepage-default~pages/ab/brontes/index~pages/ent/portal/_slug/index~pages/exp~abb523ad.62a129c3.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

571e88386538309440861f725974c3bd1c593cb74f493ebba8ea3e59ac761d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 634447
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e32a1a6813-SJC
etag: W/"82732455b0591461b73797b1a8ab12da"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d987a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 index.2e589861.js Show response
www.upwork.com/static/assets/Brontes/pages/ent/portal/_slug/ 11 KB
5 KB 118ms
115ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/pages/ent/portal/_slug/index.2e589861.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a63c38aeb0e60c313307151337f73293e78b9d987411423ef0f7e008a80dbee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 95401
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a983ebf2-SJC
etag: W/"cae032e176cac9cd2cbbddebb8960c90"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d989a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 index~pa~ba1b28bc.fb6ddde4.js Show response
www.upwork.com/static/assets/Brontes/styles~error-page-PPzLH~pages/ab/brontes/index~pages/ab/brontes/ofac~pages/ent/portal/_slug/ 44 KB
8 KB 290ms
286ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~error-page-PPzLH~pages/ab/brontes/index~pages/ab/brontes/ofac~pages/ent/portal/_slug/index~pa~ba1b28bc.fb6ddde4.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff44fe237fb9ca964a5e4e80cdeccf6a1ddab7e161b6e35144f5941e116de9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a984ebf2-SJC
etag: W/"6d9ff49157b4a39c06e6a4f3a84c5bf1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d98ca05e-FRA
expires: Fri, 20 Jun 2025 12:17:38 GMT

GET
H3 200 index~pa~ef91245b.95cb36a5.js Show response
www.upwork.com/static/assets/Brontes/styles~homepage-default~pages/ab/brontes/index~pages/ab/brontes/ofac~pages/ent/portal/_slug/ 3 KB
1 KB 115ms
112ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~homepage-default~pages/ab/brontes/index~pages/ab/brontes/ofac~pages/ent/portal/_slug/index~pa~ef91245b.95cb36a5.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb4bb552fcf97dcf9b12d78fd8a125d68c8e31e573f5debe29f7cc4bd3654a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 629709
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e309ff6813-SJC
etag: W/"f22e35f03e62591372c7a18dec500fda"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d98fa05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 _.db5676e2.js Show response
www.upwork.com/static/assets/Brontes/styles~homepage-default~pages/ab/brontes/index~pages/ent/portal/_slug/index~pages/sitemaps/ 6 KB
1 KB 245ms
242ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~homepage-default~pages/ab/brontes/index~pages/ent/portal/_slug/index~pages/sitemaps/_.db5676e2.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

215c760526a46bf27d4f7244c855c94f3c30b3639327d660c82eb49b9be72b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 627847
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e33a306813-SJC
etag: W/"79135b8718c0c7c1670ea797bc63bf98"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d995a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 index.ecf060da.js Show response
www.upwork.com/static/assets/Brontes/styles~homepage-default~pages/ent/portal/_slug/index~pages/exp/cl-fl-gateway/ 4 KB
1 KB 125ms
121ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~homepage-default~pages/ent/portal/_slug/index~pages/exp/cl-fl-gateway/index.ecf060da.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f321f18e92ae0e746ace9b37e81f0d47421415201a1784fb48321f4c31617823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 629335
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e3aada6813-SJC
etag: W/"7620969ab6e08eadcd6647d2395c2974"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d996a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 index.20e9b52c.js Show response
www.upwork.com/static/assets/Brontes/styles~for-enterprise~pages/ent/portal/_slug/ 4 KB
1 KB 115ms
112ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~for-enterprise~pages/ent/portal/_slug/index.20e9b52c.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0383b340aa656f750d594eeee08f1b2b5770b020de08f6a9b0a157b9f62fee89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 634392
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e3aae46813-SJC
etag: W/"be14d8188ac52def71d03399dc46445d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d997a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 enterprise-portal-hero.d866e72c.js Show response
www.upwork.com/static/assets/Brontes/ 9 KB
3 KB 218ms
215ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/enterprise-portal-hero.d866e72c.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c53efe1ae303545a95255a04a8ccc9ce1bfeb053600fdbe1dfeb5eb67030707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 95400
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:54 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a985ebf2-SJC
etag: W/"8241ea23c12c852d6ee999872ef57f2b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d999a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 enterprise-portal-stats.9054c5d6.js Show response
www.upwork.com/static/assets/Brontes/ 3 KB
1 KB 267ms
264ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/enterprise-portal-stats.9054c5d6.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d28d6068712685f27f00d5a66d34773e886ed42339fca1a0dd6d642344898739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 14 Jun 2024 20:29:38 GMT
server: cloudflare
vnd-eo-trace-id: 89442cba8a9a3671-SJC
etag: W/"dff139aee10c361278403d4246f6c152"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d99da05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 vendors~up-s-hiw.ded4083e.js Show response
www.upwork.com/static/assets/Brontes/ 55 KB
13 KB 294ms
291ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/vendors~up-s-hiw.ded4083e.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e66845d7ac7cacb62e3cf8282610af8a8789c5886a92d89869a00b2c399ed847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a987ebf2-SJC
etag: W/"65b1a59fc6c896081c308acd8a70e956"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d99fa05e-FRA
expires: Fri, 20 Jun 2025 12:17:38 GMT

GET
H3 200 enterprise-portal-signup.c9eb7d35.js Show response
www.upwork.com/static/assets/Brontes/ 2 KB
2 KB 735ms
732ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/enterprise-portal-signup.c9eb7d35.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bd5827040c44da02b5dd0e8a65a0c0b9f575e50bbef40bffeae45c5e7c38a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:54 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a989ebf2-SJC
etag: W/"9269707c1f5a6f22b91ced3ab7d597d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9a3a05e-FRA
expires: Fri, 20 Jun 2025 12:17:38 GMT

GET
H3 200 styles~enterprise-portal-signup.c8c9ff0c.js Show response
www.upwork.com/static/assets/Brontes/ 4 KB
2 KB 110ms
107ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~enterprise-portal-signup.c8c9ff0c.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c75d2586cc7861790afac380c3ed98e57c42886475e9bd8b91fe7353c565f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 95400
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a98aebf2-SJC
etag: W/"93cb8a7cb33789618e99593f3c8d5e86"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9a7a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 vendors~enterprise-portal-signup.bfe074c3.js Show response
www.upwork.com/static/assets/Brontes/ 46 KB
14 KB 415ms
412ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/vendors~enterprise-portal-signup.bfe074c3.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd62c08c79ef95210aa29235f7152462535d8914b3678162375fad5d20332df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 17 Jun 2024 15:39:57 GMT
server: cloudflare
vnd-eo-trace-id: 8954e46bfe652766-SJC
etag: W/"5a4259b288abad5986c88ce617d967e1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9a8a05e-FRA
expires: Fri, 20 Jun 2025 12:17:38 GMT

GET
H3 200 enterprise-portal-support.23fcd27f.js Show response
www.upwork.com/static/assets/Brontes/ 6 KB
2 KB 100ms
97ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/enterprise-portal-support.23fcd27f.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

825265e880e41d25f1572eb13c759ce69b0e70af91993c41fec85a061b2728db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 95400
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:54 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a98eebf2-SJC
etag: W/"c09eaa2b5e5dd007fa63a5384590f6ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9a9a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 styles~context-switch-menu-rjGvQ~enterprise-portal-support.0826ced3.js Show response
www.upwork.com/static/assets/Brontes/ 2 KB
1 KB 765ms
763ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~context-switch-menu-rjGvQ~enterprise-portal-support.0826ced3.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61ff31d236d04726bb9ad035b273ccf29484b7b7957afb3fd5ae17360c8ae887

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892f0193a990ebf2-SJC
etag: W/"65a29832e68799c8614097a854dcbe79"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9aaa05e-FRA
expires: Fri, 20 Jun 2025 12:17:38 GMT

GET
H3 200 social-facebook-9Tj8t.e4386291.js Show response
www.upwork.com/static/assets/Brontes/ 912 B
851 B 107ms
104ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-facebook-9Tj8t.e4386291.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be6858b057ea929df34884956ef16ca5cfdf4f01d6410022095e4165acff68c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 634445
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effd92a7a8697-SJC
etag: W/"0cda1c7e11e0d0e8688657b5c37786dd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9ada05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 social-linkedin-9kqeO.b2fae6cd.js Show response
www.upwork.com/static/assets/Brontes/ 965 B
982 B 111ms
108ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-linkedin-9kqeO.b2fae6cd.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2889ddfb807b43af836d9c9d3d816ee8b702e24a93e07c19734572fd1f252bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 634432
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effd94abf8697-SJC
etag: W/"5a915362f321f0fc97f2dfe7e89bf228"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9b0a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 social-twitter-BjOGL.bde84c8e.js Show response
www.upwork.com/static/assets/Brontes/ 757 B
889 B 127ms
124ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-twitter-BjOGL.bde84c8e.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc4c8be620adcda694c23b3a8c88a0c6b575d3387353c793c8153252beb0f7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 633936
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effda4ba98697-SJC
etag: W/"c05b106b64346dc460d575091a8d9cf9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9b1a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 social-youtube-Dr8sz.50128738.js Show response
www.upwork.com/static/assets/Brontes/ 1 KB
1006 B 130ms
128ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-youtube-Dr8sz.50128738.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92dd6b57f96cdbd201ea941672aa4f9adcbe5cac987a0109c7404a722322db84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 634232
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effdb5ca68697-SJC
etag: W/"c889afed18126f1447b936e673b32767"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9b4a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 social-instagram-nfzet.3e737fff.js Show response
www.upwork.com/static/assets/Brontes/ 1 KB
878 B 141ms
139ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-instagram-nfzet.3e737fff.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7211f3ec48a8322fe648f7a8b881b6516f9c1bc4198734a25659768b228f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 634336
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effdb9cf18697-SJC
etag: W/"28d559ad3a361861dd36291a307f0547"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9b5a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 apple-G7MUs.a48db3d1.js Show response
www.upwork.com/static/assets/Brontes/ 1 KB
1 KB 115ms
113ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/apple-G7MUs.a48db3d1.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eacf2af43ae2529b027ba4d4d8704df19dd9473c6b2050376a24c0f2112dab0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 628005
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:54 GMT
server: cloudflare
vnd-eo-trace-id: 892effdc7dc48697-SJC
etag: W/"5405beecfa6192fabf89b34ddf1e2829"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9b7a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 android-DSzT1.17aea9bc.js Show response
www.upwork.com/static/assets/Brontes/ 1 KB
973 B 114ms
112ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/android-DSzT1.17aea9bc.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f513a8559aa5882fa461f1a747dc1c870b29f1588ea76704817e7934763695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 629649
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:54 GMT
server: cloudflare
vnd-eo-trace-id: 892effddaf298697-SJC
etag: W/"eea20130533642cf9631ce80961fd619"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9b8a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 commons~app.94aac402.js Show response
www.upwork.com/static/assets/Brontes/ 66 KB
22 KB 123ms
121ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/commons~app.94aac402.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96b9339c928e6ce246fb3f0456247226e232fd8d6a57126ad8f3bab8dd3c6559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 239153
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 14 Jun 2024 17:03:01 GMT
server: cloudflare
vnd-eo-trace-id: 8953fe0ad9767579-SJC
etag: W/"62265911dcf8aec6f9157ad4d51c7ca9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9b9a05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 styles~app.d2a00eb0.js Show response
www.upwork.com/static/assets/Brontes/ 166 KB
21 KB 111ms
110ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~app.d2a00eb0.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38dd0648ac17136f937137513011ec98225d70ab908033987eed02c671dd1580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 634447
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effe0caaf8697-SJC
etag: W/"6391b8012868e7e7737dcf3ffc29db9d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9baa05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H3 200 app.d2ce9f38.js Show response
www.upwork.com/static/assets/Brontes/ 778 KB
212 KB 129ms
128ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/app.d2ce9f38.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2d0f9ab5c9b892a58ff233b137b3926132d9a5d582d2425dabe24a0bb30ab58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 238994
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 14 Jun 2024 17:03:01 GMT
server: cloudflare
vnd-eo-trace-id: 895397877ae5a3bf-SJC
etag: W/"3b7c3ef467ac6fd929f140ab8ee9e1ae"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb262d9bea05e-FRA
expires: Fri, 20 Jun 2025 12:17:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 243 KB
83 KB 61ms
37ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K7572X

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a42f956d5a86cef613414fcad1a35c5186a63e300e111cfb849a79da920ce9ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84116
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jun 2024 12:17:37 GMT

GET
H2 200 beb279fb-8702-46ec-a677-6f14e3828966.json Show response
cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/ 5 KB
2 KB 68ms
44ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/beb279fb-8702-46ec-a677-6f14e3828966.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9587b91572aefc39a177038bad16f4e39e948e8ae9ceb58cd1e08aec32831202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jun 2024 12:17:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2314
content-md5: sR4WvB0y0lbRPVnAbcaekA==
content-length: 1739
x-ms-lease-status: unlocked
last-modified: Thu, 30 Nov 2023 14:41:41 GMT
server: cloudflare
etag: 0x8DBF1B27778A621
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b5f593dd-b01e-009a-2f90-a0cdac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 896bb2635ae930d6-FRA
expires: Fri, 21 Jun 2024 12:17:37 GMT

GET
H3 200 xl.e9b4fd2.jpg
www.upwork.com/static/assets/Brontes/img/ 20 KB
20 KB 719ms
718ms Image
image/webp 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upwork.com/static/assets/Brontes/img/xl.e9b4fd2.jpg

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df91b64a90951856176812d4cd7753823fc6fd7d795ae29a1f205777892e7263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=83972
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="xl.webp"
alt-svc: h3=":443"; ma=86400
content-length: 20452
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Jun 2024 21:16:22 GMT
server: cloudflare
vnd-eo-trace-id: 88feaaab49d9b9fb-SJC
etag: "6ee53e1d5e308f043ec29a73ca99f26e"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 896bb2633a3ea05e-FRA
expires: Fri, 20 Jun 2025 12:17:38 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 76ms
47ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 896bb263ca2d9b34-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/ 403 KB
97 KB 31ms
31ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jun 2024 12:17:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fuN6EZWNAh2xn3yE+0HSRQ==
age: 2514
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99428
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:48 GMT
server: cloudflare
etag: 0x8DB81B7897E828A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bb61c14c-801e-006c-0ac6-0bd214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 896bb264184e9756-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/afd6b9b0-8d93-441b-8b0d-2a49a9fc9965/ 107 KB
25 KB 41ms
41ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/afd6b9b0-8d93-441b-8b0d-2a49a9fc9965/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef7be6c99644d8250736cdef74476044c13f35c29096c151e1104260156a630e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jun 2024 12:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 18182
content-md5: IN4ESRoVBVuc8Mbny2rHPQ==
content-length: 25298
x-ms-lease-status: unlocked
last-modified: Thu, 30 Nov 2023 14:41:53 GMT
server: cloudflare
etag: 0x8DBF1B27EBC3E9E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5591abf0-001e-0062-4e9b-23fba4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 896bb2646c7030d6-FRA
expires: Fri, 21 Jun 2024 12:17:38 GMT

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 10 KB
3 KB 29ms
29ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b45c6cd9209d6f0f4c59e7a3b7db80a0f642898d4728fef9252155a6d264427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jun 2024 12:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5i2GgzdnYr7xAXvUmxvWyw==
age: 71772
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2606
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:43 GMT
server: cloudflare
etag: 0x8DB81B78646D554
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 78efb154-701e-00a5-25f4-b57a70000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 896bb264bcdd30d6-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 21 KB
4 KB 27ms
27ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 71761
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d288241b-d01e-0085-6d77-39145e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 896bb264bcdf30d6-FRA

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
624 B 21ms
21ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 63782
x-ms-lease-status: unlocked
last-modified: Wed, 19 Jun 2024 02:33:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d78e67d0-001e-008f-5bf8-c1ddd6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 896bb264f9d79756-FRA

GET
H3 200 workbox-window.prod.es5-eZxxJ.928d88de.js Show response
www.upwork.com/static/assets/Brontes/ 5 KB
2 KB 50ms
49ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/workbox-window.prod.es5-eZxxJ.928d88de.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/runtime.d064014d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3ddc5791631b0b44abb81d8450d80b65ef74d17d5b790dc54e22d0956129a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 20407
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effe6493b8697-SJC
etag: W/"d7bcbf6e2f238895a45eebfe8af6f1e3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb267da21a05e-FRA
expires: Fri, 20 Jun 2025 12:17:38 GMT

GET
H3

200

main.js Show response
www.upwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame DE7C
Redirect Chain

https://www.upwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.upwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

8 KB
4 KB

62ms
62ms

Script
application/javascript

104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fe6ccf92f1b1c205e30f05d15fea80f56fe144ce902bc2be7f0e4af5947f015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 896bb2686b1fa05e-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 896bb267fa66a05e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 553 KB
137 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7572X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67932384618d6d0f9cd2babf7110316262b6c0537cf1a19ab64c544711329465

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139714
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jun 2024 12:17:38 GMT

GET
H3 200 loader.nuxt.js Show response
www.upwork.com/nx/suit2/ 1 KB
1 KB 358ms
357ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/suit2/loader.nuxt.js?t=1718885858581

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/app.d2ce9f38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b357e7978dda3b6d62947687eb3e83ca11e32f328ad65eefc56b986a67ddff1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-to csp-endpoint, report-to csp-endpoint
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 27 Mar 2024 11:59:30 GMT
server: cloudflare
vnd-eo-trace-id: 896bb2682aaea05e-SJC
etag: W/"cd3c097277047563150c5e2bf330e1d5"
x-frame-options: SAMEORIGIN
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}, {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 896bb2682aaea05e-FRA
expires: Thu, 20 Jun 2024 16:17:38 GMT

GET
H3 200 loader_only.js Show response
www.upwork.com/static/iovation/5.2.2/ 4 KB
2 KB 55ms
55ms Script
application/x-javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/iovation/5.2.2/loader_only.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/app.d2ce9f38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 5005
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 27 Jul 2021 10:37:17 GMT
server: cloudflare
vnd-eo-trace-id: 862e0a9e1ed3f947-SJC
etag: W/"8422458b55fbda403437065dd5557abf"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 896bb2682ab2a05e-FRA
x-amz-meta-last-modified: 1593693054000
expires: Thu, 20 Jun 2024 16:17:38 GMT

GET
H3 200 ofac~up-s-hiw.274fcab1.js Show response
www.upwork.com/static/assets/Brontes/styles~error-page-PPzLH~homepage-default~modal-8bCAb~pages/ab/brontes/ 1 KB
862 B 50ms
50ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~error-page-PPzLH~homepage-default~modal-8bCAb~pages/ab/brontes/ofac~up-s-hiw.274fcab1.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/runtime.d064014d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe257ddd8219a79fda741b4cb6dd900d172acd25cb1f8fc6840fc3f23322b532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 631167
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 00:52:10 GMT
server: cloudflare
vnd-eo-trace-id: 892e27e32a256813-SJC
etag: W/"70575dd2f27d0ee400b2a55fc629ddad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb2688b4ba05e-FRA
expires: Fri, 20 Jun 2025 12:17:38 GMT

GET
H/1.1

200
OK

static_wdp.js Show response
first.iovation.com/general5/
Redirect Chain

https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

40 KB
17 KB

215ms
30ms

Script
text/javascript

52.129.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7bdfd46cdac7d6e9a54b7e63d8c43cce2a82269cc72c3a2cb471eab955240a5b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 20 Jun 2024 12:17:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Expires: Sat, 20 Jul 2024 12:17:38 GMT

Redirect headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/html
location: https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
cache-control: max-age=3600
cf-ray: 896bb2689b82a05e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Thu, 20 Jun 2024 13:17:38 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 42 KB
19 KB 137ms
35ms Script
text/javascript 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/iovation/5.2.2/loader_only.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

301d5567daa8c81c63dec9597686c019f68f650d0618408afa477ed26545e3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 20 Jun 2024 12:17:38 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H3 200 snippet-HysiX.541a8e47.js Show response
www.upwork.com/static/assets/Brontes/ 7 KB
3 KB 48ms
48ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/snippet-HysiX.541a8e47.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/runtime.d064014d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31d274b93510b742cb3b453c56edaa03ec15348595499159452f62a039c03006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 634389
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 03:15:55 GMT
server: cloudflare
vnd-eo-trace-id: 892effe7fb0a8697-SJC
etag: W/"20e2e7d71026548e5541dae94cbd062e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb2689b89a05e-FRA
expires: Fri, 20 Jun 2025 12:17:38 GMT

GET
H2 204 202452b9c34b.js Show response
w.usabilla.com/ Frame 970F 0
91 B 157ms
53ms Script
text/plain 54.171.39.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/202452b9c34b.js?lv=1
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.39.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-39-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 12:17:38 GMT
cache-control: public, max-age=60
x-widget-server: 2.1

GET
H2 200 516858f3f9efc799b493c6fec34c75df.js Show response
ob.cityrobotflower.com/i/ 102 KB
38 KB 69ms
14ms Script
text/javascript 2600:9000:2447:800:2:7cf7:d580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7572X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:800:2:7cf7:d580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 1e837eca11064539d74363456b3a205f2b0b27f381999b9b59c42263d91a14cb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 08:36:13 GMT
content-encoding: gzip
via: 1.1 c27d2e9d4c6e59d1b92ac8671f0bfb9c.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: AMS58-P5
age: 13285
etag: "198ec-Fd0ngLLY4CQS72euSVzmF4eRYJE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 38272
x-amz-cf-id: EK-o0Bl6wS_ggAbXJWWRbPW8gQk3AMk0gboJSxXlr2JavtHs3Dr6Nw==
expires: Thu, 20 Jun 2024 20:36:13 GMT

GET
H3 200 gtm-snippet.min.js Show response
assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/ 1 KB
1 KB 58ms
32ms Script
application/x-javascript 104.16.16.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/gtm-snippet.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.16.72 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
x-amz-version-id: ZweJj09ERuB7hGd43xe8zP0W7iYDRk9P
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 0FGN5C0M9332W6J7
age: 137
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KDhRrH920QqlJNxiy9Q9pl+ZhsNRcZzhQ41MXVrUPrVRwhlworvtLnyzhUa6A/EuDb+hZfNOkao+/UuPZXfxgg==
last-modified: Wed, 28 Jul 2021 04:55:45 GMT
server: cloudflare
etag: W/"f65b2f243a458c9aae9b29262e8b2877"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 896bb2692f633625-FRA
x-amz-meta-last-modified: 1532366449000
expires: Thu, 20 Jun 2024 16:17:38 GMT

POST
H3 200 896bb2602cc4a05e Show response
www.upwork.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame DE7C 0
438 B 35ms
35ms XHR
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/cdn-cgi/challenge-platform/h/g/jsd/r/896bb2602cc4a05e

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 896bb2697d4ba05e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.7.0/ 505 B
1 KB 33ms
33ms Script
text/javascript 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.7.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ce31230a7973f93e8cddcead84af9facf7c69ba1809395079c31783d6980fd84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 20 Jun 2024 12:17:38 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Fri, 20 Jun 2025 12:17:38 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 40ms
32ms Media
audio/mpeg 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.798150943785404

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

03e9913e8d404e6dc9580f9f64b7deb65f27cd65fbb7f71e9435d7e5c3b1b294

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.upwork.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Pragma: public
Date: Thu, 20 Jun 2024 12:17:38 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 script.js Show response
4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/ 453 KB
199 KB 84ms
22ms Script
application/javascript 2600:9000:262a:b400:f:1b37:e600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/script.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:b400:f:1b37:e600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

08ee2ce16493a97b0f9c7c46570cf989757232ece682aaa921969c600a24eebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:38 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
via: 1.1 2c3da44501476a8019710c3ae4a409c4.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 20 Jun 2024 12:06:18 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/4c4cc75a16ed/21038803700
etag: W/"a6af2843a97100cebdaebad2dc802cf4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, immutable, max-age=600
timing-allow-origin: *
x-amz-cf-id: 0BoHSW5HlzfNJ8YeGPxigXuw9gWcd83wFkL2fJJfy6hMXez6ouX2Ow==

GET
H2 200 ct Show response
obs.cityrobotflower.com/ 6 KB
3 KB 366ms
140ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/ct?id=35075&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Ftiktok%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1718885858907&hl=2&op=0&ag=3514327459&rand=931779668185811861072512899066175326594990712220710205212719745801112921890791100825&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDkzNjRdLFsiYWJuY2giLDEyXSxbLTE3LCIxMSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTI5LCItIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkge1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAgICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAgICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAgICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9XSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcIm9nOnRpdGxlXCIsXCJ0d2l0dGVyOnRpdGxlXCIsXCJkZXNjcmlwdGlvblwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTYsIjAiXSxbLTIzLCIrIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsNSx0cnVlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTUxLCItIl0sWy0xMywiLSJdLFstMzIsIi0iXSxbLTQxLCItIl0sWy00NywiRXVyb3BlL0JlcmxpbixkZS1ERSxsYXRuLGdyZWdvcnkiXSxbLTYsIi0iXSxbLTE0LCItIl0sWy0xOCwiWzAsMCwwLDFdIl0sWy0yMCwiLSJdLFstMzMsIi0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstNDAsIjMzIl0sWy0yLCIxNixlQUhXWDEvZjNxekN2Ymt1eW1Rd2dsSWFGM3BFc1JFRVRwb1ZkRlZCUVFwUmNSQkZTS0lJZ2lSSXIwS2hKUnFwU0F0Q0FrUUhwSXp5YmJYcG1aci81L2Q5NmJ6Y3VTQVBKL0d0Il0sWy0yNCwiW10iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00OCwiMCwwIl0sWy01OSwiZGVmYXVsdCJdLFstNjMsIi0iXSxbLTEsIi0iXSxbLTE5LCJbMTE3MCwxNTcwLDExNzAsMTU3MCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0zMCwiW1widlwiLDBdIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbLTUzLCIxMDAiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUW9KQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZGZYQmtSVVUxTlNVb0RGaFpXV3hkYVVFMUFTMVpiVmsxZlZWWk9YRXNYV2xaVUZsQVdEQWdQQVF3Qlh3cGZBRnhmV2c0QUFGc05BQXBhRDE5Y1dnb05XZzRNWFY4WFUwb0RDQU1QRGcwSUR4QVZXRTBaU3hrUlVVMU5TVW9ERmhaV1d4ZGFVRTFBUzFaYlZrMWZWVlpPWEVzWFdsWlVGbEFXREFnUEFRd0JYd3BmQUZ4ZldnNEFBRnNOQUFwYUQxOWNXZ29OV2c0TVhWOFhVMG9EQ0E9PSJdLFstNTgsIi0iXSxbLTY0LCJbMCxcIldpbjMyXCIsW3tcImJcIjpcIkdvb2dsZSBDaHJvbWVcIixcInZcIjpcIjEyNlwifSx7XCJiXCI6XCJOb3Q6QS1CcmFuZFwiLFwidlwiOlwiOFwifSx7XCJiXCI6XCJDaHJvbWl1bVwiLFwidlwiOlwiMTI2XCJ9XV0iXSxbLTcsIi0iXSxbLTIxLCItIl0sWy0yNywiWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTY1LCItIl0sWy02NywiLSJdLFstMjYsIntcInRqaHNcIjozODU3NTE2MCxcInVqaHNcIjoyMjk0NjUxNixcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFstMzUsIlsxNzE4ODg1ODU4ODk0LC0yXSJdLFstNDksIi0iXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjM3Mzc1NTk5ODZcIixcIjM0MTg0MjE3MjBcIixcIjI0MjQ4OTY1MDJcIl0sXCJkXCI6W10sXCJiXCI6W10sXCJzXCI6MX0iXSxbLTU1LCIxIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTUsIi0iXSxbLTI1LCItIl0sWy0zOCwiaSwtMSwtMSwxOTksMCwwLDAsMCwwLDQyOSwtMSwwLDc1MC4zLDc1MC4zLDE4MDQsMTgwNSJdLFstNTIsIi0iXSxbLTYwLDIwN10sWy02MiwiODAiXSxbLTQsIi0iXSxbLTgsIi0iXSxbLTQ0LCIwLDAsMCw1Il0sWy00NiwiMCJdLFstNjYsImdlb2xvY2F0aW9uLHN0b3JhZ2VhY2Nlc3MsZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixicm93c2luZ3RvcGljcyxwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LGxvY2FsZm9udHMsb3RwY3JlZGVudGlhbHMsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxzaGFyZWRzdG9yYWdlLGNoZG93bmxpbmssY2hwcmVmZXJzY29sb3JzY2hlbWUsc3luY3hocixjaHVhbW9kZWwsY2hwcmVmZXJzcmVkdWNlZHRyYW5zcGFyZW5jeSxzZXJpYWwsY2FtZXJhLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24scHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LGNodWFmdWxsdmVyc2lvbixmdWxsc2NyZWVuLGNoZHByLHVubG9hZCxrZXlib2FyZG1hcCxjaHVhcGxhdGZvcm0sc2hhcmVkc3RvcmFnZXNlbGVjdHVybCxneXJvc2NvcGUsaW50ZXJlc3Rjb2hvcnQsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEscHVibGlja2V5Y3JlZGVudGlhbHNjcmVhdGUsbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGNodWFmb3JtZmFjdG9ycyxpZGxlZGV0ZWN0aW9uLGNodWFwbGF0Zm9ybXZlcnNpb24sY2h3aWR0aCxjbGlwYm9hcmRyZWFkLGNodmlld3BvcnR3aWR0aCxjb21wdXRlcHJlc3N1cmUscGF5bWVudCxjaHZpZXdwb3J0aGVpZ2h0LGNocnR0LGF1dG9wbGF5LGNyb3Nzb3JpZ2luaXNvbGF0ZWQsaGlkLGNodWFiaXRuZXNzLHNjcmVlbndha2Vsb2NrLHByaXZhdGVhZ2dyZWdhdGlvbixjbGlwYm9hcmR3cml0ZSxhdHRyaWJ1dGlvbnJlcG9ydGluZyxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy02OCwiLSJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjQsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTMwODIwMjc5LFwic2VjXCI6XCJcIn0iXSxbImJuY2giLDczXSxbLTksIisiXSxbLTEwLCItIl0sWy0xNSwiLSJdLFstMzEsImZhbHNlIl0sWy0zNCwiLSJdLFstNDUsIi0iXSxbLTUwLCItIl0sWy02MSwie1wid2dzbFwiOlwiNDtyZWFkb25seV9hbmRfcmVhZHdyaXRlX3N0b3JhZ2VfdGV4dHVyZXM7cGFja2VkXzR4OF9pbnRlZ2VyX2RvdF9wcm9kdWN0O3VucmVzdHJpY3RlZF9wb2ludGVyX3BhcmFtZXRlcnM7cG9pbnRlcl9jb21wb3NpdGVfYWNjZXNzO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWyJkZGIiLCIwLDE1LDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwwLDEsMCwxLDAsMCwyLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDIsMCwwLDAsMCwwLDAsMCwwIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDUsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwyLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCw0LDAsMCwwLDAsMCwwLDAsMSwwIl1d&dep=0&pre=0&sdd=%7B%7D&cri=DWqyGEERyv&pto=1817&ver=61&gac=-&mei=&ap=&fe=1&duid=1.1718885858.Ni5I0aGPTNGLUsAK&suid=1.1718885858.HXUQlO5KkCB4BPMp&tuid=1.1718885858.7sYg7zsLtQSHUbH9&fbc=-&gtm=WyJPbmVUcnVzdExvYWRlZCIsIk9wdGFub25Mb2FkZWQiLCJPbmVUcnVzdEdyb3Vwc1VwZGF0ZWQiXQ%3D%3D&it=61%2C1625%2C80&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=inp.1.0%3B&sck=-
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 705fa63940465e99e195213c22127be0fc13a640c6b90bd10a97c3337bdb7ac9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript
pragma: no-cache
date: Thu, 20 Jun 2024 12:17:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 2556
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.iife.min.js Show response
www.upwork.com/static/suit2-tracker/0.3.23/ 92 KB
35 KB 82ms
81ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/suit2-tracker/0.3.23/index.iife.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/suit2/loader.nuxt.js?t=1718885858581

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a132064ca587aaad8529b705c1b9d78a0d4575c5e735d7e2545ebcb052fd6ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 7339446
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 27 Mar 2024 07:40:18 GMT
server: cloudflare
vnd-eo-trace-id: 86af41fa1bfe682f-SJC
etag: W/"1194b63cbf7f83a6edd79e893888786d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 896bb26a7f45a05e-FRA
expires: Fri, 20 Jun 2025 12:17:39 GMT

GET
H/1.1

200
OK

dyn_wdp.js Show response
first.iovation.com/5.7.0/
Redirect Chain

https://www.upwork.com/iojs/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

2 KB
2 KB

28ms
28ms

Script
text/javascript

52.129.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 80a1e06663a8a6acd40b22affa8c640682353670ba812db922bc91b2224fdba2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: 2024-Jun-20 12:17:39
Content-Encoding: gzip
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
p3p: CP="NON DSP COR CURa"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, private
Keep-Alive: timeout=2, max=96
Content-Length: 1340
Expires: 0

Redirect headers

date: Thu, 20 Jun 2024 12:17:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/html
location: https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
cache-control: max-age=3600
cf-ray: 896bb26a7f49a05e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Thu, 20 Jun 2024 13:17:38 GMT

GET
BLOB 200
OK 93b0a3dd-32d2-46dd-8062-4e515f6773e6
https://www.upwork.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/93b0a3dd-32d2-46dd-8062-4e515f6773e6
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0df60163198d0100f1db18b35908e0932a1b5ab97c0c0bc9e88c9ef4696ac92b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 5305
Content-Type: application/javascript

POST
H3 200 suit Show response
www.upwork.com/shitake/ 2 B
672 B 194ms
194ms XHR
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/shitake/suit

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/suit2-tracker/0.3.23/index.iife.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json; charset=UTF-8
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upwork.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 896bb26b1882a05e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 31ms
31ms Media
audio/mpeg 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.7343543837240598

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

03e9913e8d404e6dc9580f9f64b7deb65f27cd65fbb7f71e9435d7e5c3b1b294

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.upwork.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Pragma: public
Date: Thu, 20 Jun 2024 12:17:39 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

logo.js Show response
first.iovation.com/5.7.0/
Redirect Chain

https://www.upwork.com/iojs/5.7.0/logo.js
https://first.iovation.com/5.7.0/logo.js

505 B
1 KB

33ms
33ms

Script
text/javascript

52.129.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/5.7.0/logo.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1e54534c974bbc07ecc5b78afa26f31312f1798a2a8075e89784fd03d62b59e0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 20 Jun 2024 12:17:39 GMT
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Content-Length: 505
Expires: Fri, 20 Jun 2025 12:17:39 GMT

Redirect headers

date: Thu, 20 Jun 2024 12:17:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/html
location: https://first.iovation.com/5.7.0/logo.js
cache-control: max-age=3600
cf-ray: 896bb26b38cba05e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Thu, 20 Jun 2024 13:17:39 GMT

GET
BLOB 200
OK 43e0e598-7eb1-43aa-b58f-6510ad02eabb
https://www.upwork.com/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/43e0e598-7eb1-43aa-b58f-6510ad02eabb
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 116341e758cd57fd6290deaa09cba71b0b4c2b49118222f830ed0479369c05da

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 2372
Content-Type: application/javascript

GET
H2 200 / Show response
cdn123.forter.com/ 34 B
336 B 65ms
27ms XHR
application/json 143.204.215.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn123.forter.com/?u=983ec030004f48d1ae4f5abc3e243caf&v=2
Requested by: Host:
URL: (program):2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-68.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4b8e0c89c66547715fc07bec03202c36fc4ce74355c3bf8e1a79bb459175c553

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jun 2024 12:17:39 GMT
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 34
x-amz-cf-id: 1-URYKBzt8DL7VRHhM8NSLahZVa6cJ2pr9WXdr5zU335yu-e5255wg==

GET
H2

200

77b759ce6f4a2f7b3d24b64c18a652bea1e69a5d2bd91436bbb3635bbc979342ac7f4acf6b1f5fe2d1f540d6a279 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/77b759ce6f4a2f7b3d24b64c18a652bea1e69a5d2bd91436bbb3635bbc979342ac7f4acf6b1f5fe2d1f540d6a279

0
316 B

121ms
121ms

XHR
text/plain

2600:9000:20b4:b800:e:d088:5c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/77b759ce6f4a2f7b3d24b64c18a652bea1e69a5d2bd91436bbb3635bbc979342ac7f4acf6b1f5fe2d1f540d6a279

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Server

2600:9000:20b4:b800:e:d088:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 20 Jun 2024 12:17:39 GMT
via: 1.1 52565866975cd7c0daa261ea0388bad4.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
x-amz-cf-id: XqhgxL05Qocw_dvG8vUNzCJJujE1n4DA2aQP12RkQcgh5iqe1jNaLQ==

Redirect headers

date: Thu, 20 Jun 2024 12:17:39 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 52565866975cd7c0daa261ea0388bad4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/77b759ce6f4a2f7b3d24b64c18a652bea1e69a5d2bd91436bbb3635bbc979342ac7f4acf6b1f5fe2d1f540d6a279
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
x-amz-cf-id: K3uBZ1SXfBfcK98sKc_9xS-qxSDxZXBCHGOuhkUGtY1JxfhCVfm1HA==

GET
BLOB 200
OK 7e2a93e4-961e-4194-bdfe-144ad00cb144
https://www.upwork.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/7e2a93e4-961e-4194-bdfe-144ad00cb144
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 724e80fc18a25fd67f9a3ea749a906c2467d1bf1b06dc190fb3e0f680cf8bc1c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 17453
Content-Type: application/javascript

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/983ec030004f48d1ae4f5abc3e243caf/ 20 B
358 B 461ms
231ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/983ec030004f48d1ae4f5abc3e243caf/prop.json?_=1718885859214
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 20 Jun 2024 12:17:39 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
BLOB 200
OK 4127af5d-d519-48f1-9b73-ac9fee1a702d
https://www.upwork.com/ 68 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/4127af5d-d519-48f1-9b73-ac9fee1a702d
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aebf5e11b85a9ca6377b615fca84ca9c0db26ff5c81d59a985a864d5239926c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 68
Content-Type: application/javascript

POST
H3 200 suit Show response
www.upwork.com/shitake/ 2 B
671 B 246ms
245ms XHR
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/shitake/suit

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/suit2-tracker/0.3.23/index.iife.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json; charset=UTF-8
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upwork.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 896bb26c7af9a05e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

POST
H2 200 events
cdn3.forter.com/ 0
414 B 182ms
103ms Ping
text/plain 18.239.94.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-23.ams1.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 12:17:39 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 92cfe9224b3a51aff944c5d8ac7bf798.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: YzplZ7P-yrTp8PZI5U7a1j0IIfIQK21HiuagAlKHAgvwxd1KFdH4XQ==
expires: -1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 29ms
11ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Jun 2024 12:17:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1368, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: cQn35DBVtjL5y4weBfHMuK5aqsz6UFLJQ43+PV9i2OCHnGX5FKpfAdPuqcsSTLwPg4deJIfG2O7pJjBxojVLtA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
92 KB 32ms
32ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-972598239&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7572X

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

688de78c654dbc042faba05ed13dd849e4889766b73aa8421a03b2e5109dab1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93731
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jun 2024 12:17:39 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/972598239/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=1491086306&sscte=1&crd=CLHBsQIIsMGxAgi5wbEC&ps...
https://www.google.com/pagead/1p-conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=1491086306&sscte=1&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIo_y86JTqhgMVO...
https://www.google.de/pagead/1p-conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=1491086306&sscte=1&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIo_y86JTqhgMVOm...

42 B
64 B

109ms
24ms

Image
image/gif

142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=1491086306&sscte=1&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIo_y86JTqhgMVOmceAh0HOgrfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLeYEljE-cFxMy7XCFfE6awvIGYI4Fwg&random=2324452156&ipr=y

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 12:17:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jun 2024 12:17:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/972598239/?label=f4FGCLPWhoUYEN_X4s8D&guid=ON&script=0&ct_cookie_present=false&random=1491086306&sscte=1&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIo_y86JTqhgMVOmceAh0HOgrfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLeYEljE-cFxMy7XCFfE6awvIGYI4Fwg&random=2324452156&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc_imp.gif
obs.cityrobotflower.com/tracker/ 43 B
79 B 101ms
100ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cityrobotflower.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126be6cf3def4f8f949225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d148d6a2217071a10acf9f29f67498386895178381ffa2b2255d5388a639652615423c504030c670d5fc6bf684f77be26bb25cb43e2913bf05365ac5c7e721bda53ee46f497d5d83fbb2807ff7ecaa8556d8e0e3143714493d60266a060b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7928677a0ddc05afb35cd0e6f2094f79fb6f12a93daf07785715b90ebc33e4e47f73767a9991362e8d9fe268b57ac44b1834dca1a98c676913a6097cf208b778cc0b6a69de5e71a2bf333a4feb875433eae8b27d4f401b95a5946901a44c09096c5d1f5c931c5259d99b99e35fc716b22877666829f98582ad9a533e541e1940dce24e13d524c57dd3bb34d8496ff24f6c7398744a7a9fb9b29ce590435ae1054447d092691e223a442d0cb9734a28e25a5d06c94c2e8f43dd7f0e655616ddefb4c459bf9495601e0e7e737e063c5b44ee5f270a060b266c420884d82f678be4e35eebc8f74232d365159570542f4a5f538c008a5585c5f3bbae85dd5f31b0ff7a4dcb8ba70c3ede4fc86e4aef14b4f3fe74686b6596a9f42651bd76441706cf67ba76a18c2ebc36b9661d72588aa30ccb80d9a79132020027f1480c1e4db3f73499b184590d3c5baacd7500d9daca07e91c66f66d9d1162074fa97d94a3cb0268443821ce33e870fddc817e4a734e299e5ce8a1327b6b429699077b88cb7aa1e9464311e009c763d09b4da5fde9b74aee7ecb4318ef6fc21122504fb64ff17a047b39f6891334b29493f757ae944f6e95634e510c5dcae46abcb3fec0933bd0d6e68dab1851850fc70eb8f17db0f39084fb43e249ca894019c5074d9f957c0bca59ad23ad34f493057b2213758f7fd104ef878beeccb2d93c1b85f192dde3573594096480e84ccb9414ece707bd28b95159c96a8c55a21b32ca9473707de442263c7905914c9c4e9d5e1bb0ff37afb2cc72fc193109baeab7a25e5875cd0c1fde191b1c4c7374185fa370ad86cd018975efdf67aebddc7dc71b28fc9eaa20502d493baa1109a0dd6050468443996d36c7b&cri=DWqyGEERyv&ts=458&cb=1718885859365
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 20 Jun 2024 12:17:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK 0a4410f7-43ba-4d36-b7b7-8ef9e6252c42
https://www.upwork.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/0a4410f7-43ba-4d36-b7b7-8ef9e6252c42
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d55b00ca87771c0dc5e879244be08237f10dcf9ad3b713cf9aba808e8de9527

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK 2b91d3f7-5c07-45a7-bdbc-2fa095ed87b2
https://www.upwork.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/2b91d3f7-5c07-45a7-bdbc-2fa095ed87b2
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5df2c08bc242059b1e11b07fe702e5ed8717f02f7d2dd6ee9ac6852d43f1ffe0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H2 200 463930381624031 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 14ms
11ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/463930381624031?v=2.9.158&r=stable&domain=www.upwork.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2b768cf6560dc10972a9db5a62452801ccecd8bbc6712470b55dda6459683e77

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Jun 2024 12:17:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12528
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=61, mss=1368, tbw=63560, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: vL27j1QzGYfJjI9gyk4Xp7BO7g4ESOXS3x6p0caXuD1eufB1ZBm6YfLojQ8Al1VDZJi3hASI62Xhk5W0+HTFdA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/972598239/ 3 KB
2 KB 56ms
56ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/972598239/?random=1718885859453&cv=11&fst=1718885859453&bg=ffffff&guid=ON&async=1&gtm=45be46h0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Ftiktok%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=175858148.1718885859&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972598239&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

cd1c311d2d3f8d5060a54a908867177164140f4ff3d2066e9f12c5ecfd5b2f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 12:17:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1648
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 816554411748126 Show response
connect.facebook.net/signals/config/ 39 KB
7 KB 13ms
12ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/816554411748126?v=2.9.158&r=stable&domain=www.upwork.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C119%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

2f579fe81f367a99c534f2fe2e24009c5cd8a57a24360ced683923fa1fae23eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Jun 2024 12:17:39 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7365
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=23, mss=1232, tbw=4619, tp=11, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: /aKCta6CTsqkZhkO/g/ttqrCjFbv8TMGDY1fb2DUI6C7wbwHzmUF+OQxLv8kyAR0UoD28eYvKaC/+0xwjrtz4w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 130ms
11ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Ftiktok%2F&rl=&if=false&ts=1718885859471&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718885859470.399059233798892076&ler=empty&cdl=API_unavailable&it=1718885859414&coo=false&rqm=GET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1368, tbw=2884, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Jun 2024 12:17:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 291ms
172ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Ftiktok%2F&rl=&if=false&ts=1718885859471&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718885859470.399059233798892076&ler=empty&cdl=API_unavailable&it=1718885859414&coo=false&rqm=FGET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0c17a0af9b971eed","source_keys":["1","2"]},{"key_piece":"0x3492a73150c86b53","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 20 Jun 2024 12:17:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382558551008404125", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=18, mss=1368, tbw=3357, tp=-1, tpl=-1, uplat=164, ullat=0
pragma: no-cache
x-fb-debug: Yr9dFRfBMRMYrBruEBQqvhJdM0Usc+yannoORfaL/QrBzyPx9Zef8vG3Yk7wjCGrp4AvyoFRLcCwW1f6V26uHQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382558551008404125"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 103ms
11ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Ftiktok%2F&rl=&if=false&ts=1718885859496&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.1.1718885859470.399059233798892076&ler=empty&cdl=API_unavailable&it=1718885859414&coo=false&rqm=GET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1368, tbw=3170, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Jun 2024 12:17:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1019 B 285ms
194ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Ftiktok%2F&rl=&if=false&ts=1718885859496&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.1.1718885859470.399059233798892076&ler=empty&cdl=API_unavailable&it=1718885859414&coo=false&rqm=FGET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0c17a0af9b971eed","source_keys":["1","2"]},{"key_piece":"0x3492a73150c86b53","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 20 Jun 2024 12:17:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382558551813958586", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=18, mss=1368, tbw=8307, tp=-1, tpl=-1, uplat=185, ullat=0
pragma: no-cache
x-fb-debug: Qufe3w8ChfbDlsXYMJuxtA4LT9lXvAAXVbxeHImu/jDLigVYFAczeGGa5A1cLZOuGr/+AkipH5u2z00gN3OSiw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382558551813958586"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 103ms
12ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=816554411748126&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Ftiktok%2F&rl=&if=false&ts=1718885859499&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718885859470.399059233798892076&ler=empty&cdl=API_unavailable&it=1718885859414&coo=false&rqm=GET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1368, tbw=3170, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Jun 2024 12:17:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 280ms
189ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=816554411748126&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Ftiktok%2F&rl=&if=false&ts=1718885859499&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718885859470.399059233798892076&ler=empty&cdl=API_unavailable&it=1718885859414&coo=false&rqm=FGET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe678bf3f0e126bd9","source_keys":["1","2"]},{"key_piece":"0x5422f7c4751d6dc4","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 20 Jun 2024 12:17:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382558551276073382", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=18, mss=1368, tbw=7067, tp=-1, tpl=-1, uplat=180, ullat=0
pragma: no-cache
x-fb-debug: pxnAKnY24TOdl++G2PsilXliuYqbBIYMXPlX7OssD3vb7hsy3inu6W1hi7K2B7DPjpq0nZlFTHR6xlv1CGUrmA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382558551276073382"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/972598239/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=2110514148&cv=11&fst=1718885859453&bg=ffffff&guid=ON&async=1&gtm=45be46h0v894577659za200zb71021727&gcd=13l3l3l2l1&...
https://www.google.com/pagead/1p-conversion/972598239/?random=2110514148&cv=11&fst=1718885859453&bg=ffffff&guid=ON&async=1&gtm=45be46h0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&...
https://www.google.de/pagead/1p-conversion/972598239/?random=2110514148&cv=11&fst=1718885859453&bg=ffffff&guid=ON&async=1&gtm=45be46h0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&t...

42 B
64 B

96ms
26ms

Image
image/gif

142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/972598239/?random=2110514148&cv=11&fst=1718885859453&bg=ffffff&guid=ON&async=1&gtm=45be46h0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Ftiktok%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=175858148.1718885859&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2UsIHRyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIo63B6JTqhgMVVGceAh1d-xuUMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLq9SkZnvPBL7wHdQ-IxVM268KhGmXtw&random=3119431812&ipr=y

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/

Protocol

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 12:17:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jun 2024 12:17:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/972598239/?random=2110514148&cv=11&fst=1718885859453&bg=ffffff&guid=ON&async=1&gtm=45be46h0v894577659za200zb71021727&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Ftiktok%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=175858148.1718885859&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2UsIHRyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIo63B6JTqhgMVVGceAh1d-xuUMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwDaQooLq9SkZnvPBL7wHdQ-IxVM268KhGmXtw&random=3119431812&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/983ec030004f48d1ae4f5abc3e243caf/ 20 B
358 B 96ms
96ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/983ec030004f48d1ae4f5abc3e243caf/prop.json?_=1718885859680
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 20 Jun 2024 12:17:39 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

POST
H/1.1 200
OK prop.json
983ec030004f48d1ae4f5abc3e243caf-4c4cc75a16ed.cdn.forter.com/ 2 B
622 B 329ms
103ms Ping
application/json 100.26.87.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://983ec030004f48d1ae4f5abc3e243caf-4c4cc75a16ed.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 100.26.87.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-87-64.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 20 Jun 2024 12:17:40 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Wed, 19 Jun 2024 12:06:54 GMT
Server: Apache
ETag: "2-61b3d08cdc52b"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK dsG.js Show response
s3.amazonaws.com/ki.js/58403/ 296 B
657 B 318ms
115ms Script
application/ecmascript 54.231.224.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/ki.js/58403/dsG.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/tiktok/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.231.224.208 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1c00966671ef5851364396ecc6e2059b5f87ff3194f2bbae4e21228e7b72605e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 20 Jun 2024 12:17:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 16:39:17 GMT
Server: AmazonS3
x-amz-request-id: 8A4CD5N14KENQ5X4
ETag: "2ece22ece4801274933c42bf99e7d009"
Content-Type: application/ecmascript
Cache-Control: s-maxage=3600, max-age=0
Accept-Ranges: bytes
Content-Length: 223
x-amz-id-2: O9LEcz8RzfzDnNmlYWfoWRILPczRQkx8fW8P6K35iVn9AdtwQP3Um0xTPH47ANS/7qv5ESEAxws=

GET
H3 200 favicon.ico
www.upwork.com/ 15 KB
3 KB 145ms
145ms Other
image/vnd.microsoft.icon 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf8e29a940d47777eaf58ccd7837be2c39f4c81692434e05decf2f446081aeeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/tiktok/
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 762892
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 23 Jun 2022 09:09:39 GMT
server: cloudflare
vnd-eo-trace-id: 83f24b35372c15e7-SJC
etag: W/"914a93c870abba6895860df36e002f26"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=31536000
cf-ray: 896bb26fc91fa05e-FRA
expires: Fri, 20 Jun 2025 12:17:39 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/983ec030004f48d1ae4f5abc3e243caf/ 20 B
358 B 95ms
95ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/983ec030004f48d1ae4f5abc3e243caf/prop.json?_=1718885859915
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 20 Jun 2024 12:17:39 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/4c4cc75a16ed/983ec030004f48d1ae4f5abc3e243caf/ Frame 0
0 96ms
95ms Preflight 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/983ec030004f48d1ae4f5abc3e243caf/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.upwork.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Jun 2024 12:17:40 GMT
Keep-Alive: timeout=10
Vary: Access-Control-Request-Headers

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/4c4cc75a16ed/983ec030004f48d1ae4f5abc3e243caf/ 20 B
439 B 96ms
96ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/983ec030004f48d1ae4f5abc3e243caf/wpt.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 20 Jun 2024 12:17:40 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=10
Content-Length: 20
Expires: -1

POST
H2 200 events
cdn3.forter.com/ 0
412 B 134ms
132ms Ping
text/plain 18.239.94.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-23.ams1.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 12:17:40 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 92cfe9224b3a51aff944c5d8ac7bf798.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: KZRZJu7DwxoouPdgMliv2mDKk5igVpi-I9grAqw1A4osI12OyZn_0A==
expires: -1

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
16 B 131ms
131ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Thu, 20 Jun 2024 12:17:40 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
147 B 103ms
103ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Thu, 20 Jun 2024 12:17:40 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 logo_small.gif
d3nocrch4qti4v.cloudfront.net/ 48 B
280 B 56ms
15ms Image
image/gif 2600:9000:20ab:ea00:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_small.gif?dfpadname=&check=1718885860800
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:ea00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:40 GMT
via: 1.1 0a3248cb2729105e64fb474faf90e3b2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P3
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: MhcGFaMAh46cOkqqnB8HJ2TBWQueRSyIgj4Yz2jGT0ctDXixuEOeNw==

GET
H2 200 logo_medium.gif
d3nocrch4qti4v.cloudfront.net/ 48 B
280 B 57ms
16ms Image
image/gif 2600:9000:20ab:ea00:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_medium.gif?check=1718885860800&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:ea00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:40 GMT
via: 1.1 0a3248cb2729105e64fb474faf90e3b2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P3
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: peGSIrSl1J5--YbXHc_C_TjbrIKC3RN-XuZAz312bnYRvuPR25SnmA==

GET
H2 200 logo_large.gif
d3nocrch4qti4v.cloudfront.net/ 48 B
280 B 54ms
13ms Image
image/gif 2600:9000:20ab:ea00:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_large.gif?1718885860800&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:ea00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 12:17:40 GMT
via: 1.1 0a3248cb2729105e64fb474faf90e3b2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P3
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: _PBrCJJj7e_F9G4f312r6bHc1YpKT1FgSaqDricmckfzjM961UBwoQ==

POST
H3 200 events
cdn3.forter.com/ 0
306 B 97ms
96ms Ping
text/plain 18.239.94.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

QUIC, , AES_128_GCM

Server

18.239.94.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-23.ams1.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 12:17:41 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 1559f99ec21d6c3066e5715e5c06aa76.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: bQP5gou5s5aeEbiBOs-Vp8Dxp0W6Oj8LnceGBf2QXpR0P3PVceLEog==
expires: -1

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
39 B 107ms
107ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Thu, 20 Jun 2024 12:17:42 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.upwork.com/	1969-12-31 23:59:59	Name: _cfuvid Value: O6kixeDqfNjW1FzsywtuDhSkGQWcl9jXU_ZSHsgYQ84-1718885857283-0.0.1.1-604800000
.upwork.com/	1969-12-31 23:59:59	Name: visitor_id Value: 146.70.117.101.1718885857459000
www.upwork.com/	1969-12-31 23:59:59	Name: enabled_ff Value: !CI10270Air2Dot5QTAllocations,CI11132Air2Dot75,!i18nGA,OTBnrOn,SSINavUserBpa,TONB2256Air3Migration,!RMTAir3Talent,!air2Dot76Qt,!RMTAir3Offer,!RMTAir3Offers,CI17409DarkModeUI,i18nOn,!RMTAir3Home,!CI10857Air3Dot0,!SSINavUser,JPAir3,air2Dot76,!CI12577UniversalSearch,!MP16400Air3Migration,!RMTAir3Hired,CI9570Air2Dot5
.upwork.com/	1970-01-20 21:29:32	Name: visitor_gql_token Value: oauth2v2_8fabf4f8ef7692ebd5820fa6be449032
.upwork.com/	1969-12-31 23:59:59	Name: country_code Value: DE
www.upwork.com/	1969-12-31 23:59:59	Name: cookie_prefix Value:
www.upwork.com/	1969-12-31 23:59:59	Name: cookie_domain Value: .upwork.com
www.upwork.com/	1970-01-20 21:38:10	Name: __cflb Value: 02DiuEXPXZVk436fJfSVuuwDqLqkhavJbjkSwiKPxvySb
.upwork.com/	1970-01-21 06:13:41	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Jun+20+2024+14%3A17%3A38+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202305.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=d834b071-8bb5-4176-9c23-7a294d962d1a&interactionCount=0&landingPath=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Ftiktok%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.upwork.com/	1970-01-21 01:47:17	Name: umq Value: 1600
.upwork.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: wdoc3g4Om2Hcw9tUhFWhUqjuTnZ65PpR
.static-upwork.com/	1970-01-20 21:28:07	Name: __cf_bm Value: 3ZSpgQlvpd2p0qDywW7zVpJLf7AK52dwoSzS4eExMZ0-1718885858-1.0.1.1-uIxXLsp76ZNiFLa2cPURbniDRYLwoEo.EfumzjLRLTLE47gJCkjM695OhlSRgHy_b2XmAVaaticZTzUWO5eXeQ
mpsnare.iesnare.com/	1970-01-21 06:13:41	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: tyjNjKm4lreds0Nb9yBB5f1/tOZdoYJBFqv5eWNGN4c=
.upwork.com/	1970-01-21 06:13:41	Name: cf_clearance Value: pfk3HF7Mm45eoIWg86whi0NRwD4y.mgxj7zmDYXsUc4-1718885858-1.0.1.1-tbbsYq8lXV2mms_nylj1y95Y_BEsXNjyV5UomAMF38AymP8830a9.U9qkj6WyeeX.EY.JGDCTDoRf3wpKIzWIQ
.upwork.com/	1970-01-20 23:39:29	Name: _cq_duid Value: 1.1718885858.Ni5I0aGPTNGLUsAK
.upwork.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1718885858.HXUQlO5KkCB4BPMp
.upwork.com/	1970-01-20 21:28:07	Name: _upw_ses.5831 Value: *
first.iovation.com/	1970-01-21 06:13:41	Name: fp_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: 7umIFM6WpUr5evNt93ObfsPeZtl5vPfOkrSeLk+JJ5M=
.upwork.com/	1970-01-20 21:28:10	Name: ftr_blst_1h Value: 1718885859150
.upwork.com/	1970-01-21 07:04:05	Name: _upw_id.5831 Value: b3119ca6-e410-429a-82f6-693c8abffcc2.1718885859.1.1718885859..e1e2796f-a19e-416e-a23b-e023d9eecaac..c62b823d-0f4f-4aec-bcf9-1295e6f547f3.1718885859047.7
.upwork.com/	1970-01-21 06:13:41	Name: spt Value: 7c427726-1a55-40b0-a8ff-8cfcb8b7e71e
obs.cityrobotflower.com/	1970-01-21 05:31:56	Name: cg_uuid Value: 0150fd744ceab3e1afaa0ff3cb900130
.upwork.com/	1970-01-20 23:37:41	Name: _gcl_au Value: 1.1.175858148.1718885859
.upwork.com/	1970-01-20 23:37:41	Name: _fbp Value: fb.1.1718885859470.399059233798892076
www.upwork.com/	1970-01-20 21:38:10	Name: AWSALB Value: G0nXwAHuL9o5z8bKyMnyi7FvqTyxU42MJpH9RVsqld3zv4UEsbidEGo3reFhSnPNpFHp4Xuf9VIgsDPf8EmRvLf3F5L6ndkPs+dn1sLnu9Vv7GqiyEs5McL48Byd
www.upwork.com/	1970-01-20 21:38:10	Name: AWSALBCORS Value: G0nXwAHuL9o5z8bKyMnyi7FvqTyxU42MJpH9RVsqld3zv4UEsbidEGo3reFhSnPNpFHp4Xuf9VIgsDPf8EmRvLf3F5L6ndkPs+dn1sLnu9Vv7GqiyEs5McL48Byd
.doubleclick.net/	1970-01-20 21:28:06	Name: test_cookie Value: CheckForPermission
.upwork.com/	1970-01-21 07:04:05	Name: forterToken Value: 983ec030004f48d1ae4f5abc3e243caf_1718885858824__UDF43-m4_14ck
.upwork.com/	1970-01-20 21:28:07	Name: __cf_bm Value: 0PetNeJwy_ex_A_G.zT85IorYvxsFp5ZG8MBrE8qwOo-1718885859-1.0.1.1-gT0DHMuYSmnOku8zKY1E7JIZcdhqo6IA71vCFVtTfMX5C.lJewh.3fMLMCRubb1Gniiv3FJbbZHUBT9PQ1N2JQ

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.upwork.com/undefined Message: Failed to load resource: the server responded with a status of 404 ()
worker	verbose	URL: blob:https://www.upwork.com/0a4410f7-43ba-4d36-b7b7-8ef9e6252c42(Line 1) Message: Error
network	error	Message: A bad HTTP response code (403) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	https://feedback.usabilla.com/
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c4cc75a16ed.cdn4.forter.com
983ec030004f48d1ae4f5abc3e243caf-4c4cc75a16ed.cdn.forter.com
assets.static-upwork.com
cdn.cookielaw.org
cdn0.forter.com
cdn123.forter.com
cdn3.forter.com
cdn9.forter.com
connect.facebook.net
d3nocrch4qti4v.cloudfront.net
first.iovation.com
geolocation.onetrust.com
googleads.g.doubleclick.net
mpsnare.iesnare.com
ob.cityrobotflower.com
obs.cityrobotflower.com
s3.amazonaws.com
tiktok.upwork.com
upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com
w.usabilla.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.upwork.com
100.26.87.64
104.16.16.72
104.18.90.237
142.250.184.200
142.250.185.162
142.250.185.99
142.250.186.34
143.204.215.68
157.240.0.6
172.217.16.196
18.239.94.23
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:20ab:ea00:7:bffe:c3c0:21
2600:9000:20b4:b800:e:d088:5c40:93a1
2600:9000:2447:800:2:7cf7:d580:93a1
2600:9000:262a:b400:f:1b37:e600:93a1
2606:4700:4400::6812:2089
2606:4700::6813:b134
2a00:1450:4001:830::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
52.129.66.124
52.92.208.114
54.171.39.250
54.195.39.4
54.231.224.208
54.243.108.33
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0383b340aa656f750d594eeee08f1b2b5770b020de08f6a9b0a157b9f62fee89
03e9913e8d404e6dc9580f9f64b7deb65f27cd65fbb7f71e9435d7e5c3b1b294
08ee2ce16493a97b0f9c7c46570cf989757232ece682aaa921969c600a24eebb
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5
0df60163198d0100f1db18b35908e0932a1b5ab97c0c0bc9e88c9ef4696ac92b
0fb4bb552fcf97dcf9b12d78fd8a125d68c8e31e573f5debe29f7cc4bd3654a1
116341e758cd57fd6290deaa09cba71b0b4c2b49118222f830ed0479369c05da
157a61adbce226271c92c36b62260ef2cb096bdf8b242406f382b7a10cf7dc12
1be6858b057ea929df34884956ef16ca5cfdf4f01d6410022095e4165acff68c
1c00966671ef5851364396ecc6e2059b5f87ff3194f2bbae4e21228e7b72605e
1c441b981fda3e107addae8e98379918bf5fc91853eb229245bccdbb1d2ad6c8
1e54534c974bbc07ecc5b78afa26f31312f1798a2a8075e89784fd03d62b59e0
1e837eca11064539d74363456b3a205f2b0b27f381999b9b59c42263d91a14cb
215c760526a46bf27d4f7244c855c94f3c30b3639327d660c82eb49b9be72b72
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27c557391da7e4723af445651407dce1f66f7069aa554d51df97cfe75eb848a1
2889ddfb807b43af836d9c9d3d816ee8b702e24a93e07c19734572fd1f252bdb
2b768cf6560dc10972a9db5a62452801ccecd8bbc6712470b55dda6459683e77
2d55b00ca87771c0dc5e879244be08237f10dcf9ad3b713cf9aba808e8de9527
2f579fe81f367a99c534f2fe2e24009c5cd8a57a24360ced683923fa1fae23eb
2fe6ccf92f1b1c205e30f05d15fea80f56fe144ce902bc2be7f0e4af5947f015
301d5567daa8c81c63dec9597686c019f68f650d0618408afa477ed26545e3da
31d274b93510b742cb3b453c56edaa03ec15348595499159452f62a039c03006
38dd0648ac17136f937137513011ec98225d70ab908033987eed02c671dd1580
3b45c6cd9209d6f0f4c59e7a3b7db80a0f642898d4728fef9252155a6d264427
3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a7211f3ec48a8322fe648f7a8b881b6516f9c1bc4198734a25659768b228f32
4aebf5e11b85a9ca6377b615fca84ca9c0db26ff5c81d59a985a864d5239926c
4b8e0c89c66547715fc07bec03202c36fc4ce74355c3bf8e1a79bb459175c553
571e88386538309440861f725974c3bd1c593cb74f493ebba8ea3e59ac761d6c
5a4a16fa3036e271376d3ceeef56a5f49dff42ea2560c18099177be8d46fe076
5df2c08bc242059b1e11b07fe702e5ed8717f02f7d2dd6ee9ac6852d43f1ffe0
61ff31d236d04726bb9ad035b273ccf29484b7b7957afb3fd5ae17360c8ae887
67932384618d6d0f9cd2babf7110316262b6c0537cf1a19ab64c544711329465
688de78c654dbc042faba05ed13dd849e4889766b73aa8421a03b2e5109dab1d
6934d70efd6e83b536353799ac468ababe6d6352c27c156744bc605a3d1c3a1c
705fa63940465e99e195213c22127be0fc13a640c6b90bd10a97c3337bdb7ac9
724e80fc18a25fd67f9a3ea749a906c2467d1bf1b06dc190fb3e0f680cf8bc1c
7bdfd46cdac7d6e9a54b7e63d8c43cce2a82269cc72c3a2cb471eab955240a5b
80a1e06663a8a6acd40b22affa8c640682353670ba812db922bc91b2224fdba2
825265e880e41d25f1572eb13c759ce69b0e70af91993c41fec85a061b2728db
8a63c38aeb0e60c313307151337f73293e78b9d987411423ef0f7e008a80dbee
8bd5827040c44da02b5dd0e8a65a0c0b9f575e50bbef40bffeae45c5e7c38a3d
8bf31f1837a16bf1908a7ae2ece613fe80760ac29d18113ca5315e88c2187728
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
91f513a8559aa5882fa461f1a747dc1c870b29f1588ea76704817e7934763695
92dd6b57f96cdbd201ea941672aa4f9adcbe5cac987a0109c7404a722322db84
9587b91572aefc39a177038bad16f4e39e948e8ae9ceb58cd1e08aec32831202
96b9339c928e6ce246fb3f0456247226e232fd8d6a57126ad8f3bab8dd3c6559
97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a132064ca587aaad8529b705c1b9d78a0d4575c5e735d7e2545ebcb052fd6ff
9c53efe1ae303545a95255a04a8ccc9ce1bfeb053600fdbe1dfeb5eb67030707
9c75d2586cc7861790afac380c3ed98e57c42886475e9bd8b91fe7353c565f32
a42f956d5a86cef613414fcad1a35c5186a63e300e111cfb849a79da920ce9ff
a5819f69ba452021469f51c1f676e0b084f1a419a9a8b95d52b4a9792e2ee1dc
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b357e7978dda3b6d62947687eb3e83ca11e32f328ad65eefc56b986a67ddff1a
bc4c8be620adcda694c23b3a8c88a0c6b575d3387353c793c8153252beb0f7c8
bce9760e9f47ae9c4135502997f443cf5f3cdecc6734bb39f1e3a3c2c5ddbdb6
bd62c08c79ef95210aa29235f7152462535d8914b3678162375fad5d20332df3
bf8e29a940d47777eaf58ccd7837be2c39f4c81692434e05decf2f446081aeeb
c2d0f9ab5c9b892a58ff233b137b3926132d9a5d582d2425dabe24a0bb30ab58
c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029
cd1c311d2d3f8d5060a54a908867177164140f4ff3d2066e9f12c5ecfd5b2f00
ce31230a7973f93e8cddcead84af9facf7c69ba1809395079c31783d6980fd84
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d28d6068712685f27f00d5a66d34773e886ed42339fca1a0dd6d642344898739
d325c2808c93b5b4ca3d854a494e98adf57cc2023681a1392f41103ea3fc7bf3
db6e8ff050cd93f60e1150776c215da17ac6cfc4d1ecfdb60f4feb90640a29eb
df91b64a90951856176812d4cd7753823fc6fd7d795ae29a1f205777892e7263
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ddc5791631b0b44abb81d8450d80b65ef74d17d5b790dc54e22d0956129a25
e66845d7ac7cacb62e3cf8282610af8a8789c5886a92d89869a00b2c399ed847
eacf2af43ae2529b027ba4d4d8704df19dd9473c6b2050376a24c0f2112dab0b
ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7be6c99644d8250736cdef74476044c13f35c29096c151e1104260156a630e
f321f18e92ae0e746ace9b37e81f0d47421415201a1784fb48321f4c31617823
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fe257ddd8219a79fda741b4cb6dd900d172acd25cb1f8fc6840fc3f23322b532
ff44fe237fb9ca964a5e4e80cdeccf6a1ddab7e161b6e35144f5941e116de9d3

www.upwork.com Open in urlscan Pro 104.18.90.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

88 %HTTPS

37 %IPv6

18 Domains

26 Subdomains

26 IPs

4 Countries

1984 kBTransfer

5264 kBSize

29 Cookies

11 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.upwork.com Open in urlscan Pro
104.18.90.237 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

88 %
HTTPS

37 %
IPv6

18
Domains

26
Subdomains

26
IPs

4
Countries

1984 kB
Transfer

5264 kB
Size

29
Cookies

108 HTTP transactions
0 data transactions