www.upwork.com Open in urlscan Pro
104.18.90.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://shiseido.upwork.com/
Effective URL:
https://www.upwork.com/ent/portal/shiseido/
Submission: On April 16 via api (April 16th 2024, 9:48:40 am UTC) from US — Scanned from DE

Summary HTTP 120 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 19 domains to perform 120 HTTP transactions. The main IP is 104.18.90.237, located in and belongs to CLOUDFLARENET, US. The main domain is www.upwork.com. The Cisco Umbrella rank of the primary domain is 56942.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 24th 2023. Valid for: a year.

This is the only time www.upwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 61	104.18.90.237 104.18.90.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.5.85.37 3.5.85.37	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.129.66.124 52.129.66.124	15301 (IOVATION) (IOVATION)
4	54.195.39.4 54.195.39.4	16509 (AMAZON-02) (AMAZON-02)
1	52.213.60.53 52.213.60.53	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20a... 2600:9000:20ae:8400:2:7cf7:d580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.16.16.72 104.16.16.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	216.58.212.136 216.58.212.136	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26d... 2600:9000:26da:3c00:f:1b37:e600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.192.90 18.66.192.90	16509 (AMAZON-02) (AMAZON-02)
1 2	2600:9000:237... 2600:9000:237d:4e00:e:d088:5c40:93a1	16509 (AMAZON-02) (AMAZON-02)
5	54.204.202.163 54.204.202.163	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	18.66.192.18 18.66.192.18	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
1	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
1	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.188.207 18.66.188.207	16509 (AMAZON-02) (AMAZON-02)
1	3.234.25.89 3.234.25.89	14618 (AMAZON-AES) (AMAZON-AES)
1	16.182.66.48 16.182.66.48	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:225... 2600:9000:225b:fc00:7:bffe:c3c0:21	16509 (AMAZON-02) (AMAZON-02)
120	28

61 104.18.90.237 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

shiseido.upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.85.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.129.66.124 (United States)

ASN15301 (IOVATION, US)

first.iovation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.195.39.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.60.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-60-53.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ae:8400:2:7cf7:d580:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.cityrobotflower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.16.72 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.static-upwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:3c00:f:1b37:e600:93a1 (United States)

ASN16509 (AMAZON-02, US)

4c4cc75a16ed.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cityrobotflower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-90.muc50.r.cloudfront.net

cdn123.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:237d:4e00:e:d088:5c40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.204.202.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-202-163.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.192.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-18.muc50.r.cloudfront.net

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.188.207 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-188-207.muc50.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.25.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-25-89.compute-1.amazonaws.com

9436ca7eb80d4b2dbc4f6f71b0abdcaf-4c4cc75a16ed.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.182.66.48 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:225b:fc00:7:bffe:c3c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3nocrch4qti4v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	upwork.com 5 redirects shiseido.upwork.com www.upwork.com — Cisco Umbrella Rank: 56942	584 KB
13	forter.com 1 redirects 4c4cc75a16ed.cdn4.forter.com — Cisco Umbrella Rank: 128659 cdn123.forter.com — Cisco Umbrella Rank: 16699 cdn9.forter.com — Cisco Umbrella Rank: 4945 cdn0.forter.com — Cisco Umbrella Rank: 4718 cdn3.forter.com — Cisco Umbrella Rank: 4136 9436ca7eb80d4b2dbc4f6f71b0abdcaf-4c4cc75a16ed.cdn.forter.com	204 KB
7	cityrobotflower.com ob.cityrobotflower.com — Cisco Umbrella Rank: 148347 obs.cityrobotflower.com — Cisco Umbrella Rank: 97918	41 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 309	139 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	474 KB
4	cloudfront.net d6tizftlrpuof.cloudfront.net d3nocrch4qti4v.cloudfront.net	3 KB
4	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 6306	22 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	338 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	78 KB
3	iovation.com first.iovation.com — Cisco Umbrella Rank: 96491	20 KB
3	amazonaws.com upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 365223 s3.amazonaws.com	91 KB
1	google.de www.google.de — Cisco Umbrella Rank: 7551	64 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	24 B
1	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	24 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2548	254 B
1	static-upwork.com assets.static-upwork.com — Cisco Umbrella Rank: 127033	1 KB
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 5355	14 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 543	304 B
120	19

	Domain	Requested by
60	www.upwork.com	4 redirects www.upwork.com
7	cdn.cookielaw.org	www.upwork.com cdn.cookielaw.org
6	obs.cityrobotflower.com	ob.cityrobotflower.com www.upwork.com
5	cdn0.forter.com
5	www.googletagmanager.com	www.upwork.com www.googletagmanager.com ob.cityrobotflower.com
4	mpsnare.iesnare.com	www.upwork.com mpsnare.iesnare.com
3	d3nocrch4qti4v.cloudfront.net
3	www.facebook.com	www.upwork.com
3	cdn3.forter.com
3	connect.facebook.net	ob.cityrobotflower.com connect.facebook.net
3	first.iovation.com	www.upwork.com
2	cdn9.forter.com	1 redirects www.upwork.com
2	upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com	www.upwork.com
1	s3.amazonaws.com	www.upwork.com
1	9436ca7eb80d4b2dbc4f6f71b0abdcaf-4c4cc75a16ed.cdn.forter.com
1	d6tizftlrpuof.cloudfront.net	www.upwork.com
1	www.google.de	www.upwork.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	cdn123.forter.com
1	region1.google-analytics.com	www.googletagmanager.com
1	4c4cc75a16ed.cdn4.forter.com	www.upwork.com
1	assets.static-upwork.com	www.googletagmanager.com
1	ob.cityrobotflower.com	www.googletagmanager.com
1	w.usabilla.com	www.upwork.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	shiseido.upwork.com	1 redirects
120	28

This site contains links to these domains. Also see Links.

Domain
hello.upwork.com
support.upwork.com
community.upwork.com
investors.upwork.com
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
*.upwork.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-24` - `2024-05-03`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-03-15` - `2025-02-15`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2023-05-01` - `2024-05-29`	a year	crt.sh
w.usabilla.com Amazon RSA 2048 M02	`2023-12-12` - `2025-01-09`	a year	crt.sh
*.cityrobotflower.com Amazon RSA 2048 M02	`2023-07-17` - `2024-08-15`	a year	crt.sh
static-upwork.com E1	`2024-04-11` - `2024-07-10`	3 months	crt.sh
*.cdn4.forter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-28` - `2024-12-15`	a year	crt.sh
cdn123.forter.com Amazon RSA 2048 M01	`2023-05-11` - `2024-06-08`	a year	crt.sh
cdn0.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-24` - `2024-04-23`	3 months	crt.sh
cdn3.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-03`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.cdn.forter.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-11-23` - `2024-07-22`	8 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-02-08` - `2025-01-11`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.upwork.com/ent/portal/shiseido/
Frame ID: 5451C39F65B2092630E49EED47061B98
Requests: 115 HTTP requests in this frame

Frame: https://www.upwork.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: CF12D1D31C88B4C1E99F55AE983EA81D
Requests: 2 HTTP requests in this frame

Frame: https://w.usabilla.com/202452b9c34b.js?lv=1
Frame ID: B9D3FA404C675759A52829E597668B34
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
Frame ID: 47E68E9308D6FA2809B3160D8AB2FCE8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Upwork Enterprise Portal

Page URL History Show full URLs

https://shiseido.upwork.com/ HTTP 301
https://www.upwork.com/ent/portal/shiseido/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

120
Requests

89 %
HTTPS

38 %
IPv6

19
Domains

28
Subdomains

28
IPs

4
Countries

1673 kB
Transfer

4982 kB
Size

32
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://hello.upwork.com/c/Carli_Maione
Title: Book time

Search URL Search Domain Scan URL

URL: https://support.upwork.com/hc/en-us
Title: Help & Support

Search URL Search Domain Scan URL

URL: https://community.upwork.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://investors.upwork.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.facebook.com/upwork
Title: Visit Upwork on Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/upwork
Title: Read Upwork company news on LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/Upwork
Title: Follow @Upwork on Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCvxGFOnwUBDHHcxuPqhe4CQ
Title: Watch Upwork videos on YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/upwork/
Title: Follow Upwork on Instagram

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/developer/upwork-global-inc/id329377609
Title: Download Upwork app from iTunes

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/dev?id=8802639270489632480
Title: Download Upwork app from Google Play

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://shiseido.upwork.com/ HTTP 301
https://www.upwork.com/ent/portal/shiseido/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://www.upwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.upwork.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Request Chain 58

https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Request Chain 70

https://www.upwork.com/iojs/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP 301
https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Request Chain 76

https://www.upwork.com/iojs/5.7.0/logo.js HTTP 301
https://first.iovation.com/5.7.0/logo.js

Request Chain 81

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/77bb599d6f1b2b2e6f2cb24e18fc04eba2e09a5d28de4164eae6300deb979342ac7f4acf601551e7d0f14cd0a674

Request Chain 95

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1424110084&cv=11&fst=1713260915642&bg=ffffff&guid=ON&async=1&gtm=45be44f0v894577659za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fshiseido%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=759523612.1713260916&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIl86qorrGhQMVUw8GAB2H9gK0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/972598239/?random=1424110084&cv=11&fst=1713260915642&bg=ffffff&guid=ON&async=1&gtm=45be44f0v894577659za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fshiseido%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=759523612.1713260916&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIl86qorrGhQMVUw8GAB2H9gK0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwB7FLtqkWs_VTFuH47QqqKTqwsr7OWBayOsTw&random=153268602 HTTP 302
https://www.google.de/pagead/1p-conversion/972598239/?random=1424110084&cv=11&fst=1713260915642&bg=ffffff&guid=ON&async=1&gtm=45be44f0v894577659za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fshiseido%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=759523612.1713260916&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIl86qorrGhQMVUw8GAB2H9gK0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwB7FLtqkWs_VTFuH47QqqKTqwsr7OWBayOsTw&random=153268602&ipr=y

120 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.upwork.com/ent/portal/shiseido/
Redirect Chain

https://shiseido.upwork.com/
https://www.upwork.com/ent/portal/shiseido/

311 KB
57 KB

389ms
380ms

Document
text/html

104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e672fec7cd3d86110b7769b6084812f12624160816f9a41de53a0ed306634d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	https://feedback.usabilla.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 875342a5b83b1e69-AMS
content-encoding: br
content-security-policy-report-only: report-to csp-endpoint
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 09:48:33 GMT
referrer-policy: origin-when-cross-origin
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
server: cloudflare
server-timing: api;dur=85, app;dur=130
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding
vnd-eo-trace-id: 875342a5b83b1e69-AMS
x-content-type-options: nosniff
x-frame-options: https://feedback.usabilla.com/
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 875342a4cf8f1e69-AMS
content-length: 0
date: Tue, 16 Apr 2024 09:48:33 GMT
location: https://www.upwork.com/ent/portal/shiseido/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 neue-montreal-regular.woff2
www.upwork.com/static/fonts-global/4.0.1/ 23 KB
24 KB 66ms
62ms Font
font/woff2 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/fonts-global/4.0.1/neue-montreal-regular.woff2

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f11a5008f6b38a19dbdc4839557c62ce408d84885dc3e2e4eab7ba8bcdecd96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2912722
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 23912
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 09 Aug 2021 13:27:41 GMT
server: cloudflare
vnd-eo-trace-id: 862d400f2870238f-SJC
etag: "2e9d05ced4fddb6c67f1be57161a2668"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 875342a83b241e69-AMS
expires: Wed, 16 Apr 2025 09:48:33 GMT

GET
H3 200 neue-montreal-medium.woff2
www.upwork.com/static/fonts-global/4.0.1/ 25 KB
25 KB 99ms
95ms Font
font/woff2 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/fonts-global/4.0.1/neue-montreal-medium.woff2

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8392acacde68221a87fcd55491814d4b23cb35bc0c446b4814bd3617e7f1e276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2903230
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 25348
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 09 Aug 2021 13:27:41 GMT
server: cloudflare
vnd-eo-trace-id: 862e0a07b89b3fd1-SJC
etag: "f0728e66b926fbcc5376a1d55222e3a7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 875342a83b261e69-AMS
expires: Wed, 16 Apr 2025 09:48:33 GMT

GET
H3 200 rza-regular.woff2
www.upwork.com/static/fonts-global/4.0.1/ 62 KB
63 KB 100ms
97ms Font
font/woff2 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/fonts-global/4.0.1/rza-regular.woff2

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e0fad370e50e89b4c84738050440070d6a9723aca47f1f6070b02ce21d22ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Origin: https://www.upwork.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2908095
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 63800
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 09 Aug 2021 13:27:41 GMT
server: cloudflare
vnd-eo-trace-id: 862da467384496e1-SJC
etag: "4c125a0993ca325b5cc5056afbdd58c7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 875342a83b281e69-AMS
expires: Wed, 16 Apr 2025 09:48:33 GMT

GET
H3 200 vue.runtime.2.7.15.min.js Show response
www.upwork.com/static/vue-libs/ 74 KB
28 KB 137ms
134ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vue.runtime.2.7.15.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6210f63d1b6c7039b231df347143106c6e277287f38084be696ae69ed982f601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 243138
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 01 Mar 2024 07:26:03 GMT
server: cloudflare
vnd-eo-trace-id: 862d405d4988112f-SJC
etag: W/"240923cf5680e44ea5716ae77cf7e5db"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a83b291e69-AMS
expires: Wed, 16 Apr 2025 09:48:33 GMT

GET
H3 200 vuex.3.6.2.min.js Show response
www.upwork.com/static/vue-libs/ 12 KB
4 KB 141ms
137ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vuex.3.6.2.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2187608
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 01 Mar 2024 07:26:03 GMT
server: cloudflare
vnd-eo-trace-id: 862d40856cb4173a-SJC
etag: W/"9190541d2b0b2827d8f9a2b436ffdc3f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a83b2a1e69-AMS
expires: Wed, 16 Apr 2025 09:48:33 GMT

GET
H3 200 vue-i18n.8.28.2.min.js Show response
www.upwork.com/static/vue-libs/ 28 KB
9 KB 139ms
138ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/vue-libs/vue-i18n.8.28.2.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4a16fa3036e271376d3ceeef56a5f49dff42ea2560c18099177be8d46fe076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2908096
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 27 Oct 2023 06:53:42 GMT
server: cloudflare
vnd-eo-trace-id: 81f3e61e5880156a-SJC
etag: W/"5d4375c9b8e7c9eada90983391b8ac24"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a83b2b1e69-AMS
expires: Wed, 16 Apr 2025 09:48:33 GMT

GET
H/1.1 200
OK e0b6482c8aa2cc716fe88a0b8e1f62ec
upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com/enterprise-portal-logos/ 17 KB
17 KB 715ms
282ms Image
application/octet-stream 3.5.85.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com/enterprise-portal-logos/e0b6482c8aa2cc716fe88a0b8e1f62ec?response-content-disposition=attachment%3B%20filename%3D%22enterprisePortalLogos1702674656862%22%3B%20filename%2A%3Dutf-8%27%27enterprisePortalLogos1702674656862&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEIH%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLXdlc3QtMiJIMEYCIQCtlZ5gmEAC%2BXHvGUWe1rlfcOqce5NO1t%2BZIi0vu2IMpwIhAK2EoEFr7L5RLKYOcFikuBNivA1zOBt2L6W5Ta8ezj07KtYECLr%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEQABoMNzM5OTM5MTczODE5IgwN8ilGJbKes5ck9gEqqgRdcIlkUiyctVFp1xC0E99PkQYTtrQlhtx15nEGPiHi0NPb9BcJXyla%2FUN4lCK%2FyIgqVp%2BceMwbwQokoyInTK2goUWsBB9hDq%2FaJ5OVPNCuEVSaz08OvSzcPg6n7mBwq9GT9NAcd3NyQQSwdHTdk0iWQERE7oDZtKUIY4liQmDFcO0HZtQubwMQ%2FZ9wSzc7fkd0qyUUtrTWVeM%2ByIG88yIIc%2FqLll8EBKrbIfgOqlWi71I6k1TFawWyjidCEMAIGobfROKmm2tLpEe7vPYaTwhBX68EiXigOxtSmhnlLyTZBMtt4XuAwWodxWXdFGMRKUh0VK23PYYH4nbj7pUX1%2FXyfmUo0C4GBuYZ9C9bXe%2FWSEjIZ%2F%2B%2FYH1YtVW0XaQL%2BABw6cd8fi1re6vwwhOm90NzCtUPMsVIaBJ21Q%2BnSy4B7ic%2BNXiNE99urdSX8%2B0aBN93RKMzvXNNeSEcoUIni1CvF07XW4tm611coC1xOVlkPwJHDH2%2FpA4x7tQ7QNoCL%2FG7P4o8o6JMhDxiAqXwMLZ9MYMAfncVmuKhC5WfkxR3HuMukworP8gBxUfJ0f3xI%2BXoU0QNxnhtI8S7R4chuXjuvND8477P%2F8kYcFj0sRbukvwttCYs4YN%2BTmW2ThV1DvtRd3XDmjSRiOc5ADGG7C1fCGqeeueJvEkcGRasy0gpP20MtKzi15rbZOQIHa6GF4IJQ2xsnOyCCVdVwkbHfgpcO0R9VtnBOqfn2DCA9viwBjqmAXLR2q8leDsb0b9q%2FUWME4Uwn5djkXa9OcZIswBkSpZQ4deTXZRAf9qTR0gMtuQh3odHk%2FJeVT0NwHDDCQqeLUMKYC9Q59dT9bLD56aJP3meIGL78734VhzNBkoTHTT%2B5OESs6euPwqYyz9QUVdjZ7Xbb%2BfluZKrCIuZ%2BpbvtyjVcbe%2FrlMXt7Sqs5ZYd%2FXnBWW720bUEGK9t%2BryU0q5no3UxLRjZHI%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240416T094833Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Credential=ASIA2YR6PYW56AUZRO46%2F20240416%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Signature=5d651c6adcab6b9e4317daa5e79eae61fd8a7247516941eac063af72fbe6f256
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.85.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7a6c3a8fd2fb0461aa65c91c25a5c88c75869578690812e35f694093870fa0b3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 09:48:35 GMT
x-amz-version-id: wJczhMi7CTgopbWtOkANc7KSXflIIPfc
Last-Modified: Fri, 15 Dec 2023 21:10:57 GMT
Server: AmazonS3
x-amz-request-id: DVQ04VQ6APWH3YGF
ETag: "8438c5f46138fc064ed7f1298524639b"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Content-Disposition: attachment; filename="enterprisePortalLogos1702674656862"; filename*=utf-8''enterprisePortalLogos1702674656862
Accept-Ranges: bytes
Content-Length: 17248
x-amz-id-2: 6xRTKo8gkszB7lcDUNtzTjz41AEw56tfCff0miLbgoCzxvIv8vOiVjRH1o3T+QdFEw97GqjTh0EwsM+z2PCOew==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 149ms
52ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Apr 2024 09:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Pg1MHDpg+UGdovxhidM4Kg==
age: 65709
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6839
x-ms-lease-status: unlocked
last-modified: Thu, 11 Apr 2024 16:21:20 GMT
server: cloudflare
etag: 0x8DC5A436C86EBE4
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9ac2dbd1-e01e-0037-5af3-8ceb2f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 875342a9180a2ba3-FRA

GET
H/1.1 200
OK 0a09ee8dc1c866341c72e0c81f3a734b
upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com/enterprise-portal-support-persons/ 73 KB
73 KB 727ms
301ms Image
application/octet-stream 3.5.85.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com/enterprise-portal-support-persons/0a09ee8dc1c866341c72e0c81f3a734b?response-content-disposition=attachment%3B%20filename%3D%22Carli.PNG%22%3B%20filename%2A%3Dutf-8%27%27Carli.PNG&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEIH%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLXdlc3QtMiJIMEYCIQCtlZ5gmEAC%2BXHvGUWe1rlfcOqce5NO1t%2BZIi0vu2IMpwIhAK2EoEFr7L5RLKYOcFikuBNivA1zOBt2L6W5Ta8ezj07KtYECLr%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEQABoMNzM5OTM5MTczODE5IgwN8ilGJbKes5ck9gEqqgRdcIlkUiyctVFp1xC0E99PkQYTtrQlhtx15nEGPiHi0NPb9BcJXyla%2FUN4lCK%2FyIgqVp%2BceMwbwQokoyInTK2goUWsBB9hDq%2FaJ5OVPNCuEVSaz08OvSzcPg6n7mBwq9GT9NAcd3NyQQSwdHTdk0iWQERE7oDZtKUIY4liQmDFcO0HZtQubwMQ%2FZ9wSzc7fkd0qyUUtrTWVeM%2ByIG88yIIc%2FqLll8EBKrbIfgOqlWi71I6k1TFawWyjidCEMAIGobfROKmm2tLpEe7vPYaTwhBX68EiXigOxtSmhnlLyTZBMtt4XuAwWodxWXdFGMRKUh0VK23PYYH4nbj7pUX1%2FXyfmUo0C4GBuYZ9C9bXe%2FWSEjIZ%2F%2B%2FYH1YtVW0XaQL%2BABw6cd8fi1re6vwwhOm90NzCtUPMsVIaBJ21Q%2BnSy4B7ic%2BNXiNE99urdSX8%2B0aBN93RKMzvXNNeSEcoUIni1CvF07XW4tm611coC1xOVlkPwJHDH2%2FpA4x7tQ7QNoCL%2FG7P4o8o6JMhDxiAqXwMLZ9MYMAfncVmuKhC5WfkxR3HuMukworP8gBxUfJ0f3xI%2BXoU0QNxnhtI8S7R4chuXjuvND8477P%2F8kYcFj0sRbukvwttCYs4YN%2BTmW2ThV1DvtRd3XDmjSRiOc5ADGG7C1fCGqeeueJvEkcGRasy0gpP20MtKzi15rbZOQIHa6GF4IJQ2xsnOyCCVdVwkbHfgpcO0R9VtnBOqfn2DCA9viwBjqmAXLR2q8leDsb0b9q%2FUWME4Uwn5djkXa9OcZIswBkSpZQ4deTXZRAf9qTR0gMtuQh3odHk%2FJeVT0NwHDDCQqeLUMKYC9Q59dT9bLD56aJP3meIGL78734VhzNBkoTHTT%2B5OESs6euPwqYyz9QUVdjZ7Xbb%2BfluZKrCIuZ%2BpbvtyjVcbe%2FrlMXt7Sqs5ZYd%2FXnBWW720bUEGK9t%2BryU0q5no3UxLRjZHI%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240416T094833Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Credential=ASIA2YR6PYW56AUZRO46%2F20240416%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Signature=8ac20d510e7ab40d5977858da6fb3bfc8ecd85da8b7bef07ef66aef36ea352d9
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.85.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d469b921a00abd94cfff567f3cd24e994c47f46f4e8bd003455871c2ae23dd7e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 09:48:35 GMT
x-amz-version-id: zijt.eatw7PaSa2.2.iLkzG3I1THn9cU
Last-Modified: Mon, 11 Dec 2023 17:27:31 GMT
Server: AmazonS3
x-amz-request-id: DVQ37273RSH8H4M1
ETag: "8fc05ca8b37207ff7ba7e8faafe3dbb7"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Content-Disposition: attachment; filename="Carli.PNG"; filename*=utf-8''Carli.PNG
Accept-Ranges: bytes
Content-Length: 74276
x-amz-id-2: /4eor7d+l9iuBNULphzooWDPeRSCq43OEnMNKMkEjT4PzMATZe1i85sE8Xm4pcBpNxYKZeXdWthEk/A9FkU0BA==

GET
H3 200 runtime.f63883bf.js Show response
www.upwork.com/static/assets/Brontes/ 9 KB
4 KB 88ms
84ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/runtime.f63883bf.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d61178c89500297a60cefb59a02cccd0be183580e4698c86dbffce1ad835b456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67592
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 874cd019de0ce3cf-SJC
etag: W/"b4a06f37cfd3d8a5b775071a3c536946"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab791e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 layout-visitor.ddae1fd9.js Show response
www.upwork.com/static/assets/Brontes/ 141 KB
31 KB 257ms
253ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/layout-visitor.ddae1fd9.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8295bdb7d8e4b26d048e8a7851c82332c08c73f966928b4f923d6f20f53ddce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 874ce5bd0c30c3a1-SJC
etag: W/"4bc777b6974c7bb7d9795dc68aee70c7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab7c1e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 bront~1337c54a.e8c929d2.js Show response
www.upwork.com/static/assets/Brontes/styles~context-switch-menu-abWoq~hp-default~hp-innova~i18n-modal-tuYnU~layout-visitor~pages/ab/ 14 KB
3 KB 107ms
103ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~context-switch-menu-abWoq~hp-default~hp-innova~i18n-modal-tuYnU~layout-visitor~pages/ab/bront~1337c54a.e8c929d2.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b21f864ab7c5276f33784d7528f3287a9e9e40f261249184b794ffd168fd6ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67592
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:45 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c426cacc3b6-SJC
etag: W/"e434a4397d9357d4e854a27c15fcb78a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab7e1e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 index.971bcb15.js Show response
www.upwork.com/static/assets/Brontes/styles~enterprise-nav~layout-visitor~pages/exp/cl-fl-gateway/ 907 B
810 B 646ms
641ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~enterprise-nav~layout-visitor~pages/exp/cl-fl-gateway/index.971bcb15.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15e86d5cbde758b280a3bb4c70186be230e8ca7ae111b5d1581e9e13166197f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 874ce5bd1c38c3a1-SJC
etag: W/"cd028da3fc60de0f1afe71d778f78c66"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab801e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 styles~enterprise-nav~layout-visitor.676333b7.js Show response
www.upwork.com/static/assets/Brontes/ 2 KB
1 KB 223ms
219ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~enterprise-nav~layout-visitor.676333b7.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c8b9e3340e5933701b1e3310e3ed3c0b41069a0c0222e7f3a046b43947d84fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 874ce5bd1c39c3a1-SJC
etag: W/"3babbacffc8a9b5fda2cd64166ff02de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab811e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 styles~layout-visitor.ea93aa84.js Show response
www.upwork.com/static/assets/Brontes/ 8 KB
2 KB 230ms
225ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~layout-visitor.ea93aa84.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40d3b680d7ddc1d2000504b88b4d5aea754a3b498fd7b1d1e54dc6fd623c8a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 874ce5bd1c3bc3a1-SJC
etag: W/"08812be17c7c1285fda390c4a179b529"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab821e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 enterprise-nav.f80f4bdd.js Show response
www.upwork.com/static/assets/Brontes/ 35 KB
11 KB 246ms
241ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/enterprise-nav.f80f4bdd.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4a19e150e2af149e6bfd64773e7a3cfee98e8c8e71bd0402cac449dcd3defcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 874ce5bd1c4cc3a1-SJC
etag: W/"412ad09bfe8494e939d3d75385658e34"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab841e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 styles~enterprise-nav~enterprise-portal-hero~enterprise-portal-signup~enterprise-portal-support~hp-d~49a5a944.7426381d.js Show response
www.upwork.com/static/assets/Brontes/ 13 KB
2 KB 82ms
78ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~enterprise-nav~enterprise-portal-hero~enterprise-portal-signup~enterprise-portal-support~hp-d~49a5a944.7426381d.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9db1210414443d228819c8d334332ac2ae9cc8763e1335e616612628a54f082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67592
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:45 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c426ca9c3b6-SJC
etag: W/"33c8963e2bc5122ef2a21e571c67d171"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab851e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 styles~enterprise-nav~enterprise-portal-hero~enterprise-portal-signup~enterprise-portal-support~hp-d~a017dc60.9c02e346.js Show response
www.upwork.com/static/assets/Brontes/ 13 KB
2 KB 80ms
75ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~enterprise-nav~enterprise-portal-hero~enterprise-portal-signup~enterprise-portal-support~hp-d~a017dc60.9c02e346.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cadb5aa7aac3c4470fed6757bc885a78949ba0370d430ba3c457c215b13224a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67592
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:45 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c426caac3b6-SJC
etag: W/"c6877889875ba211b543691aade9be34"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab871e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 index~pages~30135386.6466e90d.js Show response
www.upwork.com/static/assets/Brontes/styles~enterprise-nav~hp-default~hp-innova~pages/ab/brontes/index~pages/ent/portal/_slug/ 1 KB
861 B 75ms
71ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~enterprise-nav~hp-default~hp-innova~pages/ab/brontes/index~pages/ent/portal/_slug/index~pages~30135386.6466e90d.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da55dfb770c59127b4d3d0ea26d7a1626453d32e397e1ea1415a85656bf724a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67591
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:45 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c427cb0c3b6-SJC
etag: W/"d62af296c1a0f7b0574e7dd1a4251f0c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab881e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 index.4e4391f0.js Show response
www.upwork.com/static/assets/Brontes/pages/ent/portal/_slug/ 11 KB
5 KB 320ms
315ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/pages/ent/portal/_slug/index.4e4391f0.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

953c00d9f746985de8ecd4e6ae057447673a28651345583bec316b828cb39d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 875342a8ab891e69-SJC
etag: W/"de5c048750e921d9c405e8c265de06be"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab891e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 _sl~27915c86.4364698d.js Show response
www.upwork.com/static/assets/Brontes/styles~error-page-PPzLH~hp-default~pages/ab/brontes/index~pages/ab/brontes/ofac~pages/ent/portal/ 50 KB
9 KB 76ms
71ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~error-page-PPzLH~hp-default~pages/ab/brontes/index~pages/ab/brontes/ofac~pages/ent/portal/_sl~27915c86.4364698d.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7f1818d3336cab5cc6f41a8dd48aef02799655288609fdcc9bc8193a7ab30ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67591
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:46 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c426cadc3b6-SJC
etag: W/"831ae3250ff137d93d13fbf13582bb3a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab8a1e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 inde~a04cf460.70507d68.js Show response
www.upwork.com/static/assets/Brontes/styles~hp-default~hp-innova~pages/ab/brontes/index~pages/ab/brontes/ofac~pages/ent/portal/_slug/ 2 KB
1005 B 77ms
73ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~hp-default~hp-innova~pages/ab/brontes/index~pages/ab/brontes/ofac~pages/ent/portal/_slug/inde~a04cf460.70507d68.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f5f2cd8525aa7f7deb99b01e0c2a5e37d081391563d70fee43a328f0900df5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67591
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:46 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c426caec3b6-SJC
etag: W/"9d70715dafef4d1f573a84c5139d2768"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab8b1e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 _.a319c2d6.js Show response
www.upwork.com/static/assets/Brontes/styles~hp-default~hp-innova~pages/ab/brontes/index~pages/ent/portal/_slug/index~pages/sitemaps/ 2 KB
1 KB 78ms
73ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~hp-default~hp-innova~pages/ab/brontes/index~pages/ent/portal/_slug/index~pages/sitemaps/_.a319c2d6.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da2932e5fa1461138b18ee3ade68671f6e455652d50c016244ea3fa965713fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67589
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:46 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c427cb1c3b6-SJC
etag: W/"bf4f2f50870ae55efbc146fc4a8434e9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab8d1e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 index.08e75d88.js Show response
www.upwork.com/static/assets/Brontes/styles~hp-default~hp-innova~pages/ent/portal/_slug/index~pages/exp/cl-fl-gateway/ 4 KB
1 KB 79ms
74ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~hp-default~hp-innova~pages/ent/portal/_slug/index~pages/exp/cl-fl-gateway/index.08e75d88.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11347cf1a6c111cb2741068ce8243e9ba9f53da0d54d98ed183629e4a05d4bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67589
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:46 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c427cb3c3b6-SJC
etag: W/"bd4e404a72e90a174092737fd9bfabb5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab8e1e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 index.bb9d52ba.js Show response
www.upwork.com/static/assets/Brontes/styles~for-enterprise~innova-for-enterprise~pages/ent/portal/_slug/ 4 KB
1 KB 90ms
85ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~for-enterprise~innova-for-enterprise~pages/ent/portal/_slug/index.bb9d52ba.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a8189ef83beb900dda1187c13bedf6b99d48ab1eb79b9f99a5a4f92a35adb22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67588
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:46 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c432d21c3b6-SJC
etag: W/"028ba71ad4def0ad1778dca12be1fa76"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab901e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 enterprise-portal-hero.01911030.js Show response
www.upwork.com/static/assets/Brontes/ 7 KB
3 KB 224ms
219ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/enterprise-portal-hero.01911030.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e050b0a1bff37f22911ed654df6b88726ddd530aafd313b3acf2015bfdb95911

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 874ce5bd9caac3a1-SJC
etag: W/"b2653bfaa153192f2f919ee9a7097e1e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab911e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 enterprise-portal-stats.ff3f76ef.js Show response
www.upwork.com/static/assets/Brontes/ 2 KB
1 KB 231ms
226ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/enterprise-portal-stats.ff3f76ef.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de760bf5269ffc35926eec9eeef853987d7412040586aa8db442de68f633c263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 874ce5bd9cabc3a1-SJC
etag: W/"6967b5f73cbcae85c4354756580edcb6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab921e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 vendors~up-s-hiw.6c34c590.js Show response
www.upwork.com/static/assets/Brontes/ 55 KB
13 KB 225ms
220ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/vendors~up-s-hiw.6c34c590.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a369fdc286e585d8a9a2f476cd192183288976e0f912b84755884da6b92a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 874ce5bd9cadc3a1-SJC
etag: W/"39264a17cd934f606cab4f13ae2ea6b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab931e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 enterprise-portal-signup.d9c2d48e.js Show response
www.upwork.com/static/assets/Brontes/ 2 KB
1 KB 234ms
229ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/enterprise-portal-signup.d9c2d48e.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61d3afb97a70ec3dc521dd9f39fcb6c80d6d4a99f1b98b442aa253dc73025bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 874ce5bdbccac3a1-SJC
etag: W/"9c47d55235f8fa3a4326934f59be5727"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab941e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 styles~enterprise-portal-signup.e6c1577e.js Show response
www.upwork.com/static/assets/Brontes/ 4 KB
1 KB 230ms
225ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~enterprise-portal-signup.e6c1577e.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d8de15fed47c03e4b9ff2a45789c0d19170f56c770aa57fa1f912b7a8c5840e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 874ce5bdbccec3a1-SJC
etag: W/"27d0ca92da5b5cab4f3bd4196c48d250"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab961e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 vendors~enterprise-portal-signup.86cf9b27.js Show response
www.upwork.com/static/assets/Brontes/ 46 KB
14 KB 237ms
232ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/vendors~enterprise-portal-signup.86cf9b27.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c1b0d921838af0aee9da4b2062e1cd39fb0f25b341c9242e10de3edda8c31e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 874ce5bdbccfc3a1-SJC
etag: W/"80b67fc85bc0976a330c5aa4fc484dc8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab971e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 enterprise-portal-support.e0aaa72d.js Show response
www.upwork.com/static/assets/Brontes/ 4 KB
2 KB 231ms
226ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/enterprise-portal-support.e0aaa72d.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

514c1cd01e68ca5b1923cf34034152926a51ee35765f98d11cefb2ca1e9f77be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 874ce5bdbcd0c3a1-SJC
etag: W/"9c88fa6368cd2af99ba2226bcf7f08b7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab9a1e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 styles~context-switch-menu-abWoq~enterprise-portal-support.317ba827.js Show response
www.upwork.com/static/assets/Brontes/ 2 KB
1001 B 229ms
224ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~context-switch-menu-abWoq~enterprise-portal-support.317ba827.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30ac7c2af90e50f482717276d45f3c06b87be9ebdae519cf643ff28a2189bd1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 14:46:26 GMT
server: cloudflare
vnd-eo-trace-id: 874ce5bdbcd1c3a1-SJC
etag: W/"8f2fd57fa6cbd54dbbe850636c890972"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab9b1e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 social-facebook-9Tj8t.cab9a528.js Show response
www.upwork.com/static/assets/Brontes/ 912 B
850 B 80ms
75ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-facebook-9Tj8t.cab9a528.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2d566a555b3d620e4bcba253bc2d13e9b706fc348a9b73e7ad793b353744842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67588
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:45 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c433d2dc3b6-SJC
etag: W/"09a58bc9edb51ed72030e968c0062c80"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab9e1e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 social-linkedin-9kqeO.e179e4a7.js Show response
www.upwork.com/static/assets/Brontes/ 1 KB
913 B 83ms
78ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-linkedin-9kqeO.e179e4a7.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2001b122d8aaa321440774ae6b4eb3ad421298dc11e0cc130c3af72d9950ac23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67574
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:45 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c433d2fc3b6-SJC
etag: W/"260e909e925103f819740ffafa0451e9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8ab9f1e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 social-twitter-BjOGL.0bdacebd.js Show response
www.upwork.com/static/assets/Brontes/ 757 B
887 B 79ms
74ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-twitter-BjOGL.0bdacebd.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d953dc41298d52c10bb9bee3c46936cea2114c006c3d742306bfdebe683e9c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67588
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:45 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c433d30c3b6-SJC
etag: W/"3362d36289f741982f08a6040df5082c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8aba01e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 social-youtube-ppZ8B.413dfa34.js Show response
www.upwork.com/static/assets/Brontes/ 1 KB
1004 B 81ms
76ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-youtube-ppZ8B.413dfa34.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8525f61bbe92c372a96def4a815ddbfa3d3b436613c4bc60e2110f130110554b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67567
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:45 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c433d32c3b6-SJC
etag: W/"f214d0eec4682a5483332c4dd3f4ffab"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8aba21e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 social-instagram-v9xnG.6925876a.js Show response
www.upwork.com/static/assets/Brontes/ 1 KB
880 B 89ms
84ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/social-instagram-v9xnG.6925876a.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4b44d15995590599f4828e5f5975538ff99c044ae820f6d516e5dd5399c40d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67562
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:45 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c433d33c3b6-SJC
etag: W/"f405c7e3dba0ec62d485d05d0d4bfdbe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8aba41e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 apple-G7MUs.70a4fede.js Show response
www.upwork.com/static/assets/Brontes/ 1 KB
1 KB 84ms
79ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/apple-G7MUs.70a4fede.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7e2b54de190551da1862da123ac41c9ac08299f114bafdf56b18b9485fc6e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67587
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:45 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c433d35c3b6-SJC
etag: W/"db30087efe8fc087a50a40af030705a7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8aba61e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 android-TBsUA.c6ef0d50.js Show response
www.upwork.com/static/assets/Brontes/ 1 KB
972 B 81ms
76ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/android-TBsUA.c6ef0d50.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1a12fabf9e6b9a3152ad127b6fa36c9c2f51c2a941c5fd39e524e46de4fd5a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67587
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:45 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c433d37c3b6-SJC
etag: W/"0ce98dc1c1980d12f9ced5ea10a33786"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8aba71e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 commons~app.91388f54.js Show response
www.upwork.com/static/assets/Brontes/ 65 KB
22 KB 87ms
82ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/commons~app.91388f54.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1685cb016dd9fba3b73e05f71af37750153ad4c256d34c5bcab9ece4948209fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 228148
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 20:32:14 GMT
server: cloudflare
vnd-eo-trace-id: 86db6660eeb33082-SJC
etag: W/"521c4b599c30391309121000eee511cf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8aba81e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 styles~app.70a136c2.js Show response
www.upwork.com/static/assets/Brontes/ 111 KB
17 KB 83ms
78ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~app.70a136c2.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f4bfc1cfb24a24801a21c8017882367c9278aa56c6dc229277607d718fcaa0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1194952
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 20:32:15 GMT
server: cloudflare
vnd-eo-trace-id: 86db6660eeb63082-SJC
etag: W/"99732a3afc1a4278f1a701d166248639"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8aba91e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3 200 app.af45b464.js Show response
www.upwork.com/static/assets/Brontes/ 442 KB
136 KB 90ms
85ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/app.af45b464.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd4ed5550ea601593c21e67361101900a8ae3c5c2f05e555d3f6b9da629e36b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67587
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:45 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c43ad90c3b6-SJC
etag: W/"8a3f915cf5b39c8edc7fdb45badfb2ba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342a8abaa1e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
79 KB 152ms
60ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K7572X

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

445ab2cc9940a67bf03fc52b2cf088bb9cfccc9f40e3024506e83c4e9389c15e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80223
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 09:48:34 GMT

GET
H3 200 xl.f9d0702.jpg
www.upwork.com/static/assets/Brontes/img/ 22 KB
22 KB 61ms
60ms Image
image/webp 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upwork.com/static/assets/Brontes/img/xl.f9d0702.jpg

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc007dfb452017215b938b8d14b86db885e74c8cf91f5883e75aeda5ad3f8d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 80165
cf-polished: qual=85, origFmt=jpeg, origSize=90611
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="xl.webp"
alt-svc: h3=":443"; ma=86400
content-length: 22360
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 06 Apr 2024 16:22:57 GMT
server: cloudflare
vnd-eo-trace-id: 870eef79cecd5739-SJC
etag: "f2c9ea03f3c60cece96e52378deef9c5"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 875342a91c091e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H2 200 beb279fb-8702-46ec-a677-6f14e3828966.json Show response
cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/ 5 KB
2 KB 151ms
70ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/beb279fb-8702-46ec-a677-6f14e3828966.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9587b91572aefc39a177038bad16f4e39e948e8ae9ceb58cd1e08aec32831202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Apr 2024 09:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 56866
content-md5: sR4WvB0y0lbRPVnAbcaekA==
content-length: 1739
x-ms-lease-status: unlocked
last-modified: Thu, 30 Nov 2023 14:41:41 GMT
server: cloudflare
etag: 0x8DBF1B27778A621
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c2130e2e-a01e-007b-2e9b-237b1f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 875342a9eb82bb8f-FRA
expires: Wed, 17 Apr 2024 09:48:34 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 165ms
71ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept: application/json
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 875342ab0d1518f9-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/ 403 KB
97 KB 56ms
56ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Apr 2024 09:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fuN6EZWNAh2xn3yE+0HSRQ==
age: 61517
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99428
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:48 GMT
server: cloudflare
etag: 0x8DB81B7897E828A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bb61c14c-801e-006c-0ac6-0bd214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 875342ab7a7d2ba3-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/afd6b9b0-8d93-441b-8b0d-2a49a9fc9965/ 107 KB
25 KB 60ms
59ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/afd6b9b0-8d93-441b-8b0d-2a49a9fc9965/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef7be6c99644d8250736cdef74476044c13f35c29096c151e1104260156a630e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Apr 2024 09:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9315
content-md5: IN4ESRoVBVuc8Mbny2rHPQ==
content-length: 25298
x-ms-lease-status: unlocked
last-modified: Thu, 30 Nov 2023 14:41:53 GMT
server: cloudflare
etag: 0x8DBF1B27EBC3E9E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5591abf0-001e-0062-4e9b-23fba4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 875342ac6ebabb8f-FRA
expires: Wed, 17 Apr 2024 09:48:34 GMT

GET
H3 200 workbox-window.prod.es5-eZxxJ.dcc8162b.js Show response
www.upwork.com/static/assets/Brontes/ 5 KB
2 KB 89ms
89ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/workbox-window.prod.es5-eZxxJ.dcc8162b.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/runtime.f63883bf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0259fc43a165af0495fa4d00146741ab21b43edef5e48c52baf8586e5188673d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67585
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:46 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c463f0cc3b6-SJC
etag: W/"8b89dcc25c015db0366eb4fa812b4c73"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342accf261e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H3

200

main.js Show response
www.upwork.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame CF12
Redirect Chain

https://www.upwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.upwork.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

8 KB
4 KB

60ms
60ms

Script
application/javascript

104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b952500de9d2b376bf2ed15b2ae71af142bc7d771166b56eed807318ac86dac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 875342ad7fdc1e69-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 875342acdf301e69-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 532 KB
130 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7572X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be6ff0c07b7539fa85fae265b7edbd2bf491caf58a0097eb743234bfefc61765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133147
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 09:48:34 GMT

GET
H3 200 loader.nuxt.js Show response
www.upwork.com/nx/suit2/ 1 KB
1 KB 300ms
300ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/nx/suit2/loader.nuxt.js?t=1713260914706

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/app.af45b464.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b357e7978dda3b6d62947687eb3e83ca11e32f328ad65eefc56b986a67ddff1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-to csp-endpoint, report-to csp-endpoint
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 27 Mar 2024 11:59:30 GMT
server: cloudflare
vnd-eo-trace-id: 875342ad0f551e69-SJC
etag: W/"cd3c097277047563150c5e2bf330e1d5"
x-frame-options: SAMEORIGIN
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}, {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 875342ad0f551e69-AMS
expires: Tue, 16 Apr 2024 13:48:34 GMT

POST
H3 202 v1
www.upwork.com/upi/metrics/rum/ 0
502 B 239ms
238ms Ping
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/upi/metrics/rum/v1

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/app.af45b464.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: origin-when-cross-origin
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
vnd-eo-trace-id: 875342ad0f581e69-AMS
x-powered-by: Express
cf-ray: 875342ad0f581e69-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 200 loader_only.js Show response
www.upwork.com/static/iovation/5.2.2/ 4 KB
2 KB 66ms
66ms Script
application/x-javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/iovation/5.2.2/loader_only.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/app.af45b464.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3237
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 27 Jul 2021 10:37:17 GMT
server: cloudflare
vnd-eo-trace-id: 862e0a9e1ed3f947-SJC
etag: W/"8422458b55fbda403437065dd5557abf"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 875342ad0f5c1e69-AMS
x-amz-meta-last-modified: 1593693054000
expires: Tue, 16 Apr 2024 13:48:34 GMT

GET
H3 200 ofac~up-s-hiw.55d95001.js Show response
www.upwork.com/static/assets/Brontes/styles~error-page-PPzLH~hp-default~hp-innova~pages/ab/brontes/ 946 B
828 B 71ms
70ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/styles~error-page-PPzLH~hp-default~hp-innova~pages/ab/brontes/ofac~up-s-hiw.55d95001.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/runtime.f63883bf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e91d3f871ede800d5ec15a218687dedc0cbbbaea56d27aa136866d10e264ac45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67589
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:46 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c427cb2c3b6-SJC
etag: W/"18c059909eebd41f1e1e2e791e5d2bb9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342ad6fb91e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 10 KB
3 KB 58ms
58ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b45c6cd9209d6f0f4c59e7a3b7db80a0f642898d4728fef9252155a6d264427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Apr 2024 09:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5i2GgzdnYr7xAXvUmxvWyw==
age: 51950
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2606
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:43 GMT
server: cloudflare
etag: 0x8DB81B78646D554
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 89f61ec3-701e-0078-7397-139a7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 875342ad7fecbb8f-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 21 KB
4 KB 55ms
55ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 61495
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d288241b-d01e-0085-6d77-39145e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 875342ad7feebb8f-FRA

GET
H/1.1

200
OK

static_wdp.js Show response
first.iovation.com/general5/
Redirect Chain

https://www.upwork.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

40 KB
17 KB

191ms
61ms

Script
text/javascript

52.129.66.124
IOVATION

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN15301 (IOVATION, US),
Reverse DNS
Software: /
Resource Hash: 7bdfd46cdac7d6e9a54b7e63d8c43cce2a82269cc72c3a2cb471eab955240a5b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Tue, 16 Apr 2024 09:48:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Expires: Thu, 16 May 2024 09:48:35 GMT

Redirect headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
cache-control: max-age=3600
cf-ray: 875342ad8feb1e69-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Apr 2024 10:48:34 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 42 KB
19 KB 218ms
57ms Script
text/javascript 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/iovation/5.2.2/loader_only.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

aaa8996d0ed87657510d796a4466f063b99b94eae7462ab16e0e3e14c02bfbed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2024 09:48:34 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H3 200 snippet-HysiX.dfc15ef1.js Show response
www.upwork.com/static/assets/Brontes/ 7 KB
3 KB 61ms
61ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/assets/Brontes/snippet-HysiX.dfc15ef1.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/runtime.f63883bf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dab50fb349458f5decdae1f072062e963a07cf3ec79175a56754ce7aa384d5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 67584
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 11:12:45 GMT
server: cloudflare
vnd-eo-trace-id: 874b8c48b87ac3b6-SJC
etag: W/"00581ca4c84e3bcf848266dfa47a6607"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342ad8fed1e69-AMS
expires: Wed, 16 Apr 2025 09:48:34 GMT

GET
H2 200 202452b9c34b.js Show response
w.usabilla.com/ Frame B9D3 55 KB
14 KB 214ms
53ms Script
text/javascript 52.213.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/202452b9c34b.js?lv=1
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.60.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-60-53.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4a4f2e4a171ccedba4ac74230d837eb8dbcdc52546f27b0aba0e0a5f043dbbaf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 09:48:34 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "d23495b37d598f7f02cb2bbc26c48d83"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 14618

GET
H2 200 516858f3f9efc799b493c6fec34c75df.js Show response
ob.cityrobotflower.com/i/ 102 KB
38 KB 153ms
47ms Script
text/javascript 2600:9000:20ae:8400:2:7cf7:d580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7572X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:8400:2:7cf7:d580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: f9bf2ef666bc381b00836a3464d95fa0555c69e9609623ff98995b44b999df8e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:32:23 GMT
content-encoding: gzip
via: 1.1 59c812f2c62b260446c519ec0c6279cc.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: MUC50-P5
age: 4572
etag: "197ba-OWpp+B7JqTM5QEcE+h/+ErRX6fU"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 38137
x-amz-cf-id: Tl3qgqp4fUvRDtSGdTdYBaJGOPKpSdMJUX_akQU7BFd0XhcNyA7MCQ==
expires: Tue, 16 Apr 2024 20:32:22 GMT

GET
H3 200 gtm-snippet.min.js Show response
assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/ 1 KB
1 KB 155ms
51ms Script
application/x-javascript 104.16.16.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/gtm-snippet.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.16.72 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
x-amz-version-id: ZweJj09ERuB7hGd43xe8zP0W7iYDRk9P
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 4JJCT2W4H0564HYH
age: 2694
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 18g4pX5RZyfyh1L2cIFqY4e/zNUsG13fD/VWM8AbpjuF23Jw/3Tc6YjqFndjx+IU7gJW0ZawiOM=
last-modified: Wed, 28 Jul 2021 04:55:45 GMT
server: cloudflare
etag: W/"f65b2f243a458c9aae9b29262e8b2877"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 875342ae9a9a1eb5-AMS
x-amz-meta-last-modified: 1532366449000
expires: Tue, 16 Apr 2024 13:48:34 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 273 KB
94 KB 57ms
57ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-KSM221PNDX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVF2RB&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3dbcc7d8f190b13cb305f904163823956884661b67dfbeaeaf470c1b145d79eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96351
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Apr 2024 09:48:34 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 56ms
55ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Apr 2024 09:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 65708
x-ms-lease-status: unlocked
last-modified: Mon, 15 Apr 2024 02:25:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: fcd77e8b-601e-0016-1de4-8ecf54000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 875342ae1d2c2ba3-FRA

POST
H3 200 875342a5b83b1e69 Show response
www.upwork.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame CF12 0
350 B 81ms
78ms XHR
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/cdn-cgi/challenge-platform/h/b/jsd/r/875342a5b83b1e69

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Apr 2024 09:48:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 875342aea8ed1e69-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.js Show response
4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/ 453 KB
200 KB 136ms
48ms Script
application/javascript 2600:9000:26da:3c00:f:1b37:e600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/script.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:3c00:f:1b37:e600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

08ee2ce16493a97b0f9c7c46570cf989757232ece682aaa921969c600a24eebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:35 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 Apr 2024 09:35:17 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/4c4cc75a16ed/19043606049
etag: W/"a6af2843a97100cebdaebad2dc802cf4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, immutable, max-age=600
timing-allow-origin: *
x-amz-cf-id: DHa6xxbkSABpwZRA3k99aFKR_kqWDulnBykC_emqPMHcbW31dCSVbg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 136ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KSM221PNDX&gtm=45je44f0v878988486z8854411223za200&_p=1713260914704&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1975266432.1713260915&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713260915&sct=1&seg=0&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fshiseido%2F&dt=Upwork%20Enterprise%20Portal&en=OneTrustGroupsUpdated&_fv=1&_nsi=1&_ss=1&ep.consent_flag=%2CC0001%2C&tfd=1789
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-KSM221PNDX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 09:48:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.iife.min.js Show response
www.upwork.com/static/suit2-tracker/0.3.23/ 92 KB
35 KB 70ms
69ms Script
application/javascript 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/static/suit2-tracker/0.3.23/index.iife.min.js

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/nx/suit2/loader.nuxt.js?t=1713260914706

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a132064ca587aaad8529b705c1b9d78a0d4575c5e735d7e2545ebcb052fd6ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1633121
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 27 Mar 2024 07:40:18 GMT
server: cloudflare
vnd-eo-trace-id: 86af41fa1bfe682f-SJC
etag: W/"1194b63cbf7f83a6edd79e893888786d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 875342aef9491e69-AMS
expires: Wed, 16 Apr 2025 09:48:35 GMT

GET
H/1.1

200
OK

dyn_wdp.js Show response
first.iovation.com/5.7.0/
Redirect Chain

https://www.upwork.com/iojs/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

2 KB
2 KB

55ms
55ms

Script
text/javascript

52.129.66.124
IOVATION

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN15301 (IOVATION, US),
Reverse DNS
Software: /
Resource Hash: 2fd5527f3f4baa40f41c767c9c079bb6d02bb5f7b6db87cbfd7b91fd6c6afbeb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: 2024-Apr-16 09:48:35
Content-Encoding: gzip
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
p3p: CP="NON DSP COR CURa"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, private
Keep-Alive: timeout=2, max=96
Content-Length: 1320
Expires: 0

Redirect headers

date: Tue, 16 Apr 2024 09:48:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://first.iovation.com/5.7.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
cache-control: max-age=3600
cf-ray: 875342af69b91e69-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Apr 2024 10:48:35 GMT

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.7.0/ 505 B
1 KB 56ms
55ms Script
text/javascript 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.7.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b9b0e7fa69e5055d74b241dc9ada62ba0bd061bc80b0b09c1a9f72f34d736a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 09:48:35 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Wed, 16 Apr 2025 09:48:35 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 83ms
55ms Media
audio/mpeg 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.6038531911600737

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b14286811bbdfa278ca83d58644239f4fce8da121603fd8a2b46799c797ee858

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://www.upwork.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Pragma: public
Date: Tue, 16 Apr 2024 09:48:35 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ct Show response
obs.cityrobotflower.com/ 6 KB
3 KB 385ms
135ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/ct?id=35075&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fshiseido%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1713260915125&hl=2&op=0&ag=2689156234&rand=737075807227252166906118129288299301054677281728980606012710137772200220002101581679&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDYxNzldLFsiYm5jaCIsMV0sWyJhYm5jaCIsMV0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsXCIsXCJ2XCI6XCJpbnRlbCBpbmMuXCIsXCJyXCI6XCJpbnRlbCBpcmlzIG9wZW5nbCBlbmdpbmVcIixcInNsdlwiOlwid2ViZ2wgZ2xzbCBlcyAxLjAgKG9wZW5nbCBlcyBnbHNsIGVzIDEuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDEuMCAob3BlbmdsIGVzIDIuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6MyxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjEwNjEwNjUyMTIsXCJzZWNcIjpcIlwifSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcIm9nOnRpdGxlXCIsXCJ0d2l0dGVyOnRpdGxlXCIsXCJkZXNjcmlwdGlvblwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIl19Il0sWy0yMSwiLSJdLFstMjcsIls1MCwxMCwwLFwiNGdcIixudWxsXSJdLFstMzEsImZhbHNlIl0sWy02NywiMjUzMjMxMjg4ODoxNiJdLFstMzUsIlsxNzEzMjYwOTE1MDc4LC0yXSJdLFstNDksIi0iXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNywiLSJdLFstMTMsIi0iXSxbLTI5LCItIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTUzLCIxMDAiXSxbLTQsIjxodG1sIGxhbmc9XCJlbi11c1wiIHRoZW1lPVwiYWlyLTMtMFwiPjxoZWFkPjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGlkPVwiZnRyX19zY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vNGM0Y2M3NWExNmVkLmNkbjQuZm9ydGVyLmNvbS9zbi80YzRjYzc1YTE2ZWQvc2NyaXB0LmpzXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3d3dy5nb29nbGV0YWdtYW5hZ2VyLmNvbS9ndGFnL2Rlc3RpbmF0aW9uP2lkPUctS1NNMjIxUE5EWCZhbXA7bD1kYXRhTGF5ZXImYW1wO2N4PWNcIj48L3NjcmlwdD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vd3d3Lmdvb2dsZXRhZ21hbmFnZXIuY29tL2d0bS5qcz9pZD1HVE0tV05WRjJSQiZhbXA7bD1kYXRhTGF5ZXJcIj48L3NjcmlwdD48c2NyaXB0IGFzeW5jPVwiXCIgc3JjPVwiLy93d3cuZ29vZ2xldGFnbWFuYWdlci5jb20vZ3RtLmpzP2lkPUdUTS1LNzU3MlhcIj48L3NjcmlwdD48c2NyaXB0IHNyYz1cImh0dHBzOi8vY2RuLmNvb2tpZWxhdy5vcmcvc2NyaXB0dGVtcGxhdGVzL290U0RLU3R1Yi5qc1wiIGRhdGEtZG9tYWluLXNjcmlwdD1cImJlYjI3OWZiLTg3MDItNDZlYy1hNjc3LTZmMTRlMzgyODk2NlwiIGRhdGEtZG9jdW1lbnQtbGFuZ3VhZ2U9XCJ0cnVlXCIgY2hhcnNldD1cIlVURi04XCI%2BPC9zY3JpcHQ%2BPHNjcmlwdD5mdW5jdGlvbiBPcHRhbm9uV3JhcHBlcigpIHsgd2luZG93LiRudXh0ICYmIHdpbmRvdy4kbnV4dC4kb3RiVHJhY2sgJiYgd2luZG93LiRudXh0LiRvdGJUcmFjaygpIH08L3NjcmlwdD5cbiAgICA8dGl0bGU%2BVXB3b3JrIEVudGVycHJpc2UgUG9ydGFsPC90aXRsZT48bWV0YSBkYXRhLW4taGVhZD1cInNzclwiIGNoYXJzZXQ9XCJ1dGYtOFwiPjxtZXRhIGRhdGEtbi1oZWFkPVwic3NyXCIgZGF0YS1oaWQ9XCJ2aWV3cG9ydFwiIG5hbWU9XCJ2aWV3cG9ydFwiIGNvbnRlbnQ9XCJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSwgdmlld3BvcnQtZml0PWNvdmVyXCI%2BPG1ldGEgZGF0YS1uLWhlYWQ9XCJzc3JcIiBodHRwLWVxdWl2PVwiYWNjZXB0LWNoXCIgY29udGVudD1cInNlYy1jaC11YS1mdWxsLXZlcnNpb24tbGlzdCwgc2VjLWNoLXZpZXdwb3J0LXdpZHRoLCBzZWMtY2gtd2lkdGgsIHNlYy1jaC11YS1tb2JpbGVcIj48bWV0YSBkYXRhLW4taGVhZD1cInNzclwiIGRhdGEtaGlkPVwicm9ib3RzXCIgbmFtZT1cInJvYm90c1wiIGNvbnRlbnQ9XCJub29kcCxub2Rpcixub3lkaXJcIj48bWV0YSBkYXRhLW4taGVhZD1cInNzclwiIGRhdGEtaGlkPVwiaHR0cC1lcXVpdlwiIGh0dHAtZXF1aXY9XCJYLVVBLUNvbXBhdGlibGVcIiBjb250ZW50PVwiSUU9ZWRnZSxjaHJvbWU9MVwiPjxtZXRhIGRhdGEtbi1oZWFkPVwic3NyXCIgZGF0YS1oaWQ9XCJnb29nbGUtc2l0ZS12ZXJpZmljYXRpb25cIiBuYW1lPVwiZ29vZ2xlLXNpdGUtdmVyaWZpY2F0aW9uXCIgY29udGVudD1cIk4tX2pDeUUxaDZfX0hSYnNRWGVhQ0FSdkJnV0hTT2NXeGUyT1Bmb0VzUllcIj48bWV0YSBkYXRhLW4taGVhZD1cInNzclwiIGRhdGEtaGlkPVwib2c6dGl0bGVcIiBwcm9wZXJ0eT1cIm9nOnRpdGxlXCIgY29udGVudD1cIlVwd29yayBFbnRlcnByaXNlIFBvcnRhbFwiPjxtZXRhIGRhdGEtbi1oZWFkPVwic3NyXCIgZGF0YS1oaWQ9XCJvZzppbWFnZVwiIHByb3BlcnR5PVwib2c6aW1hZ2VcIiBjb250ZW50PVwiaHR0cHM6Ly93d3cudXB3b3JrLmNvbS9zdGF0aWMvdy1wYWNrYWdlcy9hc3NldHMvb3Blbi1ncmFwaC91cC1vcGVuLWdyYXBoLnBuZ1wiPjxtZXRhIGRhdGEtbi1oZWFkPVwic3NyXCIgZGF0YS1oaWQ9XCJvZzp1cmxcIiBwcm9wZXJ0eT1cIm9nOnVybFwiIGNvbnRlbnQ9XCJodHRwczovL3d3dy51cHdvcmsuY29tL2VudC9wb3J0YWwvc2hpc2VpZG8vXCI%2BPG1ldGEgZGF0YS1uLWhlYWQ9XCJzc3JcIiBkYXRhLWhpZD1cIm9nOnNpdGVfbmFtZVwiIHByb3BlcnR5PVwib2c6c2l0ZV9uYW1lXCIgY29udGVudD1cIlVwd29ya1wiPjxtZXRhIGRhdGEtbi1oZWFkPVwic3NyXCIgZGF0YS1oaWQ9XCJvZzp0eXBlXCIgcHJvcGVydHk9XCJvZzp0eXBlXCIgY29udGVudD1cIndlYnNpdGVcIj48bWV0YSBkYXQiXSxbLTIwLCIxOTc1MjY2NDMyLjE3MTMyNjA5MTUiXSxbLTE2LCIwIl0sWy02OCwiLSJdLFstNDgsIjAsMCJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRb0pBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkUFhCa1JVVTFOU1VvREZoWldXeGRhVUUxQVMxWmJWazFmVlZaT1hFc1hXbFpVRmxBV0RBZ1BBUXdCWHdwZkFGeGZXZzRBQUZzTkFBcGFEMTljV2dvTldnNE1YVjhYVTBvRENBTVBEZ2dNQUJBPSJdLFstMTcsIjE0Il0sWy02NiwiZ2VvbG9jYXRpb24sc3RvcmFnZWFjY2VzcyxnYW1lcGFkLGNoZWN0LG1pZGksZGlzcGxheWNhcHR1cmUsdXNiLHBpY3R1cmVpbnBpY3R1cmUscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsbG9jYWxmb250cyxvdHBjcmVkZW50aWFscyxjaHVhZm9ybWZhY3RvcixlbmNyeXB0ZWRtZWRpYSxjaHNhdmVkYXRhLGNodWFmdWxsdmVyc2lvbmxpc3QsY2h1YXdvdzY0LGNoZG93bmxpbmssY2hwcmVmZXJzY29sb3JzY2hlbWUsc3luY3hocixjaHVhbW9kZWwsY2hwcmVmZXJzcmVkdWNlZHRyYW5zcGFyZW5jeSxzZXJpYWwsY2FtZXJhLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24scHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LGNodWFmdWxsdmVyc2lvbixmdWxsc2NyZWVuLGNoZHByLHVubG9hZCxrZXlib2FyZG1hcCxjaHVhcGxhdGZvcm0sZ3lyb3Njb3BlLGNodWFtb2JpbGUsd2luZG93bWFuYWdlbWVudCxjaHVhLHB1YmxpY2tleWNyZWRlbnRpYWxzY3JlYXRlLG1hZ25ldG9tZXRlcixhY2NlbGVyb21ldGVyLHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixjaHVhYXJjaCx4cnNwYXRpYWx0cmFja2luZyxpZGxlZGV0ZWN0aW9uLGNodWFwbGF0Zm9ybXZlcnNpb24sY2h3aWR0aCxjbGlwYm9hcmRyZWFkLGNodmlld3BvcnR3aWR0aCxwYXltZW50LGNodmlld3BvcnRoZWlnaHQsY2hydHQsYXV0b3BsYXksY3Jvc3NvcmlnaW5pc29sYXRlZCxoaWQsY2h1YWJpdG5lc3Msc2NyZWVud2FrZWxvY2ssY2xpcGJvYXJkd3JpdGUsY2hkZXZpY2VtZW1vcnksbWljcm9waG9uZSJdLFstMTQsIi0iXSxbLTUsIi0iXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstMTIsIm51bGwiXSxbLTYsIntcIndcIjpbXCIxXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstMTksIlszNTAsMzUwLDM1MCwzNTAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCIsMTYwMCwxMjAwXSJdLFstMjYsIntcInRqaHNcIjo0MTI4NzM4NCxcInVqaHNcIjozMDM1MjI4OCxcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFstNDUsIi0iXSxbLTI0LCJbXSJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwMTAxMTAxMDAwMDAxIl0sWy01MiwiLSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstMjUsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy0yLCIxMyxlQUhXWDEvZjNxekN2Ymt1eW1Rd2dsSWFGM3BFc1JFRVRwb1ZkRlZCUVFwUmNSQkZTS0lJZ2lSSXIwS2hKUnFwU0F0Q0FrUUhwSXp5YmJYcG1aci81L2Q5NmJ6Y3VTQVBKL0d0Il0sWy00MCwiMzMiXSxbLTQ0LCIwLDAsMCw1Il0sWy01MCwiLSJdLFstOSwiKyJdLFstMjgsImVuLVVTLGVuIl0sWy0zMiwiLSJdLFstNDYsIjAiXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWy0zMywiLSJdLFstNjUsIi0iXSxbLTYyLCI4MCJdLFstNjMsIjAiXSxbLTIzLCIrIl0sWy02NCwiWzAsXCJXaW4zMlwiLFt7XCJiXCI6XCJHb29nbGUgQ2hyb21lXCIsXCJ2XCI6XCIxMjNcIn0se1wiYlwiOlwiTm90OkEtQnJhbmRcIixcInZcIjpcIjhcIn0se1wiYlwiOlwiQ2hyb21pdW1cIixcInZcIjpcIjEyM1wifV1dIl0sWy01OCwiLSJdLFstOCwiLSJdLFstMTAsIi0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTYwLDIwNl0sWy0xNSwiLSJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMzczNzU1OTk4NlwiLFwiMzQxODQyMTcyMFwiLFwiMjQyNDg5NjUwMlwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNTUsIjEiXSxbLTUxLCItIl0sWy0zNCwiLSJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZGUtREUsbGF0bixncmVnb3J5Il0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstNjEsIntcIndnc2xcIjpcIjM7dW5yZXN0cmljdGVkX3BvaW50ZXJfcGFyYW1ldGVycztwb2ludGVyX2NvbXBvc2l0ZV9hY2Nlc3M7cGFja2VkXzR4OF9pbnRlZ2VyX2RvdF9wcm9kdWN0O1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy0zMCwiW1widlwiLDBdIl0sWy0xLCItIl0sWy0zOCwiaSwtMSwtMSwzMDMsMCwwLDAsMCwwLDQ2MywtMSwwLDg4MS42LDg4MS42LDE4OTgsMTg5OSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFsiZGRiIiwiMCwxMywwLDIsMSwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDEsMiwwLDAsMiwwLDEsMCwwLDAsMCwwLDAsMCwwLDEsMCwxLDAsMCwwLDAsMCwwLDE3LDAiXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMywwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDQsMCwwLDAsMCwwLDAsMCwxLDAiXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=bQYIT9s38B&pto=1901&ver=59&gac=1975266432.1713260915&mei=&ap=&fe=1&duid=1.1713260915.OgfB910VTWATtLEP&suid=1.1713260915.gqTKH0LqJmwLx0tJ&tuid=1.1713260915.Nb6s1EWdeUPAjJDP&fbc=-&gtm=WyJPbmVUcnVzdExvYWRlZCIsIk9wdGFub25Mb2FkZWQiLCJPbmVUcnVzdEdyb3Vwc1VwZGF0ZWQiXQ%3D%3D&it=70%2C1628%2C185&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 3034bbccd5db1f3cca63c1801c463ed9a04ce20083d92c562c73cdaa48f3bef3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript
pragma: no-cache
date: Tue, 16 Apr 2024 09:48:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 2593
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 suit Show response
www.upwork.com/shitake/ 2 B
668 B 210ms
209ms XHR
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/shitake/suit

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/suit2-tracker/0.3.23/index.iife.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json; charset=UTF-8
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upwork.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 875342afca151e69-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 68ms
57ms Media
audio/mpeg 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.7238384045214656

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b14286811bbdfa278ca83d58644239f4fce8da121603fd8a2b46799c797ee858

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://www.upwork.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Pragma: public
Date: Tue, 16 Apr 2024 09:48:35 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

logo.js Show response
first.iovation.com/5.7.0/
Redirect Chain

https://www.upwork.com/iojs/5.7.0/logo.js
https://first.iovation.com/5.7.0/logo.js

505 B
1 KB

55ms
55ms

Script
text/javascript

52.129.66.124
IOVATION

General

Check archive.org

Show headers Download Go to

Full URL: https://first.iovation.com/5.7.0/logo.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: HTTP/1.1
Server: 52.129.66.124 , United States, ASN15301 (IOVATION, US),
Reverse DNS
Software: /
Resource Hash: 0f259a3aede9e49189951468cf324b5daa80b02adedca73d153bd02df5e3cea4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Tue, 16 Apr 2024 09:48:35 GMT
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Content-Length: 505
Expires: Wed, 16 Apr 2025 09:48:35 GMT

Redirect headers

date: Tue, 16 Apr 2024 09:48:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://first.iovation.com/5.7.0/logo.js
cache-control: max-age=3600
cf-ray: 875342b02a711e69-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Apr 2024 10:48:35 GMT

GET
BLOB 200
OK 691c978b-e9cb-4e29-a1aa-84e79127fc88
https://www.upwork.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/691c978b-e9cb-4e29-a1aa-84e79127fc88
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0df60163198d0100f1db18b35908e0932a1b5ab97c0c0bc9e88c9ef4696ac92b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 5305
Content-Type: application/javascript

GET
H2 200 / Show response
cdn123.forter.com/ 34 B
335 B 165ms
63ms XHR
application/json 18.66.192.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn123.forter.com/?u=9436ca7eb80d4b2dbc4f6f71b0abdcaf&v=2
Requested by: Host:
URL: (program):2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-90.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: aac87e174c15215b322d85e8ebe8f2e55276a367540fee0d6120a2aaadb1ace2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Apr 2024 09:48:35 GMT
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 34
x-amz-cf-id: 6nwN-eUEstiSrJOazLV3MsUYYhObhuVBJtLe4vQ6GJC3D1Atdf__Mg==

GET
BLOB 200
OK e4391f5c-c4a4-45b7-a7c4-ecda0e805a16
https://www.upwork.com/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/e4391f5c-c4a4-45b7-a7c4-ecda0e805a16
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 116341e758cd57fd6290deaa09cba71b0b4c2b49118222f830ed0479369c05da

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 2372
Content-Type: application/javascript

POST
H3 200 suit Show response
www.upwork.com/shitake/ 2 B
673 B 228ms
225ms XHR
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/shitake/suit

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/suit2-tracker/0.3.23/index.iife.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json; charset=UTF-8
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upwork.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 875342b13b551e69-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H2

200

77bb599d6f1b2b2e6f2cb24e18fc04eba2e09a5d28de4164eae6300deb979342ac7f4acf601551e7d0f14cd0a674 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/77bb599d6f1b2b2e6f2cb24e18fc04eba2e09a5d28de4164eae6300deb979342ac7f4acf601551e7d0f14cd0a674

0
323 B

142ms
142ms

XHR
text/plain

2600:9000:237d:4e00:e:d088:5c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/77bb599d6f1b2b2e6f2cb24e18fc04eba2e09a5d28de4164eae6300deb979342ac7f4acf601551e7d0f14cd0a674

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Server

2600:9000:237d:4e00:e:d088:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Apr 2024 09:48:35 GMT
via: 1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: aJ0RyVCrAVAySUp5xuctg5gpnU3hOtEYyjL5Hp10o8mEzgKS91xTVw==

Redirect headers

date: Tue, 16 Apr 2024 09:48:35 GMT
via: 1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/77bb599d6f1b2b2e6f2cb24e18fc04eba2e09a5d28de4164eae6300deb979342ac7f4acf601551e7d0f14cd0a674
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: B2Uc4W9sw5JDDbxlgSApt6MoJP_ZVj9bGgXovJG8DVMsAUdmBXVgxA==

GET
BLOB 200
OK 7a19f61b-a62d-4acb-9a86-5a0e67ff44ba
https://www.upwork.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/7a19f61b-a62d-4acb-9a86-5a0e67ff44ba
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 724e80fc18a25fd67f9a3ea749a906c2467d1bf1b06dc190fb3e0f680cf8bc1c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 17453
Content-Type: application/javascript

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/9436ca7eb80d4b2dbc4f6f71b0abdcaf/ 20 B
358 B 361ms
117ms XHR
application/json 54.204.202.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/9436ca7eb80d4b2dbc4f6f71b0abdcaf/prop.json?_=1713260915379
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-202-163.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2024 09:48:35 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
BLOB 200
OK ae27da0a-6b13-4244-bd04-15536a7a57e4
https://www.upwork.com/ 68 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/ae27da0a-6b13-4244-bd04-15536a7a57e4
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aebf5e11b85a9ca6377b615fca84ca9c0db26ff5c81d59a985a864d5239926c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 68
Content-Type: application/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 138ms
44ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Apr 2024 09:48:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1294, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: auq4U216omZD+wbxzOeuK+pco9blbCpiIhL5Sz1LG8oS5CXOCMIUwk8FcVVt9DZstp8/KIXxZS8+XT2EMNnNEg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
86 KB 49ms
48ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-972598239

Requested by

Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c9f5a5cffa2b94a5d21975b0ba3318460e6d138ccc71f8db7f65c9063c362a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87625
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 09:48:35 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
86 KB 61ms
61ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-972598239&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7572X

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8e81874b634ec0a1aa5b755617bdd9185e28535e174b6c806f04ffa35fcd0c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87645
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 09:48:35 GMT

GET
H2 200 tc_imp.gif
obs.cityrobotflower.com/tracker/ 43 B
79 B 120ms
120ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cityrobotflower.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126bedc533ea4e8b989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d148d6a2217071a10acf9f29f671b87838f077e3b19fa7c235686398c37910d6454719a00520a34025e95b96d1977be26bb25cb43e2916af05365ac097c7a1bdb50ef4ef497d7d63fbb2807ff7ecaa8556d8e0e3143714493d60264fd60b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7978677a0ddc05afb35cd0e6f2094f79fb6f12a93daf07785715b90ebc33e1e10ff333cfec31331e78cfb268800ac17e48349c64dc89e7cc6393194cc27d0778cc0b6a69de5e71a2bf333a4feb875433eae8b27d4f401b95a5946901a44c09096c5d1f5c931c5259d99b99e35fc716b22877666859e9a5f20dbee7ee641a9d34b9137f72e0c0b44cb35ae00d087f62ee9dc76871da7d79cfd40ce17046dbd06471d3e5e7d87f435fa05c4cb8323b58e62edd0749ac2a7be7c85f0bf1f67748ffa0856c9b6491442f8eff63ff36bdeb303b1f224a022b22d870485678bf169995e5eb0bc98743e366706280d5a13a9e3926dd503b447484320f9b15dc38a4e5e8de486efe228bbb9f6f694e5bded590d60e94dedb55a679f40671dcb6a5d716dea72af761adee2c163887cd6258bab2cd1b90d997b0c3d21027c139adce5db3c7b5286194595d3d1a7b1ca53069eacbc7d96cc7267d9d2123f6be590d95625b13b845f9f1ee4239a12dbcd13e4b92eff9880d1845a61e8e9277e8375a291ada8109c7029100595745e56b1a73293fe408fc0cfda5edf869932093644bc3bab0cab50acfe3ec0404a20415c1918903ecafd4635ab73d2e4b06c8ddd479e756dae167d2f9deed1035beb6fa2cf74a17f317c0bc6666bfee7d72cb1452288c156f88bcff59243c45c522316f071255b9d951222e83aa4ffb44adb86896e2c26d81e401a18dd5510b08be4737c8c703397ce954bc9c8a89b0866eb4ce4543b1295117d1d80875d1ed5c4e9d7fea047b478b464d626c8931084b0a9393dee9a5282c3ebf0d6f9d5ce3d5e9ea67817893592168f01a2b77abac5ccc963edc586adb9547197e2efe2519e17db1004681274d8c17a24d667ea5cd58b37b10571a1141ebc6cecdd242dfb30621b13cda89b78c8&cri=bQYIT9s38B&ts=404&cb=1713260915529
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Tue, 16 Apr 2024 09:48:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK 7ce23aeb-4493-4f10-97fc-774e90a11499
https://www.upwork.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/7ce23aeb-4493-4f10-97fc-774e90a11499
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce3cb480d1d3df86c3c5bc92796c2264513a3f66eafc7b949cec30498f22686e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK 8363a571-15a6-48b4-80c4-1ac6c8b71edd
https://www.upwork.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.upwork.com/8363a571-15a6-48b4-80c4-1ac6c8b71edd
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd1a648c7f253fade461ac7f4763fc47f3f9050a8b190bc6f50db4e7697daf86

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 529
Content-Type

POST
H2 200 events
cdn3.forter.com/ 0
420 B 239ms
141ms Ping
text/plain 18.66.192.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-18.muc50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 09:48:35 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 1VO0rL_0OEitvwAD2NhRC4TcK2WIXUte_20ygWpslBoktxpM9ZzNtw==
expires: -1

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/972598239/ 3 KB
2 KB 152ms
55ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/972598239/?random=1713260915642&cv=11&fst=1713260915642&bg=ffffff&guid=ON&async=1&gtm=45be44f0v894577659za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fshiseido%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=759523612.1713260916&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972598239

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

29e3ec1fa81d309c334cf4abf435f0d011d29cc1381bcf6528ae638f9a32826b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 09:48:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1567
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 202 v1
www.upwork.com/upi/metrics/rum/ 0
502 B 228ms
227ms Ping
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/upi/metrics/rum/v1

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/app.af45b464.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: origin-when-cross-origin
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
vnd-eo-trace-id: 875342b39d441e69-AMS
x-powered-by: Express
cf-ray: 875342b39d441e69-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 463930381624031 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/463930381624031?v=2.9.153&r=stable&domain=www.upwork.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16209217d1ad1b5337e13442eb8b35005c9342aee0b7e89c599f751e64a349f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Apr 2024 09:48:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11919
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=61, mss=1294, tbw=63156, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: g9ZFzoTwF7Bo4VG8sYJ84eDd67ZTKUzjXoK5omMYPymtcOYMbiyCVmtA9+5Wu4pQo610SjGolOd/DTyfZ6u6Hg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/972598239/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972598239/?random=1424110084&cv=11&fst=1713260915642&bg=ffffff&guid=ON&async=1&gtm=45be44f0v894577659za200&gcd=13l3l3l2l1&dma_cps=sy...
https://www.google.com/pagead/1p-conversion/972598239/?random=1424110084&cv=11&fst=1713260915642&bg=ffffff&guid=ON&async=1&gtm=45be44f0v894577659za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u...
https://www.google.de/pagead/1p-conversion/972598239/?random=1424110084&cv=11&fst=1713260915642&bg=ffffff&guid=ON&async=1&gtm=45be44f0v894577659za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_...

42 B
64 B

138ms
52ms

Image
image/gif

216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/972598239/?random=1424110084&cv=11&fst=1713260915642&bg=ffffff&guid=ON&async=1&gtm=45be44f0v894577659za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fshiseido%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=759523612.1713260916&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIl86qorrGhQMVUw8GAB2H9gK0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwB7FLtqkWs_VTFuH47QqqKTqwsr7OWBayOsTw&random=153268602&ipr=y

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.upwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 09:48:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Apr 2024 09:48:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/972598239/?random=1424110084&cv=11&fst=1713260915642&bg=ffffff&guid=ON&async=1&gtm=45be44f0v894577659za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fshiseido%2F&label=f4FGCLPWhoUYEN_X4s8D&hn=www.googleadservices.com&frm=0&tiba=Upwork%20Enterprise%20Portal&gtm_ee=1&npa=1&pscdl=noapi&auid=759523612.1713260916&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIl86qorrGhQMVUw8GAB2H9gK0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LnVwd29yay5jb20v&is_vtc=1&cid=CAQSGwB7FLtqkWs_VTFuH47QqqKTqwsr7OWBayOsTw&random=153268602&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 816554411748126 Show response
connect.facebook.net/signals/config/ 38 KB
7 KB 42ms
42ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/816554411748126?v=2.9.153&r=stable&domain=www.upwork.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

4d8250c28bee86e916e32cf71b6e7e380fe14a7be4ce183158422ea9be96e8b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Apr 2024 09:48:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7063
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4329, tp=9, tpl=0, uplat=2, ullat=-1
pragma: public
x-fb-debug: u+kHHlVToc4CwwVB2e5RNNNJ5F9zjBRa4cHaOMD9fhPzHrUhIQzHyNz/nWRr3pmZ9vpIFSZ+TbcLhot2nNx/Sw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 172ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fshiseido%2F&rl=&if=false&ts=1713260915818&sw=1600&sh=1200&v=2.9.153&r=stable&ec=0&o=4126&fbp=fb.1.1713260915817.416242073&ler=empty&cdl=API_unavailable&it=1713260915765&coo=false&rqm=GET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2799, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Apr 2024 09:48:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 116ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463930381624031&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fshiseido%2F&rl=&if=false&ts=1713260915875&sw=1600&sh=1200&v=2.9.153&r=stable&ec=1&o=4126&fbp=fb.1.1713260915817.416242073&ler=empty&cdl=API_unavailable&it=1713260915765&coo=false&rqm=GET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2799, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Apr 2024 09:48:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 115ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=816554411748126&ev=CHEQ&dl=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fshiseido%2F&rl=&if=false&ts=1713260915875&sw=1600&sh=1200&v=2.9.153&r=stable&ec=0&o=4126&fbp=fb.1.1713260915817.416242073&ler=empty&cdl=API_unavailable&it=1713260915765&coo=false&rqm=GET

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2799, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Apr 2024 09:48:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/9436ca7eb80d4b2dbc4f6f71b0abdcaf/ 20 B
358 B 117ms
117ms XHR
application/json 54.204.202.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/9436ca7eb80d4b2dbc4f6f71b0abdcaf/prop.json?_=1713260915901
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-202-163.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2024 09:48:35 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4c4cc75a16ed/9436ca7eb80d4b2dbc4f6f71b0abdcaf/ 20 B
358 B 117ms
117ms XHR
application/json 54.204.202.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/9436ca7eb80d4b2dbc4f6f71b0abdcaf/prop.json?_=1713260916185
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-202-163.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2024 09:48:36 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H/1.1 200
OK upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 47E6 2 KB
2 KB 129ms
39ms Image
image/png 18.66.188.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.207 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-207.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fa952d9b6d3e241177a6da103960eb749e30d3e84c25f1d98fb1b2219ab1864

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 12 Sep 2023 13:16:38 GMT
x-amz-version-id: d6N_UYHUv2f.lf8yVQQ3CdauiMsM0ICM
Via: 1.1 c414bd1a4ce7ace94cbfdfa8efcbe5a6.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Jun 2021 18:49:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 18736319
ETag: "ff48a3c94b69990d5044c0b3b202dd9e"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=315360000, no-transform, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1678
X-Amz-Cf-Id: 8oeusNSP5HmdJk-AsV5dzsrl67f5qVAufhbZkU3W76i0Izi4befu-w==

POST
H/1.1 200
OK prop.json
9436ca7eb80d4b2dbc4f6f71b0abdcaf-4c4cc75a16ed.cdn.forter.com/ 2 B
622 B 365ms
118ms Ping
application/json 3.234.25.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://9436ca7eb80d4b2dbc4f6f71b0abdcaf-4c4cc75a16ed.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.234.25.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-25-89.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 16 Apr 2024 09:48:36 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Mon, 15 Apr 2024 11:06:52 GMT
Server: Apache
ETag: "2-616209e6cae63"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK dsG.js Show response
s3.amazonaws.com/ki.js/58403/ 296 B
657 B 381ms
138ms Script
application/ecmascript 16.182.66.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/ki.js/58403/dsG.js
Requested by: Host: www.upwork.com
URL: https://www.upwork.com/ent/portal/shiseido/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.66.48 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1c00966671ef5851364396ecc6e2059b5f87ff3194f2bbae4e21228e7b72605e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 09:48:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 16:39:17 GMT
Server: AmazonS3
x-amz-request-id: CM5N19K8KT1VWPF1
ETag: "2ece22ece4801274933c42bf99e7d009"
Content-Type: application/ecmascript
Cache-Control: s-maxage=3600, max-age=0
Accept-Ranges: bytes
Content-Length: 223
x-amz-id-2: ryhZrjtFAoR+lWf0FFnTH0hN7pgBL+v9kNhpyvI+UDqyNuDNcTdYreZac3aVf1tk7o1BvEvrfN8=

GET
H3 200 favicon.ico
www.upwork.com/ 15 KB
3 KB 98ms
98ms Other
image/vnd.microsoft.icon 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf8e29a940d47777eaf58ccd7837be2c39f4c81692434e05decf2f446081aeeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2903237
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 23 Jun 2022 09:09:39 GMT
server: cloudflare
vnd-eo-trace-id: 83f24b35372c15e7-SJC
etag: W/"914a93c870abba6895860df36e002f26"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=31536000
cf-ray: 875342b758cc1e69-AMS
expires: Wed, 16 Apr 2025 09:48:36 GMT

POST
H2 200 events
cdn3.forter.com/ 0
420 B 471ms
470ms Ping
text/plain 18.66.192.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-18.muc50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 09:48:36 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: K86ePqYqPTjESu4Kdztt4elTWZr7-dcVUpybQ-ohWHeOGP1W1thBIg==
expires: -1

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/4c4cc75a16ed/9436ca7eb80d4b2dbc4f6f71b0abdcaf/ 20 B
439 B 118ms
117ms XHR
application/json 54.204.202.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/9436ca7eb80d4b2dbc4f6f71b0abdcaf/wpt.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-202-163.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 16 Apr 2024 09:48:36 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.upwork.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=10
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/4c4cc75a16ed/9436ca7eb80d4b2dbc4f6f71b0abdcaf/ Frame 0
0 117ms
117ms Preflight 54.204.202.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4c4cc75a16ed/9436ca7eb80d4b2dbc4f6f71b0abdcaf/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-202-163.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.upwork.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Tue, 16 Apr 2024 09:48:36 GMT
Keep-Alive: timeout=10
Vary: Access-Control-Request-Headers

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
16 B 174ms
173ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Tue, 16 Apr 2024 09:48:36 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
147 B 131ms
131ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Tue, 16 Apr 2024 09:48:36 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 logo_small.gif
d3nocrch4qti4v.cloudfront.net/ 48 B
280 B 132ms
41ms Image
image/gif 2600:9000:225b:fc00:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_small.gif?dfpadname=&check=1713260917353
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:fc00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:37 GMT
via: 1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P1
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: 1vdKu6vrogMbnOr0WCxp9fwmOdtaLmxDfj7gF8vISrZdx73mT3cE3A==

GET
H2 200 logo_medium.gif
d3nocrch4qti4v.cloudfront.net/ 48 B
280 B 131ms
40ms Image
image/gif 2600:9000:225b:fc00:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_medium.gif?check=1713260917353&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:fc00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:37 GMT
via: 1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P1
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: pAJR_0VBsB30cjrPRaH63q3EjBMQxipx8Ka2FUWnUxHK1SHbtR7KYQ==

GET
H2 200 logo_large.gif
d3nocrch4qti4v.cloudfront.net/ 48 B
281 B 130ms
39ms Image
image/gif 2600:9000:225b:fc00:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_large.gif?1713260917353&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:fc00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:37 GMT
via: 1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P1
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: 8bw5al4VQHWWoEnbJJ-xZjDAfYj87RV9riu8hzcDMQGfadCgvWLr5A==

POST
H3 202 v1
www.upwork.com/upi/metrics/rum/ 0
702 B 236ms
235ms Ping
text/plain 104.18.90.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upwork.com/upi/metrics/rum/v1

Requested by

Host: www.upwork.com
URL: https://www.upwork.com/static/assets/Brontes/app.af45b464.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.90.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-viewport-width: 1600
Content-Type: application/json
Referer: https://www.upwork.com/ent/portal/shiseido/
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 09:48:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: origin-when-cross-origin
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
vnd-eo-trace-id: 875342bd9e4b1e69-AMS
x-powered-by: Express
cf-ray: 875342bd9e4b1e69-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

POST
H3 200 events
cdn3.forter.com/ 0
308 B 143ms
142ms Ping
text/plain 18.66.192.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.192.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-18.muc50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 09:48:38 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 badff53d2116a4b3d32a2dd1eb918a48.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.upwork.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: n4uG6njx-3HJdQ4r_O3dltrXPXXBrRWSYEvSdvBKRsufvciUsgrxFQ==
expires: -1

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
39 B 119ms
119ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Tue, 16 Apr 2024 09:48:38 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.cityrobotflower.com/ 0
39 B 130ms
130ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cityrobotflower.com/mon
Requested by: Host: ob.cityrobotflower.com
URL: https://ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.upwork.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.upwork.com
date: Tue, 16 Apr 2024 09:48:40 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST v1
www.upwork.com/upi/metrics/rum/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.upwork.com
URL: https://www.upwork.com/upi/metrics/rum/v1

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.upwork.com/	1969-12-31 23:59:59	Name: _cfuvid Value: N4utuOtT4T03Jjx0GK_PRuWN3ub6AKi49PG.cf7n06o-1713260913504-0.0.1.1-604800000
.upwork.com/	1969-12-31 23:59:59	Name: visitor_id Value: 80.255.7.103.1713260913663000
.upwork.com/	1970-01-20 19:55:47	Name: visitor_gql_token Value: oauth2v2_c40ac3304ac68b701d2671e7e9779de3
.upwork.com/	1969-12-31 23:59:59	Name: country_code Value: DE
www.upwork.com/	1969-12-31 23:59:59	Name: cookie_prefix Value:
www.upwork.com/	1969-12-31 23:59:59	Name: cookie_domain Value: .upwork.com
www.upwork.com/	1970-01-20 20:04:25	Name: __cflb Value: 02DiuEXPXZVk436fJfSVuuwDqLqkhavJbwSeE5xCJzwum
.upwork.com/	1970-01-21 00:13:32	Name: umq Value: 1600
.upwork.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 75AwhEndHdwcuNajJmANe6xOOLxlJAWY
.upwork.com/	1970-01-21 04:39:56	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Apr+16+2024+11%3A48%3A34+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202305.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=a78c3ac9-d22a-4d53-a5a7-05b2ca32e1c3&interactionCount=0&landingPath=https%3A%2F%2Fwww.upwork.com%2Fent%2Fportal%2Fshiseido%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.static-upwork.com/	1970-01-20 19:54:22	Name: __cf_bm Value: omCLwkxbjRp.n86f3LXifLGQqVGUUsPzppJeY2J6Zts-1713260914-1.0.1.1-gCV_QphJXSZSX6m.kyOwsc62h_0cH1ADTSMkqwhIVkSCaN36wnZTMYMbrJ1D3eckhNglOamqNsKP1btrvKCPPg
mpsnare.iesnare.com/	1970-01-21 04:39:56	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: 4hxAElF3HFSWrL0lVjnVuZQaocMJAK5mBmwwg0322GI=
.upwork.com/	1970-01-21 05:30:20	Name: _ga_KSM221PNDX Value: GS1.1.1713260915.1.0.1713260915.0.0.0
.upwork.com/	1970-01-21 05:30:20	Name: _ga Value: GA1.1.1975266432.1713260915
.upwork.com/	1970-01-21 04:39:56	Name: cf_clearance Value: V6hpn4gaEqPYCJQWR4TKKqKIM2zETwanrRuUr5rpwGo-1713260915-1.0.1.1-aDQ8AAIsWmLj7OdQgGXMCJvX8dJQYCOzpn_xRB4ygpuFB9yd2E6n2bjLIzw8NqTv8MlQI8F8ncWUfkKimDT20g
.upwork.com/	1970-01-20 22:05:44	Name: _cq_duid Value: 1.1713260915.OgfB910VTWATtLEP
.upwork.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1713260915.gqTKH0LqJmwLx0tJ
.upwork.com/	1970-01-20 19:54:22	Name: _upw_ses.5831 Value: *
first.iovation.com/	1970-01-21 04:39:56	Name: fp_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: NXXWRtnfH/eGv6b/+1FbQYcZY9bb3r91yMvg9EDIvcU=
.upwork.com/	1970-01-21 05:30:20	Name: _upw_id.5831 Value: 82763381-24b3-43ab-9e85-8c163dec8e35.1713260915.1.1713260915..07158773-2160-4436-a9b9-3078dbda9df8..64a00582-d226-4ed5-8108-28f94a035249.1713260915145.8
.upwork.com/	1970-01-21 04:39:56	Name: spt Value: 1c3f3000-5bde-4dec-ba34-9ad3e0519413
.upwork.com/	1970-01-20 19:54:25	Name: ftr_blst_1h Value: 1713260915360
obs.cityrobotflower.com/	1970-01-21 03:58:11	Name: cg_uuid Value: b5060b4244db12cef9dab9bbe161c76f
www.upwork.com/	1970-01-20 20:04:25	Name: AWSALB Value: yIRsNxI4XGLozY/q2y39tArRchWjwcFoSsVl4bF/FROTDRxGHY2Uv/8AcIRPswoQJqlB5sKd385//kLkZg4IWWZQfGszE5QMS2QL+Xk74mjopgbowsF9W8F3jvro
www.upwork.com/	1970-01-20 20:04:25	Name: AWSALBCORS Value: yIRsNxI4XGLozY/q2y39tArRchWjwcFoSsVl4bF/FROTDRxGHY2Uv/8AcIRPswoQJqlB5sKd385//kLkZg4IWWZQfGszE5QMS2QL+Xk74mjopgbowsF9W8F3jvro
.upwork.com/	1970-01-20 22:03:56	Name: _gcl_au Value: 1.1.759523612.1713260916
.upwork.com/	1970-01-20 22:03:56	Name: _fbp Value: fb.1.1713260915817.416242073
.upwork.com/	1970-01-21 05:30:20	Name: forterToken Value: 9436ca7eb80d4b2dbc4f6f71b0abdcaf_1713260914972__UDF43-m4_14ck
.doubleclick.net/	1970-01-20 19:54:21	Name: test_cookie Value: CheckForPermission
www.upwork.com/	1969-12-31 23:59:59	Name: usbls Value: 1
www.upwork.com/	1969-12-31 23:59:59	Name: enabled_ff Value: !CI10857Air3Dot0,CI11132Air2Dot75,air2Dot76,JPAir3,SSINavUserBpa,!CI10270Air2Dot5QTAllocations,!RMTAir3Hired,!RMTAir3Home,!air2Dot76Qt,CI9570Air2Dot5,!RMTAir3Offer,!CI17409DarkModeUI,OTBnrOn,i18nOn,!i18nGA,!CLOBJPGV2RJP,!SSINavUser,!RMTAir3Offers,!CI12577UniversalSearch,!MP16400Air3Migration,TONB2256Air3Migration,!RMTAir3Talent
.upwork.com/	1970-01-20 19:54:22	Name: __cf_bm Value: ckZIQASpjiX2v_JbbZ2GpcUReR8sltjZ1EvL2qsZNCk-1713260917-1.0.1.1-mhaTRkU9yB5Rhi9lAnmVFefHk6nEGsCvySW7oKJsPioqEww0CNGyjdXsRKS4k3eWQlpT79Pls77WYffykKl7kg

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.upwork.com/ent/portal/shiseido/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.upwork.com/ent/portal/shiseido/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.upwork.com/ent/portal/shiseido/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.upwork.com/ent/portal/shiseido/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.upwork.com/ent/portal/shiseido/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.upwork.com/ent/portal/shiseido/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.upwork.com/ent/portal/shiseido/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.upwork.com/ent/portal/shiseido/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
worker	verbose	URL: blob:https://www.upwork.com/7ce23aeb-4493-4f10-97fc-774e90a11499(Line 1) Message: Error
other	warning	URL: https://www.upwork.com/ent/portal/shiseido/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/463930381624031?v=2.9.153&r=stable&domain=www.upwork.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.upwork.com/ent/portal/shiseido/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	Message: A bad HTTP response code (403) was received when fetching the script.
other	warning	URL: https://www.upwork.com/ent/portal/shiseido/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.upwork.com/ent/portal/shiseido/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.upwork.com/ent/portal/shiseido/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.upwork.com/ent/portal/shiseido/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	https://feedback.usabilla.com/
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c4cc75a16ed.cdn4.forter.com
9436ca7eb80d4b2dbc4f6f71b0abdcaf-4c4cc75a16ed.cdn.forter.com
assets.static-upwork.com
cdn.cookielaw.org
cdn0.forter.com
cdn123.forter.com
cdn3.forter.com
cdn9.forter.com
connect.facebook.net
d3nocrch4qti4v.cloudfront.net
d6tizftlrpuof.cloudfront.net
first.iovation.com
geolocation.onetrust.com
googleads.g.doubleclick.net
mpsnare.iesnare.com
ob.cityrobotflower.com
obs.cityrobotflower.com
region1.google-analytics.com
s3.amazonaws.com
shiseido.upwork.com
upwork-usw2-prod-agora-file-storage.s3.us-west-2.amazonaws.com
w.usabilla.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.upwork.com
www.upwork.com
104.16.16.72
104.18.90.237
142.250.185.228
142.250.186.66
157.240.252.13
16.182.66.48
172.217.18.2
18.66.188.207
18.66.192.18
18.66.192.90
2001:4860:4802:32::36
216.58.212.136
216.58.212.163
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:20ae:8400:2:7cf7:d580:93a1
2600:9000:225b:fc00:7:bffe:c3c0:21
2600:9000:237d:4e00:e:d088:5c40:93a1
2600:9000:26da:3c00:f:1b37:e600:93a1
2606:4700:4400::6812:2089
2606:4700::6813:b134
2a00:1450:4001:831::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.234.25.89
3.5.85.37
52.129.66.124
52.213.60.53
54.195.39.4
54.204.202.163
0259fc43a165af0495fa4d00146741ab21b43edef5e48c52baf8586e5188673d
08ee2ce16493a97b0f9c7c46570cf989757232ece682aaa921969c600a24eebb
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5
0c1b0d921838af0aee9da4b2062e1cd39fb0f25b341c9242e10de3edda8c31e4
0d953dc41298d52c10bb9bee3c46936cea2114c006c3d742306bfdebe683e9c0
0df60163198d0100f1db18b35908e0932a1b5ab97c0c0bc9e88c9ef4696ac92b
0f259a3aede9e49189951468cf324b5daa80b02adedca73d153bd02df5e3cea4
11347cf1a6c111cb2741068ce8243e9ba9f53da0d54d98ed183629e4a05d4bd6
116341e758cd57fd6290deaa09cba71b0b4c2b49118222f830ed0479369c05da
15e86d5cbde758b280a3bb4c70186be230e8ca7ae111b5d1581e9e13166197f2
16209217d1ad1b5337e13442eb8b35005c9342aee0b7e89c599f751e64a349f3
1685cb016dd9fba3b73e05f71af37750153ad4c256d34c5bcab9ece4948209fa
1c00966671ef5851364396ecc6e2059b5f87ff3194f2bbae4e21228e7b72605e
2001b122d8aaa321440774ae6b4eb3ad421298dc11e0cc130c3af72d9950ac23
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29e3ec1fa81d309c334cf4abf435f0d011d29cc1381bcf6528ae638f9a32826b
2f11a5008f6b38a19dbdc4839557c62ce408d84885dc3e2e4eab7ba8bcdecd96
2fa952d9b6d3e241177a6da103960eb749e30d3e84c25f1d98fb1b2219ab1864
2fd5527f3f4baa40f41c767c9c079bb6d02bb5f7b6db87cbfd7b91fd6c6afbeb
3034bbccd5db1f3cca63c1801c463ed9a04ce20083d92c562c73cdaa48f3bef3
30ac7c2af90e50f482717276d45f3c06b87be9ebdae519cf643ff28a2189bd1a
3b45c6cd9209d6f0f4c59e7a3b7db80a0f642898d4728fef9252155a6d264427
3dbcc7d8f190b13cb305f904163823956884661b67dfbeaeaf470c1b145d79eb
3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c
40d3b680d7ddc1d2000504b88b4d5aea754a3b498fd7b1d1e54dc6fd623c8a71
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445ab2cc9940a67bf03fc52b2cf088bb9cfccc9f40e3024506e83c4e9389c15e
4a4f2e4a171ccedba4ac74230d837eb8dbcdc52546f27b0aba0e0a5f043dbbaf
4aebf5e11b85a9ca6377b615fca84ca9c0db26ff5c81d59a985a864d5239926c
4d8250c28bee86e916e32cf71b6e7e380fe14a7be4ce183158422ea9be96e8b7
50e672fec7cd3d86110b7769b6084812f12624160816f9a41de53a0ed306634d
514c1cd01e68ca5b1923cf34034152926a51ee35765f98d11cefb2ca1e9f77be
5a4a16fa3036e271376d3ceeef56a5f49dff42ea2560c18099177be8d46fe076
5c8b9e3340e5933701b1e3310e3ed3c0b41069a0c0222e7f3a046b43947d84fa
5d8de15fed47c03e4b9ff2a45789c0d19170f56c770aa57fa1f912b7a8c5840e
5e0fad370e50e89b4c84738050440070d6a9723aca47f1f6070b02ce21d22ef5
61d3afb97a70ec3dc521dd9f39fcb6c80d6d4a99f1b98b442aa253dc73025bc4
6210f63d1b6c7039b231df347143106c6e277287f38084be696ae69ed982f601
724e80fc18a25fd67f9a3ea749a906c2467d1bf1b06dc190fb3e0f680cf8bc1c
7a6c3a8fd2fb0461aa65c91c25a5c88c75869578690812e35f694093870fa0b3
7bdfd46cdac7d6e9a54b7e63d8c43cce2a82269cc72c3a2cb471eab955240a5b
8295bdb7d8e4b26d048e8a7851c82332c08c73f966928b4f923d6f20f53ddce6
8392acacde68221a87fcd55491814d4b23cb35bc0c446b4814bd3617e7f1e276
8525f61bbe92c372a96def4a815ddbfa3d3b436613c4bc60e2110f130110554b
8a8189ef83beb900dda1187c13bedf6b99d48ab1eb79b9f99a5a4f92a35adb22
8e81874b634ec0a1aa5b755617bdd9185e28535e174b6c806f04ffa35fcd0c3a
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
953c00d9f746985de8ecd4e6ae057447673a28651345583bec316b828cb39d1d
9587b91572aefc39a177038bad16f4e39e948e8ae9ceb58cd1e08aec32831202
96a369fdc286e585d8a9a2f476cd192183288976e0f912b84755884da6b92a09
97322f9c24f19633ef8fa32d1fd4aa38003c093981b1c97c9ee9e16017586144
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a132064ca587aaad8529b705c1b9d78a0d4575c5e735d7e2545ebcb052fd6ff
9f4bfc1cfb24a24801a21c8017882367c9278aa56c6dc229277607d718fcaa0b
9f5f2cd8525aa7f7deb99b01e0c2a5e37d081391563d70fee43a328f0900df5c
a1a12fabf9e6b9a3152ad127b6fa36c9c2f51c2a941c5fd39e524e46de4fd5a2
aaa8996d0ed87657510d796a4466f063b99b94eae7462ab16e0e3e14c02bfbed
aac87e174c15215b322d85e8ebe8f2e55276a367540fee0d6120a2aaadb1ace2
b14286811bbdfa278ca83d58644239f4fce8da121603fd8a2b46799c797ee858
b21f864ab7c5276f33784d7528f3287a9e9e40f261249184b794ffd168fd6ee2
b2d566a555b3d620e4bcba253bc2d13e9b706fc348a9b73e7ad793b353744842
b357e7978dda3b6d62947687eb3e83ca11e32f328ad65eefc56b986a67ddff1a
b952500de9d2b376bf2ed15b2ae71af142bc7d771166b56eed807318ac86dac3
b9b0e7fa69e5055d74b241dc9ada62ba0bd061bc80b0b09c1a9f72f34d736a6e
b9db1210414443d228819c8d334332ac2ae9cc8763e1335e616612628a54f082
bc007dfb452017215b938b8d14b86db885e74c8cf91f5883e75aeda5ad3f8d59
bd1a648c7f253fade461ac7f4763fc47f3f9050a8b190bc6f50db4e7697daf86
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
be6ff0c07b7539fa85fae265b7edbd2bf491caf58a0097eb743234bfefc61765
bf8e29a940d47777eaf58ccd7837be2c39f4c81692434e05decf2f446081aeeb
c739c5904aebb2b2963d1b783e8ddf583627fc89430703d9717a94567b78f029
c7e2b54de190551da1862da123ac41c9ac08299f114bafdf56b18b9485fc6e4e
c9f5a5cffa2b94a5d21975b0ba3318460e6d138ccc71f8db7f65c9063c362a69
cadb5aa7aac3c4470fed6757bc885a78949ba0370d430ba3c457c215b13224a6
ce3cb480d1d3df86c3c5bc92796c2264513a3f66eafc7b949cec30498f22686e
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d469b921a00abd94cfff567f3cd24e994c47f46f4e8bd003455871c2ae23dd7e
d4a19e150e2af149e6bfd64773e7a3cfee98e8c8e71bd0402cac449dcd3defcf
d4b44d15995590599f4828e5f5975538ff99c044ae820f6d516e5dd5399c40d1
d61178c89500297a60cefb59a02cccd0be183580e4698c86dbffce1ad835b456
d7f1818d3336cab5cc6f41a8dd48aef02799655288609fdcc9bc8193a7ab30ef
da2932e5fa1461138b18ee3ade68671f6e455652d50c016244ea3fa965713fed
da55dfb770c59127b4d3d0ea26d7a1626453d32e397e1ea1415a85656bf724a0
dab50fb349458f5decdae1f072062e963a07cf3ec79175a56754ce7aa384d5b8
dd4ed5550ea601593c21e67361101900a8ae3c5c2f05e555d3f6b9da629e36b1
de760bf5269ffc35926eec9eeef853987d7412040586aa8db442de68f633c263
e050b0a1bff37f22911ed654df6b88726ddd530aafd313b3acf2015bfdb95911
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91d3f871ede800d5ec15a218687dedc0cbbbaea56d27aa136866d10e264ac45
ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7be6c99644d8250736cdef74476044c13f35c29096c151e1104260156a630e
f9bf2ef666bc381b00836a3464d95fa0555c69e9609623ff98995b44b999df8e

www.upwork.com Open in urlscan Pro 104.18.90.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

89 %HTTPS

38 %IPv6

19 Domains

28 Subdomains

28 IPs

4 Countries

1673 kBTransfer

4982 kBSize

32 Cookies

11 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.upwork.com Open in urlscan Pro
104.18.90.237 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

89 %
HTTPS

38 %
IPv6

19
Domains

28
Subdomains

28
IPs

4
Countries

1673 kB
Transfer

4982 kB
Size

32
Cookies

120 HTTP transactions
0 data transactions