calendly.hr-upshift.work Open in urlscan Pro
2606:4700:3032::ac43:decc  Public Scan

Submitted URL: https://fb.com147418946340.top/
Effective URL: https://calendly.hr-upshift.work/maria/
Submission: On March 07 via api from US — Scanned from US

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3032::ac43:decc, located in United States and belongs to CLOUDFLARENET, US. The main domain is calendly.hr-upshift.work.
TLS certificate: Issued by E1 on January 15th 2024. Valid for: 3 months.
This is the only time calendly.hr-upshift.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 6 2606:4700:303... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
4 2606:4700:e6:... 13335 (CLOUDFLAR...)
2 146.75.28.193 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
23 7
Apex Domain
Subdomains
Transfer
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
650 KB
6 hr-upshift.work
calendly.hr-upshift.work
244 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
39 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 973
87 KB
2 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7986
26 KB
1 com147418946340.top
fb.com147418946340.top
611 B
23 6
Domain Requested by
6 www.gstatic.com www.google.com
www.gstatic.com
6 calendly.hr-upshift.work 1 redirects calendly.hr-upshift.work
5 www.google.com calendly.hr-upshift.work
www.gstatic.com
www.google.com
4 use.fontawesome.com calendly.hr-upshift.work
use.fontawesome.com
2 i.imgur.com calendly.hr-upshift.work
1 fonts.gstatic.com www.google.com
1 fb.com147418946340.top 1 redirects
23 7

This site contains links to these domains. Also see Links.

Domain
help.calendly.com
Subject Issuer Validity Valid
hr-upshift.work
E1
2024-01-15 -
2024-04-14
3 months crt.sh
www.google.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3
2023-10-12 -
2024-10-10
a year crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA
2024-02-15 -
2025-02-14
a year crt.sh
*.google.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh

This page contains 4 frames:

Primary Page: https://calendly.hr-upshift.work/maria/
Frame ID: ABECB97BA3F68261F9F9904DC372929F
Requests: 13 HTTP requests in this frame

Frame: https://calendly.hr-upshift.work/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Frame ID: E13ABEA57764434024B409A9D72E57D8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lec8IkpAAAAAL9P1CleSVKxLjO7jdnBdod0FFyZ&co=aHR0cHM6Ly9jYWxlbmRseS5oci11cHNoaWZ0Lndvcms6NDQz&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=sgn94fh8u4rk
Frame ID: 65B389EA8F5D3DDD249A82E8A74AD092
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lec8IkpAAAAAL9P1CleSVKxLjO7jdnBdod0FFyZ
Frame ID: 0F29A0E378C7A6810DA93910A8C242E8
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Schedule a Call

Page URL History Show full URLs

  1. https://fb.com147418946340.top/ HTTP 302
    https://calendly.hr-upshift.work/maria/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

23
Requests

96 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

1
Countries

1128 kB
Transfer

2520 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fb.com147418946340.top/ HTTP 302
    https://calendly.hr-upshift.work/maria/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://calendly.hr-upshift.work/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://calendly.hr-upshift.work/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
calendly.hr-upshift.work/maria/
Redirect Chain
  • https://fb.com147418946340.top/
  • https://calendly.hr-upshift.work/maria/
409 KB
167 KB
Document
General
Full URL
https://calendly.hr-upshift.work/maria/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:decc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f11c5b363fc774001e1173efb4ee9fedeecd255d4978a5107084373cb55b06c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
860ac0280f660f78-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 07 Mar 2024 12:57:19 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAX0795svCZTc10h74UYRhtiDomqKg0jinOTjmWhXPpL%2BB4rAIDb6HmtxaNEqAo8yaKYCkNu%2FWk8i47LxxPY3KKBR%2FYZ5xbxOzMQp%2BveF7NsHTTq42EnafmLSCBKpir2njlOGsUJG5DoxBjJh9a%2FZoJaFeU%2BB74%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
860ac01e2ac841ff-EWR
content-type
text/html; charset=UTF-8
date
Thu, 07 Mar 2024 12:57:19 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://calendly.hr-upshift.work/maria/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoTDR1M%2BR8X4G6crPX0Ev3RSqeXx5ZvSjFOLrktJLbYH9BtgcjGPO9HQBVBLFNPgbD6ZyZSOmJfPxuiibyEHUk%2FGy9Xb7Vr5jydcE7Csbc1hcumw2%2FSDj73EPcXRPIomu46iB0BFP2aT1YZ0Z%2F%2B7KE%2BwpiEJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: calendly.hr-upshift.work
URL: https://calendly.hr-upshift.work/maria/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
359f1bb96cec382277bd9723294f7378ecaf24dd6d356f731bafbc49ff6dcdb6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://calendly.hr-upshift.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 12:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 07 Mar 2024 12:57:19 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/
490 KB
195 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://calendly.hr-upshift.work/
Origin
https://calendly.hr-upshift.work
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199059
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Mar 2025 03:01:57 GMT
1c65b51dc5.js
use.fontawesome.com/
9 KB
4 KB
Script
General
Full URL
https://use.fontawesome.com/1c65b51dc5.js
Requested by
Host: calendly.hr-upshift.work
URL: https://calendly.hr-upshift.work/maria/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
831ea6b9ed292f0dff8e2ea6b0d76343d85545feb3b20a8d844c4580577ef79a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://calendly.hr-upshift.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 12:57:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 22 Sep 2023 00:21:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"b44a4469f945ce534207819b0eed236c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8WGLkSfcf%2BF8BwdeKIxXhuQniI3nD1iQDKVVGG9Wrm7KcaDC2mQZBv0TyLbdQBK9Mk3CV4Gq%2BXvCMHNuLW4%2B5hjsJ6krTH0oiRoSC%2BTqvZADzD9rW9Dsy5HEznyMttc3Bw97juCKiD5aLS6R5ih%2FVG8"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
860ac02acad217a1-EWR
alt-svc
h3=":443"; ma=86400
P7cedQ8.png
i.imgur.com/
9 KB
9 KB
Image
General
Full URL
https://i.imgur.com/P7cedQ8.png
Requested by
Host: calendly.hr-upshift.work
URL: https://calendly.hr-upshift.work/maria/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
4587c9ec2c976da6c06f6862ebe5695ce3aed04bb0bf51ba84d0dcbcee2b66ca
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://calendly.hr-upshift.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 12:57:19 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
0
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
9498
x-served-by
cache-iad-kiad7000095-IAD
last-modified
Tue, 10 Oct 2023 20:42:03 GMT
server
cat factory 1.0
x-timer
S1709816240.854152,VS0,VE48
etag
"52f7c9e5342ad2f92e7e329888230c29"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
XDSNyjKUFHhv-H-AAOxECPF9QWilVX5J1nyx_Uu7BdEunILvDgKK6g==
x-cache-hits
1
sparks-logo.svg
calendly.hr-upshift.work/maria/assets/images/
191 KB
71 KB
Image
General
Full URL
https://calendly.hr-upshift.work/maria/assets/images/sparks-logo.svg
Requested by
Host: calendly.hr-upshift.work
URL: https://calendly.hr-upshift.work/maria/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:decc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c36bc8e278408f7faacaf1d061e4c1c2a15c7ffdc5ec39ccf7a59cb1530ae2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://calendly.hr-upshift.work/maria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 12:57:20 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 20 Sep 2023 11:47:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2fc84-605c8f255fd4f-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMNU8Io9fqeXDUUa2FU5EjwNY3SeMigTKO%2Bmet2gIldlYrDmsbyMUx%2FKo5Zbznb2aCiwt2Yq8wFSCvvx6VNr3i2Cjt7sE0XrJSv7SjRhSgtsRu8KVvObOWFQ%2FAsBuwqrzZ5AKNQDWtQhH%2B1blADRwUyNqUCFBZs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
860ac02a69810f78-EWR
alt-svc
h3=":443"; ma=86400
NnvAqfK.jpeg
i.imgur.com/
16 KB
17 KB
Image
General
Full URL
https://i.imgur.com/NnvAqfK.jpeg
Requested by
Host: calendly.hr-upshift.work
URL: https://calendly.hr-upshift.work/maria/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9fea92119021a4c8f50404520b849136128ad029ab8cfec0929d5d6157fd7c6f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://calendly.hr-upshift.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 12:57:19 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
239646
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
16725
x-served-by
cache-iad-kiad7000095-IAD
last-modified
Tue, 10 Oct 2023 03:47:05 GMT
server
cat factory 1.0
x-timer
S1709816240.854071,VS0,VE1
etag
"299e9a993092c268012bcffa3720e788"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
PFGEl59ioRs1gGq654PBWZg5AALT5SURtdQOILYorAF2IIvKtT418g==
x-cache-hits
1
logo-calendly.svg
calendly.hr-upshift.work/maria/assets/images/
5 KB
2 KB
Image
General
Full URL
https://calendly.hr-upshift.work/maria/assets/images/logo-calendly.svg
Requested by
Host: calendly.hr-upshift.work
URL: https://calendly.hr-upshift.work/maria/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:decc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
943e6621cddc9572251c8e1609a9bc8789789db3654b647b6fb501812159ae8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://calendly.hr-upshift.work/maria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 12:57:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 01 Feb 2023 22:06:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1213-5f3aaaa9da000-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRLxqCqZOxpW5%2Frug2eEUv03ts9XCTYLzT9l3V2gLegze3ElfPTxIkhXtiBLdXYzHPq%2F%2BmG7S%2FLnDV1wh2AcIPGNG1z%2Fu2gMFFQXgtuQIaRYNknxPWY%2FnYDMST5AisF%2BunOmKKwPwgM4pEV6AJK%2FodJKVhIUCwk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
860ac02a69830f78-EWR
alt-svc
h3=":443"; ma=86400
1c65b51dc5.css
use.fontawesome.com/
1 KB
683 B
Stylesheet
General
Full URL
https://use.fontawesome.com/1c65b51dc5.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/1c65b51dc5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fcd6678aa78ad39f48d6809f7ef1a017802410ac79ecacd541519046bdd65c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://calendly.hr-upshift.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 12:57:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 22 Sep 2023 00:21:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9be68a603be181f5d9f566899f9d4826"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mT85U7WMW7vJv4EPHpF%2B6Z3gEkEobnnVr8b11lJwlG4RrAhWCERH7GqDbva%2BTeS0ziCX%2B89DvTRNbYaLOxKpvQJByuOS5h3Ci6Xb5Wp7teW206LmBn4wbuqEO0CUBdWUb57Dp7STesdpHwi%2Fx%2FDeYNdY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
860ac02b5b1c17a1-EWR
alt-svc
h3=":443"; ma=86400
truncated
/
45 KB
45 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ea98b82eb62795846fed9452c40531d668dd519e29633c196905d6f5af8d846

Request headers

Referer
Origin
https://calendly.hr-upshift.work
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
37 KB
37 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d41624e9721619a0dbe00d0fd9c0175a8f97c484aab61117db7246f69b7de9ba

Request headers

Referer
Origin
https://calendly.hr-upshift.work
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
font/woff
main.js
calendly.hr-upshift.work/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/ Frame E13A
Redirect Chain
  • https://calendly.hr-upshift.work/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://calendly.hr-upshift.work/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
8 KB
4 KB
Script
General
Full URL
https://calendly.hr-upshift.work/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Requested by
Host: calendly.hr-upshift.work
URL: https://calendly.hr-upshift.work/maria/
Protocol
H3
Server
2606:4700:3032::ac43:decc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05d4eba8bf7fea2348d27045cd07569e8c7083d7ac3ebba459613e5948982aae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 12:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bq2wxQ3Igx23dFKmgCaC8D3PFmkyN0m1Ufw8FGIMENr0WAdMvRh32FbZ%2FGT4b4y707PPzakK4tByg2W%2FHznxGbov2h4X3XifMXQ7jeRGQ2BIaALDC4lbJBMi%2BIZ6%2FBZg%2BZlYiWOLw5w4vcUBjKOdywaFTugSjr0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
860ac02bfd257d18-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 07 Mar 2024 12:57:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ff%2BM5UK5ot%2BxPqp%2B6lEiT5nOYK5BMmQXtIZoyRVks1JS9hFuWaIt0iWILTszqTVQdAaZ7B8XseRp7wWuLaD%2FFosBEHgOn9EF15b7zAsMEm5mWX9Q9s91MT%2F7VneHRF9%2BRvjZKqcFUVnfxhTot%2Bgp4MtwwZ7EnaA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
cache-control
max-age=300, public
cf-ray
860ac02bbce97d18-EWR
alt-svc
h3=":443"; ma=86400
anchor
www.google.com/recaptcha/api2/ Frame 65B3
46 KB
29 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lec8IkpAAAAAL9P1CleSVKxLjO7jdnBdod0FFyZ&co=aHR0cHM6Ly9jYWxlbmRseS5oci11cHNoaWZ0Lndvcms6NDQz&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=sgn94fh8u4rk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01d19a7e65c10fcbdba9294045f1d053095207fafe874acf17857555306bf18c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p7n-JD3ZoZmCjEt51MYI5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://calendly.hr-upshift.work/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-p7n-JD3ZoZmCjEt51MYI5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Mar 2024 12:57:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/1c65b51dc5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language
en-US,en;q=0.9
Referer
https://use.fontawesome.com/1c65b51dc5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 12:57:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
508851
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7M3VXqSZfOovvqa1CtbHJfDdhN1FeL%2F153FGfuUIaKuhllzEuVBO9BR4KvQV6U8uXSmF4y7p%2BzL8pw8I2PQ%2FyxR198lndz3AGSOiRFdo542smV1hu4GY289AwD2TyekxaKgV%2Bee1T6djuGz11ceNvdR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
860ac02bdb7017a1-EWR
alt-svc
h3=":443"; ma=86400
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/1c65b51dc5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/1c65b51dc5.css
Origin
https://calendly.hr-upshift.work
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 12:57:20 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMEGoAS4ri7UTKoCahxXeDXEXw5Ym4wfXYmIwpAQGj6Tbqf%2FLlilornVdRMTr%2BZvvLI1R4ii8YnYySbXXD2a54M729sFIJeYt8DX7MDAUnkjsly0bWdCvdVzdTjufG9l18CknbdFQpJdJxJ6pZpXVe6S"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
860ac02c9d424277-EWR
alt-svc
h3=":443"; ma=86400
content-length
77160
860ac0280f660f78
calendly.hr-upshift.work/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E13A
0
614 B
XHR
General
Full URL
https://calendly.hr-upshift.work/cdn-cgi/challenge-platform/h/b/jsd/r/860ac0280f660f78
Requested by
Host: calendly.hr-upshift.work
URL: https://calendly.hr-upshift.work/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:decc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 07 Mar 2024 12:57:20 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pMp9zyDpilh5BwrYl9SuziQGFcH4d4VqECejDEjyDjAY01Cfnmu5Agak7DIwYMqzNpjmKA57TmTjo7TcXTQJbk%2F%2BhFX6jFv94PIoYPsFmVeKDjq6d%2Bh0qWG9CJObP%2FYJJrpXsq7ZxsebYnElGlJCuD%2BImDv5Ss%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
860ac02d0e177d18-EWR
alt-svc
h3=":443"; ma=86400
styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 65B3
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lec8IkpAAAAAL9P1CleSVKxLjO7jdnBdod0FFyZ&co=aHR0cHM6Ly9jYWxlbmRseS5oci11cHNoaWZ0Lndvcms6NDQz&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=sgn94fh8u4rk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 02:52:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Mar 2025 02:52:11 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 65B3
490 KB
194 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lec8IkpAAAAAL9P1CleSVKxLjO7jdnBdod0FFyZ&co=aHR0cHM6Ly9jYWxlbmRseS5oci11cHNoaWZ0Lndvcms6NDQz&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=sgn94fh8u4rk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199059
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Mar 2025 03:01:57 GMT
truncated
/ Frame 65B3
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 65B3
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 65B3
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 02:51:44 GMT
x-content-type-options
nosniff
age
36336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 14 Mar 2024 02:51:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 65B3
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lec8IkpAAAAAL9P1CleSVKxLjO7jdnBdod0FFyZ&co=aHR0cHM6Ly9jYWxlbmRseS5oci11cHNoaWZ0Lndvcms6NDQz&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=sgn94fh8u4rk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 11:03:36 GMT
x-content-type-options
nosniff
age
6824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Mar 2025 11:03:36 GMT
IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js
www.google.com/js/bg/ Frame 65B3
17 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lec8IkpAAAAAL9P1CleSVKxLjO7jdnBdod0FFyZ&co=aHR0cHM6Ly9jYWxlbmRseS5oci11cHNoaWZ0Lndvcms6NDQz&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=sgn94fh8u4rk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 23:06:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
49838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6933
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Mar 2025 23:06:42 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 65B3
102 B
135 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lec8IkpAAAAAL9P1CleSVKxLjO7jdnBdod0FFyZ&co=aHR0cHM6Ly9jYWxlbmRseS5oci11cHNoaWZ0Lndvcms6NDQz&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=sgn94fh8u4rk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
91e9008a809223ca505257c7cb9232b7bf13e7fbf45e3f6dd2cfca538e7141eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lec8IkpAAAAAL9P1CleSVKxLjO7jdnBdod0FFyZ&co=aHR0cHM6Ly9jYWxlbmRseS5oci11cHNoaWZ0Lndvcms6NDQz&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=sgn94fh8u4rk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 12:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 07 Mar 2024 12:57:20 GMT
bframe
www.google.com/recaptcha/api2/ Frame 0F29
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lec8IkpAAAAAL9P1CleSVKxLjO7jdnBdod0FFyZ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9d2ae89e3c646e02ebed20d3629bc44cb3b5879a52c5009aa6c6383cdd52fc0d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0dFNu1PHMXRKxvAtxc4a9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://calendly.hr-upshift.work/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0dFNu1PHMXRKxvAtxc4a9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Mar 2024 12:57:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 0F29
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lec8IkpAAAAAL9P1CleSVKxLjO7jdnBdod0FFyZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 02:52:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Mar 2025 02:52:11 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 0F29
490 KB
194 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lec8IkpAAAAAL9P1CleSVKxLjO7jdnBdod0FFyZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 03:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199059
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Mar 2025 03:01:57 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| savepage_ShadowLoader object| FontAwesomeCdnConfig string| cssUrl function| showLoaderAndErrorPopup object| recaptcha object| closure_lm_397965

3 Cookies

Domain/Path Name / Value
fb.com147418946340.top/ Name: trados
Value: a7d8b0blrgpoq2jrgr68eoioom0clns2
calendly.hr-upshift.work/ Name: trados
Value: 9s9iphsh4trqb1l33dimhl8k227amovp
.hr-upshift.work/ Name: cf_clearance
Value: NcfBBvJoONU87cZ7D6USr3FOmdTOtSAEAV.MCdQ34UU-1709816240-1.0.1.1-nWcvRJ50Vi22HlE.dhdVLOdBEhv22NKDDeOeOEHi..cWchLUB7o4EgMIovAFdljLhOcoveNXz7U2C2TKvE_3Ew

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

calendly.hr-upshift.work
fb.com147418946340.top
fonts.gstatic.com
i.imgur.com
use.fontawesome.com
www.google.com
www.gstatic.com
146.75.28.193
2606:4700:3030::ac43:d6f6
2606:4700:3032::ac43:decc
2606:4700:e6::ac40:ce26
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c17::69
01d19a7e65c10fcbdba9294045f1d053095207fafe874acf17857555306bf18c
05d4eba8bf7fea2348d27045cd07569e8c7083d7ac3ebba459613e5948982aae
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
359f1bb96cec382277bd9723294f7378ecaf24dd6d356f731bafbc49ff6dcdb6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4587c9ec2c976da6c06f6862ebe5695ce3aed04bb0bf51ba84d0dcbcee2b66ca
4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7fcd6678aa78ad39f48d6809f7ef1a017802410ac79ecacd541519046bdd65c4
831ea6b9ed292f0dff8e2ea6b0d76343d85545feb3b20a8d844c4580577ef79a
8ea98b82eb62795846fed9452c40531d668dd519e29633c196905d6f5af8d846
8f11c5b363fc774001e1173efb4ee9fedeecd255d4978a5107084373cb55b06c
91e9008a809223ca505257c7cb9232b7bf13e7fbf45e3f6dd2cfca538e7141eb
943e6621cddc9572251c8e1609a9bc8789789db3654b647b6fb501812159ae8d
9d2ae89e3c646e02ebed20d3629bc44cb3b5879a52c5009aa6c6383cdd52fc0d
9fea92119021a4c8f50404520b849136128ad029ab8cfec0929d5d6157fd7c6f
d41624e9721619a0dbe00d0fd9c0175a8f97c484aab61117db7246f69b7de9ba
d8c36bc8e278408f7faacaf1d061e4c1c2a15c7ffdc5ec39ccf7a59cb1530ae2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855