| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha5daf4dc99951793ae2315d4795e8146 4427507ca4d3a5632cc8f598afbc85e2195d00bd 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6510
Expires: Wed, 30 Nov 2022 05:39:28 GMT
Date: Wed, 30 Nov 2022 03:50:58 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash4ed065cb23b5fca1a179dd73b3c5b7b2 4422eb24688f5e056fc1b18b127c7f63b1dbf5e0 b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5470
Cache-Control: max-age=115883
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:50:58 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 12:02:21 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9fce5679881bf302a8978a0b462f01a9 b699fe030ea13ac73813e655c42ed9b531925e2b a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11516
Expires: Wed, 30 Nov 2022 07:02:54 GMT
Date: Wed, 30 Nov 2022 03:50:58 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 03:19:39 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1879
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZxRbX+Wem3rWzmtyg59lYMpb0aGiIdCjKR2nDXgdOYbk/X7NmEIWLky11l8py35nXUo14x4sOE8=
x-amz-request-id: 0Y76D1FE6W3K4XV5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 03:45:04 GMT
age: 354
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 03:50:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash521285885f42420ec51c95e605444eb4 134b19703d5382c790bb38f5cff9a37a099009f1 f793474355fe47eea9a0d0db08a93e30ada7f400d0094f09777844ae1a53b518
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=102490
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:50:58 GMT
Etag: "6385c07c-117"
Expires: Thu, 01 Dec 2022 08:19:08 GMT
Last-Modified: Tue, 29 Nov 2022 08:19:08 GMT
Server: nginx
Content-Length: 279
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 03:08:56 GMT
cache-control: public,max-age=3600
age: 2523
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| link.t.upwork.com/ls/click?upn=VqS90m2f8fx8n-2F1K6AZcGbPcv3ag7rzlW2nWQBZhjU485RhGvLCjx76Vgaok0phEVsLauSJ7-2B2CzLWy6f1ObyBVjJh3LKowHAFQAlj6iIPHTkOQRIHKc426CwLaVHh4fgULrT-2FLMOENVqbRrQemcmcbZnFmQpbXBffsa2xdbrBo-3DE6SE_u7AqlOJ-2B6AOsXGhIXfAP5SElJ1FJEdPpab0HC074B1rbduOvlGwzsbL9T0p9PpGzF66C0BYimutlKMmLdVjUcMIREmQo0WqSG-2FQ7KCrkH-2FJsHmHxBkYId-2F3MYB1SHEAQjzeQnPVfFyqNJqZAzFSWNv-2Ff2zH65xFgjQ9B7ijSDnOp60h7EUl-2FIhysNFk3Ftq6QNALv-2F6l44oIEvyXJzu-2Fc2-2BZwSUZBysZxOHui0FK0ETnBYylTEqJwFj5RaHXMlltIcauCiJ73Wmi-2BRJ5Ly1KwizlrbLDWnqhVdNBY0hBiheiEPxGNaoFE6GhFPSkNi6RVBfRiOPGxlAQfftT4V8S9XU4RstYWoqkeyq6PSGmDmzyMHnlEHmJCZb7ETSNj0c8GexuBXm-2FIehk-2FYMr4nattEL-2Fj6xadLfqzUE7DSfDWX1F-2FqShqFnhwzYWFS4evrHt7klJpsM0-2ByaGX127ZIWD-2FFgOUWcpU66p1a-2FKEPV9scZS3OW23q1vfqL9zfUXAHWtf1BMvkqxuTzv2-2B4fosWkA6bseaWEN7-2Bh6yhx5HwWbQwuVoJYGyUYKTjaDyE1SpRAy-2FE94nLMQfCBymbjm-2BRaXo30ve6vv5Td913TdAT-2FWx4XMTTPt6ZiBtsLLuiKQpPcm1YFY21qeFpGAE-2BI2Epdcjt-2F5sFy-2F9LrAOmbvctrrrc-3D | 104.16.248.119 | 302 Found | 149 B |
URL HTTP/2link.t.upwork.com/ls/click?upn=VqS90m2f8fx8n-2F1K6AZcGbPcv3ag7rzlW2nWQBZhjU485RhGvLCjx76Vgaok0phEVsLauSJ7-2B2CzLWy6f1ObyBVjJh3LKowHAFQAlj6iIPHTkOQRIHKc426CwLaVHh4fgULrT-2FLMOENVqbRrQemcmcbZnFmQpbXBffsa2xdbrBo-3DE6SE_u7AqlOJ-2B6AOsXGhIXfAP5SElJ1FJEdPpab0HC074B1rbduOvlGwzsbL9T0p9PpGzF66C0BYimutlKMmLdVjUcMIREmQo0WqSG-2FQ7KCrkH-2FJsHmHxBkYId-2F3MYB1SHEAQjzeQnPVfFyqNJqZAzFSWNv-2Ff2zH65xFgjQ9B7ijSDnOp60h7EUl-2FIhysNFk3Ftq6QNALv-2F6l44oIEvyXJzu-2Fc2-2BZwSUZBysZxOHui0FK0ETnBYylTEqJwFj5RaHXMlltIcauCiJ73Wmi-2BRJ5Ly1KwizlrbLDWnqhVdNBY0hBiheiEPxGNaoFE6GhFPSkNi6RVBfRiOPGxlAQfftT4V8S9XU4RstYWoqkeyq6PSGmDmzyMHnlEHmJCZb7ETSNj0c8GexuBXm-2FIehk-2FYMr4nattEL-2Fj6xadLfqzUE7DSfDWX1F-2FqShqFnhwzYWFS4evrHt7klJpsM0-2ByaGX127ZIWD-2FFgOUWcpU66p1a-2FKEPV9scZS3OW23q1vfqL9zfUXAHWtf1BMvkqxuTzv2-2B4fosWkA6bseaWEN7-2Bh6yhx5HwWbQwuVoJYGyUYKTjaDyE1SpRAy-2FE94nLMQfCBymbjm-2BRaXo30ve6vv5Td913TdAT-2FWx4XMTTPt6ZiBtsLLuiKQpPcm1YFY21qeFpGAE-2BI2Epdcjt-2F5sFy-2F9LrAOmbvctrrrc-3D IP104.16.248.119:0
File typeHTML document, ASCII text Hash27562b5cd406537b9d7ea1b402c2a54d 816bc9cb01571ece5157c5ac61385f45a2a8c7b8 781be6a260c6d442e12076e779582ed3f03166839cb51e6b0d1ae583504d4a8b
GET /ls/click?upn=VqS90m2f8fx8n-2F1K6AZcGbPcv3ag7rzlW2nWQBZhjU485RhGvLCjx76Vgaok0phEVsLauSJ7-2B2CzLWy6f1ObyBVjJh3LKowHAFQAlj6iIPHTkOQRIHKc426CwLaVHh4fgULrT-2FLMOENVqbRrQemcmcbZnFmQpbXBffsa2xdbrBo-3DE6SE_u7AqlOJ-2B6AOsXGhIXfAP5SElJ1FJEdPpab0HC074B1rbduOvlGwzsbL9T0p9PpGzF66C0BYimutlKMmLdVjUcMIREmQo0WqSG-2FQ7KCrkH-2FJsHmHxBkYId-2F3MYB1SHEAQjzeQnPVfFyqNJqZAzFSWNv-2Ff2zH65xFgjQ9B7ijSDnOp60h7EUl-2FIhysNFk3Ftq6QNALv-2F6l44oIEvyXJzu-2Fc2-2BZwSUZBysZxOHui0FK0ETnBYylTEqJwFj5RaHXMlltIcauCiJ73Wmi-2BRJ5Ly1KwizlrbLDWnqhVdNBY0hBiheiEPxGNaoFE6GhFPSkNi6RVBfRiOPGxlAQfftT4V8S9XU4RstYWoqkeyq6PSGmDmzyMHnlEHmJCZb7ETSNj0c8GexuBXm-2FIehk-2FYMr4nattEL-2Fj6xadLfqzUE7DSfDWX1F-2FqShqFnhwzYWFS4evrHt7klJpsM0-2ByaGX127ZIWD-2FFgOUWcpU66p1a-2FKEPV9scZS3OW23q1vfqL9zfUXAHWtf1BMvkqxuTzv2-2B4fosWkA6bseaWEN7-2Bh6yhx5HwWbQwuVoJYGyUYKTjaDyE1SpRAy-2FE94nLMQfCBymbjm-2BRaXo30ve6vv5Td913TdAT-2FWx4XMTTPt6ZiBtsLLuiKQpPcm1YFY21qeFpGAE-2BI2Epdcjt-2F5sFy-2F9LrAOmbvctrrrc-3D HTTP/1.1
Host: link.t.upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 30 Nov 2022 03:50:59 GMT
content-type: text/html; charset=utf-8
content-length: 149
location: https://www.upwork.com/nx/tax/?utm_source=Braze&utm_medium=email&utm_campaign=20221129_AH_FL_TaxEmail_NON-US_Milestone
x-robots-tag: noindex, nofollow
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
set-cookie: __cf_bm=NSaP_HRuNctGYu48Mb6QbiKMyFwAQ0L6pnC1DlGrL9k-1669780259-0-AaJVCzWB7LCv1IXb7tGcknUUgKfchBUR3FsjsQTu4WTeEhnzb9h1FnS4nGYUbJbEhuvZ4cVueOoBf+zt7uqzb34=; path=/; expires=Wed, 30-Nov-22 04:20:59 GMT; domain=.upwork.com; HttpOnly; Secure; SameSite=None
__cfruid=1c894e9bfa17c00e4db4fb372bba246021d31780-1669780259; path=/; domain=.upwork.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 77209f3afbf80afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash841c20f218c326ba6bc60f6b478bdabb 5bdb02b4ab8b1201c35a189be652eb095a8091f6 6d25179efcec405dec363ef91d6b33b78107a8418c545e481fb9e205aa5d9db3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4690
Cache-Control: max-age=108981
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:50:59 GMT
Etag: "6385c786-1d7"
Expires: Thu, 01 Dec 2022 10:07:20 GMT
Last-Modified: Tue, 29 Nov 2022 08:49:10 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash521285885f42420ec51c95e605444eb4 134b19703d5382c790bb38f5cff9a37a099009f1 f793474355fe47eea9a0d0db08a93e30ada7f400d0094f09777844ae1a53b518
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5725
Cache-Control: max-age=108214
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:50:59 GMT
Etag: "6385c07c-117"
Expires: Thu, 01 Dec 2022 09:54:33 GMT
Last-Modified: Tue, 29 Nov 2022 08:19:08 GMT
Server: ECS (amb/6B87)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash3c8c689bd654417640d85f3da51af313 85123b6d46230a23d03768bf304b386e5d301305 516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5472
Cache-Control: max-age=110821
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:50:59 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:38:00 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 55 B |
IP93.184.220.29:0
File typeHTML document, ASCII text Hash9f073354411bbaf7a319b1519f10b4b7 571498f38548829bf186f49f5be9d5fa6e689a68 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4359
Cache-Control: max-age=108650
Content-Type: text/html
Date: Wed, 30 Nov 2022 03:50:59 GMT
Etag: "6385c786-1d7"
Expires: Thu, 01 Dec 2022 10:01:49 GMT
Last-Modified: Tue, 29 Nov 2022 08:49:10 GMT
Server: ECS (amb/6B87)
X-Cache: HIT
Content-Length: 55
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashdd2758bfa60c7420d3ee74a21c99b354 5bcc485f6b2527cb158cd0b0ae01f9390534ecb4 1a95adb2c49a29b063a4603fa504e9957fdb0071ebf695b378e40db9dc29ca10
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5470
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:50:59 GMT
Last-Modified: Wed, 30 Nov 2022 02:19:50 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
|
|
| cdn.cookielaw.org/scripttemplates/otSDKStub.js | 104.16.148.64 | 200 OK | 7.2 kB |
URL HTTP/2cdn.cookielaw.org/scripttemplates/otSDKStub.js IP104.16.148.64:0
File typeASCII text, with very long lines (21747) Hash6ca9058d9138dc07d9a378e6f20a8b7b ff5f65ad24a8e2b3042cbb0136be7edb52215c1a 1561d36bd995a09ea69c243767e196dd2e76a2753b59b78ecbf999161904f86d
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:50:59 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: bKkFjZE43AfZo3jm8gqLew==
last-modified: Tue, 29 Nov 2022 08:50:42 GMT
etag: 0x8DAD1E6CC69451D
x-ms-request-id: 45d9a4d3-101e-00ac-6050-04f971000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 7288
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77209f3ff8680b31-OSL
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.186.169.128 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.186.169.128:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xbS2v4kH6DK49W2EdXXUaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1xw1rTO4tPrNuk0oWvpEcHaky6c=
|
|
| cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/beb279fb-8702-46ec-a677-6f14e3828966.json | 104.16.148.64 | 200 OK | 1.6 kB |
URL HTTP/2cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/beb279fb-8702-46ec-a677-6f14e3828966.json IP104.16.148.64:0
File typeJSON data\012- , ASCII text, with very long lines (3833), with no line terminators Hashaeba5f5ffffddee947609a829c8392f6 1fca9ccfb76c3da45be98a95ab0cc72ac87c1832 6ce89c8a2712d7ed9d5f2ec1b19988c34bdb3bd2822e0d0e7cdaa54e1ff7a6a7
GET /consent/beb279fb-8702-46ec-a677-6f14e3828966/beb279fb-8702-46ec-a677-6f14e3828966.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upwork.com
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:50:59 GMT
content-type: application/x-javascript
content-length: 1581
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: rrpfX//93ulHYJqCnIOS9g==
last-modified: Tue, 27 Sep 2022 10:44:41 GMT
etag: 0x8DAA07548531F22
x-ms-request-id: e1cb6f57-f01e-0147-067e-d241d8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1263
expires: Thu, 01 Dec 2022 03:50:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77209f405f041c0a-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash40eefa3b9e8d12b27d6ff4aa5d315595 020efbd1a1ff58276406cee38388cf21accf5f5f ab8e08a5d8b2fe8368d6df77a87b3c0e9ce9fe3b1d6e103e22fe2cbf5f0ca75c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5468
Cache-Control: max-age=121277
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:00 GMT
Etag: "6385f485-117"
Expires: Thu, 01 Dec 2022 13:32:17 GMT
Last-Modified: Tue, 29 Nov 2022 12:01:09 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
|
|
| cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js | 104.16.148.64 | 200 OK | 90 kB |
URL HTTP/2cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js IP104.16.148.64:0
File typeASCII text, with very long lines (65455) Hash669fc272b6662bb850d92e9cfedf53a7 e573ee887b0ca01445457cc338f510c559a092f4 e77f0bfe908a1ee2181992bad85721333d192528c2a00aac42077549f7d377ba
GET /scripttemplates/6.39.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:51:00 GMT
content-type: application/javascript
content-length: 90454
content-encoding: gzip
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
etag: 0x8DA87805EB35DE2
x-ms-request-id: a98cb099-e01e-0171-4a83-b9ec8a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 7288
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77209f42792e0b31-OSL
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/2cef32a6-ea85-4193-bf8d-402673d01d2d/en.json | 104.16.148.64 | 200 OK | 28 kB |
URL HTTP/2cdn.cookielaw.org/consent/beb279fb-8702-46ec-a677-6f14e3828966/2cef32a6-ea85-4193-bf8d-402673d01d2d/en.json IP104.16.148.64:0
Hash934ba114c09d8a9fc03e1a9cac18325a 1d60ae5c20764bb339c60349dbb2fdbc41a91e21 9c9f3dcf514ee3e0fc0ec62f37710b49831cf30982f75a6b97717c85be365755
GET /consent/beb279fb-8702-46ec-a677-6f14e3828966/2cef32a6-ea85-4193-bf8d-402673d01d2d/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upwork.com
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:51:00 GMT
content-type: application/x-javascript
content-length: 24582
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: FAWRbrXutHmwV/z9BsAcbA==
last-modified: Tue, 27 Sep 2022 10:44:49 GMT
etag: 0x8DAA0754D0A8328
x-ms-request-id: 92d56f50-e01e-0057-1a78-d2316b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 17504
expires: Thu, 01 Dec 2022 03:51:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77209f430f9f1c0a-OSL
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedCorner.json | 104.16.148.64 | 200 OK | 2.6 kB |
URL HTTP/2cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedCorner.json IP104.16.148.64:0
File typeJSON data\012- , ASCII text, with very long lines (8019) Hasha75dd31283f6d51785f305b2c61061d1 cf08d4736e63f0e545db6eb4dea6a6cde83bf3f3 3dfe5c9aff1cc529792d8d2670e143abaf12b00815532dbadc7df7ebd86e10bd
GET /scripttemplates/6.39.0/assets/otFloatingRoundedCorner.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upwork.com
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:51:00 GMT
content-type: application/json
content-length: 2589
content-encoding: gzip
content-md5: p13TEoP21ReF8wWyxhBh0Q==
last-modified: Fri, 26 Aug 2022 16:30:56 GMT
etag: 0x8DA87805A754483
x-ms-request-id: 39859391-401e-0111-5b6e-d2a9a8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 11047
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77209f43afc81c0a-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash33f732b4dfbd5fb3ed7345eba2896fe6 2652f214cf7127302cc65b1d4e42f48a80907d5d 904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css | 104.16.148.64 | 200 OK | 30 kB |
URL HTTP/2cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css IP104.16.148.64:0
Hashb0c262f14285afbd444aede6278e4a50 d50939c77beffd32ff1cb3d148810f46f419ccd9 822f4fb1d48e23e6c5d90db57df4692fb245db2fb7308e1e1ef1c3cdde7d8eaa
GET /scripttemplates/6.39.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upwork.com
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:51:00 GMT
content-type: text/css
content-md5: B55i3ZY9miZIaUrwjufy0w==
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
x-ms-request-id: a97298c1-e01e-0171-0a77-b9ec8a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 1264
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77209f43afcb1c0a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-P4HMDL | 142.250.74.168 | 200 OK | 46 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-P4HMDL IP142.250.74.168:0
File typeASCII text, with very long lines (16285) Hash3db296176caee0b45899139be8086485 375506ecc51b4bf8980724bf65e80769748e7e78 7ab96bad5984729aa482f6f0569afd5f0495f913f0868601b7f813f5f38312f9
GET /gtm.js?id=GTM-P4HMDL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 03:51:00 GMT
expires: Wed, 30 Nov 2022 03:51:00 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashf50fd635895870df33a17fe377a6a038 dd65dfbbc810b095432cfd59f971af04a9e31ab7 ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| 4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/script.js | 143.204.55.20 | 200 OK | 137 kB |
URL HTTP/24c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/script.js IP143.204.55.20:0
File typeASCII text, with very long lines (65536), with no line terminators Size137 kB (137442 bytes) Hash3b4411ba5f1eca1846674d2a7aa27d87 63cbddbad9e75448b49adcc1ca76b80f224768ae d22537f11ec20837ce3c9b33b07b539ff1112cc8228e7ed190c813c4f73c6c51
GET /sn/4c4cc75a16ed/script.js HTTP/1.1
Host: 4c4cc75a16ed.cdn4.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 21 Nov 2022 16:48:39 GMT
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
timing-allow-origin: *
last-modified: Mon, 21 Nov 2022 16:48:39 GMT
expires: Mon, 21 Nov 2022 16:53:39 GMT
cache-control: private, max-age=300
x-sourcemap: https://cdn4.forter.com/map/suid/4c4cc75a16ed/29036831989
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dum8ubdDbazdCXT4MM5_HKRIxJcQSapkbV08kNb4MnGna_ayl47WFQ==
age: 730941
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 764 B |
IP93.184.220.29:0
Hash8e4f6e1c0c1e00c3d5c8b679ee51ab48 77db80524c2c5728855e2722c08f4a1aa1409838 a885fe59b936e66f08aa6242608d03383979042a7f174d70b64db629989ecfb6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4648
Cache-Control: max-age=129436
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:00 GMT
Etag: "63861798-117"
Expires: Thu, 01 Dec 2022 15:48:16 GMT
Last-Modified: Tue, 29 Nov 2022 14:30:48 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashfe58fb8f7d5837568d4480d31ec4d1c5 cdc4351995771a0fe9a628cade93ebac3f8263cb d8acd575a4bc3047b8cfe69245144ffe4d68084ccfc9860f6633200817cada91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5479
Cache-Control: max-age=141059
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:00 GMT
Etag: "638641c0-117"
Expires: Thu, 01 Dec 2022 19:01:59 GMT
Last-Modified: Tue, 29 Nov 2022 17:30:40 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
|
|
| cdn.jsdelivr.net/npm/workbox-cdn@5.1.4/workbox/workbox-sw.js | 104.16.88.20 | 200 OK | 986 B |
URL HTTP/2cdn.jsdelivr.net/npm/workbox-cdn@5.1.4/workbox/workbox-sw.js IP104.16.88.20:0
File typeASCII text, with very long lines (1282) Hash39a3a9522ef079e5aed347b1006e1561 08d8851d569cd4f8cab677655f0fc8061d39c728 318d657a2caec3492926ecae235930d32d00f2314c242313564ab6a75659e104
GET /npm/workbox-cdn@5.1.4/workbox/workbox-sw.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:51:00 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.1.4
x-jsd-version-type: version
etag: W/"504-5uqRN7j9gM1wXWMhArkzW65msTI"
x-served-by: cache-fra19170-FRA, cache-iad-kiad7000052-IAD
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 15229774
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUoM1oRibXUeQsPShyI1yxB9ZFs1SYjhUwBagVXj6ZIdAQR0PlgdXJhbfWB6Di19RaxuxOjn8d1fTeaTs4IVyDXwCs7TK3DoSjwsMgHfJK6wx4lxwwYaOsgT043UCQ70LO8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77209f45ddc4b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.upwork.com/static/assets/TaxNuxt/runtime.748b7fc6.js | 104.18.89.237 | 200 OK | 14 kB |
URL HTTP/2www.upwork.com/static/assets/TaxNuxt/runtime.748b7fc6.js IP104.18.89.237:0
File typeASCII text, with very long lines (44604) Hash6f2c16f449dae6e0af38c7bbb9e10a34 2274c0aadfa78b7c9ad797e06fc5234933ff92d1 f7da05401957108fa64ca1b8782f473703992fad0291d84fcf3b38680c755582
GET /static/assets/TaxNuxt/runtime.748b7fc6.js HTTP/1.1
Host: www.upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upwork.com/nx/tax/?utm_source=Braze&utm_medium=email&utm_campaign=20221129_AH_FL_TaxEmail_NON-US_Milestone
Connection: keep-alive
Cookie: __cf_bm=NSaP_HRuNctGYu48Mb6QbiKMyFwAQ0L6pnC1DlGrL9k-1669780259-0-AaJVCzWB7LCv1IXb7tGcknUUgKfchBUR3FsjsQTu4WTeEhnzb9h1FnS4nGYUbJbEhuvZ4cVueOoBf+zt7uqzb34=; __cfruid=1c894e9bfa17c00e4db4fb372bba246021d31780-1669780259; visitor_id=91.90.42.154.1669780259622000; enabled_ff=!MP16400Air3Migration,!CI10857Air3Dot0,air2Dot76,!air2Dot76Qt,SSINav,CI11132Air2Dot75,!CI12577UniversalSearch,OTBnrOn,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations; cookie_prefix=; cookie_domain=.upwork.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:50:59 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 00:50:42 GMT
etag: W/"0f83efeb636d513ecae0458d57dfb730"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vnd-eo-trace-id: 771fac22692ac698-SJC
referrer-policy: origin-when-cross-origin
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 9440
expires: Thu, 30 Nov 2023 03:50:59 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77209f3fcac3b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| upwork-privacy.my.onetrust.com/request/v1/consentreceipts | 104.18.26.85 | 201 Created | 3.2 kB |
URL HTTP/2upwork-privacy.my.onetrust.com/request/v1/consentreceipts IP104.18.26.85:0
Hashf50b93f932d3cb7aec8c6edee77b943b 26f9096d4af34a9bb3661bf17621736ad4635d9e 97cae18fd7ec261fb90eb8dac3c327eb634a562222177d2d5dcabaffddeffc11
POST /request/v1/consentreceipts HTTP/1.1
Host: upwork-privacy.my.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7764
Origin: https://www.upwork.com
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
date: Wed, 30 Nov 2022 03:51:01 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77209f45a8b6b4f1-OSL
X-Firefox-Spdy: h2
|
|
| status.geotrust.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash04a4b4dd9ff0168ea0820c746a416e5c 7dba63a7a33b151a91524f3d405ec5e8df4536da 6b0736a66a09f9799856c552b534802ea228fbcddc94c5cc3fd3ee8bc8218cb0
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5471
Cache-Control: max-age=149334
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:01 GMT
Etag: "6386621c-1d7"
Expires: Thu, 01 Dec 2022 21:19:55 GMT
Last-Modified: Tue, 29 Nov 2022 19:48:44 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash7a2307a6d2183a1fe2bbf3faf9e14254 10203455ea729fb3856af02f937e0a7861631070 463254ad0ddadc43c9b4e903b35b56b6a48db4feed2dd464480bb9806b215d44
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4263
Cache-Control: max-age=151760
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:01 GMT
Etag: "6386704e-117"
Expires: Thu, 01 Dec 2022 22:00:21 GMT
Last-Modified: Tue, 29 Nov 2022 20:49:18 GMT
Server: ECS (amb/6BBD)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash62d2382d74346bbb45252026c74cd542 da4b330126a3bbbc075547bf3d01d6f90ccdf6d5 99b20cc504fb9070ae1a523664fd7f6f907e75e279a41e3366e501dbd93a1b4f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169157
Date: Wed, 30 Nov 2022 03:51:01 GMT
Etag: "6386b247-1d7"
Expires: Fri, 02 Dec 2022 02:50:18 GMT
Last-Modified: Wed, 30 Nov 2022 01:30:47 GMT
Server: ECS (dcb/7FA5)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UJtu1LOjtJWn-SYY7pBJf4rhSeVHoiUeevz42jB8f2Ph19U_FD28NA==
Age: 4771
|
|
| ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js | 54.230.111.58 | 200 OK | 31 kB |
URL HTTP/2ob.cityrobotflower.com/i/516858f3f9efc799b493c6fec34c75df.js IP54.230.111.58:0
Hash521bcdae5e4bf509859913a43fdce61e 0b00651ccc2ccee1517fe7a4a1b80115408024a2 1a33d041437dfedcd3f4cf4d6f2177f121bbc4fee771ce1fcdcc098940b5d494
GET /i/516858f3f9efc799b493c6fec34c75df.js HTTP/1.1
Host: ob.cityrobotflower.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 30215
content-encoding: gzip
server: Caddy
date: Tue, 29 Nov 2022 16:02:38 GMT
cache-control: max-age=43200
expires: Wed, 30 Nov 2022 04:02:38 GMT
etag: "1433a-mLunEQUQ9ijN8JB2ZmNdI/UC4Q4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x8c17IxxIRFvQ_Zwrq2kBhzgqrT2IKmwz19KlN6K4kyoYVCP49u_ow==
age: 42503
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 960 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash5f02c41a1993eca0dee53dba656f6234 398be3ba712bf5e43e3fab46dffad5f1baa4e264 27c247847f013eddcd645278458a8bf9d666cac3e624f27ef35ee8d15a843fa1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12317
Expires: Wed, 30 Nov 2022 07:16:18 GMT
Date: Wed, 30 Nov 2022 03:51:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 314 kB |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Size314 kB (313667 bytes) Hashd1d87967c11c8ef964c5fe9a3ecdb971 d912f8be7aa275bb4c95b6ae64caa53aa36534b7 5b1c443b12a4a640665046b3d6a65daba2b3cb922e5f927e8ad295edaa80b39c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12317
Expires: Wed, 30 Nov 2022 07:16:18 GMT
Date: Wed, 30 Nov 2022 03:51:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashac3edd07bb0a4ebdaae6ec26e91d2079 b6efe3811dfa37cdcde1e9d411c171732ac7e12a c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12317
Expires: Wed, 30 Nov 2022 07:16:18 GMT
Date: Wed, 30 Nov 2022 03:51:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 1.6 kB |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd15b0713cfaa2ede68d2b5eda2bfc7e4 0dedf71e865a9d218598f1585347456fce88eb4e 38948b0ff41d244cb6cde470869c12c789137103369e064d6f6233493d01c7c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12317
Expires: Wed, 30 Nov 2022 07:16:18 GMT
Date: Wed, 30 Nov 2022 03:51:01 GMT
Connection: keep-alive
|
|
| a504972ad3844c22aa9b108ed0cf4f83-4c4cc75a16ed.cdn.forter.com/prop.json | 100.26.87.64 | 200 OK | 2 B |
URL HTTP/1.1a504972ad3844c22aa9b108ed0cf4f83-4c4cc75a16ed.cdn.forter.com/prop.json IP100.26.87.64:0
File typeJSON data\012- , ASCII text, with no line terminators Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /prop.json HTTP/1.1
Host: a504972ad3844c22aa9b108ed0cf4f83-4c4cc75a16ed.cdn.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.upwork.com
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:51:01 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 12:05:32 GMT
ETag: "2-5ee4a56acbef6"
Accept-Ranges: bytes
Content-Length: 2
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Access-Control-Allow-Origin: https://www.upwork.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Connection: close
Content-Type: application/json
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ced71a5-36d7-45c9-b67b-df6c12c1a127.jpeg | 34.120.237.76 | 200 OK | 6.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ced71a5-36d7-45c9-b67b-df6c12c1a127.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7a8c2292c953e41a108b1ca1f83b5134 0c3e4019730bae709f01d0fcbc6b4b0f20388c0f 155552a78d298bb7f16b41375faf63037de17d1caee1a836bbd512c2e4e5d1fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ced71a5-36d7-45c9-b67b-df6c12c1a127.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6695
x-amzn-requestid: 870d0eb1-8aa0-40d0-a04c-5e2666b68720
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhXTFWBIAMFfvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c2e-2f45c71127e5bebd660e6023;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:39:58 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aLGMz9pYDAK4vBIvhsnNa0T9F_r7kn6BFg9q5dT5Qv7PBG9jHgwGXA==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:44 GMT
age: 21977
etag: "0c3e4019730bae709f01d0fcbc6b4b0f20388c0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg | 34.120.237.76 | 200 OK | 9.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5508d05a290b663fd89ead9b58f2efd8 53650399f9a986ba54addd668b4557109d12003b 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:46 GMT
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
age: 21975
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9fb14804c284e300f976848e30396e9c 6004b4b7afd22dded903f026d245bc90a6706767 1cf96b0b6c83f182d018fa4ffb9924038bf282755091e7bacff2a624220260d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13195
x-amzn-requestid: 1303b72c-fe18-46a3-b3c1-06f3b8550d90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvHW6oAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1b3dbbb005a238117076d1f3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pw2Wm8mI8MxRAOVsdvvWLEuxPN5ffcgWBZ_KecuuS5stoTHF4hxECg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:49 GMT
age: 21972
etag: "6004b4b7afd22dded903f026d245bc90a6706767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash536cd283dee06cf1ceb9e15e4850db92 47aafca572d34f9726a0174ac902178556e581d8 63a5acf87962da6656f828422545af0ccc0888f0a2a15ebd2160ffb3714e6241
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7658
x-amzn-requestid: e729e5b6-0c92-4ed3-b449-4a30d5bb4b89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEyEQSIAMFWsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1e-1bba7e9a2d15d66779b1896c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AuN9hTb4YydNZjvpnTGyE313wl-O3F_p4jC_NUSe8kr3RB_4AjOEMw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:09 GMT
age: 21292
etag: "47aafca572d34f9726a0174ac902178556e581d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg | 34.120.237.76 | 200 OK | 8.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg IP34.120.237.76:0
Hash0697b0c322938fe78e9c511681d1a6dc 5b58aa2540006913f7b26d466fe56bf2042ad859 066355ed7bbf9c16b6c847daf09933215fb3c2d6d545f7f3cb9f8f9e98a0209d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7mRG070F4NZnewfowUhVhMerJaGjJd4G6O1tvTPiKyvTAzq-Y16-jw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:51 GMT
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
age: 21250
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png | 34.120.237.76 | 200 OK | 35 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png IP34.120.237.76:0
Hash9e2c183d1df6de277443bb23175b6026 0addfc284855f583e5899169722b913e28c014b1 84b0c7752733548c0c7eae07bb06a72f2f15036c3ee7402ff31f3749eb0cf0d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12853
x-amzn-requestid: 25e4402d-98d0-4c38-a927-397c37724bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhdpHAuIAMFweQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c57-506672a36959d9ea09ef5155;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gHL2sFE-o1u5kEIUiabbP6u5CXr3ihI4mKiAVkfReyuJuTF5k5ktSg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 03:42:12 GMT
age: 529
etag: "151b60134a66305bd72dbb3810f67a57720b2af1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash7a2307a6d2183a1fe2bbf3faf9e14254 10203455ea729fb3856af02f937e0a7861631070 463254ad0ddadc43c9b4e903b35b56b6a48db4feed2dd464480bb9806b215d44
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4471
Cache-Control: max-age=151968
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:01 GMT
Etag: "6386704e-117"
Expires: Thu, 01 Dec 2022 22:03:49 GMT
Last-Modified: Tue, 29 Nov 2022 20:49:18 GMT
Server: ECS (amb/6BB5)
X-Cache: HIT
Content-Length: 279
|
|
| a504972ad3844c22aa9b108ed0cf4f83-4c4cc75a16ed.cdn.forter.com/prop.json | 100.26.87.64 | 200 OK | 2 B |
URL HTTP/1.1a504972ad3844c22aa9b108ed0cf4f83-4c4cc75a16ed.cdn.forter.com/prop.json IP100.26.87.64:0
File typeJSON data\012- , ASCII text, with no line terminators Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /prop.json HTTP/1.1
Host: a504972ad3844c22aa9b108ed0cf4f83-4c4cc75a16ed.cdn.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.upwork.com
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:51:01 GMT
Server: Apache
Last-Modified: Tue, 29 Nov 2022 12:05:36 GMT
ETag: "2-5ee9ace49b295"
Accept-Ranges: bytes
Content-Length: 2
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Access-Control-Allow-Origin: https://www.upwork.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Connection: close
Content-Type: application/json
|
|
| a504972ad3844c22aa9b108ed0cf4f83-4c4cc75a16ed.cdn.forter.com/prop.json | 100.26.87.64 | 200 OK | 2 B |
URL HTTP/1.1a504972ad3844c22aa9b108ed0cf4f83-4c4cc75a16ed.cdn.forter.com/prop.json IP100.26.87.64:0
File typeJSON data\012- , ASCII text, with no line terminators Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /prop.json HTTP/1.1
Host: a504972ad3844c22aa9b108ed0cf4f83-4c4cc75a16ed.cdn.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.upwork.com
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:51:01 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 12:05:27 GMT
ETag: "2-5ee4a5662e1b0"
Accept-Ranges: bytes
Content-Length: 2
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Access-Control-Allow-Origin: https://www.upwork.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Connection: close
Content-Type: application/json
|
|
| geolocation.onetrust.com/cookieconsentpub/v1/geo/location | 104.18.26.85 | 200 OK | 560 B |
URL HTTP/2geolocation.onetrust.com/cookieconsentpub/v1/geo/location IP104.18.26.85:0
Hashacca8408c092531b204d6e3d673dc36e 4126cd218f4b9fbf565e433f02a0bb652ef56dd5 151a30070ce4b1cb28823c61dc3886c815910cbfe21dfa7ed82c9e6a043ecfcd
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upwork.com
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:51:01 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77209f48deecb51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.recaptcha.net/recaptcha/api.js?render=explicit | 142.250.74.131 | 200 OK | 22 kB |
URL HTTP/2www.recaptcha.net/recaptcha/api.js?render=explicit IP142.250.74.131:0
Hash0fe99200ff7a52ae00f214625ff2baaa 8072bcbb14210b12ee6d05123a39e01f2ecd5fa0 d6423714e80750246cc937650e7e709d7e5e681438e7f24654903147687ce85b
GET /recaptcha/api.js?render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 30 Nov 2022 03:51:01 GMT
date: Wed, 30 Nov 2022 03:51:01 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashad5cd1b9deecb040c8ee02b098c8e395 8257067458213674032466eee37fd2968770b082 a6aca77af4097ac223230b748a2880db82a663e5373867b96e70d4afdaf27e58
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5468
Cache-Control: max-age=128077
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:01 GMT
Etag: "63860f16-1d7"
Expires: Thu, 01 Dec 2022 15:25:38 GMT
Last-Modified: Tue, 29 Nov 2022 13:54:30 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashcbac2f2f47d07303336bb912ae153404 07d55408e3a099b389c867bedb4d153a6cdb8880 f79bf4165c1e44339a87142b3440f012e34a6cf877070e05da6836cd54e62090
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6041
Cache-Control: max-age=86212
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:01 GMT
Etag: "63856950-1d7"
Expires: Thu, 01 Dec 2022 03:47:53 GMT
Last-Modified: Tue, 29 Nov 2022 02:07:12 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash3c011abf0440a81185b7dfd0a868d57c 30524f56f8e8a10796040164166ec0de08108f2c 55f931495b3f021f804ac96a0e79c8ff350a47b9200b82b6bec70aeb87cad6b4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false | 54.228.71.178 | 200 OK | 21 kB |
URL HTTP/1.1mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false IP54.228.71.178:0
Hash85588ca930c36bd9725d504913060587 136bfcbf8df6207e1f173e841181c285d4a4d67b 440a4bbf2de79b101014e7dcfd55fd0d64c7dd6a6b3311fb5b0f8c2d4212bfdf
GET /general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 03:51:01 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=ryjNPBJLCSZfLD1tSa/u6mm/oosHmz4tObtY+XSq9g8=;Path=/;Expires=Thu, 30-Nov-2023 03:51:01 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
|
|
| first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false | 52.129.66.124 | 200 OK | 16 kB |
URL HTTP/1.1first.iovation.com/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false IP52.129.66.124:0
File typeASCII text, with very long lines (887) Hashe14351b9b2e02bc80fd6e236274a0bb6 f364fc843b10b930ea1a4cf158c087ad60182e10 0be88d08e7a6b8a96017669822177b9c40e9ac5d6d09b3f8f297abcd3775fe62
GET /general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: first.iovation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:51:01 GMT
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 30 Dec 2022 03:51:01 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Content-Encoding: gzip
Transfer-Encoding: chunked
|
|
| mpsnare.iesnare.com/star | 54.195.39.4 | 101 Switching Protocols | 26 kB |
IP54.195.39.4:0
Hashcf008eb9c32dd37cdd712a8e01a7d1d4 0039ce1998f84d4e8f0d40f56407c310f410b87a 9c12528ee1781b66dc13bcfa697f939f8e6bfbef2cf9521fd31ff8f2d8711271
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.upwork.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: x4uYajSRE8X71+fW5cQI6Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Wed, 30 Nov 2022 03:51:02 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: hc2dUceIXpEfsqX0cm0SwOVYd3Q=
Upgrade: WebSocket
|
|
| shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2 | 104.18.90.237 | 200 OK | 0 B |
URL HTTP/2shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2 IP104.18.90.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: shasta-collector-production.upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.upwork.com/
Origin: https://www.upwork.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:51:02 GMT
content-length: 0
access-control-allow-origin: https://www.upwork.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 3600
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
set-cookie: AWSALB=/2zDLTn4iD5XzE8vUoIecg4BJTN8vYBXbBnU0wMrjVJQzXVjluJtseRgdk2Djui1OBPI0EheWLtxRj4OI0BMnNHjKKeeEJPldDhzAsyjCP2jInaQ26onSM9e9kFk; Expires=Wed, 07 Dec 2022 03:51:02 GMT; Path=/
AWSALBCORS=/2zDLTn4iD5XzE8vUoIecg4BJTN8vYBXbBnU0wMrjVJQzXVjluJtseRgdk2Djui1OBPI0EheWLtxRj4OI0BMnNHjKKeeEJPldDhzAsyjCP2jInaQ26onSM9e9kFk; Expires=Wed, 07 Dec 2022 03:51:02 GMT; Path=/; SameSite=None; Secure
__cf_bm=VhI1GQstbSCD1Kjnzlz3SpMOMzNmHfvSLgNsybe5vVc-1669780262-0-AQ5QuRc3jfgQkS6C6ojgISyrcx1Ct9qwu+1DD9+iu8TD12RzMwqpkDyKPISyFrOG6888MAO0KfYzAcgVozmF0vY=; path=/; expires=Wed, 30-Nov-22 04:21:02 GMT; domain=.upwork.com; HttpOnly; Secure; SameSite=None
__cfruid=e87a3fe386a0f566542c25b363a507219ad65f19-1669780262; path=/; domain=.upwork.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 77209f4e5c2e0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| first.iovation.com/5.5.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false | 52.129.66.124 | 200 OK | 1.3 kB |
URL HTTP/1.1first.iovation.com/5.5.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false IP52.129.66.124:0
Hashc523ab1708500bba65a9e995b2674ae6 e9509ee8f50293b37768d59375a6e244beb059e2 659512164c3f6431d331b85639305eeef14687e9033567efa80c0bfd743288e8
GET /5.5.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: first.iovation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: 2022-Nov-30 03:51:02
Set-Cookie: fp_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=7UxV6cm1fJh2ivdTCv14MnIN9Fp/WlJs87PAVqGtz9I=;Path=/;Expires=Thu, 30-Nov-2023 03:51:02 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Keep-Alive: timeout=2, max=96
Expires: 0
p3p: CP="NON DSP COR CURa"
Content-Type: text/javascript; charset=utf-8
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Content-Encoding: gzip
Content-Length: 1221
|
|
| mpsnare.iesnare.com/5.5.0/logo.js | 54.228.71.178 | 200 OK | 35 kB |
URL HTTP/1.1mpsnare.iesnare.com/5.5.0/logo.js IP54.228.71.178:0
Hash1278b9235a2cab8119c8e26f5e750e29 cd951dec0a55e2720487ba1d8f8ebf1ef5baa3dd d6e74d56bb82f19cec4bb4ffd22664afdf4252a00fc514aaf504fb75d1ead15f
GET /5.5.0/logo.js HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 03:51:02 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Thu, 30 Nov 2023 03:51:02 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash49eee25f3ccd585a29e34e80cf5bb160 73eca8be91deedd049304862759a3d8084c0b07e 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| mpsnare.iesnare.com/time.mp3?nocache=0.38325391555766863 | 54.228.71.178 | 206 Partial Content | 504 B |
URL HTTP/1.1mpsnare.iesnare.com/time.mp3?nocache=0.38325391555766863 IP54.228.71.178:0
File typeMPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data Hashcfe47da3367b896cf8fe9d23144e6294 5eb28e56c71ce7e851b99b4d90b4091e3090243a 2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.38325391555766863 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Wed, 30 Nov 2022 03:51:02 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
|
|
| www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js | 142.250.74.35 | 200 OK | 163 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP142.250.74.35:0
File typeASCII text, with very long lines (730) Size163 kB (162976 bytes) Hash79d18cf4265108d7cecca1bf4ada6109 e51d0285a545381d4c39e9e0292a650ffeeecbb9 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upwork.com
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 117665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash608e4d04a251ebcd51660e801f388303 fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| 4c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/script.js | 143.204.55.20 | 304 Not Modified | 0 B |
URL HTTP/24c4cc75a16ed.cdn4.forter.com/sn/4c4cc75a16ed/script.js IP143.204.55.20:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sn/4c4cc75a16ed/script.js HTTP/1.1
Host: 4c4cc75a16ed.cdn4.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 21 Nov 2022 16:48:39 GMT
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 30 Nov 2022 03:51:02 GMT
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
timing-allow-origin: *
expires: Mon, 21 Nov 2022 16:53:39 GMT
cache-control: private, max-age=300
x-sourcemap: https://cdn4.forter.com/map/suid/4c4cc75a16ed/29036831989
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: i12Swe_3M4XwjpeRGsoHSxMoufnV7j2QGq3K__t7_dtg7LQC5WMtxg==
age: 730943
X-Firefox-Spdy: h2
|
|
| w.usabilla.com/202452b9c34b.js?lv=1 | 63.32.28.182 | 200 OK | 12 kB |
URL HTTP/2w.usabilla.com/202452b9c34b.js?lv=1 IP63.32.28.182:0
File typeASCII text, with very long lines (4986) Hash652a393bdbb3d6aa0dde3bccc7b6f324 6b6906b2b27f56a93a23f026c156861f1060d7e9 dc614e0dfdc201bf03d11e98b7c4781691f629589c3516bc772df372b2019f1f
GET /202452b9c34b.js?lv=1 HTTP/1.1
Host: w.usabilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:51:02 GMT
content-type: text/javascript
content-length: 11788
cache-control: public,max-age=0
content-encoding: gzip
etag: "ea2dd9016f540e5dde6f0cf93e561b87"
pragma: no-cache
x-widget-server: 2.1
X-Firefox-Spdy: h2
|
|
| mpsnare.iesnare.com/star | 54.195.39.4 | 101 Switching Protocols | 0 B |
IP54.195.39.4:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.upwork.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7jPque5N3InZkl7LFqr1Dg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Wed, 30 Nov 2022 03:51:02 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: jQy2shmWT5a0wS8wfSv+txeucNE=
Upgrade: WebSocket
|
|
| first.iovation.com/5.5.0/logo.js | 52.129.66.124 | 200 OK | 505 B |
URL HTTP/1.1first.iovation.com/5.5.0/logo.js IP52.129.66.124:0
File typeASCII text, with very long lines (377) Hash77bdd9b588d3d489ed664eeed11eadd0 4de02d3fd67a5fd2190018d093728eb4ec5ac15d 9918abb0ce63150493cea9ab756a098ca87b593eaa24126c57b2f548294a0dd3
GET /5.5.0/logo.js HTTP/1.1
Host: first.iovation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:51:02 GMT
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 30 Nov 2023 03:51:02 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Vary: Accept-Encoding, User-Agent
Content-Length: 505
|
|
| mpsnare.iesnare.com/time.mp3?nocache=0.7845853039616074 | 54.228.71.178 | 206 Partial Content | 504 B |
URL HTTP/1.1mpsnare.iesnare.com/time.mp3?nocache=0.7845853039616074 IP54.228.71.178:0
File typeMPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data Hashcfe47da3367b896cf8fe9d23144e6294 5eb28e56c71ce7e851b99b4d90b4091e3090243a 2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.7845853039616074 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Wed, 30 Nov 2022 03:51:02 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash211c1f3dbf0d6f14c82e6ad07be8a804 1d352652cc9f8c9717e1e3c701e14520a7e7dbeb 6caedef90bf30652e5b4bfd2c4302f7be14bdd53b83543dfb790da8e0a0e37a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5478
Cache-Control: max-age=138218
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:02 GMT
Etag: "638636aa-1d7"
Expires: Thu, 01 Dec 2022 18:14:40 GMT
Last-Modified: Tue, 29 Nov 2022 16:43:22 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
|
|
| appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js | 23.43.132.13 | 200 OK | 17 kB |
URL HTTP/1.1appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js IP23.43.132.13:0
File typeUnicode text, UTF-8 text, with very long lines (39267) Hash12a5f480c5a23efc80304d3bbc35d746 4043357825f2e91df5c4f339a9bc95f8e5b48fa1 b7be9b25bef3ce5c830263ba56bc3235a6683a9950115e4d4368144de3bbd2ec
GET /appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js HTTP/1.1
Host: appleid.cdn-apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apple
Content-Type: application/javascript;charset=UTF-8
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
ETag: W/"42671-1637089134330"
Last-Modified: Tue, 16 Nov 2021 18:58:54 GMT
Vary: accept-encoding
Content-Encoding: gzip
Content-Length: 17247
Date: Wed, 30 Nov 2022 03:51:02 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
|
|
| obs.cityrobotflower.com/ct?id=35075&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Ftax%252F%253Futm_source%253DBraze%2526utm_medium%253Demail%2526utm_campaign%253D20221129_AH_FL_TaxEmail_NON-US_Milestone&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1669780261334&hl=1&op=0&ag=1317291471&rand=638996912552986001812268860292511061170797912267005289619911180262891187881&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=https%3A%2F%2Fwww.upwork.com%2Fnx%2Ftax%2F%3Futm_source%3DBraze%26utm_medium%3Demail%26utm_campaign%3D20221129_AH_FL_TaxEmail_NON-US_Milestone&ss=1280x1024&nc=0&at=&di=W1siZWYiLDE4XSxbMTIsIntcImVcIjowLFwid2dsXCI6MX0iXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwxLDAsMiwxLDAsMiwwLDEsMywwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMSwwLDQiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiMTIsSUxIWUxCOUJMVGEySnFRZzNGb2VlbDJ3WWJFMm9nQklLSjZjUjAwME1KSFF3WVRER1lhaHYzdXQ3MVZwWFI5TzgrTTVyVlNLczFrUEJlLy85OXNuVkpHcFVkUGZkenpuM09mYyJdLFstMywiW10iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJfYXV0aEdsb2JhbEZldGNoXCIsXCJPcHRhbm9uV3JhcHBlclwiLFwiZGF0YUxheWVyXCIsXCJkYXNoQXBpU2NyaXB0XCIsXCJOVVhUX0FQUF9DT05GSUdcIixcIm1pY3JvQXBwQ29udGFpbmVyXCIsXCJtaWNyb0FwcEFwaVwiLFwidG9wTmF2aWdhdGlvbkFwaVwiLFwibG9hZFN1aXQyQ29udGFpbmVyUmVzb2x2ZVwiLFwibG9hZFN1aXQyQ29udGFpbmVyUHJvbWlzZVwiLFwic3VpdDJUcmFja2VyUHJvbWlzZVwiLFwiT25lVHJ1c3RTdHViXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJfX05VWFRfX1wiLFwiVnVlXCIsXCJWdWV4XCIsXCJ3ZWJwYWNrSnNvbnBcIixcIm9uTnV4dFJlYWR5Q2JzXCIsXCJvbk51eHRSZWFkeVwiLFwiX2F1dGhUb2tlbkV4Y2VwdGlvblwiLFwiX2F1dGhUb2tlblJlZ2lzdGVyXCIsXCJfYXV0aE9yaWdGZXRjaFwiLFwiJHdvcmtib3hcIixcImlvX2dsb2JhbF9vYmplY3RfbmFtZVwiLFwiSUdMT09cIixcIl9fX2dyZWNhcHRjaGFfY2ZnXCIsXCJncmVjYXB0Y2hhXCIsXCJfX3JlY2FwdGNoYV9hcGlcIixcIl9fZ29vZ2xlX3JlY2FwdGNoYV9jbGllbnRcIixcImdvb2dsZV90YWdfbWFuYWdlclwiLFwiR2xvYmFsU25vd3Bsb3dOYW1lc3BhY2VcIixcInNub3dwbG93XCIsXCJPbmV0cnVzdEFjdGl2ZUdyb3Vwc1wiLFwiT3B0YW5vbkFjdGl2ZUdyb3Vwc1wiLFwib3RTdHViRGF0YVwiLFwiU25vd3Bsb3dcIixcInBvc3RzY3JpYmVcIixcImdvb2dsZV90YWdfbWFuYWdlcl9leHRlcm5hbFwiLFwiX3B4QXBwSWRcIixcInN1aXRMb2FkZXJcIixcImZ0cl9fc3RhcnRTY3JpcHRMb2FkXCIsXCJmdHJfX25jZFwiLFwiZnRyX190dFwiLFwiZnRyX19ndFwiLFwiZnRyX19zbnBfY3djXCIsXCJfX2N0Y2dfY3RfMzUwNzVfZXhlY1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wia2V5d29yZHNcIixcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlsxLDAsMCwwXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAwMiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsOTM5LDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCItXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2OTc4MDI2MTI0NCwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMywwLDAsMywwLDAsNTQ5LC0xLDAsLDUyNywxNjA2LDE2MDUiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzNyJdLFstNDEsIi0iXSxbLTQyLCIxNzcwMDUwMDgxIl0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAxMTExMDAxMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiNzUyLDAsMCw3MTksMCwwLDc2MSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDEwIl0sWy01NCwie1wiaFwiOltcIjM0MTg0MjE3MjBcIixcIjk0MDM4NDQzMlwiLFwiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzFcIixcIjI0MzE1MTcyNzdcIl0sXCJzXCI6MX0iXSxbImRkYiIsIjAsMTIsMCwxLDEsNCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwzLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMiwwLDAsMCwwLDAsMSwxLDMsNTQsMCwyNSwwLDAsMCwwLDAsMCwzIl0sWyJibmNoIiwxMzhdLFsiYWJuY2giLDEzOF1d&dep=0&pre=0&sdd=%7B%7D&cri=aRjBMM9z1T&pto=1697&ver=48&gac=-&mei=&ap=&duid=1.1669780261.8XIjmY2GgOFw9UXA&suid=1.1669780261.0Lpub3r2ghuc0m2w&tuid=1.1669780261.zY5LDEpv7XrwyDSl&fbc=->m=WyJPbmVUcnVzdEdyb3Vwc1VwZGF0ZWQiXQ%3D%3D&it=45%2C1494%2C3&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0 | 35.172.245.152 | 200 OK | 1.2 kB |
URL HTTP/2obs.cityrobotflower.com/ct?id=35075&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Ftax%252F%253Futm_source%253DBraze%2526utm_medium%253Demail%2526utm_campaign%253D20221129_AH_FL_TaxEmail_NON-US_Milestone&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1669780261334&hl=1&op=0&ag=1317291471&rand=638996912552986001812268860292511061170797912267005289619911180262891187881&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=https%3A%2F%2Fwww.upwork.com%2Fnx%2Ftax%2F%3Futm_source%3DBraze%26utm_medium%3Demail%26utm_campaign%3D20221129_AH_FL_TaxEmail_NON-US_Milestone&ss=1280x1024&nc=0&at=&di=W1siZWYiLDE4XSxbMTIsIntcImVcIjowLFwid2dsXCI6MX0iXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwxLDAsMiwxLDAsMiwwLDEsMywwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMSwwLDQiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiMTIsSUxIWUxCOUJMVGEySnFRZzNGb2VlbDJ3WWJFMm9nQklLSjZjUjAwME1KSFF3WVRER1lhaHYzdXQ3MVZwWFI5TzgrTTVyVlNLczFrUEJlLy85OXNuVkpHcFVkUGZkenpuM09mYyJdLFstMywiW10iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJfYXV0aEdsb2JhbEZldGNoXCIsXCJPcHRhbm9uV3JhcHBlclwiLFwiZGF0YUxheWVyXCIsXCJkYXNoQXBpU2NyaXB0XCIsXCJOVVhUX0FQUF9DT05GSUdcIixcIm1pY3JvQXBwQ29udGFpbmVyXCIsXCJtaWNyb0FwcEFwaVwiLFwidG9wTmF2aWdhdGlvbkFwaVwiLFwibG9hZFN1aXQyQ29udGFpbmVyUmVzb2x2ZVwiLFwibG9hZFN1aXQyQ29udGFpbmVyUHJvbWlzZVwiLFwic3VpdDJUcmFja2VyUHJvbWlzZVwiLFwiT25lVHJ1c3RTdHViXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJfX05VWFRfX1wiLFwiVnVlXCIsXCJWdWV4XCIsXCJ3ZWJwYWNrSnNvbnBcIixcIm9uTnV4dFJlYWR5Q2JzXCIsXCJvbk51eHRSZWFkeVwiLFwiX2F1dGhUb2tlbkV4Y2VwdGlvblwiLFwiX2F1dGhUb2tlblJlZ2lzdGVyXCIsXCJfYXV0aE9yaWdGZXRjaFwiLFwiJHdvcmtib3hcIixcImlvX2dsb2JhbF9vYmplY3RfbmFtZVwiLFwiSUdMT09cIixcIl9fX2dyZWNhcHRjaGFfY2ZnXCIsXCJncmVjYXB0Y2hhXCIsXCJfX3JlY2FwdGNoYV9hcGlcIixcIl9fZ29vZ2xlX3JlY2FwdGNoYV9jbGllbnRcIixcImdvb2dsZV90YWdfbWFuYWdlclwiLFwiR2xvYmFsU25vd3Bsb3dOYW1lc3BhY2VcIixcInNub3dwbG93XCIsXCJPbmV0cnVzdEFjdGl2ZUdyb3Vwc1wiLFwiT3B0YW5vbkFjdGl2ZUdyb3Vwc1wiLFwib3RTdHViRGF0YVwiLFwiU25vd3Bsb3dcIixcInBvc3RzY3JpYmVcIixcImdvb2dsZV90YWdfbWFuYWdlcl9leHRlcm5hbFwiLFwiX3B4QXBwSWRcIixcInN1aXRMb2FkZXJcIixcImZ0cl9fc3RhcnRTY3JpcHRMb2FkXCIsXCJmdHJfX25jZFwiLFwiZnRyX190dFwiLFwiZnRyX19ndFwiLFwiZnRyX19zbnBfY3djXCIsXCJfX2N0Y2dfY3RfMzUwNzVfZXhlY1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wia2V5d29yZHNcIixcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlsxLDAsMCwwXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAwMiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsOTM5LDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCItXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2OTc4MDI2MTI0NCwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMywwLDAsMywwLDAsNTQ5LC0xLDAsLDUyNywxNjA2LDE2MDUiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzNyJdLFstNDEsIi0iXSxbLTQyLCIxNzcwMDUwMDgxIl0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAxMTExMDAxMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiNzUyLDAsMCw3MTksMCwwLDc2MSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDEwIl0sWy01NCwie1wiaFwiOltcIjM0MTg0MjE3MjBcIixcIjk0MDM4NDQzMlwiLFwiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzFcIixcIjI0MzE1MTcyNzdcIl0sXCJzXCI6MX0iXSxbImRkYiIsIjAsMTIsMCwxLDEsNCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwzLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMiwwLDAsMCwwLDAsMSwxLDMsNTQsMCwyNSwwLDAsMCwwLDAsMCwzIl0sWyJibmNoIiwxMzhdLFsiYWJuY2giLDEzOF1d&dep=0&pre=0&sdd=%7B%7D&cri=aRjBMM9z1T&pto=1697&ver=48&gac=-&mei=&ap=&duid=1.1669780261.8XIjmY2GgOFw9UXA&suid=1.1669780261.0Lpub3r2ghuc0m2w&tuid=1.1669780261.zY5LDEpv7XrwyDSl&fbc=->m=WyJPbmVUcnVzdEdyb3Vwc1VwZGF0ZWQiXQ%3D%3D&it=45%2C1494%2C3&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0 IP35.172.245.152:0
File typeASCII text, with very long lines (3625), with no line terminators Hash8a67d079f091ca5a243ee947223722b4 cd71b133e546cdfad09c87888f9fb5de12414be9 e7e9ff2b4dbf8745315b4263d088119cbaebc3b64e6d4cfffce30666b7a820f4
GET /ct?id=35075&url=https%3A%2F%2Fwww.upwork.com%2Fab%2Faccount-security%2Flogin%3Fredir%3D%252Fnx%252Ftax%252F%253Futm_source%253DBraze%2526utm_medium%253Demail%2526utm_campaign%253D20221129_AH_FL_TaxEmail_NON-US_Milestone&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1669780261334&hl=1&op=0&ag=1317291471&rand=638996912552986001812268860292511061170797912267005289619911180262891187881&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=https%3A%2F%2Fwww.upwork.com%2Fnx%2Ftax%2F%3Futm_source%3DBraze%26utm_medium%3Demail%26utm_campaign%3D20221129_AH_FL_TaxEmail_NON-US_Milestone&ss=1280x1024&nc=0&at=&di=W1siZWYiLDE4XSxbMTIsIntcImVcIjowLFwid2dsXCI6MX0iXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwxLDAsMiwxLDAsMiwwLDEsMywwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMSwwLDQiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiMTIsSUxIWUxCOUJMVGEySnFRZzNGb2VlbDJ3WWJFMm9nQklLSjZjUjAwME1KSFF3WVRER1lhaHYzdXQ3MVZwWFI5TzgrTTVyVlNLczFrUEJlLy85OXNuVkpHcFVkUGZkenpuM09mYyJdLFstMywiW10iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJfYXV0aEdsb2JhbEZldGNoXCIsXCJPcHRhbm9uV3JhcHBlclwiLFwiZGF0YUxheWVyXCIsXCJkYXNoQXBpU2NyaXB0XCIsXCJOVVhUX0FQUF9DT05GSUdcIixcIm1pY3JvQXBwQ29udGFpbmVyXCIsXCJtaWNyb0FwcEFwaVwiLFwidG9wTmF2aWdhdGlvbkFwaVwiLFwibG9hZFN1aXQyQ29udGFpbmVyUmVzb2x2ZVwiLFwibG9hZFN1aXQyQ29udGFpbmVyUHJvbWlzZVwiLFwic3VpdDJUcmFja2VyUHJvbWlzZVwiLFwiT25lVHJ1c3RTdHViXCIsXCJOb3RpZnlQYWludEV2ZW50XCIsXCJfX05VWFRfX1wiLFwiVnVlXCIsXCJWdWV4XCIsXCJ3ZWJwYWNrSnNvbnBcIixcIm9uTnV4dFJlYWR5Q2JzXCIsXCJvbk51eHRSZWFkeVwiLFwiX2F1dGhUb2tlbkV4Y2VwdGlvblwiLFwiX2F1dGhUb2tlblJlZ2lzdGVyXCIsXCJfYXV0aE9yaWdGZXRjaFwiLFwiJHdvcmtib3hcIixcImlvX2dsb2JhbF9vYmplY3RfbmFtZVwiLFwiSUdMT09cIixcIl9fX2dyZWNhcHRjaGFfY2ZnXCIsXCJncmVjYXB0Y2hhXCIsXCJfX3JlY2FwdGNoYV9hcGlcIixcIl9fZ29vZ2xlX3JlY2FwdGNoYV9jbGllbnRcIixcImdvb2dsZV90YWdfbWFuYWdlclwiLFwiR2xvYmFsU25vd3Bsb3dOYW1lc3BhY2VcIixcInNub3dwbG93XCIsXCJPbmV0cnVzdEFjdGl2ZUdyb3Vwc1wiLFwiT3B0YW5vbkFjdGl2ZUdyb3Vwc1wiLFwib3RTdHViRGF0YVwiLFwiU25vd3Bsb3dcIixcInBvc3RzY3JpYmVcIixcImdvb2dsZV90YWdfbWFuYWdlcl9leHRlcm5hbFwiLFwiX3B4QXBwSWRcIixcInN1aXRMb2FkZXJcIixcImZ0cl9fc3RhcnRTY3JpcHRMb2FkXCIsXCJmdHJfX25jZFwiLFwiZnRyX190dFwiLFwiZnRyX19ndFwiLFwiZnRyX19zbnBfY3djXCIsXCJfX2N0Y2dfY3RfMzUwNzVfZXhlY1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wia2V5d29yZHNcIixcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlsxLDAsMCwwXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAwMiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsOTM5LDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCItXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY2OTc4MDI2MTI0NCwwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMywwLDAsMywwLDAsNTQ5LC0xLDAsLDUyNywxNjA2LDE2MDUiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzNyJdLFstNDEsIi0iXSxbLTQyLCIxNzcwMDUwMDgxIl0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAxMTExMDAxMDAiXSxbLTQ0LCIwLDUsMCw1Il0sWy00NSwiNzUyLDAsMCw3MTksMCwwLDc2MSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIlVUQyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDEwIl0sWy01NCwie1wiaFwiOltcIjM0MTg0MjE3MjBcIixcIjk0MDM4NDQzMlwiLFwiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzFcIixcIjI0MzE1MTcyNzdcIl0sXCJzXCI6MX0iXSxbImRkYiIsIjAsMTIsMCwxLDEsNCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwzLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMiwwLDAsMCwwLDAsMSwxLDMsNTQsMCwyNSwwLDAsMCwwLDAsMCwzIl0sWyJibmNoIiwxMzhdLFsiYWJuY2giLDEzOF1d&dep=0&pre=0&sdd=%7B%7D&cri=aRjBMM9z1T&pto=1697&ver=48&gac=-&mei=&ap=&duid=1.1669780261.8XIjmY2GgOFw9UXA&suid=1.1669780261.0Lpub3r2ghuc0m2w&tuid=1.1669780261.zY5LDEpv7XrwyDSl&fbc=->m=WyJPbmVUcnVzdEdyb3Vwc1VwZGF0ZWQiXQ%3D%3D&it=45%2C1494%2C3&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0 HTTP/1.1
Host: obs.cityrobotflower.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Wed, 30 Nov 2022 03:51:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=1100a5b7380f35f044f20bc9c6ff67d7; Max-Age=29030400; Path=/; Expires=Wed, 01 Nov 2023 03:51:02 GMT; HttpOnly; Secure; SameSite=None
content-length: 1234
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashe16bd266c88eb80e84b5e036b8ee3cbb 3d8b0e5c7a6dc0631a6f8760582643b6e5bdcfba cf791532099e27f14dd5c928a8a3b8c319578d671fb67fa51b3a360140e9b918
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| apis.google.com/js/api.js | 142.250.74.78 | 200 OK | 8.6 kB |
URL HTTP/2apis.google.com/js/api.js IP142.250.74.78:0
Hashdc19c63ce24757b5b266cc9546957d1e 912ff93f819f17d83f86fdfa26386975eacdc557 18fad9164f35137ac628c889f9f3b8741c993276d7dd16a6cade5614e1d6dd88
GET /js/api.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 6893
date: Wed, 30 Nov 2022 03:51:02 GMT
expires: Wed, 30 Nov 2022 03:51:02 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "62e346024404732b"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| obs.cityrobotflower.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136ce7c03dea458c9f9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d148d6a2217071a10acf9f29f674883838956296d1cfd707752843e8962c300660723c101090c335209c0b93f4877be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2b4d78540fa7df79607f03aca81a7ad9a9f67d97e20d7b1e2efdf3a7c29874ebcfc248b5038e523a61cced86a7b376cccee879cf774a91bac3330751b02671edd0533bac83e527d05be017e09b49911c948a21802576c3ca629a3cd49bf7afd0b8ba4725b47ae2e2b8244436ca8d2b85b634f7140e14d52b4f86a694decec1943ddf3ad199f2d95ece6c782c833f7bc08387411adfef75a016e8d41cb070a07e4945139c62a81bd3faaf7cb7953bcc19ebc88dfd37dc09143eae0e4f6e5d6343e3825e8246ceeb8827ae9058d1bd0095b5d8c35284bee04e707384ee1e0a9bb10e1a5aa7a2a224f16bd9b502fdea2db37fbc23c641de06a9d72edb0875f6a4907a2d7a3111200f4005e8b4da399040e2075c493ba0f00b9fdb1213e1ff98fda22982aabbbedde6fcae165062b358c2e711718c062146b82002342ea52ea2045b93a19475cf248a4ad6fe7894fd50942e5270795e6a56d89d8b886d2615cb4112cbdedbbbb2c852049cb9d20ceea00507b7b643741ca4c0800a4ec958fb42fa798c42c24e8e8b57a7e467f0879a81c05568fdb36336c372e6cde3b90a8e3265505cc3390709eefd4d85fe4ad885899f05bedbde6650733eea2fa117b747ae933fc4411f7814643906b54884932e47a57d82fbe73fb2cc518f7570b30c7a2c9ff4cc095cea1ce99c449f5e651240ae3a3283a9d161cc5f3e988312bfd7b586da1fb35f22756a84302c37f4e11e40a87fa2a7953f85c1ed105c7aa463270004cd1151f899925854c26133d1c0df049ad4e7cd1e30a622ff423302de44317ecbd1024782d1ebd6e0b412ff70cf6ba951b4cf44c385ba6c7e9be51cd082acf084a5c4c75f2f90f46711c22d980a814cb8a752e8bd918a22e9df8bafe94c2dc5bda5ab0e&cri=aRjBMM9z1T&ts=456&cb=1669780261790 | 35.172.245.152 | 200 OK | 43 B |
URL HTTP/2obs.cityrobotflower.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136ce7c03dea458c9f9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d148d6a2217071a10acf9f29f674883838956296d1cfd707752843e8962c300660723c101090c335209c0b93f4877be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2b4d78540fa7df79607f03aca81a7ad9a9f67d97e20d7b1e2efdf3a7c29874ebcfc248b5038e523a61cced86a7b376cccee879cf774a91bac3330751b02671edd0533bac83e527d05be017e09b49911c948a21802576c3ca629a3cd49bf7afd0b8ba4725b47ae2e2b8244436ca8d2b85b634f7140e14d52b4f86a694decec1943ddf3ad199f2d95ece6c782c833f7bc08387411adfef75a016e8d41cb070a07e4945139c62a81bd3faaf7cb7953bcc19ebc88dfd37dc09143eae0e4f6e5d6343e3825e8246ceeb8827ae9058d1bd0095b5d8c35284bee04e707384ee1e0a9bb10e1a5aa7a2a224f16bd9b502fdea2db37fbc23c641de06a9d72edb0875f6a4907a2d7a3111200f4005e8b4da399040e2075c493ba0f00b9fdb1213e1ff98fda22982aabbbedde6fcae165062b358c2e711718c062146b82002342ea52ea2045b93a19475cf248a4ad6fe7894fd50942e5270795e6a56d89d8b886d2615cb4112cbdedbbbb2c852049cb9d20ceea00507b7b643741ca4c0800a4ec958fb42fa798c42c24e8e8b57a7e467f0879a81c05568fdb36336c372e6cde3b90a8e3265505cc3390709eefd4d85fe4ad885899f05bedbde6650733eea2fa117b747ae933fc4411f7814643906b54884932e47a57d82fbe73fb2cc518f7570b30c7a2c9ff4cc095cea1ce99c449f5e651240ae3a3283a9d161cc5f3e988312bfd7b586da1fb35f22756a84302c37f4e11e40a87fa2a7953f85c1ed105c7aa463270004cd1151f899925854c26133d1c0df049ad4e7cd1e30a622ff423302de44317ecbd1024782d1ebd6e0b412ff70cf6ba951b4cf44c385ba6c7e9be51cd082acf084a5c4c75f2f90f46711c22d980a814cb8a752e8bd918a22e9df8bafe94c2dc5bda5ab0e&cri=aRjBMM9z1T&ts=456&cb=1669780261790 IP35.172.245.152:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdb04c7b378cb2db912c3ba8a5a774ee3 dee34bd86c3484d31002182aa2b7caa4699126b8 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00136ce7c03dea458c9f9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d148d6a2217071a10acf9f29f674883838956296d1cfd707752843e8962c300660723c101090c335209c0b93f4877be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2b4d78540fa7df79607f03aca81a7ad9a9f67d97e20d7b1e2efdf3a7c29874ebcfc248b5038e523a61cced86a7b376cccee879cf774a91bac3330751b02671edd0533bac83e527d05be017e09b49911c948a21802576c3ca629a3cd49bf7afd0b8ba4725b47ae2e2b8244436ca8d2b85b634f7140e14d52b4f86a694decec1943ddf3ad199f2d95ece6c782c833f7bc08387411adfef75a016e8d41cb070a07e4945139c62a81bd3faaf7cb7953bcc19ebc88dfd37dc09143eae0e4f6e5d6343e3825e8246ceeb8827ae9058d1bd0095b5d8c35284bee04e707384ee1e0a9bb10e1a5aa7a2a224f16bd9b502fdea2db37fbc23c641de06a9d72edb0875f6a4907a2d7a3111200f4005e8b4da399040e2075c493ba0f00b9fdb1213e1ff98fda22982aabbbedde6fcae165062b358c2e711718c062146b82002342ea52ea2045b93a19475cf248a4ad6fe7894fd50942e5270795e6a56d89d8b886d2615cb4112cbdedbbbb2c852049cb9d20ceea00507b7b643741ca4c0800a4ec958fb42fa798c42c24e8e8b57a7e467f0879a81c05568fdb36336c372e6cde3b90a8e3265505cc3390709eefd4d85fe4ad885899f05bedbde6650733eea2fa117b747ae933fc4411f7814643906b54884932e47a57d82fbe73fb2cc518f7570b30c7a2c9ff4cc095cea1ce99c449f5e651240ae3a3283a9d161cc5f3e988312bfd7b586da1fb35f22756a84302c37f4e11e40a87fa2a7953f85c1ed105c7aa463270004cd1151f899925854c26133d1c0df049ad4e7cd1e30a622ff423302de44317ecbd1024782d1ebd6e0b412ff70cf6ba951b4cf44c385ba6c7e9be51cd082acf084a5c4c75f2f90f46711c22d980a814cb8a752e8bd918a22e9df8bafe94c2dc5bda5ab0e&cri=aRjBMM9z1T&ts=456&cb=1669780261790 HTTP/1.1
Host: obs.cityrobotflower.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Cookie: cg_uuid=1100a5b7380f35f044f20bc9c6ff67d7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Wed, 30 Nov 2022 03:51:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashabd55ecd24d357a9f02612558f723a90 6a1e6963864f0b53ddc6205d35225e6cf0bcbeec 195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash07b8296613be09905e34b09dce4a203f c97c67e8c4b1247423d089c028c31e05734f124e c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash8f12114c5e4071a91936f049f8234c94 61ddffbc7f1154cc8a5fe6fabbd976fe71027d6f 5b700cd09f0aa11ec03e2fe0cba0d92444cf70a880eecc5825e99636a6fbab4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ | 216.58.207.202 | 200 OK | 2.8 kB |
URL HTTP/2content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ IP216.58.207.202:0
Hash851b69d08619ae3f2e8587630a821cf0 f7bfc282aa636a819ac5c896c87cabe8400c6355 d76f07c469909a5243f0285b282a2df6f42a54722a2959820062ab4712b6c13e
GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-M9ayNoSBP7oPoW9pIjU3jQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 273
date: Wed, 30 Nov 2022 03:51:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Fri, 17 Jul 2020 22:45:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash146dac10a93604a686550631e14eefb9 b4af601ce6d515d9ec124938ce626060e0d43099 bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn9.forter.com/vchk2 | 143.204.55.38 | 301 Moved Permanently | 6.6 kB |
IP143.204.55.38:0
File typegzip compressed data, max compression\012- data Hash9b205a3671c0b06ac0fb5bf4e3d2006e d90e2da274b122ccfe4fe47b88948db40a490046 75db1064c4aa2528f1acf9a47438452d85d152c85e7b2ef86fa4a802d2167e7e
GET /vchk2 HTTP/1.1
Host: cdn9.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: eyJyIjowLjEyNzAxMjM3MDgwNjkxNzUyLCJ1IjoiYTUwNDk3MmFkMzg0NGMyMmFhOWIxMDhlZDBjZjRmODMiLCJzIjoiNGM0Y2M3NWExNmVkIn0=
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upwork.com
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://cdn9.forter.com/vchk2/v1/2fba5a9f354d2e2a6927ba1e18fd04bda1e297592f884e30ece63209bb92ca17ac7f4bc86a105fe7dbf64ad7a277
date: Wed, 30 Nov 2022 03:51:03 GMT
access-control-allow-origin: *
timing-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZEElT2DSky30nBKw3_9YRG8FfFM2YUz0f-xFdQi5rF-5MnFRLwakSw==
X-Firefox-Spdy: h2
|
|
| d6tizftlrpuof.cloudfront.net/themes/production/upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png | 54.230.245.47 | 200 OK | 1.7 kB |
URL HTTP/1.1d6tizftlrpuof.cloudfront.net/themes/production/upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png IP54.230.245.47:0
File typePNG image data, 140 x 50, 8-bit colormap, non-interlaced\012- data Hashff48a3c94b69990d5044c0b3b202dd9e 7c171d3789d51f7901a56066d2797bca1a71e987 2fa952d9b6d3e241177a6da103960eb749e30d3e84c25f1d98fb1b2219ab1864
GET /themes/production/upwork-button-ff48a3c94b69990d5044c0b3b202dd9e.png HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1678
Connection: keep-alive
Date: Mon, 05 Sep 2022 00:44:15 GMT
Last-Modified: Thu, 24 Jun 2021 18:49:32 GMT
ETag: "ff48a3c94b69990d5044c0b3b202dd9e"
Cache-Control: max-age=315360000, no-transform, public
x-amz-version-id: d6N_UYHUv2f.lf8yVQQ3CdauiMsM0ICM
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CKPhx2xKYVX1poy_-YW1Nl4nnG-t6_ad6PKO1XqENevHsZa4D9SdyQ==
Age: 7441609
|
|
| a504972ad3844c22aa9b108ed0cf4f83-4c4cc75a16ed.cdn.forter.com/prop.json | 100.26.87.64 | 200 OK | 2 B |
URL HTTP/1.1a504972ad3844c22aa9b108ed0cf4f83-4c4cc75a16ed.cdn.forter.com/prop.json IP100.26.87.64:0
File typeJSON data\012- , ASCII text, with no line terminators Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /prop.json HTTP/1.1
Host: a504972ad3844c22aa9b108ed0cf4f83-4c4cc75a16ed.cdn.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.upwork.com
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 03:51:03 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 12:10:00 GMT
ETag: "2-5ee4a669f9f8e"
Accept-Ranges: bytes
Content-Length: 2
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Access-Control-Allow-Origin: https://www.upwork.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Connection: close
Content-Type: application/json
|
|
| obs.cityrobotflower.com/mon | 35.172.245.152 | 200 OK | 6.0 kB |
URL HTTP/2obs.cityrobotflower.com/mon IP35.172.245.152:0
Hash2f375724a1c5decf747022f5f098f55d 79a112e371ea9e836d022193b4772dc0e362f024 4edf95fc0b0e6aa6f4e7ab529c8241fd1a2f6c54de2f775c7b422db7fb7f1bee
POST /mon HTTP/1.1
Host: obs.cityrobotflower.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1875
Origin: https://www.upwork.com
Connection: keep-alive
Referer: https://www.upwork.com/
Cookie: cg_uuid=1100a5b7380f35f044f20bc9c6ff67d7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.upwork.com
content-type: application/json
date: Wed, 30 Nov 2022 03:51:03 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| cdn9.forter.com/vchk2/v1/2fba5a9f354d2e2a6927ba1e18fd04bda1e297592f884e30ece63209bb92ca17ac7f4bc86a105fe7dbf64ad7a277 | 143.204.55.38 | 200 OK | 2.0 kB |
URL HTTP/2cdn9.forter.com/vchk2/v1/2fba5a9f354d2e2a6927ba1e18fd04bda1e297592f884e30ece63209bb92ca17ac7f4bc86a105fe7dbf64ad7a277 IP143.204.55.38:0
Hash939f35e39aab5f8325b89fd6e20c5e39 1fa97259816b6220830754c4ddb0d0f375ff459f 9146f80b5feba0e6d932ccd462004cb0907020055c86d739a833785acfbbbce1
GET /vchk2/v1/2fba5a9f354d2e2a6927ba1e18fd04bda1e297592f884e30ece63209bb92ca17ac7f4bc86a105fe7dbf64ad7a277 HTTP/1.1
Host: cdn9.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: eyJyIjowLjEyNzAxMjM3MDgwNjkxNzUyLCJ1IjoiYTUwNDk3MmFkMzg0NGMyMmFhOWIxMDhlZDBjZjRmODMiLCJzIjoiNGM0Y2M3NWExNmVkIn0=
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upwork.com
Referer: https://www.upwork.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:51:03 GMT
access-control-allow-origin: *
timing-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NoNaa46rwdOZO0Ptg3fOwLNOVYUNGDYsYgqWgrn87Tf4RsO60Ynuyw==
X-Firefox-Spdy: h2
|
|
| status.geotrust.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash15a5567c75c2b2e383427957b3bc5c76 ab96001511be34080170edae1ce6ea39c7b6b888 9bd678732f521f1926e8c88007d1a59c5148a24fdd0997eae428b8731bd52774
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4732
Cache-Control: max-age=128055
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:51:04 GMT
Etag: "638611e3-1d7"
Expires: Thu, 01 Dec 2022 15:25:19 GMT
Last-Modified: Tue, 29 Nov 2022 14:06:27 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| cdn0.forter.com/4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/prop.json?_=1669780263393 | 54.243.108.33 | 200 OK | 20 B |
URL HTTP/1.1cdn0.forter.com/4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/prop.json?_=1669780263393 IP54.243.108.33:0
File typeJSON data\012- , ASCII text, with no line terminators Hash5820854f62a6eb3d38ba7ba0d1b3ea75 639df0b84fe699b4a290a713fd6b9a94bd4deb95 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/prop.json?_=1669780263393 HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upwork.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.upwork.com/
Connection: keep-alive
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://www.upwork.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Content-Type: application/json
Connection: keep-alive
Date: Wed, 30 Nov 2022 03:51:04 GMT
Transfer-Encoding: chunked
|
|
| cdn0.forter.com/4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/prop.json?_=1669780263915 | 54.243.108.33 | 200 OK | 20 B |
URL HTTP/1.1cdn0.forter.com/4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/prop.json?_=1669780263915 IP54.243.108.33:0
File typeJSON data\012- , ASCII text, with no line terminators Hash5820854f62a6eb3d38ba7ba0d1b3ea75 639df0b84fe699b4a290a713fd6b9a94bd4deb95 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/prop.json?_=1669780263915 HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upwork.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.upwork.com/
Connection: keep-alive
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://www.upwork.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Content-Type: application/json
Connection: keep-alive
Date: Wed, 30 Nov 2022 03:51:05 GMT
Transfer-Encoding: chunked
|
|
| cdn0.forter.com/4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/prop.json?_=1669780264173 | 54.243.108.33 | 200 OK | 20 B |
URL HTTP/1.1cdn0.forter.com/4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/prop.json?_=1669780264173 IP54.243.108.33:0
File typeJSON data\012- , ASCII text, with no line terminators Hash5820854f62a6eb3d38ba7ba0d1b3ea75 639df0b84fe699b4a290a713fd6b9a94bd4deb95 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/prop.json?_=1669780264173 HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upwork.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.upwork.com/
Connection: keep-alive
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://www.upwork.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Content-Type: application/json
Connection: keep-alive
Date: Wed, 30 Nov 2022 03:51:05 GMT
Transfer-Encoding: chunked
|
|
| cdn0.forter.com/4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/wpt.json | 54.243.108.33 | 204 No Content | 0 B |
URL HTTP/1.1cdn0.forter.com/4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/wpt.json IP54.243.108.33:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/wpt.json HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.upwork.com/
Origin: https://www.upwork.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type
Content-Length: 0
Date: Wed, 30 Nov 2022 03:51:05 GMT
Connection: keep-alive
|
|
| cdn0.forter.com/4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/wpt.json | 54.243.108.33 | 200 OK | 20 B |
URL HTTP/1.1cdn0.forter.com/4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/wpt.json IP54.243.108.33:0
File typeJSON data\012- , ASCII text, with no line terminators Hash5820854f62a6eb3d38ba7ba0d1b3ea75 639df0b84fe699b4a290a713fd6b9a94bd4deb95 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
POST /4c4cc75a16ed/a504972ad3844c22aa9b108ed0cf4f83/wpt.json HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 28
Origin: https://www.upwork.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.upwork.com/
Connection: keep-alive
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://www.upwork.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
Expires: -1
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Content-Length: 20
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Date: Wed, 30 Nov 2022 03:51:05 GMT
Connection: keep-alive
|
|
| obs.cityrobotflower.com/mon | 35.172.245.152 | 200 OK | 0 B |
URL HTTP/2obs.cityrobotflower.com/mon IP35.172.245.152:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.cityrobotflower.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1870
Origin: https://www.upwork.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.upwork.com/
Connection: keep-alive
Cookie: cg_uuid=1100a5b7380f35f044f20bc9c6ff67d7
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.upwork.com
content-type: application/json
date: Wed, 30 Nov 2022 03:51:05 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| www.upwork.com/static/vue-libs/vuex.3.6.2.min.js | 104.18.89.237 | 200 OK | 0 B |
URL HTTP/2www.upwork.com/static/vue-libs/vuex.3.6.2.min.js IP104.18.89.237:0
GET /static/vue-libs/vuex.3.6.2.min.js HTTP/1.1
Host: www.upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upwork.com/nx/tax/?utm_source=Braze&utm_medium=email&utm_campaign=20221129_AH_FL_TaxEmail_NON-US_Milestone
Connection: keep-alive
Cookie: __cf_bm=NSaP_HRuNctGYu48Mb6QbiKMyFwAQ0L6pnC1DlGrL9k-1669780259-0-AaJVCzWB7LCv1IXb7tGcknUUgKfchBUR3FsjsQTu4WTeEhnzb9h1FnS4nGYUbJbEhuvZ4cVueOoBf+zt7uqzb34=; __cfruid=1c894e9bfa17c00e4db4fb372bba246021d31780-1669780259; visitor_id=91.90.42.154.1669780259622000; enabled_ff=!MP16400Air3Migration,!CI10857Air3Dot0,air2Dot76,!air2Dot76Qt,SSINav,CI11132Air2Dot75,!CI12577UniversalSearch,OTBnrOn,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations; cookie_prefix=; cookie_domain=.upwork.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:50:59 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Wed, 15 Dec 2021 09:34:11 GMT
etag: W/"9190541d2b0b2827d8f9a2b436ffdc3f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vnd-eo-trace-id: 6f29ae611bcdc928-SJC
referrer-policy: origin-when-cross-origin
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 21379483
expires: Thu, 30 Nov 2023 03:50:59 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77209f3fcac1b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.upwork.com/static/vue-libs/vue.runtime.2.7.14.min.js | 104.18.89.237 | 200 OK | 0 B |
URL HTTP/2www.upwork.com/static/vue-libs/vue.runtime.2.7.14.min.js IP104.18.89.237:0
GET /static/vue-libs/vue.runtime.2.7.14.min.js HTTP/1.1
Host: www.upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upwork.com/nx/tax/?utm_source=Braze&utm_medium=email&utm_campaign=20221129_AH_FL_TaxEmail_NON-US_Milestone
Connection: keep-alive
Cookie: __cf_bm=NSaP_HRuNctGYu48Mb6QbiKMyFwAQ0L6pnC1DlGrL9k-1669780259-0-AaJVCzWB7LCv1IXb7tGcknUUgKfchBUR3FsjsQTu4WTeEhnzb9h1FnS4nGYUbJbEhuvZ4cVueOoBf+zt7uqzb34=; __cfruid=1c894e9bfa17c00e4db4fb372bba246021d31780-1669780259; visitor_id=91.90.42.154.1669780259622000; enabled_ff=!MP16400Air3Migration,!CI10857Air3Dot0,air2Dot76,!air2Dot76Qt,SSINav,CI11132Air2Dot75,!CI12577UniversalSearch,OTBnrOn,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations; cookie_prefix=; cookie_domain=.upwork.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:50:59 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Thu, 10 Nov 2022 16:24:53 GMT
etag: W/"4e644343c0055d4cdf6879735f2c69ad"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vnd-eo-trace-id: 76d8a9db1e173362-SJC
referrer-policy: origin-when-cross-origin
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 460256
expires: Thu, 30 Nov 2023 03:50:59 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77209f3fcac0b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.upwork.com/static/assets/TaxNuxt/commons~app.1724d0b1.js | 104.18.89.237 | 200 OK | 0 B |
URL HTTP/2www.upwork.com/static/assets/TaxNuxt/commons~app.1724d0b1.js IP104.18.89.237:0
GET /static/assets/TaxNuxt/commons~app.1724d0b1.js HTTP/1.1
Host: www.upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upwork.com/nx/tax/?utm_source=Braze&utm_medium=email&utm_campaign=20221129_AH_FL_TaxEmail_NON-US_Milestone
Connection: keep-alive
Cookie: __cf_bm=NSaP_HRuNctGYu48Mb6QbiKMyFwAQ0L6pnC1DlGrL9k-1669780259-0-AaJVCzWB7LCv1IXb7tGcknUUgKfchBUR3FsjsQTu4WTeEhnzb9h1FnS4nGYUbJbEhuvZ4cVueOoBf+zt7uqzb34=; __cfruid=1c894e9bfa17c00e4db4fb372bba246021d31780-1669780259; visitor_id=91.90.42.154.1669780259622000; enabled_ff=!MP16400Air3Migration,!CI10857Air3Dot0,air2Dot76,!air2Dot76Qt,SSINav,CI11132Air2Dot75,!CI12577UniversalSearch,OTBnrOn,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations; cookie_prefix=; cookie_domain=.upwork.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:50:59 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 08:19:52 GMT
etag: W/"6af228252fd734d670250ced11094246"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vnd-eo-trace-id: 771a1b819fe9c5a4-SJC
referrer-policy: origin-when-cross-origin
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 33469
expires: Thu, 30 Nov 2023 03:50:59 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77209f3fcac6b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/gtm-snippet.min.js | 104.16.253.149 | 200 OK | 0 B |
URL HTTP/2assets.static-upwork.com/@upwork/mobile-ready-alert-banner/0.0.5/gtm-snippet.min.js IP104.16.253.149:0
GET /@upwork/mobile-ready-alert-banner/0.0.5/gtm-snippet.min.js HTTP/1.1
Host: assets.static-upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:51:01 GMT
content-type: application/x-javascript
x-amz-id-2: vYz9HGbTSEv7ffAbrLFb6i6A2UDiMogZ+VfLTITiLwG2Th23q3l4gBbLPRW13IeJtJ8kuaaDogY=
x-amz-request-id: 19GBXAXA66NSGZ6Q
x-amz-meta-last-modified: 1532366449000
last-modified: Wed, 28 Jul 2021 04:55:45 GMT
x-amz-version-id: ZweJj09ERuB7hGd43xe8zP0W7iYDRk9P
etag: W/"f65b2f243a458c9aae9b29262e8b2877"
cf-cache-status: HIT
age: 65
expires: Wed, 30 Nov 2022 07:51:01 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=RTLhxjC4Hld7a_5vm6RVS3NMaMrn9hiGKLG2Z0WGnNo-1669780261-0-AQq9QnypxLQu5QaYSbaPOFSVKplPqcPgfHGRhcoOLGPWTH6vo8qf2QECD/kFzIoJf9MJA3lOzZbI1gM+930uGf4=; path=/; expires=Wed, 30-Nov-22 04:21:01 GMT; domain=.static-upwork.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77209f47fa2db521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| geolocation.onetrust.com/cookieconsentpub/v1/geo/location | 104.18.26.85 | 200 OK | 0 B |
URL HTTP/2geolocation.onetrust.com/cookieconsentpub/v1/geo/location IP104.18.26.85:0
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upwork.com
Connection: keep-alive
Referer: https://www.upwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:51:00 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77209f424c27b51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.upwork.com/nx/tax/?utm_source=Braze&utm_medium=email&utm_campaign=20221129_AH_FL_TaxEmail_NON-US_Milestone | 104.18.89.237 | 200 OK | 0 B |
URL HTTP/2www.upwork.com/nx/tax/?utm_source=Braze&utm_medium=email&utm_campaign=20221129_AH_FL_TaxEmail_NON-US_Milestone IP104.18.89.237:0
GET /nx/tax/?utm_source=Braze&utm_medium=email&utm_campaign=20221129_AH_FL_TaxEmail_NON-US_Milestone HTTP/1.1
Host: www.upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=NSaP_HRuNctGYu48Mb6QbiKMyFwAQ0L6pnC1DlGrL9k-1669780259-0-AaJVCzWB7LCv1IXb7tGcknUUgKfchBUR3FsjsQTu4WTeEhnzb9h1FnS4nGYUbJbEhuvZ4cVueOoBf+zt7uqzb34=; __cfruid=1c894e9bfa17c00e4db4fb372bba246021d31780-1669780259
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:50:59 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
report-to: {'endpoints':[{'url':'https://www.upwork.com/ab/csp/index'}],'group':'csp-endpoint','max-age': 10886400}
content-security-policy-report-only: report-to csp-endpoint
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vnd-eo-trace-id: 77209f3e0a03b50b-SEA
referrer-policy: origin-when-cross-origin
x-xss-protection: 1; mode=block
set-cookie: visitor_id=91.90.42.154.1669780259622000; secure; path=/; expires=1701316259; domain=.upwork.com
enabled_ff=!MP16400Air3Migration,!CI10857Air3Dot0,air2Dot76,!air2Dot76Qt,SSINav,CI11132Air2Dot75,!CI12577UniversalSearch,OTBnrOn,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations; Path=/; Secure
cookie_prefix=;Path=/;secure;
cookie_domain=.upwork.com;Path=/;secure;
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77209f3e0a03b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.upwork.com/static/assets/TaxNuxt/styles~app.21de1076.js | 104.18.89.237 | 200 OK | 0 B |
URL HTTP/2www.upwork.com/static/assets/TaxNuxt/styles~app.21de1076.js IP104.18.89.237:0
GET /static/assets/TaxNuxt/styles~app.21de1076.js HTTP/1.1
Host: www.upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upwork.com/nx/tax/?utm_source=Braze&utm_medium=email&utm_campaign=20221129_AH_FL_TaxEmail_NON-US_Milestone
Connection: keep-alive
Cookie: __cf_bm=NSaP_HRuNctGYu48Mb6QbiKMyFwAQ0L6pnC1DlGrL9k-1669780259-0-AaJVCzWB7LCv1IXb7tGcknUUgKfchBUR3FsjsQTu4WTeEhnzb9h1FnS4nGYUbJbEhuvZ4cVueOoBf+zt7uqzb34=; __cfruid=1c894e9bfa17c00e4db4fb372bba246021d31780-1669780259; visitor_id=91.90.42.154.1669780259622000; enabled_ff=!MP16400Air3Migration,!CI10857Air3Dot0,air2Dot76,!air2Dot76Qt,SSINav,CI11132Air2Dot75,!CI12577UniversalSearch,OTBnrOn,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations; cookie_prefix=; cookie_domain=.upwork.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:50:59 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 09:48:29 GMT
etag: W/"5d8559e8afe496e4e720e49ccc403922"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vnd-eo-trace-id: 771ab98338b8cd51-SJC
referrer-policy: origin-when-cross-origin
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 33469
expires: Thu, 30 Nov 2023 03:50:59 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77209f3fcac7b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| accounts.google.com/o/oauth2/iframe | 142.250.74.109 | 200 OK | 0 B |
URL HTTP/2accounts.google.com/o/oauth2/iframe IP142.250.74.109:0
GET /o/oauth2/iframe HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upwork.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 30 Nov 2022 03:51:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'nonce-LszMjbCUKZMevZglAN9EpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
cross-origin-embedder-policy: require-corp
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.upwork.com/static/assets/TaxNuxt/app.a217d176.js | 104.18.89.237 | 200 OK | 0 B |
URL HTTP/2www.upwork.com/static/assets/TaxNuxt/app.a217d176.js IP104.18.89.237:0
GET /static/assets/TaxNuxt/app.a217d176.js HTTP/1.1
Host: www.upwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upwork.com/nx/tax/?utm_source=Braze&utm_medium=email&utm_campaign=20221129_AH_FL_TaxEmail_NON-US_Milestone
Connection: keep-alive
Cookie: __cf_bm=NSaP_HRuNctGYu48Mb6QbiKMyFwAQ0L6pnC1DlGrL9k-1669780259-0-AaJVCzWB7LCv1IXb7tGcknUUgKfchBUR3FsjsQTu4WTeEhnzb9h1FnS4nGYUbJbEhuvZ4cVueOoBf+zt7uqzb34=; __cfruid=1c894e9bfa17c00e4db4fb372bba246021d31780-1669780259; visitor_id=91.90.42.154.1669780259622000; enabled_ff=!MP16400Air3Migration,!CI10857Air3Dot0,air2Dot76,!air2Dot76Qt,SSINav,CI11132Air2Dot75,!CI12577UniversalSearch,OTBnrOn,CI9570Air2Dot5,!CI10270Air2Dot5QTAllocations; cookie_prefix=; cookie_domain=.upwork.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 03:50:59 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 22:53:31 GMT
etag: W/"ed476be56460857b5f0b3559b21177ea"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vnd-eo-trace-id: 771f18beaea0ba02-SJC
referrer-policy: origin-when-cross-origin
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 14374
expires: Thu, 30 Nov 2023 03:50:59 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77209f3fcacbb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|