urlscan.io logo urlscan.io
SecurityTrails logo

pages.upwork.com Open in urlscan Pro
104.17.74.206  Public Scan

Go To Rescan Add Verdict Report
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzL...
Submission: On June 11 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 6 countries across 27 domains to perform 50 HTTP transactions. The main IP is 104.17.74.206, located in United States and belongs to CLOUDFLARENET, US. The main domain is pages.upwork.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 7th 2020. Valid for: 6 months.
This is the only time pages.upwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 104.17.74.206 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.54.109.230 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.110 54113 (FASTLY)
1 192.28.147.68 53580 (MARKETO)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.186.220.184 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 23.111.9.64 33438 (HIGHWINDS2)
1 54.171.36.70 16509 (AMAZON-02)
3 2600:9000:21f... 16509 (AMAZON-02)
1 52.216.104.125 16509 (AMAZON-02)
1 104.18.90.237 13335 (CLOUDFLAR...)
2 52.72.74.25 14618 (AMAZON-AES)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 151.101.113.2 54113 (FASTLY)
1 54.83.47.222 14618 (AMAZON-AES)
1 4 184.51.8.183 16625 (AKAMAI-AS)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 34.238.223.59 14618 (AMAZON-AES)
1 2 3.248.3.168 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:f48:2000... 47447 (TTM)
1 2a02:6ea0:c71... 60068 (CDN77)
50 29
8    104.17.74.206 (United States)

ASN13335 (CLOUDFLARENET, US)
pages.upwork.com
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    23.54.109.230 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-109-230.deploy.static.akamaitechnologies.com
munchkin.marketo.net
2    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
client.perimeterx.net
1    192.28.147.68 (United States)

ASN53580 (MARKETO, US)
518-rkl-392.mktoresp.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    35.186.220.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com
collector-pxss13u803.px-cloud.net
1    2600:9000:20eb:a400:1f:ec2d:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
tag.measured.com
1    2600:9000:20eb:0:17:cd1c:2b40:21 (United States)

ASN16509 (AMAZON-02, US)
d1x0kujlhuud9p.cloudfront.net
1    23.111.9.64 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
scout-cdn.salesloft.com
1    54.171.36.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-36-70.eu-west-1.compute.amazonaws.com
resources.xg4ken.com
3    2600:9000:21f3:7200:a:6e64:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.schemaapp.com
1    52.216.104.125 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    104.18.90.237 (United States)

ASN13335 (CLOUDFLARENET, US)
shasta-collector-production.upwork.com
2    52.72.74.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-74-25.compute-1.amazonaws.com
scout.salesloft.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a02:26f0:10c:382::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
1    151.101.113.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
a.quora.com
1    54.83.47.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-47-222.compute-1.amazonaws.com
r.atp.io
4    184.51.8.183 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-8-183.deploy.static.akamaitechnologies.com
s.adroll.com
2    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    34.238.223.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-223-59.compute-1.amazonaws.com
q.quora.com
2    3.248.3.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-3-168.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org
d.adroll.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)
cl.qualaroo.com
1    2a02:6ea0:c710::2 (Germany)

ASN60068 (CDN77, GB)
dntcl.qualaroo.com
Domain Requested by
8 pages.upwork.com pages.upwork.com
4 s.adroll.com 1 redirects tag.measured.com
s.adroll.com
4 www.google-analytics.com 1 redirects www.googletagmanager.com
pages.upwork.com
3 connect.facebook.net tag.measured.com
connect.facebook.net
3 cdn.schemaapp.com pages.upwork.com
cdn.schemaapp.com
2 www.facebook.com
2 px.ads.linkedin.com 1 redirects
2 scout.salesloft.com scout-cdn.salesloft.com
2 collector-pxss13u803.px-cloud.net client.perimeterx.net
2 www.google.de pages.upwork.com
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 www.googletagmanager.com pages.upwork.com
tag.measured.com
2 munchkin.marketo.net pages.upwork.com
munchkin.marketo.net
1 dntcl.qualaroo.com cl.qualaroo.com
1 cl.qualaroo.com s3.amazonaws.com
1 d.adroll.com
1 d.adroll.mgr.consensu.org 1 redirects
1 q.quora.com
1 www.linkedin.com 1 redirects
1 r.atp.io tag.measured.com
1 a.quora.com tag.measured.com
1 snap.licdn.com tag.measured.com
1 shasta-collector-production.upwork.com d1x0kujlhuud9p.cloudfront.net
1 s3.amazonaws.com pages.upwork.com
1 resources.xg4ken.com pages.upwork.com
1 scout-cdn.salesloft.com pages.upwork.com
1 d1x0kujlhuud9p.cloudfront.net pages.upwork.com
1 tag.measured.com pages.upwork.com
1 518-rkl-392.mktoresp.com munchkin.marketo.net
1 client.perimeterx.net pages.upwork.com
1 ajax.googleapis.com pages.upwork.com
0 px.airpr.com Failed pages.upwork.com
50 33

This site contains links to these domains. Also see Links.

Domain
www.upwork.com
Subject Issuer Validity Valid
pages.upwork.com
CloudFlare Inc ECC CA-2		 2020-04-07 -
2020-10-09		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2020-03-14 -
2021-04-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-29 -
2021-05-07		 a year crt.sh
*.mktoresp.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2022-01-21		 2 years crt.sh
www.google.de
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.px-cloud.net
Let's Encrypt Authority X3		 2020-05-26 -
2020-08-24		 3 months crt.sh
api.measured.com
Amazon		 2019-05-16 -
2020-06-16		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
salesloft.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-23 -
2021-03-23		 a year crt.sh
*.xg4ken.com
Go Daddy Secure Certificate Authority - G2		 2017-12-17 -
2020-12-17		 3 years crt.sh
cdn.schemaapp.com
Amazon		 2020-01-14 -
2021-02-14		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-02		 a year crt.sh
*.upwork.com
DigiCert SHA2 High Assurance Server CA		 2020-03-24 -
2022-05-04		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
quora.com
Let's Encrypt Authority X3		 2020-05-31 -
2020-08-29		 3 months crt.sh
*.atp.io
Starfield Secure Certificate Authority - G2		 2019-12-15 -
2021-01-13		 a year crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA		 2020-01-29 -
2021-04-29		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-03-04 -
2020-09-04		 6 months crt.sh
*.quora.com
Let's Encrypt Authority X3		 2020-05-31 -
2020-08-29		 3 months crt.sh
adroll.mgr.consensu.org
Amazon		 2019-11-06 -
2020-12-06		 a year crt.sh
cl.qualaroo.com
Let's Encrypt Authority X3		 2020-06-08 -
2020-09-06		 3 months crt.sh
dntcl.qualaroo.com
Let's Encrypt Authority X3		 2020-05-19 -
2020-08-17		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Frame ID: 928B4844DD743D3A606DCB8E5DB6A452
Requests: 48 HTTP requests in this frame

Frame: https://r.atp.io/317/840/html?c=12;rmc_config_version=v1;rmc_segid=74;cohort_type=test;v_pixels=facebook,adroll,linkedin,quora,youtube;cohort=allVendors;ga_uid=GA1.2.1252816610.1591903511;cust_id=;rmc_event_category=PageView;event_name=Marketplace%20Lead%20Conversion;semantic_seg=%2FUnsubscribePage.html;order_id=;order_skus=;order_units=;hashed_id=;hash_algo=;revenue=;order_value=;shipping=;tax=;discount=;currency=USD;new_cust=;optout=none;doe_id=5bqhstj;
Frame ID: 7CBEBE358729BBE2B2B4C95DBB4F92F4
Requests: 1 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: DE66BE01C4CE050D099E68B46971DDF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/(?:([\d.])+\/)?highlight(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

50
Requests

98 %
HTTPS

52 %
IPv6

27
Domains

33
Subdomains

29
IPs

6
Countries

581 kB
Transfer

1871 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1439013979&gjid=1054153789&_gid=266378290.1591903511&_u=YGBAgEAB~&z=761328781 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1439013979&_v=j82&z=761328781 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1439013979&_v=j82&z=761328781&slf_rd=1&random=3599113873
Request Chain 37
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63814&url=https%3A%2F%2Fpages.upwork.com%2FUnsubscribePage.html%3Fmkt_unsubscribe%3D1&time=1591903511098 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D63814%26url%3Dhttps%253A%252F%252Fpages.upwork.com%252FUnsubscribePage.html%253Fmkt_unsubscribe%253D1%26time%3D1591903511098%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63814&url=https%3A%2F%2Fpages.upwork.com%2FUnsubscribePage.html%3Fmkt_unsubscribe%3D1&time=1591903511098&liSync=true
Request Chain 40
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1978298208&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpages.upwork.com%2FUnsubscribePage.html%3Fmkt_unsubscribe%3D1&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=measured_page_view&_u=6GDAAUAB~&jid=1827902945&gjid=398026028&cid=1252816610.1591903511&tid=UA-62227314-1&_gid=266378290.1591903511&_r=1&gtm=2ou640&cd109=allVendors&z=1266027656 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1827902945&_gid=266378290.1591903511&gjid=398026028&_v=j82&z=1266027656 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1827902945&_v=j82&z=1266027656 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1827902945&_v=j82&z=1266027656&slf_rd=1&random=664555760
Request Chain 41
  • https://s.adroll.com/j/exp/PHNABX2CBBCZFESWFER7IX/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 43
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/PHNABX2CBBCZFESWFER7IX?_s=1562454699c8c54b4912b5fb72569c27&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/PHNABX2CBBCZFESWFER7IX/?_s=1562454699c8c54b4912b5fb72569c27&_b=2

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request UnsubscribePage.html
pages.upwork.com/ 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
760fa0c7bcfb100f9728e6eee05ac87a687e74d2c2843707b0acf633d8502b1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
pages.upwork.com
:scheme
https
:path
/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 11 Jun 2020 19:25:08 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d7156572b86e95a5fb0264749ecd317481591903507; expires=Sat, 11-Jul-20 19:25:07 GMT; path=/; domain=.pages.upwork.com; HttpOnly; SameSite=Lax BIGipServersj09web-nginx-app_https=!4sJaMpaLmbiygjPInuzRy4alk/3R/tS7Si8aQIbe4hRxQXVi/AHMBCyW0AP6DpSZClinJft3x6dVdQ==;Path=/;Version=1;Secure;Httponly __cf_bm=759b1dc063c3f2472aba126e1ec90d454d28c031-1591903508-1800-ARst4hOqOEQgg8c9BmRQH5i98aJ3E996bqxpR4gpc+htkJscSCX1p4B2oHooeoObivruwrmZ6KRFteDclepPAWQ=; path=/; expires=Thu, 11-Jun-20 19:55:08 GMT; domain=.pages.upwork.com; HttpOnly; Secure; SameSite=None
p3p
CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
vary
*,Accept-Encoding
x-content-type-options
nosniff
x-cache-status
BYPASS
x-mkto-nginx-cache
false
cf-cache-status
DYNAMIC
cf-request-id
034670ed5b0000f1521e052200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5a1db75bcf37f152-ARN
content-encoding
gzip
mktLPSupportCompat.css
pages.upwork.com/css/ 		2 KB
838 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pages.upwork.com/css/mktLPSupportCompat.css
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc27845c4ba2580588d37b6d48939e7b833faeefa237e927860054226a0ad6f9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
content-length
635
cf-request-id
034670ef420000f1521e065200000001
last-modified
Wed, 27 May 2020 19:45:40 GMT
server
cloudflare
etag
"400d6a-633-5a6a674eca100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
5a1db75edbf4f152-ARN
expires
Thu, 11 Jun 2020 23:25:08 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 03:28:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230194
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jun 2021 03:28:34 GMT
16-0301_r1_Logo-for-Marketo.png
pages.upwork.com/rs/518-RKL-392/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pages.upwork.com/rs/518-RKL-392/images/16-0301_r1_Logo-for-Marketo.png
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
181fbd14787492c52074e1e236f7d7bc96c3b53d8b27bd917078dc953e289d42
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:08 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200
content-length
2607
cf-request-id
034670f0410000f1521e06e200000001
last-modified
Sat, 06 Jun 2020 10:40:16 GMT
server
cloudflare
etag
"480817-a2f-5a76800d9a606"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
5a1db7606e49f152-ARN
expires
Thu, 11 Jun 2020 19:26:08 GMT
forms2.min.js
pages.upwork.com/js/forms2/js/ 		203 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pages.upwork.com/js/forms2/js/forms2.min.js
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30b92b1d67692c95ef6d322b21cb9e0c2f7d5a4c68c05b4e3e3e87489ec41309
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Sat, 06 Jun 2020 06:45:56 GMT
server
cloudflare
etag
"4c2ded-32dcc-5a764bacea8c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=14400
cf-ray
5a1db75efc15f152-ARN
cf-request-id
034670ef560000f1521e067200000001
expires
Thu, 11 Jun 2020 23:25:09 GMT
munchkin.js
munchkin.marketo.net// 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net//munchkin.js
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.109.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-109-230.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c7d7214a0b940c1ffcbd64689a576c5847b42e886da3ad9ea45bc4cda214bac8

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 19:25:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 02:45:45 GMT
Server
Apache
ETag
"aa520b8aca3502dbdbf62462e6f4be67:1585881945"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
751
stripmkttok.js
pages.upwork.com/js/ 		2 KB
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pages.upwork.com/js/stripmkttok.js
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200
content-length
678
cf-request-id
034670f03f0000f1521e06d200000001
last-modified
Wed, 27 May 2020 19:45:35 GMT
server
cloudflare
etag
"400bac-602-5a6a674a055c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
5a1db7606e44f152-ARN
expires
Thu, 11 Jun 2020 23:25:09 GMT
header_gradient.png
pages.upwork.com/rs/elance/images/ 		162 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pages.upwork.com/rs/elance/images/header_gradient.png
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11303188d00e23bb0934a567756bc273d3f18f8c996bd70d36bb1865987a10c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:08 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
content-length
162
cf-request-id
034670f0420000f1521e06f200000001
last-modified
Sat, 06 Jun 2020 10:40:16 GMT
server
cloudflare
etag
"480818-a2-5a76800dc5584"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
5a1db7606e4af152-ARN
expires
Thu, 11 Jun 2020 19:26:08 GMT
forms2.css
pages.upwork.com/js/forms2/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pages.upwork.com/js/forms2/css/forms2.css
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
397d07fbfb19b6ac538d7b8bcdf5ebf7be881c9f9ad3982278d9d4f3a02c160b
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200
vary
Accept-Encoding
content-length
2610
cf-request-id
034670f7da0000f1521e0fa200000001
last-modified
Wed, 27 May 2020 19:45:35 GMT
server
cloudflare
etag
"4c2cbc-33f8-5a6a674a055c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
5a1db76c9d35f152-ARN
expires
Thu, 11 Jun 2020 23:25:10 GMT
forms2-theme-simple.css
pages.upwork.com/js/forms2/css/ 		826 B
397 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pages.upwork.com/js/forms2/css/forms2-theme-simple.css
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200
content-length
242
cf-request-id
034670f7db0000f1521e0fb200000001
last-modified
Wed, 27 May 2020 19:45:35 GMT
server
cloudflare
etag
"4c2cb8-33a-5a6a674a055c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
5a1db76c9d38f152-ARN
expires
Thu, 11 Jun 2020 23:25:10 GMT
gtm.js
www.googletagmanager.com/ 		218 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K7572X
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b1d5ebbb12ad12df8b7a82bd7267274561343fbcf2dcf1f44d7f9a4c83a2798
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:10 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59740
x-xss-protection
0
last-modified
Thu, 11 Jun 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Jun 2020 19:25:10 GMT
munchkin.js
munchkin.marketo.net/158/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/158/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.109.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-109-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5f967fd41346c0fc1b9b44fa69c52bf1e754420c59c8017cefb0a14a764cafa4

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 19:25:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Jan 2020 03:01:21 GMT
Server
AkamaiNetStorage
ETag
"67df7eb9e9e68638308f14367dddec10:1580180481"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4686
Expires
Sat, 19 Sep 2020 19:25:10 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7572X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
2732
date
Thu, 11 Jun 2020 18:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Thu, 11 Jun 2020 20:39:38 GMT
main.min.js
client.perimeterx.net/PXSs13U803/ 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.perimeterx.net/PXSs13U803/main.min.js
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0a8c50dc13503b6425117335603ce3fa01251a8db513c8bf58b9a009ab342ccd

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:10 GMT
content-encoding
gzip
age
245
x-cache
HIT
status
200
content-length
29573
x-served-by
cache-hhn4068-HHN
access-control-allow-origin
*
x-timer
S1591903511.626755,VS0,VE1
etag
W/"13ca1-T6Ei9kTL4AVBHse//c+2CofWgrU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=600
accept-ranges
bytes
x-cache-hits
1
visitWebPage
518-rkl-392.mktoresp.com/webevents/ 		45 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://518-rkl-392.mktoresp.com/webevents/visitWebPage?_mchNc=1591903510605&_mchCn=UnsubscribePage&_mchId=518-RKL-392&_mchTk=_mch-upwork.com-1591903510604-23664&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e&_mchWs=j1RR&_mchHo=pages.upwork.com&_mchPo=&_mchRu=%2FUnsubscribePage.html&_mchPc=https%3A&_mchVr=158&_mchEcid=&_mchHa=&_mchRe=&_mchQp=mkt_unsubscribe%3D1__-__mkt_tok%3DeyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/158/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.147.68 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
957966549097c4e369bd1e2558aeb5510000ee20106f7fe5048ba0c75e92c340

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 Jun 2020 19:25:11 GMT
Content-Encoding
gzip
Server
akka-http/10.1.11
Transfer-Encoding
chunked
X-Request-Id
d6eaae12-7263-47da-9eda-3e63a9187b46
Content-Type
application/json
collect
www.google-analytics.com/ 		35 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=1978298208&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwork.com%2FUnsubscribePage.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DeyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1439013979&gjid=1054153789&cid=1252816610.1591903511&tid=UA-62227314-1&_gid=266378290.1591903511&gtm=2wg640K7572X&cd2=normal&cd21=false&cd27=false&cd41=GTM-K7572X&cd69=https%3A%2F%2Fpages.upwork.com%2FUnsubscribePage.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DeyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e&cd106=Upwork%20UA&cd115=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&z=409824587
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jun 2020 18:39:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
89127
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1439013979&gjid=1054153789&_gid=266378290.1591903511&_u=YGBAgEAB~&z=761328781
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1439013979&_v=j82&z=761328781
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1439013979&_v=j82&z=761328781&slf_rd=1&random=3599113873
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1439013979&_v=j82&z=761328781&slf_rd=1&random=3599113873
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 19:25:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jun 2020 19:25:10 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1439013979&_v=j82&z=761328781&slf_rd=1&random=3599113873
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collector
collector-pxss13u803.px-cloud.net/api/v2/ 		626 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxss13u803.px-cloud.net/api/v2/collector
Requested by
Host: client.perimeterx.net
URL: https://client.perimeterx.net/PXSs13U803/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e1e95f9149551865cc44ea2a56a9b7b670f2f4ce40d53977b6dffadafcb67cc5

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 11 Jun 2020 19:25:10 GMT
via
1.1 google
status
200
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pages.upwork.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
clear
content-length
626
mejord-gear.js
tag.measured.com/10014/5bqhstj/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.measured.com/10014/5bqhstj/mejord-gear.js
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:a400:1f:ec2d:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e660632ed7018b507eab65fb3e9a7365281117671a8bf78a8d453c51b944f98d

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 18:20:55 GMT
content-encoding
gzip
last-modified
Thu, 28 May 2020 05:52:54 GMT
server
AmazonS3
age
3856
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public,max-age=7200
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
-d_mj3T4XyrKyA7vsvWgY_S3T0DlmWAmljOHlFoLxVpItckWUZ32_w==
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
6wbLCwJ51XyBMi45LjA.js
d1x0kujlhuud9p.cloudfront.net/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1x0kujlhuud9p.cloudfront.net/6wbLCwJ51XyBMi45LjA.js
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:0:17:cd1c:2b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 May 2020 14:59:53 GMT
content-encoding
gzip
last-modified
Mon, 05 Mar 2018 12:36:34 GMT
server
AmazonS3
age
2089518
etag
"ca3734b973941d7734d9116b823f868b"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
25747
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
x-amz-cf-id
aQLauFfqV5RC0WjcLFt2Po5dQsUmX5OaMOJ5U5L24q8l46c3GW7ZGg==
sl.js
scout-cdn.salesloft.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scout-cdn.salesloft.com/sl.js
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
a959317813b70f3a91aceafa835bee05b1cf81ca27f7d2b7acbaed4a9c7a8762

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:10 GMT
content-encoding
gzip
last-modified
Mon, 27 Apr 2020 18:38:20 GMT
server
NetDNA-cache/2.2
x-amz-request-id
D238551A7A659272
etag
W/"f39a9ee69f7c11a788f004f2b71ace38"
x-cache
HIT
content-type
application/javascript
status
200
x-amz-id-2
eTH0mWnvcYv4DdvHTx/SpSPYx0cllA7jMNGzVJs6Fa8HlW/1Ta3IpdFJOl+3BdWMGwgJRL/jlYM=
ktag.js
resources.xg4ken.com/js/v2/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N3486-3EB
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.36.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-36-70.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9197f9c192a78eb54f884fee2ccadfb40c79d875bc8befd1d394b342cd1e5f19
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 19:25:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 May 2020 07:04:37 GMT
Server
nginx
ETag
"5ec4d685-1110"
Content-Type
text/plain
Cache-Control
max-age=86400, public
Connection
keep-alive
Content-Length
4368
X-XSS-Protection
1; mode=block
Expires
Fri, 12 Jun 2020 19:25:11 GMT
airpr.js
px.airpr.com/ 		0
0
highlight.js
cdn.schemaapp.com/javascript/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.schemaapp.com/javascript/highlight.js
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:7200:a:6e64:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0acb0607d3709fbb57030735de985fa0735a27d1d00a7c4f25b1dc0fe1ed0b5

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 16:33:05 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 16:32:10 GMT
server
AmazonS3
age
96726
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
z6d3IW_.kJFz25NHgR9xdS5ObMpLqQyd
status
200
cache-control
max-age=699840
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
gB5DTWz0ZEXBrmRS6gXjC2fDRbPKVEy6QsCbegKIOjrJxd8cQSKJNQ==
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
schemaFunctions.min.js
cdn.schemaapp.com/javascript/ 		1 KB
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.schemaapp.com/javascript/schemaFunctions.min.js
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:7200:a:6e64:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
982357fbcaf9af40084f17d294e6a7340fc070d463a22eafc6b37ce39b7ae7c9

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
y6Ru4EdhvnYyTQf2ylwpDNXAbt_0E9TZ
content-encoding
gzip
last-modified
Sat, 09 May 2020 19:37:39 GMT
server
AmazonS3
age
2817
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
date
Thu, 11 Jun 2020 18:38:14 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
xhhvL0M7tioghoHegVvefbIDjPLNiyNJihSaAuX76MUV2pdXErlMmg==
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
dsG.js
s3.amazonaws.com/ki.js/58403/ 		376 B
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/ki.js/58403/dsG.js
Requested by
Host: pages.upwork.com
URL: https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1&mkt_tok=eyJpIjoiTm1Ka00yTTFPRFEyT0RoayIsInQiOiJJVkkzSUZzLzFEVkZUYU80RGx3cjNjaFhic0dVSTQzS2VEbEFlWkxVZzh3TWdVTFdPQ3YwalFKUHpOZGZKNFowOFVjdFNnK0VkS0F5bnoycDdudEx0WHMzdWpsTFJzcFV1RDZvZU8yVjZPWDNZRzBWUUdkeU1LRGJyZnFJdmpEaSJ9e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.104.125 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9469a71143cdfcd8a9288adcf1411416ce06301299b399c6d6933ed1e3b43524

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 19:25:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 May 2019 11:08:34 GMT
Server
AmazonS3
x-amz-request-id
6CFDF91EB26084AB
ETag
"fb58e30e8b921c87701cf96fbe2d5ec1"
Content-Type
application/ecmascript
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Length
293
x-amz-id-2
Gdfd69alXzEJDIgWW6NmYfOPJZ5CR40u5t07p4ngRS2kI2K/F0Kb0a/vPyRvMiE86UDkK2jsn/c=
tp2
shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/ 		2 B
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shasta-collector-production.upwork.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d1x0kujlhuud9p.cloudfront.net
URL: https://d1x0kujlhuud9p.cloudfront.net/6wbLCwJ51XyBMi45LjA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.90.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 11 Jun 2020 19:25:12 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://pages.upwork.com
access-control-allow-credentials
true
cf-ray
5a1db7752c5e0000-ARN
content-type
text/plain; charset=UTF-8
content-length
2
cf-request-id
034670fd390001006fb91aa200000001
aHR0cHM6Ly9wYWdlcy51cHdvcmsuY29t
cdn.schemaapp.com/highlighter/prod/ 		2 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.schemaapp.com/highlighter/prod/aHR0cHM6Ly9wYWdlcy51cHdvcmsuY29t
Requested by
Host: cdn.schemaapp.com
URL: https://cdn.schemaapp.com/javascript/highlight.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:7200:a:6e64:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:12 GMT
via
1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
vary
Origin
x-amz-cf-pop
FRA2-C2
x-cache
Error from cloudfront
status
200
content-length
2
last-modified
Tue, 11 Dec 2018 16:01:38 GMT
server
AmazonS3
etag
"99914b932bd37a50b983c5e7c90ae93b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
4FsmemwQuur.Z0jxvea6XGJagB0M87fi
access-control-allow-origin
*
accept-ranges
bytes
content-type
application/json
x-amz-cf-id
0o-PnrmSuDe7Kf86TFnI2wUgXMCt9qXGLt4jLpZDqXGw6xSyYrwqaQ==
r
scout.salesloft.com/ 		41 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjozMDk2fQ.BsfZd9FA7ndRxoKRZV0P8jsjhkfNWUxriGIwiuBlhYQ
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:10 GMT
status
200
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pages.upwork.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
41
x-request-id
7f8a37cd1fa50ebc6b093f3b2944ee03
fbevents.js
connect.facebook.net/en_US/ 		131 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tag.measured.com
URL: https://tag.measured.com/10014/5bqhstj/mejord-gear.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
yEbC0eDNuN3eK4DhyoTSGUaMMYkJyq6BCSnXwkSfs7KNJhzL5G2CCxmi0SbGKi2JkCVog/ZZbhKJQYllLYbsSQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 11 Jun 2020 19:25:10 GMT, Thu, 11 Jun 2020 19:25:10 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tag.measured.com
URL: https://tag.measured.com/10014/5bqhstj/mejord-gear.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 19:25:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=36932
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
qevents.js
a.quora.com/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.quora.com/qevents.js
Requested by
Host: tag.measured.com
URL: https://tag.measured.com/10014/5bqhstj/mejord-gear.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding
gzip
etag
"f32ebb1e93a72c0a57add6d07f688510"
age
69
x-cache
HIT, HIT
status
200
content-length
13681
x-amz-id-2
K1SyPArjmmUuBYMBJZiEvS5oTKaKN2xLCNyyU4zd5povxmAzLyIs+46s5+HNLpJRiObgrD9RrZw=
x-served-by
cache-bwi5134-BWI, cache-hhn4080-HHN
last-modified
Fri, 25 Oct 2019 19:28:38 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer
S1591903511.965833,VS0,VE0
date
Thu, 11 Jun 2020 19:25:10 GMT
vary
Accept-Encoding
x-amz-request-id
8EC87ACA11A1B43A
via
1.1 varnish, 1.1 varnish
cache-control
max-age=7200
accept-ranges
bytes
content-type
text/plain
x-cache-hits
2, 35
js
www.googletagmanager.com/gtag/ 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-62227314-1
Requested by
Host: tag.measured.com
URL: https://tag.measured.com/10014/5bqhstj/mejord-gear.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03a5a544ecaa02f4ab6e0745e1f79d8890f1af4f60d54de439d7e484f77cc7d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:10 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33219
x-xss-protection
0
last-modified
Thu, 11 Jun 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Jun 2020 19:25:10 GMT
html
r.atp.io/317/840/ Frame 7CBE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://r.atp.io/317/840/html?c=12;rmc_config_version=v1;rmc_segid=74;cohort_type=test;v_pixels=facebook,adroll,linkedin,quora,youtube;cohort=allVendors;ga_uid=GA1.2.1252816610.1591903511;cust_id=;rmc_event_category=PageView;event_name=Marketplace%20Lead%20Conversion;semantic_seg=%2FUnsubscribePage.html;order_id=;order_skus=;order_units=;hashed_id=;hash_algo=;revenue=;order_value=;shipping=;tax=;discount=;currency=USD;new_cust=;optout=none;doe_id=5bqhstj;
Requested by
Host: tag.measured.com
URL: https://tag.measured.com/10014/5bqhstj/mejord-gear.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.47.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-47-222.compute-1.amazonaws.com
Software
nginx/1.17.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

:method
GET
:authority
r.atp.io
:scheme
https
:path
/317/840/html?c=12;rmc_config_version=v1;rmc_segid=74;cohort_type=test;v_pixels=facebook,adroll,linkedin,quora,youtube;cohort=allVendors;ga_uid=GA1.2.1252816610.1591903511;cust_id=;rmc_event_category=PageView;event_name=Marketplace%20Lead%20Conversion;semantic_seg=%2FUnsubscribePage.html;order_id=;order_skus=;order_units=;hashed_id=;hash_algo=;revenue=;order_value=;shipping=;tax=;discount=;currency=USD;new_cust=;optout=none;doe_id=5bqhstj;
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1

Response headers

status
200
server
nginx/1.17.0
date
Thu, 11 Jun 2020 19:25:11 GMT
content-type
text/html; charset=UTF-8
set-cookie
atp_aser=449ce3de-ac19-11ea-b587-39eff0ac8e0a; expires=Fri, 11-Jun-2021 19:25:11 GMT; Max-Age=31536000; path=/; domain=.atp.io; SameSite=None; Secure
cache-control
no-cache, must-revalidate
expires
Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
roundtrip.js
s.adroll.com/j/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: tag.measured.com
URL: https://tag.measured.com/10014/5bqhstj/mejord-gear.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.8.183 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-8-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0b5b4a374d6dfb06f111c288ba9042d5c4e1305b3da110bea8116f3090bce2e5

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
ehJgGpzGzAbK8GzMvrCmhGB9QIvRjX3O
Content-Encoding
gzip
ETag
"493863a9069eb4663881ed7b590bc370"
x-amz-request-id
B49486DEEB498ED1
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
11133
x-amz-id-2
gg+gOV6/QXWRr7fvsYHAMlAhaKbktvKLVt0yWS7Tv1haYqRmKjpmMXV3GKgt9n+aGeucvgmCLGg=
Last-Modified
Tue, 02 Jun 2020 21:58:20 GMT
Server
AmazonS3
Date
Thu, 11 Jun 2020 19:25:11 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
i
scout.salesloft.com/ 		48 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/i
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
beaa5dccfaf66237bcfff922bc798f293e9c28302b4771293955bd9486e783fb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:11 GMT
status
200
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pages.upwork.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
48
x-request-id
398415d5489fe17828016951a3dd4583
identity.js
connect.facebook.net/signals/plugins/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.18
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d2be7803ce22ea4563d3577bf0d5bfa8de3e85a754cf233a65b8cd34a156807c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
10701
x-xss-protection
0
pragma
public
x-fb-debug
/eKFDXoJPsws6hLFTBb+hj6XBjZ/Voz03ohb7he2bVmlyhcahnyPahr3m3F34XmgHGqzsIIIPtnzi453LkISKg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 11 Jun 2020 19:25:11 GMT, Thu, 11 Jun 2020 19:25:11 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
816554411748126
connect.facebook.net/signals/config/ 		517 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/816554411748126?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b8e50fd9df04b18ffcfbfb0f46e05185a781bcdce5ce23205f3adce7473c2f0d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
131767
x-xss-protection
0
pragma
public
x-fb-debug
VWOMVSrcl9tn892sFkkBoVA+3s1M1gzQJojSYzSoZGOKa10Rne3xGmFfvOpwogL2GyHpNEAHcG7DQTJsdtXKtg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 11 Jun 2020 19:25:11 GMT, Thu, 11 Jun 2020 19:25:11 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63814&url=https%3A%2F%2Fpages.upwork.com%2FUnsubscribePage.html%3Fmkt_unsubscribe%3D1&time=1591903511098
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D63814%26url%3Dhttps%253A%252F%252Fpages.upwork.com%252FUnsubscribePage.html%253Fm...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63814&url=https%3A%2F%2Fpages.upwork.com%2FUnsubscribePage.html%3Fmkt_unsubscribe%3D1&time=1591903511098&liSync=true
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63814&url=https%3A%2F%2Fpages.upwork.com%2FUnsubscribePage.html%3Fmkt_unsubscribe%3D1&time=1591903511098&liSync=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:11 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
rJnuMc+TFxaQmJqVKCsAAA==

Redirect headers

strict-transport-security
max-age=2592000
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action
1
status
302
content-length
0
x-li-uuid
bpGALM+TFxbQUXMnQSsAAA==
pragma
no-cache
x-li-pop
afd-prod-edc2
x-msedge-ref
Ref A: 4526EE1CC66F4073A4F75C847BE97919 Ref B: FRAEDGE0912 Ref C: 2020-06-11T19:25:11Z
date
Thu, 11 Jun 2020 19:25:10 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=63814&url=https%3A%2F%2Fpages.upwork.com%2FUnsubscribePage.html%3Fmkt_unsubscribe%3D1&time=1591903511098&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
q.quora.com/_/ad/82de7146d5c84e3489aeb7b3c62256a3/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/82de7146d5c84e3489aeb7b3c62256a3/pixel?j=1&u=https%3A%2F%2Fpages.upwork.com%2FUnsubscribePage.html%3Fmkt_unsubscribe%3D1&tag=ViewContent&ts=1591903511127
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.223.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-223-59.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 19:25:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Q-Stat
,90dc645e9bd8bfba762eeaeeba0408f5,10.0.0.200,54464,165.231.142.36,,16509292830,1,1591903511.200,0.001,,.,0,0,0.000,0.000,-,0,0,197,163,81,10,26847,,,,,,-,
Content-Type
image/gif
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62227314-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
2733
date
Thu, 11 Jun 2020 18:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Thu, 11 Jun 2020 20:39:38 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1978298208&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpages.upwork.com%2FUnsubscribePage.html%3Fmkt_unsubscribe%3D1&ul=en-us&de=UTF-8&sd=24-bit&sr=16...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1827902945&_gid=266378290.1591903511&gjid=398026028&_v=j82&z=1266027656
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1827902945&_v=j82&z=1266027656
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1827902945&_v=j82&z=1266027656&slf_rd=1&random=664555760
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1827902945&_v=j82&z=1266027656&slf_rd=1&random=664555760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 19:25:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jun 2020 19:25:11 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62227314-1&cid=1252816610.1591903511&jid=1827902945&_v=j82&z=1266027656&slf_rd=1&random=664555760
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/PHNABX2CBBCZFESWFER7IX/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.8.183 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-8-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
MvaZYW7xXR9M9hUcWDgUVAWVyUlL21ST
Content-Encoding
gzip
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
63FFDB6A815034E2
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
48
x-amz-id-2
/w04ADn7RWvZepNTExcw5yw+7/Tmr6tKCx80RU4bWu+Hz2olqFblqhFw8oMq0kiAFsgqdhw6YY0=
Last-Modified
Fri, 05 Jun 2020 15:32:25 GMT
Server
AmazonS3
Date
Thu, 11 Jun 2020 19:25:11 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Thu, 11 Jun 2020 19:25:11 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/PHNABX2CBBCZFESWFER7IX/C64OMWDHZNG2NHHTRROLNR/ 		0
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/PHNABX2CBBCZFESWFER7IX/C64OMWDHZNG2NHHTRROLNR/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.8.183 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-8-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
0qW5bdCioGNeEz6ZaVuT0BoYHDbD4IH4
Content-Encoding
gzip
ETag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id
CCFF17323BE2B021
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
x-amz-id-2
5A0TaLB0vL2g7tLEGWKbm4dLUZp+zwmQjZj7BOXtmpVRoFpKor6dLSkFluIb4uSVy8Rg+cjWy7Q=
Last-Modified
Wed, 10 Jun 2020 18:51:02 GMT
Server
AmazonS3
Date
Thu, 11 Jun 2020 19:25:11 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/PHNABX2CBBCZFESWFER7IX/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/PHNABX2CBBCZFESWFER7IX?_s=1562454699c8c54b4912b5fb72569c27&_b=2
  • https://d.adroll.com/consent/check/PHNABX2CBBCZFESWFER7IX/?_s=1562454699c8c54b4912b5fb72569c27&_b=2
132 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/PHNABX2CBBCZFESWFER7IX/?_s=1562454699c8c54b4912b5fb72569c27&_b=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.3.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-3-168.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
d5280d7ccae89a5ac0e22926987022c4e3a346f3f0630c9ed89d19ec12a6b8f6

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 11 Jun 2020 19:25:11 GMT
server
nginx/1.16.1
content-length
132
content-type
application/javascript

Redirect headers

status
302
date
Thu, 11 Jun 2020 19:25:11 GMT
server
nginx/1.16.1
content-length
105
location
https://d.adroll.com/consent/check/PHNABX2CBBCZFESWFER7IX/?_s=1562454699c8c54b4912b5fb72569c27&_b=2
/
www.facebook.com/tr/ 		44 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=816554411748126&ev=PageView&dl=https%3A%2F%2Fpages.upwork.com%2FUnsubscribePage.html%3Fmkt_unsubscribe%3D1&rl=&if=false&ts=1591903511354&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1591903511353.841783073&it=1591903511076&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:11 GMT, Thu, 11 Jun 2020 19:25:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 11 Jun 2020 19:25:11 GMT
dsGqoo.js
cl.qualaroo.com/ki.js/58403/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cl.qualaroo.com/ki.js/58403/dsGqoo.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/ki.js/58403/dsG.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
5f3712ac7607f84f766cd518cf2a5932bb283819b47830c46dbb3240cd4195b1

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:11 GMT
content-encoding
gzip
cdn-edgestorageid
481
x-amz-request-id
617C4D9DBC48AF60
status
200
cdn-cachedat
2020-05-14 12:37:35
cdn-pullzone
92714
content-length
48402
x-amz-id-2
IYgG32zOzFIB5QOv3GRrHjs5IAhQ+fjU1TBCH6EA/nLtRtPGpOqkt5nz0yGnZtOJjUCompXf9lk=
last-modified
Thu, 09 May 2019 11:08:34 GMT
server
BunnyCDN-DE1-481
vary
Accept-Encoding, Accept-Encoding
content-type
application/ecmascript
cdn-cache
HIT
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
cache-control
max-age=3600
cdn-requestid
b18dc43c0987fed743dd57bf963cb964
accept-ranges
bytes
cdn-requestcountrycode
DE
frame.html
dntcl.qualaroo.com/ Frame DE66 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://dntcl.qualaroo.com/frame.html
Requested by
Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/58403/dsGqoo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c710::2 , Germany, ASN60068 (CDN77, GB),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash

Request headers

:method
GET
:authority
dntcl.qualaroo.com
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1

Response headers

status
200
date
Thu, 11 Jun 2020 19:25:11 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-487
cdn-pullzone
99568
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
cdn-requestcountrycode
DE
cdn-edgestorageid
487
last-modified
Fri, 06 Dec 2019 12:46:59 GMT
cache-control
public, max-age=604800
cdn-cachedat
2020-01-18 10:28:16
cdn-requestid
e0200c691f875d1a0f04d459ee40d03c
cdn-cache
HIT
content-encoding
gzip
collector
collector-pxss13u803.px-cloud.net/api/v2/ 		370 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxss13u803.px-cloud.net/api/v2/collector
Requested by
Host: client.perimeterx.net
URL: https://client.perimeterx.net/PXSs13U803/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
f8418ac5b1d9390017a7551f4b61d7de5ff3b81f124ac13c6881cd8a76cc0a41

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 11 Jun 2020 19:25:11 GMT
via
1.1 google
status
200
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pages.upwork.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
clear
content-length
370
/
www.facebook.com/tr/ 		44 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=816554411748126&ev=Microdata&dl=https%3A%2F%2Fpages.upwork.com%2FUnsubscribePage.html%3Fmkt_unsubscribe%3D1&rl=&if=false&ts=1591903512860&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1591903512859.669599471&it=1591903511076&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pages.upwork.com/UnsubscribePage.html?mkt_unsubscribe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 19:25:12 GMT, Thu, 11 Jun 2020 19:25:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 11 Jun 2020 19:25:12 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
px.airpr.com
URL
https://px.airpr.com/airpr.js

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| mktoPreFillFields undefined| $ function| jQuery function| $jQ object| MktoForms2 object| dataLayer function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| google_tag_manager function| postscribe object| google_tag_data function| mejord function| _mejord string| GoogleAnalyticsObject function| ga string| _pxAppId object| GlobalSnowplowNamespace function| snowplow object| MunchkinTracker object| gaplugins object| gaGlobal object| gaData object| PXSs13U803 object| PX undefined| _Ss13U803handler object| jQuery1124008836374737283226 string| __mktTokVal object| _kiq string| SLScoutObject function| slscout function| ktag object| _airpr object| eventParams object| Snowplow object| schema_highlighter function| schemaLoad function| fbq function| _fbq object| _linkedin_data_partner_ids function| qp function| gtag string| adroll_adv_id string| adroll_pix_id object| adroll_custom_data boolean| __adroll_loaded function| lintrk boolean| _already_called_lintrk object| qevents string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| Ktag_Constants object| Ktag_Toggles object| Ktag_Amp_Helpers object| Ktag_Helpers object| Ktag_Functions function| setup object| KI boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country object| adroll_exp_list

8 Cookies

Domain/Path Name / Value
.upwork.com/ Name: _dc_gtm_UA-62227314-1
Value: 1
.upwork.com/ Name: _gid
Value: GA1.2.266378290.1591903511
.upwork.com/ Name: _mkto_trk
Value: id:518-RKL-392&token:_mch-upwork.com-1591903510604-23664
.upwork.com/ Name: _ga
Value: GA1.2.1252816610.1591903511
.pages.upwork.com/ Name: __cf_bm
Value: 759b1dc063c3f2472aba126e1ec90d454d28c031-1591903508-1800-ARst4hOqOEQgg8c9BmRQH5i98aJ3E996bqxpR4gpc+htkJscSCX1p4B2oHooeoObivruwrmZ6KRFteDclepPAWQ=
pages.upwork.com/ Name: BIGipServersj09web-nginx-app_https
Value: !4sJaMpaLmbiygjPInuzRy4alk/3R/tS7Si8aQIbe4hRxQXVi/AHMBCyW0AP6DpSZClinJft3x6dVdQ==
.upwork.com/ Name: _gcl_au
Value: 1.1.462564057.1591903511
.pages.upwork.com/ Name: __cfduid
Value: d7156572b86e95a5fb0264749ecd317481591903507

1 Console Messages

Source Level URL
Text
console-api debug URL: https://munchkin.marketo.net/158/munchkin.js(Line 22)
Message:
Munchkin.init("%s") options: 518-RKL-392 [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

518-rkl-392.mktoresp.com
a.quora.com
ajax.googleapis.com
cdn.schemaapp.com
cl.qualaroo.com
client.perimeterx.net
collector-pxss13u803.px-cloud.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
d1x0kujlhuud9p.cloudfront.net
dntcl.qualaroo.com
munchkin.marketo.net
pages.upwork.com
px.ads.linkedin.com
px.airpr.com
q.quora.com
r.atp.io
resources.xg4ken.com
s.adroll.com
s3.amazonaws.com
scout-cdn.salesloft.com
scout.salesloft.com
shasta-collector-production.upwork.com
snap.licdn.com
stats.g.doubleclick.net
tag.measured.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
px.airpr.com
104.17.74.206
104.18.90.237
151.101.113.2
151.101.114.110
184.51.8.183
192.28.147.68
23.111.9.64
23.54.109.230
2600:9000:20eb:0:17:cd1c:2b40:21
2600:9000:20eb:a400:1f:ec2d:8a40:93a1
2600:9000:21f3:7200:a:6e64:b280:93a1
2620:1ec:21::14
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:815::2004
2a00:1450:4001:815::200a
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9d
2a00:f48:2000:1023::3
2a02:26f0:10c:382::25ea
2a02:6ea0:c710::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
3.248.3.168
34.238.223.59
35.186.220.184
52.216.104.125
52.72.74.25
54.171.36.70
54.83.47.222
03a5a544ecaa02f4ab6e0745e1f79d8890f1af4f60d54de439d7e484f77cc7d6
0a8c50dc13503b6425117335603ce3fa01251a8db513c8bf58b9a009ab342ccd
0b5b4a374d6dfb06f111c288ba9042d5c4e1305b3da110bea8116f3090bce2e5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11303188d00e23bb0934a567756bc273d3f18f8c996bd70d36bb1865987a10c3
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
181fbd14787492c52074e1e236f7d7bc96c3b53d8b27bd917078dc953e289d42
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
30b92b1d67692c95ef6d322b21cb9e0c2f7d5a4c68c05b4e3e3e87489ec41309
397d07fbfb19b6ac538d7b8bcdf5ebf7be881c9f9ad3982278d9d4f3a02c160b
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5f3712ac7607f84f766cd518cf2a5932bb283819b47830c46dbb3240cd4195b1
5f967fd41346c0fc1b9b44fa69c52bf1e754420c59c8017cefb0a14a764cafa4
760fa0c7bcfb100f9728e6eee05ac87a687e74d2c2843707b0acf633d8502b1c
7b1d5ebbb12ad12df8b7a82bd7267274561343fbcf2dcf1f44d7f9a4c83a2798
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
9197f9c192a78eb54f884fee2ccadfb40c79d875bc8befd1d394b342cd1e5f19
9469a71143cdfcd8a9288adcf1411416ce06301299b399c6d6933ed1e3b43524
957966549097c4e369bd1e2558aeb5510000ee20106f7fe5048ba0c75e92c340
982357fbcaf9af40084f17d294e6a7340fc070d463a22eafc6b37ce39b7ae7c9
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0
a959317813b70f3a91aceafa835bee05b1cf81ca27f7d2b7acbaed4a9c7a8762
b0acb0607d3709fbb57030735de985fa0735a27d1d00a7c4f25b1dc0fe1ed0b5
b8e50fd9df04b18ffcfbfb0f46e05185a781bcdce5ce23205f3adce7473c2f0d
beaa5dccfaf66237bcfff922bc798f293e9c28302b4771293955bd9486e783fb
c7d7214a0b940c1ffcbd64689a576c5847b42e886da3ad9ea45bc4cda214bac8
cc27845c4ba2580588d37b6d48939e7b833faeefa237e927860054226a0ad6f9
d2be7803ce22ea4563d3577bf0d5bfa8de3e85a754cf233a65b8cd34a156807c
d5280d7ccae89a5ac0e22926987022c4e3a346f3f0630c9ed89d19ec12a6b8f6
e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e
e1e95f9149551865cc44ea2a56a9b7b670f2f4ce40d53977b6dffadafcb67cc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e660632ed7018b507eab65fb3e9a7365281117671a8bf78a8d453c51b944f98d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
f8418ac5b1d9390017a7551f4b61d7de5ff3b81f124ac13c6881cd8a76cc0a41