Submitted URL: https://www.upscale.media/
Effective URL: https://www.upscale.media/de
Submission: On March 11 via manual from KR — Scanned from DE

Summary

This website contacted 26 IPs in 4 countries across 15 domains to perform 115 HTTP transactions. The main IP is 2606:4700:4400::ac40:9ab0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.upscale.media. The Cisco Umbrella rank of the primary domain is 537709.
TLS certificate: Issued by E1 on February 14th 2024. Valid for: 3 months.
This is the only time www.upscale.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2606:4700:440... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
25 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
11 2606:4700::68... 13335 (CLOUDFLAR...)
13 2a00:1450:400... 15169 (GOOGLE)
1 34.149.25.48 15169 (GOOGLE)
2 108.138.26.7 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 54.162.32.226 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
2 54.235.81.18 14618 (AMAZON-AES)
1 13.35.58.58 16509 (AMAZON-02)
1 18.66.122.57 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 18.202.142.190 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
115 26
Apex Domain
Subdomains
Transfer
30 pixelbin.io
cdn.pixelbin.io — Cisco Umbrella Rank: 286125
api.pixelbin.io — Cisco Umbrella Rank: 341907
7 MB
16 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
328 KB
16 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2330
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 7531
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 7790
tracking.crazyegg.com — Cisco Umbrella Rank: 4465
220 KB
11 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2656
google.com — Cisco Umbrella Rank: 1
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
124 KB
6 upscale.media
www.upscale.media — Cisco Umbrella Rank: 537709
api.upscale.media — Cisco Umbrella Rank: 778958
109 KB
5 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
47 KB
4 freshbots.ai
cdn.freshbots.ai — Cisco Umbrella Rank: 73059
www.freshbots.ai — Cisco Umbrella Rank: 81555
369 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
331 KB
3 posthog.com
app.posthog.com — Cisco Umbrella Rank: 9325
us.i.posthog.com — Cisco Umbrella Rank: 9789
40 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 228
4 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
4 KB
2 flagcdn.com
flagcdn.com — Cisco Umbrella Rank: 43886
1 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6744
408 B
1 copilot.live
script.copilot.live — Cisco Umbrella Rank: 592005
788 B
115 15
Domain Requested by
25 cdn.pixelbin.io www.upscale.media
cdn.pixelbin.io
13 pagead2.googlesyndication.com www.googletagmanager.com
pagead2.googlesyndication.com
cdn.pixelbin.io
tpc.googlesyndication.com
googleads.g.doubleclick.net
11 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
8 google.com www.googletagmanager.com
5 api.pixelbin.io cdn.pixelbin.io
5 www.upscale.media 1 redirects www.upscale.media
cdn.pixelbin.io
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 www.googletagmanager.com cdn.pixelbin.io
www.googletagmanager.com
3 www.gstatic.com googleads.g.doubleclick.net
3 tracking.crazyegg.com script.crazyegg.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
cdn.freshbots.ai
3 cdnjs.cloudflare.com www.upscale.media
cdnjs.cloudflare.com
3 fonts.googleapis.com www.upscale.media
script.crazyegg.com
googleads.g.doubleclick.net
2 www.freshbots.ai cdn.pixelbin.io
2 us.i.posthog.com cdn.pixelbin.io
2 region1.analytics.google.com www.googletagmanager.com
2 cdn.freshbots.ai www.upscale.media
cdn.freshbots.ai
2 flagcdn.com www.upscale.media
cdn.pixelbin.io
1 www.google.com tpc.googlesyndication.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 app.posthog.com www.upscale.media
1 script.copilot.live www.upscale.media
1 api.upscale.media cdn.pixelbin.io
115 27
Subject Issuer Validity Valid
www.upscale.media
E1
2024-02-14 -
2024-05-14
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
cdn.pixelbin.io
Cloudflare Inc ECC CA-3
2023-09-21 -
2024-09-19
a year crt.sh
flagcdn.com
GTS CA 1P5
2024-02-25 -
2024-05-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
api.pixelbin.io
E1
2024-02-23 -
2024-05-23
3 months crt.sh
api.upscale.media
E1
2024-02-23 -
2024-05-23
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
script.crazyegg.com
E1
2024-02-06 -
2024-05-06
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
copilot.live
GTS CA 1D4
2024-02-29 -
2024-05-29
3 months crt.sh
*.freshbots.ai
Amazon RSA 2048 M02
2023-09-24 -
2024-10-21
a year crt.sh
www.google.de
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.i.posthog.com
Amazon RSA 2048 M03
2024-01-15 -
2025-02-12
a year crt.sh
crazyegg.com
Amazon RSA 2048 M02
2023-05-28 -
2024-06-26
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
www.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.upscale.media/de
Frame ID: D2DAC84BEF3671D01B3EAADD5345E45C
Requests: 86 HTTP requests in this frame

Frame: https://www.upscale.media/~partytown/partytown-sandbox-sw.html?1710122824951
Frame ID: 7EE8CB6AA651700101819E88020305A4
Requests: 1 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0112/8891/site/www.upscale.media.json?t=1
Frame ID: 853D59F622B1E008949D2FC746469581
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 7712C53C56E60154AAD34733437EF990
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&adk=1812271804&adf=3025194257&lmt=1710122827&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.upscale.media%2Fde&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827115&bpp=3&bdt=2331&idt=337&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4050566312540&frm=20&pv=2&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=364
Frame ID: 9288AED30B21190C336FCAB73D858C5C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&h=280&slotname=7053068596&adk=1301741485&adf=2340272959&pi=t.ma~as.7053068596&w=1200&fwrn=4&fwrnh=100&lmt=1710122827&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.upscale.media%2Fde&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827118&bpp=1&bdt=2334&idt=369&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4050566312540&frm=20&pv=1&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=376
Frame ID: E58B991B73AD9FA912A0FD854808A798
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F6E0848700996DF18AFDF9A4BFB9B672
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4761EF0C58EE475A39BE363EBE5D48B0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tx_YDh4dAjwBh_VW-2vM8PCxzl4JTVu4GQSmkVWr_Gk.js
Frame ID: 0F13737D15A20A21CB6FA851BF3663DC
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Bildqualität Verbessern - Bild Auflösung Erhöhen - Upscale Media

Page URL History Show full URLs

  1. https://www.upscale.media/ HTTP 301
    https://www.upscale.media/de Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Page Statistics

115
Requests

96 %
HTTPS

72 %
IPv6

15
Domains

27
Subdomains

26
IPs

4
Countries

9170 kB
Transfer

14963 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.upscale.media/ HTTP 301
    https://www.upscale.media/de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

115 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request de
www.upscale.media/
Redirect Chain
  • https://www.upscale.media/
  • https://www.upscale.media/de
468 KB
103 KB
Document
General
Full URL
https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ab0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
80afd940a4dcdeface83853ec5be4d3c5a0d07d885d22dd13c88ecc24f21b14b
Security Headers
Name Value
Strict-Transport-Security includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=30; public
cf-cache-status
EXPIRED
cf-ray
8627fd150921381f-FRA
content-encoding
br
content-language
de
content-type
text/html; charset=utf-8
date
Mon, 11 Mar 2024 02:07:04 GMT
etag
W/"74fa7-5gEzn5F4uD9rpScoPwoNXs8xvzI"
permissions-policy
accelerometer=(), camera=(), geolocation=()
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
includeSubDomains; preload
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-fynd-trace-id
afb5ebe5e625d23d7ba27b84c6e423e9
x-powered-by
Express

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
MISS
cf-ray
8627fd118ecd381f-FRA
content-language
de-DE
content-length
62
content-type
text/html; charset=utf-8
date
Mon, 11 Mar 2024 02:07:01 GMT
location
/de
permissions-policy
accelerometer=(), camera=(), geolocation=()
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
includeSubDomains; preload
vary
Accept, Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-fynd-trace-id
998e908eb00f2a4088ba40bc11706505
x-powered-by
Express
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;700;900&display=optional
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e05fe5d51f989133b5aec28add7cedbd8fa5f9e28b292bd63c4695ad747fdbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Mar 2024 02:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 02:07:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Mar 2024 02:07:04 GMT
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/
1 KB
697 B
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1017695
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
382
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-50a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAVTxVf6E9dQMor0hXvAkCISyz5b7pmBISVYeizWzj2kSVYuUfoSRpKxPC9FXUNbruofX%2FXg3U0%2BRlm7d3vefWuKDFjqxVuFM%2BsPDQp4Kh0kLMd16GsaIQto0jrrOrnEMp91b1yfd8pXKukF0qE7A7q9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8627fd270a391909-FRA
expires
Sat, 01 Mar 2025 02:07:04 GMT
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/
2 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
305220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
637
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-92d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVvEAmng3bFm383EPt45Eytxaf3Im26jdrioD%2B8ef57DYAEedea8SuXXsDdHSXW7qpIReAIBAuaz%2BHWI2PiH%2Bi4u9hFo1paqQDivxY6X1ez33vV2q1yeZX5vXslDJALWIw3nkzHbov4p%2FUYWFHU%2FvtaJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8627fd270a3a1909-FRA
expires
Sat, 01 Mar 2025 02:07:04 GMT
bundle-6bc67f2.js
cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/
988 KB
285 KB
Script
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68e4386f9d9aa2418c7cb79a90c5d0118ab9d4e1805689db208e58a4ee39e740

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:04 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
17013
x-s3-cache
true
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 18:25:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-fynd-trace-id
ac6d95d65af0e70be21f0ca23025e2e0
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8627fd279fa21a6b-FRA
expires
Tue, 11 Mar 2025 02:07:04 GMT
66.bundle-6bc67f2.js
cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/
60 KB
16 KB
Script
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/66.bundle-6bc67f2.js
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45656c39a57b159861e9590d8d5b48cdb07f03aa92cd2eef07802e6ac3da823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:04 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
17013
x-s3-cache
true
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 18:27:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-fynd-trace-id
429353887a1a7d1ae7bdb9073476c2c1
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8627fd279fa11a6b-FRA
expires
Tue, 11 Mar 2025 02:07:04 GMT
959.bundle-6bc67f2.js
cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/
24 KB
7 KB
Script
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/959.bundle-6bc67f2.js
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da05e08935e3830937aa0ff46ce19f971d2dc49904d3ca40931b14116d88278b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:04 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
5417
x-s3-cache
true
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Mar 2024 00:26:00 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-fynd-trace-id
7933420c52d68ea498ddf372dffb3f68
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8627fd279fa01a6b-FRA
expires
Tue, 11 Mar 2025 02:07:04 GMT
926.bundle-6bc67f2.js
cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/
52 KB
13 KB
Script
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/926.bundle-6bc67f2.js
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
736443b6438ecdae2cf03e2b965551e0830ef8c8bf72d018bbc7fa15743d6a2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:04 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
16934
x-s3-cache
true
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 18:38:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-fynd-trace-id
75529a6789a577ba1685615dceff575d
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8627fd279fa41a6b-FRA
expires
Tue, 11 Mar 2025 02:07:04 GMT
um_logo_light.png
cdn.pixelbin.io/v2/dummy-cloudname/original/__logos__/upscale_media/
5 KB
5 KB
Image
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/__logos__/upscale_media/um_logo_light.png?f_auto=true
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1269bdf38a05e5d069896be4db83622cc7adc53a4017bd31bb65ee4176f05afb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:04 GMT
via
1.1 google
cf-cache-status
HIT
age
6205
x-s3-cache
true
content-length
5280
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 20:46:36 GMT
server
cloudflare
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
x-fynd-trace-id
b7c590fb2ddd4da9a02b8711c4bd5fc4
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd279fa51a6b-FRA
expires
Tue, 11 Mar 2025 02:07:04 GMT
google_play.png
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/logo/
4 KB
4 KB
Image
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/logo/google_play.png?f_auto=true
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d8d7d9486cc3b2183bccbce64d78b02218ff42c1f311d2ec603ab40b242c366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:04 GMT
via
1.1 google
cf-cache-status
HIT
age
13056
x-s3-cache
true
content-length
4028
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 14:35:16 GMT
server
cloudflare
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
x-fynd-trace-id
911110f246d5a7f76c2d2a1652ba5522
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd279fa31a6b-FRA
expires
Tue, 11 Mar 2025 02:07:04 GMT
app_store.png
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/logo/
5 KB
5 KB
Image
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/logo/app_store.png?f_auto=true
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69dfa26d6533d2d1f28d4cabac546cba27aa96a2b3fb22db16dcd49c921d5e31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:04 GMT
via
1.1 google
cf-cache-status
HIT
age
8351
x-s3-cache
true
content-length
4670
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 22:30:39 GMT
server
cloudflare
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
x-fynd-trace-id
d158bcb17185c4234b1d3baf001ee453
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd279f9f1a6b-FRA
expires
Tue, 11 Mar 2025 02:07:04 GMT
de.png
flagcdn.com/w80/
105 B
657 B
Image
General
Full URL
https://flagcdn.com/w80/de.png
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eb33c86a8f1cd43cbbd990aee89e4ce4fabf7efdece1529be66fb1becf29fc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
471052
alt-svc
h3=":443"; ma=86400
content-length
105
last-modified
Wed, 03 Jan 2024 11:10:28 GMT
server
cloudflare
etag
"659540a4-69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lZeyT7IMUeUPUCoftJpDg4Mt6oYI2DXjavOhzTnh70CiiDIU83qtig8ILhvPUazdXBezZvaYyltuM4WqolXSpsxtLY9yMqJVD8zo5HIgPjV5xgvOgih8df4vzbujd0AWn0VvuD9fhUgNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-maxage=2678400
accept-ranges
bytes
cf-ray
8627fd276f0b8ecd-FRA
uploadPageUM.mp4
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/
989 KB
990 KB
Media
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/uploadPageUM.mp4
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3529d518c8a12149359e0e53e8786896d5aeb50d54115ded0dd43fdbd8f75197

Request headers

Referer
https://www.upscale.media/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 11 Mar 2024 02:07:04 GMT
via
1.1 google
cf-cache-status
HIT
age
11354
Content-Range
bytes 0-1012783/1012784
x-s3-cache
true
alt-svc
h3=":443"; ma=86400
Content-Length
1012784
last-modified
Sun, 10 Mar 2024 20:28:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
x-fynd-trace-id
36b438601251c490d0a9f7cd50c86e50
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8627fd27bfb51a6b-FRA
expires
Tue, 11 Mar 2025 02:07:04 GMT
slick.woff
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/
1 KB
2 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css
Origin
https://www.upscale.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2714691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1285
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-564"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2zBOiYM3tncu2WAZ3SOGqiv5Ka8B13%2FkBoYy9QNZ481tp17tDm1MP3RvpHXqjKVeD0l54AIuHlafb%2F4RbdvUtyx5M83XSWUH2pIfgpVEadLJkHgzh8XS78eAnXWbWdRydLxX3NDpnYEWI6dB%2FNbMQMx"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8627fd276d716aeb-FRA
expires
Sat, 01 Mar 2025 02:07:04 GMT
U_illustrations-01.png
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/
246 KB
246 KB
Image
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/U_illustrations-01.png
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c87b6491f231c517f49f13cb92915583b78e07ebc8833f39c64622353929dfef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:04 GMT
via
1.1 google
cf-cache-status
HIT
age
15862
x-s3-cache
true
content-length
251736
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 15:06:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-fynd-trace-id
cb0abf32452a29d8c1a28ff17a511f31
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd27bfb31a6b-FRA
expires
Tue, 11 Mar 2025 02:07:04 GMT
Uillustrations-02.png
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/
234 KB
234 KB
Image
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/Uillustrations-02.png
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf625bffa10d88c5487cf0bc628bd729c537a30ec58ebe6c4b3f9a435aa7b419

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:04 GMT
via
1.1 google
cf-cache-status
HIT
age
11355
x-s3-cache
true
content-length
239528
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 14:48:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-fynd-trace-id
1781bc855d37f557aa3bad405a931f39
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd27bfb41a6b-FRA
expires
Tue, 11 Mar 2025 02:07:04 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700;900&display=optional
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.upscale.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 08:52:40 GMT
x-content-type-options
nosniff
age
494064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 08:52:40 GMT
partytown-sandbox-sw.html
www.upscale.media/~partytown/ Frame 7EE8
0
0
Document
General
Full URL
https://www.upscale.media/~partytown/partytown-sandbox-sw.html?1710122824951
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9ab0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.upscale.media/de
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
MISS
cf-ray
8627fd27fc8a9130-FRA
content-length
0
date
Mon, 11 Mar 2024 02:07:05 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=()
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
includeSubDomains; preload
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Express
/
api.pixelbin.io/___/internal/misc/v1.0/languages/
3 KB
1 KB
XHR
General
Full URL
https://api.pixelbin.io/___/internal/misc/v1.0/languages/?searchTag=upscale
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce46edbed332cb748e17e16da3b7e6698130255bf87d0aa7f3e5df009c8858f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"ded-Xf0g+P44ZHjLPPCxXd7ska8v4Es"
vary
Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upscale.media
access-control-expose-headers
x-ebg-prevw-limit,x-ebg-image-token
access-control-allow-credentials
true
cf-ray
8627fd28ed561e62-FRA
access-control-allow-headers
authorization,fynd-affiliate-id,fynd-affiliate-token,image_resize,device-width,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,uppy-auth-token,x-application-id,x-application-token,x-auth-token,x-currency-code,x-device-platform,x-force-logout,x-force-reload, x-staff-user, x-company-id,accept-version, x-fp-date, x-fp-signature, x-ebg-signature, x-ebg-param, x-ebg-prevw-limit, x-ebg-image-token, captcha-code
/
api.pixelbin.io/___/internal/misc/v1.0/languages/
3 KB
2 KB
XHR
General
Full URL
https://api.pixelbin.io/___/internal/misc/v1.0/languages/?searchTag=upscale
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce46edbed332cb748e17e16da3b7e6698130255bf87d0aa7f3e5df009c8858f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"ded-Xf0g+P44ZHjLPPCxXd7ska8v4Es"
vary
Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upscale.media
access-control-expose-headers
x-ebg-prevw-limit,x-ebg-image-token
access-control-allow-credentials
true
cf-ray
8627fd28ed581e62-FRA
access-control-allow-headers
authorization,fynd-affiliate-id,fynd-affiliate-token,image_resize,device-width,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,uppy-auth-token,x-application-id,x-application-token,x-auth-token,x-currency-code,x-device-platform,x-force-logout,x-force-reload, x-staff-user, x-company-id,accept-version, x-fp-date, x-fp-signature, x-ebg-signature, x-ebg-param, x-ebg-prevw-limit, x-ebg-image-token, captcha-code
/
api.pixelbin.io/___/internal/misc/v1.0/languages/
3 KB
1 KB
XHR
General
Full URL
https://api.pixelbin.io/___/internal/misc/v1.0/languages/?searchTag=upscale
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce46edbed332cb748e17e16da3b7e6698130255bf87d0aa7f3e5df009c8858f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"ded-Xf0g+P44ZHjLPPCxXd7ska8v4Es"
vary
Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upscale.media
access-control-expose-headers
x-ebg-prevw-limit,x-ebg-image-token
access-control-allow-credentials
true
cf-ray
8627fd28ed591e62-FRA
access-control-allow-headers
authorization,fynd-affiliate-id,fynd-affiliate-token,image_resize,device-width,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,uppy-auth-token,x-application-id,x-application-token,x-auth-token,x-currency-code,x-device-platform,x-force-logout,x-force-reload, x-staff-user, x-company-id,accept-version, x-fp-date, x-fp-signature, x-ebg-signature, x-ebg-param, x-ebg-prevw-limit, x-ebg-image-token, captcha-code
content
api.pixelbin.io/___/internal/misc/v1.0/translations/language/de/namespace/common/
7 KB
3 KB
XHR
General
Full URL
https://api.pixelbin.io/___/internal/misc/v1.0/translations/language/de/namespace/common/content?searchTag=upscale
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a32912b421f40b4c24e1abe607f5e0879e771b98973a61233b745ccf52233b6

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.upscale.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:08 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"1d47-gGKs4URXlay1oFOXe3uMaWnAb3k"
vary
Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upscale.media
access-control-expose-headers
x-ebg-prevw-limit,x-ebg-image-token
access-control-allow-credentials
true
cf-ray
8627fd325f8c9b5b-FRA
access-control-allow-headers
authorization,fynd-affiliate-id,fynd-affiliate-token,image_resize,device-width,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,uppy-auth-token,x-application-id,x-application-token,x-auth-token,x-currency-code,x-device-platform,x-force-logout,x-force-reload, x-staff-user, x-company-id,accept-version, x-fp-date, x-fp-signature, x-ebg-signature, x-ebg-param, x-ebg-prevw-limit, x-ebg-image-token, captcha-code
common.json
www.upscale.media/static/public/locales/en/
8 KB
3 KB
XHR
General
Full URL
https://www.upscale.media/static/public/locales/en/common.json
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9ab0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
224b86853984cd68f131b438a2f8cd11748edabea437d40b969adfe6f2910d9d
Security Headers
Name Value
Strict-Transport-Security includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.upscale.media/de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
includeSubDomains; preload
age
1499867
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 22 Feb 2024 17:21:06 GMT
server
cloudflare
etag
W/"21ee-18dd1d5cbd0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json; charset=UTF-8
x-fynd-trace-id
b3dd73974506c21eeb1cac98c0bf33a3
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=()
cf-ray
8627fd324a979130-FRA
expires
Tue, 11 Mar 2025 02:07:06 GMT
/
api.pixelbin.io/___/internal/misc/v1.0/languages/
3 KB
1 KB
XHR
General
Full URL
https://api.pixelbin.io/___/internal/misc/v1.0/languages/?searchTag=upscale
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce46edbed332cb748e17e16da3b7e6698130255bf87d0aa7f3e5df009c8858f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"ded-Xf0g+P44ZHjLPPCxXd7ska8v4Es"
vary
Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upscale.media
access-control-expose-headers
x-ebg-prevw-limit,x-ebg-image-token
access-control-allow-credentials
true
cf-ray
8627fd324bce1e62-FRA
access-control-allow-headers
authorization,fynd-affiliate-id,fynd-affiliate-token,image_resize,device-width,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,uppy-auth-token,x-application-id,x-application-token,x-auth-token,x-currency-code,x-device-platform,x-force-logout,x-force-reload, x-staff-user, x-company-id,accept-version, x-fp-date, x-fp-signature, x-ebg-signature, x-ebg-param, x-ebg-prevw-limit, x-ebg-image-token, captcha-code
um_logo_light.png
cdn.pixelbin.io/v2/dummy-cloudname/original/__logos__/upscale_media/
5 KB
5 KB
Image
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/__logos__/upscale_media/um_logo_light.png?f_auto=true
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1269bdf38a05e5d069896be4db83622cc7adc53a4017bd31bb65ee4176f05afb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
cf-cache-status
HIT
age
6207
x-s3-cache
true
content-length
5280
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 20:46:36 GMT
server
cloudflare
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
x-fynd-trace-id
b7c590fb2ddd4da9a02b8711c4bd5fc4
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd326e781a6b-FRA
expires
Tue, 11 Mar 2025 02:07:06 GMT
google_play.png
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/logo/
4 KB
4 KB
Image
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/logo/google_play.png?f_auto=true
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d8d7d9486cc3b2183bccbce64d78b02218ff42c1f311d2ec603ab40b242c366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
cf-cache-status
HIT
age
13058
x-s3-cache
true
content-length
4028
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 14:35:16 GMT
server
cloudflare
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
x-fynd-trace-id
911110f246d5a7f76c2d2a1652ba5522
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd326e791a6b-FRA
expires
Tue, 11 Mar 2025 02:07:06 GMT
app_store.png
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/logo/
5 KB
5 KB
Image
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/logo/app_store.png?f_auto=true
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69dfa26d6533d2d1f28d4cabac546cba27aa96a2b3fb22db16dcd49c921d5e31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
cf-cache-status
HIT
age
8353
x-s3-cache
true
content-length
4670
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 22:30:39 GMT
server
cloudflare
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
x-fynd-trace-id
d158bcb17185c4234b1d3baf001ee453
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd326e7a1a6b-FRA
expires
Tue, 11 Mar 2025 02:07:06 GMT
de.png
flagcdn.com/w80/
105 B
426 B
Image
General
Full URL
https://flagcdn.com/w80/de.png
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eb33c86a8f1cd43cbbd990aee89e4ce4fabf7efdece1529be66fb1becf29fc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
471054
alt-svc
h3=":443"; ma=86400
content-length
105
last-modified
Wed, 03 Jan 2024 11:10:28 GMT
server
cloudflare
etag
"659540a4-69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNxDwpm7yzQZpiw9SAPDFxyYj%2F%2BQqpncXftrUw6cqRqmHtujbA%2BK%2BBUqZS%2BYGEyggVsLMe2AZ10h%2BXcagUycCYylW8IOM3VH4hdZm32N9L9wxfe%2BRCCbDpqfhTaP1xE8Zt44nPnrFI2cRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-maxage=2678400
accept-ranges
bytes
cf-ray
8627fd326df78ecd-FRA
announcements
www.upscale.media/api/
8 KB
2 KB
XHR
General
Full URL
https://www.upscale.media/api/announcements
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9ab0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d634d95f75f59dda74d357e032bf0f80d9b0647cb0d6ebfccdc72b665fc58741
Security Headers
Name Value
Strict-Transport-Security includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
includeSubDomains; preload
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"20d8-cpQzz8UwQkHX3Pryi3pAYB8dbfc"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json; charset=utf-8
x-fynd-trace-id
d04dc0f73dd3f41ad595e7b29412d76f
permissions-policy
accelerometer=(), camera=(), geolocation=()
cf-ray
8627fd32dad39130-FRA
websites
api.upscale.media/cms/api/
848 B
2 KB
XHR
General
Full URL
https://api.upscale.media/cms/api/websites?filters[searchTag]=upscale&populate=socialMediaLinks
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Strapi <strapi.io>
Resource Hash
fa5da6b2ba5c92fb1edd6654ab1bacb68f83c75e62c484fbb88dbb106bd4baf7
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:08 GMT
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-encoding
gzip
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
referrer-policy
no-referrer
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin,Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upscale.media
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
access-control-expose-headers
x-ebg-prevw-limit,x-ebg-image-token
access-control-allow-credentials
true
cf-ray
8627fd3499e63a8e-FRA
access-control-allow-headers
authorization,fynd-affiliate-id,fynd-affiliate-token,image_resize,device-width,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,uppy-auth-token,x-application-id,x-application-token,x-auth-token,x-currency-code,x-device-platform,x-force-logout,x-force-reload, x-staff-user, x-company-id,accept-version, x-fp-date, x-fp-signature, x-ebg-signature, x-ebg-param, x-ebg-prevw-limit, x-ebg-image-token, captcha-code
gtm.js
www.googletagmanager.com/
307 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MTHFVWT&l=dataLayer
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b077ba4d628122277d55946f164c90d2db4cd8af3aaf4c906df247c8e9500be5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95934
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Mar 2024 02:07:06 GMT
Individual_Before.png
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/
110 KB
110 KB
XHR
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/Individual_Before.png
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
869de09b88107fbdd8ccb5c325bfffa6f23bbeedb65200b1b39bec865814ef13

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.upscale.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
cf-cache-status
HIT
age
4190
alt-svc
h3=":443"; ma=86400
x-s3-cache
true
content-length
112173
last-modified
Sun, 10 Mar 2024 16:38:29 GMT
server
cloudflare
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type
image/png
access-control-allow-origin
https://www.upscale.media
access-control-expose-headers
x-ebg-prevw-limit,x-ebg-image-token
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd331d3abb3b-FRA
access-control-allow-headers
authorization,fynd-affiliate-id,fynd-affiliate-token,image_resize,device-width,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,uppy-auth-token,x-application-id,x-application-token,x-auth-token,x-currency-code,x-device-platform,x-force-logout,x-force-reload, x-staff-user, x-company-id,accept-version, x-fp-date, x-fp-signature, x-ebg-signature, x-ebg-param, x-ebg-prevw-limit, x-ebg-image-token, captcha-code
expires
Tue, 11 Mar 2025 02:07:06 GMT
Individual_After.png
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/
1 MB
1 MB
XHR
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/Individual_After.png
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7da7c57baf3c0f9e4ac9566192e10bd6594d560bf268e3b3107c221c56d353a6

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.upscale.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
cf-cache-status
HIT
age
4190
alt-svc
h3=":443"; ma=86400
x-s3-cache
true
content-length
1349586
last-modified
Sun, 10 Mar 2024 14:30:21 GMT
server
cloudflare
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type
image/png
access-control-allow-origin
https://www.upscale.media
access-control-expose-headers
x-ebg-prevw-limit,x-ebg-image-token
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd331d39bb3b-FRA
access-control-allow-headers
authorization,fynd-affiliate-id,fynd-affiliate-token,image_resize,device-width,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,uppy-auth-token,x-application-id,x-application-token,x-auth-token,x-currency-code,x-device-platform,x-force-logout,x-force-reload, x-staff-user, x-company-id,accept-version, x-fp-date, x-fp-signature, x-ebg-signature, x-ebg-param, x-ebg-prevw-limit, x-ebg-image-token, captcha-code
expires
Tue, 11 Mar 2025 02:07:06 GMT
U_illustrations-01.png
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/
246 KB
246 KB
Image
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/U_illustrations-01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c87b6491f231c517f49f13cb92915583b78e07ebc8833f39c64622353929dfef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
cf-cache-status
HIT
age
1289
x-s3-cache
true
content-length
251736
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 21:11:56 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-fynd-trace-id
b588ec33db8941ee4bc8eaf2c22684ac
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd3328f71e4b-FRA
expires
Tue, 11 Mar 2025 02:07:06 GMT
Uillustrations-02.png
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/
234 KB
234 KB
Image
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/Uillustrations-02.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf625bffa10d88c5487cf0bc628bd729c537a30ec58ebe6c4b3f9a435aa7b419

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
cf-cache-status
HIT
age
1289
x-s3-cache
true
content-length
239528
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 20:48:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-fynd-trace-id
7bbdcf4659383aa7f267f901250b6337
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd3328f81e4b-FRA
expires
Tue, 11 Mar 2025 02:07:06 GMT
uploadPageUM.mp4
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/
989 KB
990 KB
Media
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/uploadPageUM.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3529d518c8a12149359e0e53e8786896d5aeb50d54115ded0dd43fdbd8f75197

Request headers

Referer
https://www.upscale.media/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
cf-cache-status
HIT
age
16717
Content-Range
bytes 0-1012783/1012784
x-s3-cache
true
alt-svc
h3=":443"; ma=86400
Content-Length
1012784
last-modified
Sun, 10 Mar 2024 14:27:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
x-fynd-trace-id
f2285313c592d7cc0572c3a8f4b6d221
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8627fd3328fd1e4b-FRA
expires
Tue, 11 Mar 2025 02:07:06 GMT
Angle%20Down.6bc67f2.svg
cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/assets/images/
832 B
842 B
Image
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/assets/images/Angle%20Down.6bc67f2.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
764898084f1eec99ae712292913584a2c21d332fd7dd7bcdd6358138213b0674

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
17061
x-s3-cache
true
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 18:27:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-fynd-trace-id
282571fcc86ecd8c620eb9af5adc116c
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8627fd3329011e4b-FRA
expires
Tue, 11 Mar 2025 02:07:06 GMT
upload.6bc67f2.svg
cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/assets/images/
599 B
677 B
Image
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/assets/images/upload.6bc67f2.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
000c9e135ad1c2826e983a3eee28d6c073256bb156907174178c7e57c94141b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
11898
x-s3-cache
true
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Mar 2024 18:27:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-fynd-trace-id
af963856c614526bf522df9be761559b
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8627fd3339031e4b-FRA
expires
Tue, 11 Mar 2025 02:07:06 GMT
Individual_Before.png
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/
110 KB
110 KB
XHR
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/Individual_Before.png
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
869de09b88107fbdd8ccb5c325bfffa6f23bbeedb65200b1b39bec865814ef13

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.upscale.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
cf-cache-status
HIT
age
4190
alt-svc
h3=":443"; ma=86400
x-s3-cache
true
content-length
112173
last-modified
Sun, 10 Mar 2024 16:38:29 GMT
server
cloudflare
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type
image/png
access-control-allow-origin
https://www.upscale.media
access-control-expose-headers
x-ebg-prevw-limit,x-ebg-image-token
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd332d4abb3b-FRA
access-control-allow-headers
authorization,fynd-affiliate-id,fynd-affiliate-token,image_resize,device-width,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,uppy-auth-token,x-application-id,x-application-token,x-auth-token,x-currency-code,x-device-platform,x-force-logout,x-force-reload, x-staff-user, x-company-id,accept-version, x-fp-date, x-fp-signature, x-ebg-signature, x-ebg-param, x-ebg-prevw-limit, x-ebg-image-token, captcha-code
expires
Tue, 11 Mar 2025 02:07:06 GMT
Individual_After.png
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/
1 MB
1 MB
XHR
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/Individual_After.png
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7da7c57baf3c0f9e4ac9566192e10bd6594d560bf268e3b3107c221c56d353a6

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.upscale.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
cf-cache-status
HIT
age
4190
alt-svc
h3=":443"; ma=86400
x-s3-cache
true
content-length
1349586
last-modified
Sun, 10 Mar 2024 14:30:21 GMT
server
cloudflare
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type
image/png
access-control-allow-origin
https://www.upscale.media
access-control-expose-headers
x-ebg-prevw-limit,x-ebg-image-token
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd332d4dbb3b-FRA
access-control-allow-headers
authorization,fynd-affiliate-id,fynd-affiliate-token,image_resize,device-width,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,uppy-auth-token,x-application-id,x-application-token,x-auth-token,x-currency-code,x-device-platform,x-force-logout,x-force-reload, x-staff-user, x-company-id,accept-version, x-fp-date, x-fp-signature, x-ebg-signature, x-ebg-param, x-ebg-prevw-limit, x-ebg-image-token, captcha-code
expires
Tue, 11 Mar 2025 02:07:06 GMT
Individual_Before.png
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/
110 KB
110 KB
XHR
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/Individual_Before.png
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
869de09b88107fbdd8ccb5c325bfffa6f23bbeedb65200b1b39bec865814ef13

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.upscale.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
cf-cache-status
HIT
age
4190
alt-svc
h3=":443"; ma=86400
x-s3-cache
true
content-length
112173
last-modified
Sun, 10 Mar 2024 16:38:29 GMT
server
cloudflare
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type
image/png
access-control-allow-origin
https://www.upscale.media
access-control-expose-headers
x-ebg-prevw-limit,x-ebg-image-token
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd333d4fbb3b-FRA
access-control-allow-headers
authorization,fynd-affiliate-id,fynd-affiliate-token,image_resize,device-width,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,uppy-auth-token,x-application-id,x-application-token,x-auth-token,x-currency-code,x-device-platform,x-force-logout,x-force-reload, x-staff-user, x-company-id,accept-version, x-fp-date, x-fp-signature, x-ebg-signature, x-ebg-param, x-ebg-prevw-limit, x-ebg-image-token, captcha-code
expires
Tue, 11 Mar 2025 02:07:06 GMT
Individual_After.png
cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/
1 MB
1 MB
XHR
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/original/upscalemedia_assets/home_page/Individual_After.png
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7da7c57baf3c0f9e4ac9566192e10bd6594d560bf268e3b3107c221c56d353a6

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.upscale.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
via
1.1 google
cf-cache-status
HIT
age
4190
alt-svc
h3=":443"; ma=86400
x-s3-cache
true
content-length
1349586
last-modified
Sun, 10 Mar 2024 14:30:21 GMT
server
cloudflare
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type
image/png
access-control-allow-origin
https://www.upscale.media
access-control-expose-headers
x-ebg-prevw-limit,x-ebg-image-token
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8627fd333d50bb3b-FRA
access-control-allow-headers
authorization,fynd-affiliate-id,fynd-affiliate-token,image_resize,device-width,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,uppy-auth-token,x-application-id,x-application-token,x-auth-token,x-currency-code,x-device-platform,x-force-logout,x-force-reload, x-staff-user, x-company-id,accept-version, x-fp-date, x-fp-signature, x-ebg-signature, x-ebg-param, x-ebg-prevw-limit, x-ebg-image-token, captcha-code
expires
Tue, 11 Mar 2025 02:07:06 GMT
js
www.googletagmanager.com/gtag/
212 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-NFRNNXF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTHFVWT&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bdbf701299006e3c223ca8a3af13214c607e8ec3f40bc641e9a8b4b25ab7087b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78255
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Mar 2024 02:07:06 GMT
destination
www.googletagmanager.com/gtag/
212 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11453410922&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTHFVWT&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
37bc04fda41dd04eab681fc0fa9b41ba7a2c2f41fdb5516eb0fa180d30374b52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78262
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Mar 2024 02:07:06 GMT
js
www.googletagmanager.com/gtag/
236 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4MBBN948Y7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTHFVWT&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dbf4c67b4123ff0835e300991a166d02c3bee0a91e71d8d8758704af918eae16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85285
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 11 Mar 2024 02:07:06 GMT
4275.js
script.crazyegg.com/pages/scripts/0112/
0
0
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0112/4275.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTHFVWT&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
cf-cache-status
HIT
last-modified
Sun, 10 Mar 2024 20:00:13 GMT
server
cloudflare
age
22013
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
8627fd33ce048f36-FRA
content-length
0
8891.js
script.crazyegg.com/pages/scripts/0112/
6 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0112/8891.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTHFVWT&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80be18503085586eca6a237127fe3d3d17cec1d714abdd3480a293a26c65f6b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
content-encoding
gzip
cf-cache-status
HIT
age
12440
cf-polished
origSize=6112
ce-version
11.5.194
cf-bgj
minify
last-modified
Sun, 10 Mar 2024 22:39:46 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8627fd33ce028f36-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
146 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1793986085961777
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTHFVWT&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56435715c111be488ea0c6d5dd84e287f448d9df0be015e41eaa862684259f45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upscale.media/
Origin
https://www.upscale.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51010
x-xss-protection
0
server
cafe
etag
3672127381362953192
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 11 Mar 2024 02:07:06 GMT
copilot.min.js
script.copilot.live/v1/
60 B
788 B
Script
General
Full URL
https://script.copilot.live/v1/copilot.min.js?tkn=cat-ovby0t4d
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.25.48 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
48.25.149.34.bc.googleusercontent.com
Software
/
Resource Hash
940909548ff83775223b961f0da6e192ac6da8d48b0e6328329d0f0d0349e062
Security Headers
Name Value
Content-Security-Policy default-src *;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src *;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.copilot.live;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:08 GMT
content-security-policy
default-src *;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src *;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://script.copilot.live;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60
x-xss-protection
0
referrer-policy
origin
etag
W/"3c-+zIgT1/VaxonS75STQM/HDrGWtg"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
origin-agent-cluster
?1
x-fynd-trace-id
5bc4da4cf92891b235d23d2dbff7d3b2
access-control-allow-credentials
true
freshbots.min.js
cdn.freshbots.ai/assets/share/js/
1 MB
338 KB
Script
General
Full URL
https://cdn.freshbots.ai/assets/share/js/freshbots.min.js
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-7.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9023038209f21fcbe472e7d21e121376fb1e6e390efb39e3aeee5adf164da0ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 04:25:48 GMT
x-amz-version-id
1uwCdsn1S6aWrYwxYOjku90ToUSnM3sD
content-encoding
gzip
last-modified
Thu, 07 Mar 2024 10:19:38 GMT
server
AmazonS3
via
1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"6d4560e73c79734e4df07793fc37c161"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
78079
x-amz-cf-id
qzQ66ywNA90WxuNf1ALeUdvGTo-yeiv1Cjs-Kk8mR-AOZjA2OvtUpg==
array.js
app.posthog.com/static/
124 KB
39 KB
Script
General
Full URL
https://app.posthog.com/static/array.js
Requested by
Host: www.upscale.media
URL: https://www.upscale.media/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b7cfc203e1cf10136bcd5227fea6350b0b07f70efe0cedcfbbddc65d9f1a92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
229
referrer-policy
same-origin
last-modified
Fri, 08 Mar 2024 19:48:19 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65eb6b83-1ee4e"
x-frame-options
SAMEORIGIN
vary
Cookie, Accept-Encoding
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
8627fd33d89c1db1-FRA
cfe264f2-dd56-4c45-933f-9c2513fbf9a0
https://www.upscale.media/
110 KB
0
Image
General
Full URL
blob:https://www.upscale.media/cfe264f2-dd56-4c45-933f-9c2513fbf9a0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
869de09b88107fbdd8ccb5c325bfffa6f23bbeedb65200b1b39bec865814ef13

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length
112173
Content-Type
image/png
collect
region1.analytics.google.com/g/
0
255 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4MBBN948Y7&gtm=45je4360v886094358z8856640518za200&_p=1710122826698&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1617014956.1710122827&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710122826&sct=1&seg=0&dl=https%3A%2F%2Fwww.upscale.media%2Fde&dt=Bildqualit%C3%A4t%20Verbessern%20-%20Bild%20Aufl%C3%B6sung%20Erh%C3%B6hen%20-%20Upscale%20Media&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5833
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4MBBN948Y7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 02:07:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.upscale.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
255 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4MBBN948Y7&cid=1617014956.1710122827&gtm=45je4360v886094358z8856640518za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4MBBN948Y7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 02:07:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.upscale.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4MBBN948Y7&cid=1617014956.1710122827&gtm=45je4360v886094358z8856640518za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=731583660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 02:07:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11453410922
google.com/pagead/form-data/
0
0
Ping
General
Full URL
https://google.com/pagead/form-data/11453410922?gtm=45be4360v9173586000z8856640518za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&hn=www.googleadservices.com&npa=1&pscdl=noapi&auid=1673764540.1710122827&uamb=0&uaw=0&em=tv.1~em.QDwfRQL7v3NzpwtOQS2aoEzEoqfX0brraxIzfjArbOY
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11453410922&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

11453410922
google.com/ccm/form-data/
0
54 B
Ping
General
Full URL
https://google.com/ccm/form-data/11453410922?gtm=45be4360v9173586000z8856640518za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&hn=www.googleadservices.com&npa=1&pscdl=noapi&auid=1673764540.1710122827&uamb=0&uaw=0&em=tv.1~em.QDwfRQL7v3NzpwtOQS2aoEzEoqfX0brraxIzfjArbOY&ecsid=1812566351.1710122827
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11453410922&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 02:07:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.upscale.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11453410922
google.com/pagead/form-data/
0
0
Ping
General
Full URL
https://google.com/pagead/form-data/11453410922?gtm=45be4360v9173586000z8856640518za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&hn=www.googleadservices.com&npa=1&pscdl=noapi&auid=1673764540.1710122827&uamb=0&uaw=0&em=tv.1~em.QDwfRQL7v3NzpwtOQS2aoEzEoqfX0brraxIzfjArbOY
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11453410922&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

11453410922
google.com/ccm/form-data/
0
54 B
Ping
General
Full URL
https://google.com/ccm/form-data/11453410922?gtm=45be4360v9173586000z8856640518za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&hn=www.googleadservices.com&npa=1&pscdl=noapi&auid=1673764540.1710122827&uamb=0&uaw=0&em=tv.1~em.QDwfRQL7v3NzpwtOQS2aoEzEoqfX0brraxIzfjArbOY&ecsid=1812566351.1710122827
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11453410922&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 02:07:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.upscale.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11453410922
google.com/pagead/form-data/
0
0
Ping
General
Full URL
https://google.com/pagead/form-data/11453410922?gtm=45be4360v9173586000z8856640518za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&hn=www.googleadservices.com&npa=1&pscdl=noapi&auid=1673764540.1710122827&uamb=0&uaw=0&em=tv.1~em.QDwfRQL7v3NzpwtOQS2aoEzEoqfX0brraxIzfjArbOY
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11453410922&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

11453410922
google.com/ccm/form-data/
0
255 B
Ping
General
Full URL
https://google.com/ccm/form-data/11453410922?gtm=45be4360v9173586000z8856640518za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&hn=www.googleadservices.com&npa=1&pscdl=noapi&auid=1673764540.1710122827&uamb=0&uaw=0&em=tv.1~em.QDwfRQL7v3NzpwtOQS2aoEzEoqfX0brraxIzfjArbOY&ecsid=1812566351.1710122827
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11453410922&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 02:07:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.upscale.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11453410922
google.com/pagead/form-data/
0
0
Ping
General
Full URL
https://google.com/pagead/form-data/11453410922?gtm=45be4360v9173586000z8856640518za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&hn=www.googleadservices.com&npa=1&pscdl=noapi&auid=1673764540.1710122827&uamb=0&uaw=0&em=tv.1~em.QDwfRQL7v3NzpwtOQS2aoEzEoqfX0brraxIzfjArbOY
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11453410922&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

11453410922
google.com/ccm/form-data/
0
45 B
Ping
General
Full URL
https://google.com/ccm/form-data/11453410922?gtm=45be4360v9173586000z8856640518za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&hn=www.googleadservices.com&npa=1&pscdl=noapi&auid=1673764540.1710122827&uamb=0&uaw=0&em=tv.1~em.QDwfRQL7v3NzpwtOQS2aoEzEoqfX0brraxIzfjArbOY&ecsid=1812566351.1710122827
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11453410922&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 02:07:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.upscale.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
12839897-4a89-45ed-a820-3a5215a08bc1
https://www.upscale.media/
110 KB
0
Image
General
Full URL
blob:https://www.upscale.media/12839897-4a89-45ed-a820-3a5215a08bc1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
869de09b88107fbdd8ccb5c325bfffa6f23bbeedb65200b1b39bec865814ef13

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length
112173
Content-Type
image/png
0e20edd7-cdc2-4eb2-9313-d4795326b2a1
https://www.upscale.media/
1 MB
0
Image
General
Full URL
blob:https://www.upscale.media/0e20edd7-cdc2-4eb2-9313-d4795326b2a1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7da7c57baf3c0f9e4ac9566192e10bd6594d560bf268e3b3107c221c56d353a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length
1349586
Content-Type
image/png
www.upscale.media.json
script.crazyegg.com/pages/data-scripts/0112/8891/site/ Frame 853D
9 KB
3 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0112/8891/site/www.upscale.media.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0112/8891.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daaa9d5bc6a89496836194ce9e69357835c849fee2f2d4537c77817c8c8e9e27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
gzip
cf-cache-status
HIT
age
12314
ce-version
11.5.194
content-length
3005
last-modified
Sun, 10 Mar 2024 22:41:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8627fd34dfd48ed5-FRA
/
us.i.posthog.com/e/
13 B
578 B
XHR
General
Full URL
https://us.i.posthog.com/e/?ip=1&_=1710122827058&ver=1.111.1
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.32.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-32-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upscale.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
same-origin
server
envoy
cross-origin-opener-policy
same-origin
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.upscale.media
transfer-encoding
chunked
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
access-control-allow-headers
X-Requested-With,Content-Type
/
us.i.posthog.com/decide/
482 B
831 B
XHR
General
Full URL
https://us.i.posthog.com/decide/?v=3&ip=1&_=1710122827061&ver=1.111.1
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.32.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-32-226.compute-1.amazonaws.com
Software
envoy /
Resource Hash
9033d202f3b801c666d93614631cbfd3ffb54691588a4ececa280607740ac363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upscale.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
same-origin
server
envoy
cross-origin-opener-policy
same-origin
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.upscale.media
transfer-encoding
chunked
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
access-control-allow-headers
X-Requested-With,Content-Type
84a07e3a698688683d493761c9786bde.js
script.crazyegg.com/pages/versioned/common-scripts/
94 KB
31 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0112/8891.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2b3c5e1e1986c9c9f79f6635c0449c0cd5a6f68e51940557f2c986bdb23f7ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 02 Mar 2024 00:31:12 GMT
server
cloudflare
age
195415
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8627fd355f0a8f36-FRA
content-length
31373
truncated
/
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f696a915f4b09bda30ae510a6d472a8065607cb50baed4d424cba16f41607c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/svg+xml
arrowNew.6bc67f2.svg
cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/assets/images/
1 KB
981 B
Image
General
Full URL
https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/assets/images/arrowNew.6bc67f2.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a41b66f88344fc5e47f0b76cb6524a3bcb0912ab962a5a2e779c1e51db617dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
x-s3-cache
true
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Mar 2024 01:22:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-fynd-trace-id
53bd1ba038040d72e814dfbc1ee32f25
access-control-expose-headers
Accept-Ranges,Content-Encoding,Content-Length,Content-Range,Content-Disposition,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Retry-After
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8627fd356a961e4b-FRA
expires
Tue, 11 Mar 2025 02:07:07 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403040101/
405 KB
137 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1793986085961777&plah=www.upscale.media&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1793986085961777
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6108fbd643a3c4320ec17f9a4d57697a53bc09d606917b0d4fb7d61db002ad98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140460
x-xss-protection
0
server
cafe
etag
8097128813685227700
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 11 Mar 2024 02:07:07 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame 7712
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1793986085961777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upscale.media/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Mar 2024 07:15:08 GMT
etag
5035419970550746386
expires
Sun, 24 Mar 2024 07:15:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
chat-combined.min.css
cdn.freshbots.ai/assets/share/css/
157 KB
29 KB
Stylesheet
General
Full URL
https://cdn.freshbots.ai/assets/share/css/chat-combined.min.css?v=0.26
Requested by
Host: cdn.freshbots.ai
URL: https://cdn.freshbots.ai/assets/share/js/freshbots.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-7.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5b9e7ae8f9b779bb83b468aae5ddbf348c906be6f990540e5a684a5cc7748cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:05:34 GMT
x-amz-version-id
NoDlJltO8H.HRCbTt.at4OzIns9NQjLf
content-encoding
gzip
last-modified
Thu, 07 Mar 2024 10:19:37 GMT
server
AmazonS3
via
1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"ff0ac0d00293a6e4329e3609a0c30d4c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
94
x-amz-cf-id
l9PQZpJ4f4DbnPZKtCUjucQUWZlm1Gp6Vgk1bsmHMV0zcZ4W5IW6dg==
/
www.freshbots.ai/customer/v3/combined-init/
4 KB
2 KB
XHR
General
Full URL
https://www.freshbots.ai/customer/v3/combined-init/?clientHash=e06ce4fe931d69458ee08d61d1e182ca3b15e3ee
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.81.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-81-18.compute-1.amazonaws.com
Software
fwe /
Resource Hash
2063f4a29763fcc8d5b0a9b8b9fadfe3dc085170efd6a57aa17e9e20ba117f04

Request headers

clntHsh
e06ce4fe931d69458ee08d61d1e182ca3b15e3ee
External-Client-Id
null
Product-Id
null
accept-language
de-DE,de;q=0.9
sn
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
application/json
X-TimezoneOffset
60
Referer
https://www.upscale.media/
Client-Id
e06ce4fe931d69458ee08d61d1e182ca3b15e3ee
chnlSnId
-1636604306

Response headers

x-trace-id
00-534a598e0f3ee0673f0b38a4b465d98e-edf6581dd57e4d9f-00
date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
gzip
nel
{ "report_to": "nel-endpoint-freshbots", "max_age": 2592000, "include_subdomains": true}
server
fwe
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
report-to
{ "group": "nel-endpoint-freshbots", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshbots"}]}
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-fw-ratelimiting-managed
false
x-envoy-upstream-service-time
14
request-id
[R:433-1710122827536]
x-request-id
2d3846ea-dcb4-4e09-a2c4-e779399ed1cd
/
www.freshbots.ai/customer/v3/combined-init/ Frame
0
0
Preflight
General
Full URL
https://www.freshbots.ai/customer/v3/combined-init/?clientHash=e06ce4fe931d69458ee08d61d1e182ca3b15e3ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.81.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-81-18.compute-1.amazonaws.com
Software
fwe /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
chnlsnid,client-id,clnthsh,content-type,external-client-id,product-id,sn,x-timezoneoffset
Access-Control-Request-Method
POST
Origin
https://www.upscale.media
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
chnlsnid, client-id, clnthsh, content-type, external-client-id, product-id, sn, x-timezoneoffset
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
content-length
0
date
Mon, 11 Mar 2024 02:07:07 GMT
nel
{ "report_to": "nel-endpoint-freshbots", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshbots", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshbots"}]}
request-id
[R:323-1710122827433]
server
fwe
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-request-id
9ed3c403-1d5d-465f-9770-aed05ee6d23c
x-trace-id
00-60e126c48351aa3e0ae1a4b0deca709c-be5c1ee32caba27a-00
ads
googleads.g.doubleclick.net/pagead/ Frame 9288
0
55 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&adk=1812271804&adf=3025194257&lmt=1710122827&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.upscale.media%2Fde&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827115&bpp=3&bdt=2331&idt=337&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4050566312540&frm=20&pv=2&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=364
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1793986085961777&plah=www.upscale.media&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upscale.media/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Mar 2024 02:07:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240306&st=env
Requested by
Host: cdn.pixelbin.io
URL: https://cdn.pixelbin.io/v2/dummy-cloudname/pjafo2/original/bundle-6bc67f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06105cb2dff61a8ba5f5e7deda68d31cd6375613f15426536e80f44d1e982cb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12357
x-xss-protection
0
www.upscale.media.json
script.crazyegg.com/pages/data-scripts/0112/8891/sampling/ Frame 853D
158 B
235 B
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0112/8891/sampling/www.upscale.media.json?t=475034
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3d165353e201d1dba7af6557931d77db71ac3e8fd40a2148c8e64c699e2b94b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
gzip
cf-cache-status
HIT
age
12314
ce-version
11.5.194
content-length
147
last-modified
Sun, 10 Mar 2024 22:41:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8627fd37c97c8ed5-FRA
ads
googleads.g.doubleclick.net/pagead/ Frame E58B
125 KB
42 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&h=280&slotname=7053068596&adk=1301741485&adf=2340272959&pi=t.ma~as.7053068596&w=1200&fwrn=4&fwrnh=100&lmt=1710122827&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.upscale.media%2Fde&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827118&bpp=1&bdt=2334&idt=369&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4050566312540&frm=20&pv=1&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=376
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1793986085961777&plah=www.upscale.media&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ab5f76a5684e156bfb98d2946f2ddd9b92970a3fba9fc285454640a564d8186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upscale.media/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
42926
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Mar 2024 02:07:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
healthcheck
pagestates-tracking.crazyegg.com/ Frame 853D
19 B
462 B
XHR
General
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 01:43:28 GMT
via
1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
14948620
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
VzOAHJ1_X1nFgshkN60vTLNP5ugl77Jh6HutuueEUWsJ1pd3Z3JWLQ==
healthcheck
assets-tracking.crazyegg.com/ Frame 853D
19 B
462 B
XHR
General
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:29 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
7087419
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
MJdKB6gggNIgMiQpnQKplxHJsnXetbaffg9vPKC9qQiSxzhYvOvyLQ==
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1793986085961777&plah=www.upscale.media&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 02:07:07 GMT
dbb5af8d-9ec8-4871-b1e8-c4a6986502d3
https://www.upscale.media/
45 B
0
Other
General
Full URL
blob:https://www.upscale.media/dbb5af8d-9ec8-4871-b1e8-c4a6986502d3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
clock
tracking.crazyegg.com/ Frame 853D
39 B
146 B
XHR
General
Full URL
https://tracking.crazyegg.com/clock?t=1710122827560&tk=7fd36fbb74a45716b98868054f436d99&s=408395&p=%2Fde&u=1128891&v=cded5f75a22c6ef29f200e7bc8408a426c2573d4&f=upscale.media%2Fde&ul=https%3A%2F%2Fwww.upscale.media%2Fde
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.142.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-142-190.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
ae1623944bae4588649b6ac1ed08e5f877c04150fcd876eea74e04e1185c8932

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Mar 2024 02:07:07 GMT
cache-control
no-store
server
awselb/2.0
content-length
39
content-type
text/plain
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F6E0
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upscale.media/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
46257
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Mar 2024 13:16:10 GMT
expires
Mon, 10 Mar 2025 13:16:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4761
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3d6deb9e0c4cf678868c2ca7d9b91cc529b6dd3bbf80827f0448d18c49b813d5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NxMHkc3-c6A5Pf1Bmoailw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.upscale.media/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NxMHkc3-c6A5Pf1Bmoailw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Mar 2024 02:07:07 GMT
expires
Mon, 11 Mar 2024 02:07:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js
pagead2.googlesyndication.com/bg/ Frame F6E0
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 21:05:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
18084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15541
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Mar 2025 21:05:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4761
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240306&jk=3373346310399753&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame F6E0
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?HD_iYg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cd03386b0fde68cad33bac3d9c045084.js
script.crazyegg.com/pages/versioned/tracking-scripts/
95 KB
30 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/cd03386b0fde68cad33bac3d9c045084.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0112/8891.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3cd2e0adf5395f7af5f6a65f761a458630d3a1da8e06ed3305a64d90ef5d46b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Mar 2024 19:40:13 GMT
server
cloudflare
age
195414
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8627fd3909e48f36-FRA
content-length
30708
d9b6b28e3d84db3e4c966a5cf73af402.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/
20 KB
8 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/d9b6b28e3d84db3e4c966a5cf73af402.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0112/8891.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Mar 2024 19:40:14 GMT
server
cloudflare
age
195412
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8627fd3909ec8f36-FRA
content-length
8025
121f3f4e-ad37-42a6-97dc-15fd8e9361a6
https://www.upscale.media/
241 B
0
Other
General
Full URL
blob:https://www.upscale.media/121f3f4e-ad37-42a6-97dc-15fd8e9361a6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b547f4dc3a641ea60877e88584f394b904243083e5bc9b576cfd86711c9f823c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length
241
Content-Type
text/javascript
index.js
script.crazyegg.com/scripts/addons/1.0.107/
897 B
627 B
Script
General
Full URL
https://script.crazyegg.com/scripts/addons/1.0.107/index.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0112/8891.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9598e291a1015e2151d3a0a9b0623b1f1e5e614186cb867ffb39dd79ca44385a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 10 Jan 2024 11:52:04 GMT
server
cloudflare
age
195412
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8627fd393a0a8f36-FRA
expires
Tue, 11 Mar 2025 02:07:07 GMT
e1135c7f31a16440d5fc9944b7402d81.js
script.crazyegg.com/scripts/addons/thirdparty/
325 KB
82 KB
Script
General
Full URL
https://script.crazyegg.com/scripts/addons/thirdparty/e1135c7f31a16440d5fc9944b7402d81.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0112/8891.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850b42447426e232e97c525df9bc3ac34a1c18d888c70b771d400306bfa4b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 06 Feb 2024 14:33:01 GMT
server
cloudflare
age
195410
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8627fd396a298f36-FRA
expires
Tue, 11 Mar 2025 02:07:07 GMT
cta.js
script.crazyegg.com/scripts/addons/1.0.107/
191 KB
54 KB
Script
General
Full URL
https://script.crazyegg.com/scripts/addons/1.0.107/cta.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0112/8891.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
825ca8ab0e049c11e2ee93790a914124efd309956375a3a7a4690a20b16d85fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 10 Jan 2024 11:52:04 GMT
server
cloudflare
age
195401
cf-polished
origSize=195533
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
8627fd39ca868f36-FRA
expires
Tue, 11 Mar 2025 02:07:07 GMT
cta.css
script.crazyegg.com/scripts/addons/1.0.107/
34 KB
7 KB
Stylesheet
General
Full URL
https://script.crazyegg.com/scripts/addons/1.0.107/cta.css
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/scripts/addons/1.0.107/cta.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed04c1ae7a641055c5bc616bcc58a8d636d072ab86dacf626740e27ee52a7f60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 11:52:04 GMT
server
cloudflare
age
195383
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8627fd3a1abe8f36-FRA
content-length
6741
expires
Tue, 11 Mar 2025 02:07:07 GMT
css2
fonts.googleapis.com/
23 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;1,400;1,600&display=swap
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/scripts/addons/1.0.107/cta.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22067613578d08846cd36aa7a397a215e8ce597f008992c747a3ccbab6c92d73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://script.crazyegg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Mar 2024 02:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 00:19:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Mar 2024 02:07:07 GMT
metrics
tracking.crazyegg.com/ Frame 853D
0
96 B
XHR
General
Full URL
https://tracking.crazyegg.com/metrics
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.142.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-142-190.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 11 Mar 2024 02:07:07 GMT
cache-control
no-store
server
awselb/2.0
content-length
0
content-type
text/plain
metrics
tracking.crazyegg.com/ Frame
0
0
Preflight
General
Full URL
https://tracking.crazyegg.com/metrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.142.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-142-190.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.upscale.media
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
Authorization,Content-Type,Access-Control-Allow-Origin,Access-Control-Allow-Methods
access-control-allow-methods
*
access-control-allow-origin
*
content-length
0
content-type
application/octet-stream
date
Mon, 11 Mar 2024 02:07:07 GMT
server
awselb/2.0
cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/opensans/v13/
33 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
Requested by
Host: cdn.freshbots.ai
URL: https://cdn.freshbots.ai/assets/share/css/chat-combined.min.css?v=0.26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24b337181983cb1cff33d2bacf608a0568be59b83e505e26c8597cea5d2171c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.freshbots.ai/
Origin
https://www.upscale.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 13:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
478023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21204
x-xss-protection
0
last-modified
Mon, 27 Apr 2015 23:46:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 13:20:04 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240306&jk=3373346310399753&bg=!5Oel56jNAAZsmiNCTJo7ADQBe5WfOEOVT7TiidP9nIItWjZbziHL76ZrAa3LUo5oyhSoGSbwTr6qa9s0IAeH2yPulqq8AgAAAFdSAAAAAmgBBwoAjFdSWHUHzOSbJuuk3Qw-37cvjlBueGbkaBBAcXsTsgK-Xzttv3mcjxiiWPOYEfHmSQiwfjkB9Y5B4daoqlMZ-Lk72kKpFU_HwbyixCm5sSsQDUjsEnHjDsFOsjt9JWXR90O5aUXiMFYzNA4NRIag-OnU5UHK1vDJNmF4VjdKaDf69alJrXgLnzLYi0ZrmQLWYGplty_KAOpxj7dA0jW1hYkU__nU-A9R1stW_QyQc-QmBfe20oOrdscliNoN5sK19xlJHVogi4jFLRQ4-S5p22EowJ3sJ_JQdDkSyNHOdjYVkuq6reHKTR7i90FdROVPlBl3Zdy1DjNzHXMXUqIxfrTI7NRRMBIVsYvTTcS89qr_4H-HB_Agu3NKwWHQ8ckJxep0MRe2-CI_cB5pNOO8-p6okJ1nZ4Bt3DPvBFCbufPyt1ujdOyhJTC5kE7UpKBB01YPtM_VmveyIr92BN0P8onPtqs860fytqCbW_HPpCUj_Trq0Hj6MN0lJxJZWSWiE65iUJr02sdvpYq_x_YuVB-alO_AWCER5Q7xbvPfisIyIy7CHH8yjIB5FFcDko9bEskkIZpNid9f3b74WhQCLoD00GHIDxBqnx8b5vUW1c7yZtyhwVpZLoxJYHNEXhJfPArmSkNGK_Afw4OPzI18OCdKNpa03qnHK0ZOc_YxRtGvCR0BQuzbpG91dOTrxnGDUGTOdbtKhM0L27jwISkScyzYqng0-yyE8IfYrcEjtl8vltrz-GKs6paNrQFWg1dYT6KCoOPTQPqHGyap1DtGaneGbYnn5_cmGl_6ADlRVZzzkz_D5gtBgcPUV4VPpsKQWP_UBQSIfqmprVMjYu_m1hmjcBMZTXJrNdpgyvi3P2bw2_H83JwqLXvfMFA7FSFMEZad2m6zRpfMDMTdPID8duIVor7KFnVgNeZ8NutbJd4IpAiINTUPYaUuxCZiTUZQl7m_lPPkZgq6fV295OX4lkuZ_Zpn4QIl4lazS2WMIluOVBTT3CtkBb-udk3wpS5yzGCBaz8VwfApUgze0e5PSz02R0X7A1dXKKPb_y6-xtMkwBzOuXEvDJb-k2urIsWR7Q3rLQMkCuXyC1CfhKwN2-swzAhSYW7OP7zIxpTWlDftG1qQeEtpvKsz2j1RH9QyxBhESxuP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.upscale.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

6e6bd83b1ab90baf29df14fe71898cfa.js
www.gstatic.com/mysidia/ Frame E58B
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/6e6bd83b1ab90baf29df14fe71898cfa.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&h=280&slotname=7053068596&adk=1301741485&adf=2340272959&pi=t.ma~as.7053068596&w=1200&fwrn=4&fwrnh=100&lmt=1710122827&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.upscale.media%2Fde&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827118&bpp=1&bdt=2334&idt=369&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4050566312540&frm=20&pv=1&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c4dd0bd84759808f306ef41c14dc423f219e09d984ab235ea5433aa5934bcfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:32:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
531265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4066
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 22:04:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 02 Jun 2024 22:32:43 GMT
d58f9ae6dab7fd31fc6f5125435dd154.js
www.gstatic.com/mysidia/ Frame E58B
10 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/d58f9ae6dab7fd31fc6f5125435dd154.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&h=280&slotname=7053068596&adk=1301741485&adf=2340272959&pi=t.ma~as.7053068596&w=1200&fwrn=4&fwrnh=100&lmt=1710122827&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.upscale.media%2Fde&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827118&bpp=1&bdt=2334&idt=369&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4050566312540&frm=20&pv=1&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09d38b7c7c43a8e44d722091bc07abc9785c30887f55eeae35a6acbc2212d4f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 21:29:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
535030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4472
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 02 Jun 2024 21:29:58 GMT
css
fonts.googleapis.com/ Frame E58B
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&h=280&slotname=7053068596&adk=1301741485&adf=2340272959&pi=t.ma~as.7053068596&w=1200&fwrn=4&fwrnh=100&lmt=1710122827&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.upscale.media%2Fde&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827118&bpp=1&bdt=2334&idt=369&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4050566312540&frm=20&pv=1&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Mar 2024 02:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 00:19:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Mar 2024 02:07:08 GMT
load_preloaded_resource_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame E58B
2 KB
822 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&h=280&slotname=7053068596&adk=1301741485&adf=2340272959&pi=t.ma~as.7053068596&w=1200&fwrn=4&fwrnh=100&lmt=1710122827&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.upscale.media%2Fde&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827118&bpp=1&bdt=2334&idt=369&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4050566312540&frm=20&pv=1&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 15:04:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
39785
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 15:04:03 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/ Frame E58B
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&h=280&slotname=7053068596&adk=1301741485&adf=2340272959&pi=t.ma~as.7053068596&w=1200&fwrn=4&fwrnh=100&lmt=1710122827&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.upscale.media%2Fde&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827118&bpp=1&bdt=2334&idt=369&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4050566312540&frm=20&pv=1&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 21:05:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
18091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 21:05:37 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame E58B
3 KB
1 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&h=280&slotname=7053068596&adk=1301741485&adf=2340272959&pi=t.ma~as.7053068596&w=1200&fwrn=4&fwrnh=100&lmt=1710122827&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.upscale.media%2Fde&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827118&bpp=1&bdt=2334&idt=369&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4050566312540&frm=20&pv=1&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 21:05:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
18091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 21:05:37 GMT
qs_click_protection_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame E58B
20 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&h=280&slotname=7053068596&adk=1301741485&adf=2340272959&pi=t.ma~as.7053068596&w=1200&fwrn=4&fwrnh=100&lmt=1710122827&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.upscale.media%2Fde&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827118&bpp=1&bdt=2334&idt=369&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4050566312540&frm=20&pv=1&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 14:46:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
40850
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8212
x-xss-protection
0
server
cafe
etag
9277691884081322989
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 14:46:18 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E58B
207 KB
63 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&h=280&slotname=7053068596&adk=1301741485&adf=2340272959&pi=t.ma~as.7053068596&w=1200&fwrn=4&fwrnh=100&lmt=1710122827&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.upscale.media%2Fde&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827118&bpp=1&bdt=2334&idt=369&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4050566312540&frm=20&pv=1&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 02:05:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
90
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64070
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 11 Mar 2024 03:05:38 GMT
fae6ba9c9cb9ec876bbde5988f04c6f7.js
www.gstatic.com/mysidia/ Frame E58B
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&h=280&slotname=7053068596&adk=1301741485&adf=2340272959&pi=t.ma~as.7053068596&w=1200&fwrn=4&fwrnh=100&lmt=1710122827&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.upscale.media%2Fde&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827118&bpp=1&bdt=2334&idt=369&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4050566312540&frm=20&pv=1&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
530800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15132
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 22:04:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 02 Jun 2024 22:40:28 GMT
truncated
/ Frame E58B
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a578af5b0adf91f7fce631eae2e8603d43dfc841735f10940d90207ed1f15b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E58B
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 04:01:15 GMT
x-content-type-options
nosniff
age
511553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 04:01:15 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E58B
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ckq1RS2fuZZqcH5_Zx_APgPqUsA6CusWodsLbsP_1EGQQASCB4oGZAWCV-pqCrAegAdWU_scDyAEBqQIX2amYD1qyPqgDAcgDywSqBOkBT9A5HdbmIOR6GdaNZzt_e0eEuof9cHAOIn_i0fcJCqZ9q-6ZIT6qk4BVsJ17L0UqxlaXW65yzTC_1d6xAf5dPHIwePKH_3RTeyCD0guuN8lYWNi2gHFvKfWGtFhgFw3iT-HMWYfPQzgywJd1AUfOLNqmEoq8ypwYVUt5IPGiOz0oK2bB0J3TlqUZqO3rgKg-VWyNJqLm-ee3adKJ-yr_qBknaaaQMCX_mnkwAn0k9QU4jz-O3KsNxbLMY57zgPGpcjuACnmd6wRHZhfoP08zOF17JyTzOeLpJb8TqOiXl_9iIETZcYPejGfABOvxtOuqBIgF-rmDoEmSBQQIBBgBkgUECAUYBIAHvL-pLqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEEInWCdIIKwiR4YBwEAEYHzIH64uA4L-ADToJgECAgICAgJQoSL39wTpYxcyf_Y_rhAOaCRhodHRwczovL3d3dy5zdGVwc3RvbmUuZGWACgHICwHYEwuIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItMTc5Mzk4NjA4NTk2MTc3NxgAshgJEgL6UxgBIgEA&sigh=_lsCHHsys54&uach_m=%5BUACH%5D&ase=2&cbvp=2&vis=1&nis=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&h=280&slotname=7053068596&adk=1301741485&adf=2340272959&pi=t.ma~as.7053068596&w=1200&fwrn=4&fwrnh=100&lmt=1710122827&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.upscale.media%2Fde&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827118&bpp=1&bdt=2334&idt=369&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4050566312540&frm=20&pv=1&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&h=280&slotname=7053068596&adk=1301741485&adf=2340272959&pi=t.ma~as.7053068596&w=1200&fwrn=4&fwrnh=100&lmt=1710122827&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.upscale.media%2Fde&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827118&bpp=1&bdt=2334&idt=369&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4050566312540&frm=20&pv=1&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=376
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 11 Mar 2024 02:07:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
tx_YDh4dAjwBh_VW-2vM8PCxzl4JTVu4GQSmkVWr_Gk.js
pagead2.googlesyndication.com/bg/ Frame 0F13
51 KB
20 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/tx_YDh4dAjwBh_VW-2vM8PCxzl4JTVu4GQSmkVWr_Gk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1793986085961777&output=html&h=280&slotname=7053068596&adk=1301741485&adf=2340272959&pi=t.ma~as.7053068596&w=1200&fwrn=4&fwrnh=100&lmt=1710122827&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.upscale.media%2Fde&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710122827118&bpp=1&bdt=2334&idt=369&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4050566312540&frm=20&pv=1&ga_vid=1617014956.1710122827&ga_sid=1710122827&ga_hid=447901746&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C31081587%2C31081613%2C31081643%2C44785292%2C44795921%2C95324160%2C95325785%2C95326917&oid=2&pvsid=3373346310399753&tmod=715881383&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b71fd80e1e1d023c0187f556fb6bccf0f0b1ce5e094d5bb81904a69155abfc69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 03:14:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
514351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20052
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Mar 2025 03:14:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E58B
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1NrRXJGabiz1dyFUAeoDuZFIc2Ii_73IASr-D4qpltIUZTV3BWbou1fqflTW0UJMdSB_9FCsExAsgomsNlVmehe6ETp8dR0tvj8VoZYCnjdxO1R-I0Rn0OzxC8rq-YgJpuJas2s7blY1AMNNIBd-ZgtN8XEqvovmIZr2ekn_L&sig=Cg0ArKJSzFfzG6qhggzOEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1301741485&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=605562800&rst=1710122827495&rpt=1046&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 02:07:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4MBBN948Y7&gtm=45je4360v886094358z8856640518za200&_p=1710122826698&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1617014956.1710122827&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sid=1710122826&sct=1&seg=0&dl=https%3A%2F%2Fwww.upscale.media%2Fde&dt=Bildqualit%C3%A4t%20Verbessern%20-%20Bild%20Aufl%C3%B6sung%20Erh%C3%B6hen%20-%20Upscale%20Media&_s=2&tfd=10935
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4MBBN948Y7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upscale.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 02:07:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.upscale.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| partytown object| analytics object| _conf object| INITITAL_STATE object| initialI18nStore string| initialLanguage object| __LOADABLE_LOADED_CHUNKS__ object| __SENTRY__ object| EventEmitter object| adsbygoogle function| continueWithNextIdp object| dataLayer function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| CE_SNAPSHOT_NAME object| whitelistEvents function| sendEventToTracker function| copilot object| posthog object| gaGlobal boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint undefined| amdOriginal undefined| momentNoConflict function| joeMoment function| DateFormatter function| datetimepickerFactory function| _createForOfIteratorHelper function| _unsupportedIterableToArray2 function| _arrayLikeToArray2 function| _typeof object| Freshbots undefined| $ undefined| jQuery undefined| Handlebars undefined| io function| PUBSUBio function| RTS function| Sifter object| MicroPlugin function| Selectize undefined| moment function| sanitizeHtml object| fbWebIntlTelInputGlobals function| fbWebIntlTelInput object| fbWebIntlTelInputUtils object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests object| googletag

14 Cookies

Domain/Path Name / Value
.pixelbin.io/ Name: __cf_bm
Value: YMCS_QA55QUw6L8za.XZVkfuoJKTmYoR8xy6TrjMxj4-1710122824-1.0.1.1-tD__UTxi.sI0Z4x6gEUkyUA1pZXnztJILBdoSvnL30MRsSDW3C_Mr7bzGxDiZsSuXcD2DtPT9sZbvuRN7jMbPw
.upscale.media/ Name: _ga
Value: GA1.1.1617014956.1710122827
.upscale.media/ Name: _gcl_au
Value: 1.1.1673764540.1710122827.1812566351.1710122827.1710122826
www.upscale.media/ Name: pixb_anonymous_id
Value: 6aaef543-4623-42d7-a52b-145d75f61f4d
.upscale.media/ Name: ph_phc_a7s4xRxymzUs3F8x2xht7tgrN1CR4MQ4hfwwsPm4Jf0_posthog
Value: %7B%22distinct_id%22%3A%226aaef543-4623-42d7-a52b-145d75f61f4d%22%2C%22%24sesid%22%3A%5B1710122827052%2C%22018e2b43-7d2c-72ad-9f87-720ba6ab8415%22%2C1710122827052%5D%7D
.upscale.media/ Name: _ga_4MBBN948Y7
Value: GS1.1.1710122826.1.0.1710122827.59.0.0
www.upscale.media/ Name: joe-chnlcustid
Value: 0e9b699f-0cac-42e2-926d-d55011d76cca
.upscale.media/ Name: _ce.irv
Value: new
.upscale.media/ Name: cebs
Value: 1
.upscale.media/ Name: _ce.clock_event
Value: 1
.upscale.media/ Name: _ce.clock_data
Value: 27%2C80.255.10.204%2C1%2Cf5d21609526d761b64e20b5362908423
.upscale.media/ Name: cebsp_
Value: 1
.upscale.media/ Name: _ce.s
Value: v~cded5f75a22c6ef29f200e7bc8408a426c2573d4~lcw~1710122827845~lva~1710122827517~vpv~0~v11.cs~408395~v11.s~102bab70-df4c-11ee-8125-139788d0a533~v11nv~-1~v11.sla~1710122827845~lcw~1710122827845
.upscale.media/ Name: __eoi
Value: ID=4fb7632c796b3933:T=1710122827:RT=1710122827:S=AA-AfjbxOIfUlZR-0x3M73JDoyOq

23 Console Messages

Source Level URL
Text
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.upscale.media/' in a frame because it set 'X-Frame-Options' to 'deny'.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://script.crazyegg.com/pages/scripts/0112/4275.js
Message:
Failed to load resource: the server responded with a status of 410 ()
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.upscale.media/de
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pixelbin.io
api.upscale.media
app.posthog.com
assets-tracking.crazyegg.com
cdn.freshbots.ai
cdn.pixelbin.io
cdnjs.cloudflare.com
flagcdn.com
fonts.googleapis.com
fonts.gstatic.com
google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pagestates-tracking.crazyegg.com
region1.analytics.google.com
script.copilot.live
script.crazyegg.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tracking.crazyegg.com
us.i.posthog.com
www.freshbots.ai
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.upscale.media
108.138.26.7
13.35.58.58
18.202.142.190
18.66.122.57
2001:4860:4802:34::36
2606:4700:10::6816:3bb5
2606:4700:3036::6815:1fe4
2606:4700:4400::6812:2413
2606:4700:4400::6812:2845
2606:4700:4400::ac40:93bb
2606:4700:4400::ac40:9ab0
2606:4700::6811:190e
2606:4700::6813:9408
2a00:1450:4001:806::200a
2a00:1450:4001:809::2008
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2003
2a00:1450:4001:829::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c1d::9d
34.149.25.48
54.162.32.226
54.235.81.18
000c9e135ad1c2826e983a3eee28d6c073256bb156907174178c7e57c94141b4
06105cb2dff61a8ba5f5e7deda68d31cd6375613f15426536e80f44d1e982cb1
09b7cfc203e1cf10136bcd5227fea6350b0b07f70efe0cedcfbbddc65d9f1a92
09d38b7c7c43a8e44d722091bc07abc9785c30887f55eeae35a6acbc2212d4f9
1269bdf38a05e5d069896be4db83622cc7adc53a4017bd31bb65ee4176f05afb
2063f4a29763fcc8d5b0a9b8b9fadfe3dc085170efd6a57aa17e9e20ba117f04
22067613578d08846cd36aa7a397a215e8ce597f008992c747a3ccbab6c92d73
224b86853984cd68f131b438a2f8cd11748edabea437d40b969adfe6f2910d9d
24b337181983cb1cff33d2bacf608a0568be59b83e505e26c8597cea5d2171c4
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2a32912b421f40b4c24e1abe607f5e0879e771b98973a61233b745ccf52233b6
2a578af5b0adf91f7fce631eae2e8603d43dfc841735f10940d90207ed1f15b8
2f696a915f4b09bda30ae510a6d472a8065607cb50baed4d424cba16f41607c6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
3529d518c8a12149359e0e53e8786896d5aeb50d54115ded0dd43fdbd8f75197
37bc04fda41dd04eab681fc0fa9b41ba7a2c2f41fdb5516eb0fa180d30374b52
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
3d6deb9e0c4cf678868c2ca7d9b91cc529b6dd3bbf80827f0448d18c49b813d5
3d8d7d9486cc3b2183bccbce64d78b02218ff42c1f311d2ec603ab40b242c366
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4e05fe5d51f989133b5aec28add7cedbd8fa5f9e28b292bd63c4695ad747fdbe
535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56435715c111be488ea0c6d5dd84e287f448d9df0be015e41eaa862684259f45
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
5eb33c86a8f1cd43cbbd990aee89e4ce4fabf7efdece1529be66fb1becf29fc9
6108fbd643a3c4320ec17f9a4d57697a53bc09d606917b0d4fb7d61db002ad98
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
68e4386f9d9aa2418c7cb79a90c5d0118ab9d4e1805689db208e58a4ee39e740
69dfa26d6533d2d1f28d4cabac546cba27aa96a2b3fb22db16dcd49c921d5e31
6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a
736443b6438ecdae2cf03e2b965551e0830ef8c8bf72d018bbc7fa15743d6a2f
764898084f1eec99ae712292913584a2c21d332fd7dd7bcdd6358138213b0674
7c4dd0bd84759808f306ef41c14dc423f219e09d984ab235ea5433aa5934bcfe
7ce46edbed332cb748e17e16da3b7e6698130255bf87d0aa7f3e5df009c8858f
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
7da7c57baf3c0f9e4ac9566192e10bd6594d560bf268e3b3107c221c56d353a6
80afd940a4dcdeface83853ec5be4d3c5a0d07d885d22dd13c88ecc24f21b14b
80be18503085586eca6a237127fe3d3d17cec1d714abdd3480a293a26c65f6b5
825ca8ab0e049c11e2ee93790a914124efd309956375a3a7a4690a20b16d85fc
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
850b42447426e232e97c525df9bc3ac34a1c18d888c70b771d400306bfa4b954
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
869de09b88107fbdd8ccb5c325bfffa6f23bbeedb65200b1b39bec865814ef13
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8ab5f76a5684e156bfb98d2946f2ddd9b92970a3fba9fc285454640a564d8186
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
9023038209f21fcbe472e7d21e121376fb1e6e390efb39e3aeee5adf164da0ca
9033d202f3b801c666d93614631cbfd3ffb54691588a4ececa280607740ac363
940909548ff83775223b961f0da6e192ac6da8d48b0e6328329d0f0d0349e062
9598e291a1015e2151d3a0a9b0623b1f1e5e614186cb867ffb39dd79ca44385a
a3d165353e201d1dba7af6557931d77db71ac3e8fd40a2148c8e64c699e2b94b
a41b66f88344fc5e47f0b76cb6524a3bcb0912ab962a5a2e779c1e51db617dd0
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
ae1623944bae4588649b6ac1ed08e5f877c04150fcd876eea74e04e1185c8932
b077ba4d628122277d55946f164c90d2db4cd8af3aaf4c906df247c8e9500be5
b3cd2e0adf5395f7af5f6a65f761a458630d3a1da8e06ed3305a64d90ef5d46b
b547f4dc3a641ea60877e88584f394b904243083e5bc9b576cfd86711c9f823c
b5b9e7ae8f9b779bb83b468aae5ddbf348c906be6f990540e5a684a5cc7748cc
b71fd80e1e1d023c0187f556fb6bccf0f0b1ce5e094d5bb81904a69155abfc69
bdbf701299006e3c223ca8a3af13214c607e8ec3f40bc641e9a8b4b25ab7087b
bf625bffa10d88c5487cf0bc628bd729c537a30ec58ebe6c4b3f9a435aa7b419
c45656c39a57b159861e9590d8d5b48cdb07f03aa92cd2eef07802e6ac3da823
c87b6491f231c517f49f13cb92915583b78e07ebc8833f39c64622353929dfef
d634d95f75f59dda74d357e032bf0f80d9b0647cb0d6ebfccdc72b665fc58741
da05e08935e3830937aa0ff46ce19f971d2dc49904d3ca40931b14116d88278b
daaa9d5bc6a89496836194ce9e69357835c849fee2f2d4537c77817c8c8e9e27
dbf4c67b4123ff0835e300991a166d02c3bee0a91e71d8d8758704af918eae16
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e2b3c5e1e1986c9c9f79f6635c0449c0cd5a6f68e51940557f2c986bdb23f7ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed04c1ae7a641055c5bc616bcc58a8d636d072ab86dacf626740e27ee52a7f60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa5da6b2ba5c92fb1edd6654ab1bacb68f83c75e62c484fbb88dbb106bd4baf7